Malware Analysis Report

2024-11-16 13:05

Sample ID 240825-p9xxysxbql
Target release (4).zip
SHA256 c13a0cd7c2c2fd577703bff026b72ed81b51266afa047328c8ff1c4a4d965c97
Tags
discordrat persistence rat rootkit stealer discovery
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

c13a0cd7c2c2fd577703bff026b72ed81b51266afa047328c8ff1c4a4d965c97

Threat Level: Known bad

The file release (4).zip was found to be: Known bad.

Malicious Activity Summary

discordrat persistence rat rootkit stealer discovery

Discord RAT

Discordrat family

Executes dropped EXE

Legitimate hosting services abused for malware hosting/C2

Drops file in System32 directory

System Location Discovery: System Language Discovery

Unsigned PE

Browser Information Discovery

Suspicious use of SendNotifyMessage

Suspicious use of AdjustPrivilegeToken

Modifies registry class

Suspicious use of FindShellTrayWindow

Enumerates system info in registry

Suspicious use of WriteProcessMemory

Modifies data under HKEY_USERS

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious behavior: EnumeratesProcesses

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-25 13:02

Signatures

Discordrat family

discordrat

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-25 13:02

Reported

2024-08-25 13:05

Platform

win10v2004-20240802-en

Max time kernel

135s

Max time network

127s

Command Line

"C:\Users\Admin\AppData\Local\Temp\Release\Discord rat.exe"

Signatures

Discord RAT

stealer rootkit rat persistence discordrat

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\Release\Discord rat.exe N/A

Processes

C:\Users\Admin\AppData\Local\Temp\Release\Discord rat.exe

"C:\Users\Admin\AppData\Local\Temp\Release\Discord rat.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=3996,i,1729213506309163284,12809566808978835441,262144 --variations-seed-version --mojo-platform-channel-handle=3860 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 gateway.discord.gg udp
US 162.159.134.234:443 gateway.discord.gg tcp
US 8.8.8.8:53 234.134.159.162.in-addr.arpa udp
US 8.8.8.8:53 209.205.72.20.in-addr.arpa udp
US 8.8.8.8:53 73.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 150.171.27.10:443 g.bing.com tcp
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 192.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 29.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp

Files

memory/3128-1-0x000001F30C260000-0x000001F30C278000-memory.dmp

memory/3128-0-0x00007FFA2F053000-0x00007FFA2F055000-memory.dmp

memory/3128-2-0x000001F30E100000-0x000001F30E2C2000-memory.dmp

memory/3128-3-0x00007FFA2F050000-0x00007FFA2FB11000-memory.dmp

memory/3128-4-0x000001F326FF0000-0x000001F327518000-memory.dmp

memory/3128-5-0x00007FFA2F053000-0x00007FFA2F055000-memory.dmp

memory/3128-6-0x00007FFA2F050000-0x00007FFA2FB11000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2024-08-25 13:02

Reported

2024-08-25 13:20

Platform

win10v2004-20240802-en

Max time kernel

1049s

Max time network

1050s

Command Line

"C:\Users\Admin\AppData\Local\Temp\builder.exe"

Signatures

Discord RAT

stealer rootkit rat persistence discordrat

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\Client-built.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A discord.com N/A N/A
N/A discord.com N/A N/A

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\builder.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133690648469799790" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2392887640-1187051047-2909758433-1000\{F7D80AD2-1D33-4C98-A7A8-6EA591630DAF} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4972 wrote to memory of 4520 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 4520 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 3204 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 1960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 1960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 1960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 1960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 1960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 1960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 1960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 1960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 1960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 1960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 1960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 1960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 1960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 1960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 1960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 1960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 1960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 1960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 1960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4972 wrote to memory of 1960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Users\Admin\AppData\Local\Temp\builder.exe

"C:\Users\Admin\AppData\Local\Temp\builder.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0x9c,0x128,0x7ffec45046f8,0x7ffec4504708,0x7ffec4504718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,426001594252101669,7888876196977480543,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1932 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2044,426001594252101669,7888876196977480543,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2304 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2044,426001594252101669,7888876196977480543,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2736 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,426001594252101669,7888876196977480543,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,426001594252101669,7888876196977480543,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,426001594252101669,7888876196977480543,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,426001594252101669,7888876196977480543,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4184 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,426001594252101669,7888876196977480543,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5276 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,426001594252101669,7888876196977480543,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5276 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,426001594252101669,7888876196977480543,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,426001594252101669,7888876196977480543,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,426001594252101669,7888876196977480543,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3940 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffed34ecc40,0x7ffed34ecc4c,0x7ffed34ecc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1908,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1904 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2184,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2228 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2236,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2524 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3180,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3188 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3348,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3440 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4616,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4612 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4784,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4928 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4956,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4972 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3740,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4612 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4480,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4904 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4692,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5336 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4580,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5460 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4752,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5604 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4620,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5748 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5364,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5876 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4632,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6312 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=6364,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6332 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=6632,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6356 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=6680,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6800 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6784,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6948 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=7056,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7092 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6796,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7216 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=4884,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6376 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6336,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5480 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5576,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5600 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5588,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7064 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5480,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6552 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7184,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5536 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=6756,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6492 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=5600,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6332 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6312,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6460 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=6744,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5564 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=5484,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6428 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=6924,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6652 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=6624,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6396 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffec45046f8,0x7ffec4504708,0x7ffec4504718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2832 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5024 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5200 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5200 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3596 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5108 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5044 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5588 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5412 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x448 0x308

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3632 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=6724,i,8012709062879490445,18348532167486375551,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6528 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5364 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4056 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3696 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5912 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5096 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2108,1448240499089362713,1058945063500162084,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4036 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\AppData\Local\Temp\Client-built.exe

"C:\Users\Admin\AppData\Local\Temp\Client-built.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 150.171.27.10:443 g.bing.com tcp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 22.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 147.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
US 8.8.8.8:53 14.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 10.28.171.150.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
GB 88.221.135.27:443 www.bing.com tcp
US 8.8.8.8:53 27.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
FR 142.250.179.68:443 www.google.com tcp
FR 142.250.179.68:443 www.google.com udp
US 8.8.8.8:53 227.74.250.142.in-addr.arpa udp
US 8.8.8.8:53 74.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 68.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
FR 172.217.18.206:443 clients2.google.com udp
FR 172.217.18.206:443 clients2.google.com tcp
US 8.8.8.8:53 206.18.217.172.in-addr.arpa udp
US 8.8.8.8:53 163.214.58.216.in-addr.arpa udp
FR 172.217.18.206:443 clients2.google.com tcp
US 8.8.8.8:53 clients2.googleusercontent.com udp
FR 142.250.178.129:443 clients2.googleusercontent.com tcp
US 8.8.8.8:53 129.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 31.73.42.20.in-addr.arpa udp
GB 88.221.135.27:443 www.bing.com tcp
GB 88.221.135.27:443 www.bing.com udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
GB 95.101.143.219:443 r.bing.com tcp
GB 88.221.135.25:443 r.bing.com tcp
GB 88.221.135.25:443 r.bing.com tcp
GB 95.101.143.219:443 r.bing.com tcp
US 8.8.8.8:53 219.143.101.95.in-addr.arpa udp
US 8.8.8.8:53 25.135.221.88.in-addr.arpa udp
GB 88.221.135.25:443 r.bing.com udp
US 8.8.8.8:53 login.microsoftonline.com udp
NL 40.126.32.74:443 login.microsoftonline.com tcp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 74.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
FR 142.250.201.174:443 www.youtube.com tcp
FR 142.250.201.174:443 www.youtube.com tcp
US 8.8.8.8:53 75.159.190.20.in-addr.arpa udp
FR 142.250.201.174:443 www.youtube.com udp
US 8.8.8.8:53 i.ytimg.com udp
FR 172.217.18.214:443 i.ytimg.com tcp
US 8.8.8.8:53 accounts.google.com udp
IE 74.125.193.84:443 accounts.google.com tcp
US 104.18.33.89:443 www2.bing.com tcp
IE 74.125.193.84:443 accounts.google.com udp
US 104.18.33.89:443 www2.bing.com tcp
US 8.8.8.8:53 174.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 214.18.217.172.in-addr.arpa udp
US 8.8.8.8:53 234.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 131.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 84.193.125.74.in-addr.arpa udp
US 8.8.8.8:53 89.33.18.104.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
FR 216.58.213.66:443 googleads.g.doubleclick.net tcp
FR 142.250.179.68:443 www.google.com tcp
US 8.8.8.8:53 www.google.co.uk udp
FR 142.250.179.68:443 www.google.com tcp
FR 216.58.213.66:443 googleads.g.doubleclick.net udp
FR 142.250.201.163:443 www.google.co.uk tcp
US 8.8.8.8:53 66.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 163.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
FR 142.250.75.238:443 play.google.com tcp
FR 142.250.75.238:443 play.google.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
FR 142.250.178.138:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 static.doubleclick.net udp
FR 216.58.214.166:443 static.doubleclick.net tcp
FR 142.250.178.138:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 238.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 138.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 166.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 youtube.com udp
FR 216.58.214.174:443 youtube.com tcp
US 8.8.8.8:53 174.214.58.216.in-addr.arpa udp
FR 142.250.75.238:443 play.google.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 35.215.58.216.in-addr.arpa udp
US 8.8.8.8:53 suggestqueries-clients6.youtube.com udp
FR 142.250.75.238:443 suggestqueries-clients6.youtube.com udp
FR 142.250.179.110:443 www.youtube.com udp
FR 142.250.179.68:443 www.google.com udp
FR 172.217.18.214:443 i.ytimg.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
US 8.8.8.8:53 110.179.250.142.in-addr.arpa udp
FR 142.250.179.97:443 yt3.ggpht.com tcp
FR 142.250.179.97:443 yt3.ggpht.com tcp
US 8.8.8.8:53 97.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
FR 142.250.179.97:443 yt3.ggpht.com udp
FR 142.250.178.129:443 lh3.googleusercontent.com tcp
FR 142.250.178.129:443 lh3.googleusercontent.com tcp
FR 216.58.213.66:443 googleads.g.doubleclick.net udp
FR 142.250.75.238:443 suggestqueries-clients6.youtube.com udp
US 8.8.8.8:53 yt3.googleusercontent.com udp
FR 142.250.201.161:443 yt3.googleusercontent.com udp
US 8.8.8.8:53 161.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 rr5---sn-aigzrn7s.googlevideo.com udp
GB 173.194.129.202:443 rr5---sn-aigzrn7s.googlevideo.com tcp
GB 173.194.129.202:443 rr5---sn-aigzrn7s.googlevideo.com udp
US 8.8.8.8:53 202.129.194.173.in-addr.arpa udp
GB 92.123.142.114:443 www.bing.com udp
US 8.8.8.8:53 114.142.123.92.in-addr.arpa udp
FR 142.250.179.68:443 www.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
FR 142.250.201.163:443 www.google.co.uk udp
FR 142.250.178.138:443 jnn-pa.googleapis.com udp
FR 142.250.75.238:443 suggestqueries-clients6.youtube.com udp
FR 142.250.75.238:443 suggestqueries-clients6.youtube.com udp
FR 142.250.179.68:443 www.google.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
FR 142.250.179.97:443 yt3.ggpht.com udp
GB 173.194.129.202:443 rr5---sn-aigzrn7s.googlevideo.com udp
FR 172.217.18.214:443 i.ytimg.com udp
FR 216.58.213.66:443 googleads.g.doubleclick.net udp
GB 92.123.142.137:443 www.bing.com udp
US 8.8.8.8:53 137.142.123.92.in-addr.arpa udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
BR 172.217.28.3:443 beacons2.gvt2.com tcp
BR 172.217.28.3:443 beacons2.gvt2.com udp
US 8.8.8.8:53 3.28.217.172.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 gateway.discord.gg udp
US 162.159.130.234:443 gateway.discord.gg tcp
US 8.8.8.8:53 234.130.159.162.in-addr.arpa udp
US 8.8.8.8:53 discord.com udp
US 162.159.128.233:443 discord.com tcp
US 8.8.8.8:53 geolocation-db.com udp
US 8.8.8.8:53 233.128.159.162.in-addr.arpa udp
DE 159.89.102.253:443 geolocation-db.com tcp

Files

memory/4040-0-0x00000000749EE000-0x00000000749EF000-memory.dmp

memory/4040-1-0x0000000000720000-0x0000000000728000-memory.dmp

memory/4040-2-0x0000000005750000-0x0000000005CF4000-memory.dmp

memory/4040-3-0x00000000051A0000-0x0000000005232000-memory.dmp

memory/4040-4-0x00000000749E0000-0x0000000075190000-memory.dmp

memory/4040-5-0x0000000005130000-0x000000000513A000-memory.dmp

memory/4040-6-0x00000000749EE000-0x00000000749EF000-memory.dmp

memory/4040-7-0x00000000749E0000-0x0000000075190000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 b9569e123772ae290f9bac07e0d31748
SHA1 5806ed9b301d4178a959b26d7b7ccf2c0abc6741
SHA256 20ab88e23fb88186b82047cd0d6dc3cfa23422e4fd2b8f3c8437546a2a842c2b
SHA512 cfad8ce716ac815b37e8cc0e30141bfb3ca7f0d4ef101289bddcf6ed3c579bc34d369f2ec2f2dab98707843015633988eb97f1e911728031dd897750b8587795

\??\pipe\LOCAL\crashpad_4972_TPZNXCHLCYFZGQWD

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 eeaa8087eba2f63f31e599f6a7b46ef4
SHA1 f639519deee0766a39cfe258d2ac48e3a9d5ac03
SHA256 50fe80c9435f601c30517d10f6a8a0ca6ff8ca2add7584df377371b5a5dbe2d9
SHA512 eaabfad92c84f422267615c55a863af12823c5e791bdcb30cabe17f72025e07df7383cf6cf0f08e28aa18a31c2aac5985cf5281a403e22fbcc1fb5e61c49fc3c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0dc94bb086e15e833dacf6e926a2d8d4
SHA1 27c1cb42bb2b42d9e885b08bf8a88fcb187a2c31
SHA256 e1cd77d9f8a532a46960b337ab0778938b2fbbcb3f0e6537020b02c8db85c9ae
SHA512 582a9a52fddff52f009f257f5959f2954910b39c2ed0e80d26a5a07ff91c7943cd76c007d3944e6882e9c842de4aaf3122e84cfefe97719afdffb7a79494e52a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c2e4e8edc67a7128960cd579e742a751
SHA1 05dff7aebc63ac219c1623235c39e000d3c3763e
SHA256 aad70c7ffb9de21d6c6b605bf2204a70fd33b841415db26407de159f87cf009f
SHA512 bc6bb2cb0dcfe5cc7081a9c824d0895dc1ab4b409f26ea2334132cd073a111595a3051048584aa0303fb72c1545bb7cb233aace243b99961bfb8f5dcde5a7eab

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a38e5eb8a13e8e9316178bf7598e4c7b
SHA1 7765ad4f19868f0c039b189d17ddd869b2417416
SHA256 ca6e0d9ae7da1aeb1906c978ac3a87d99ee4bdfca8aeb7be93be9597f51a8764
SHA512 1839672e4314dd8950a967b9f499378773c9d4b5d05221c8daa0be172fa9008645a58c26b468901a040a3caf864bff840ddc6ddd1cd0eca00f968e6171ba21d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7a35a39b9e354d5437d9001eb5cdb458
SHA1 a46bed51366dcb519425127073ad18a6f189c14f
SHA256 c4a5bc9aa097bd0da2f06aae4d3917b24915d7c3e31d70be957132a37e430ee2
SHA512 6e6b0f6c406da82502b360a1cd078e6a5bc7a4d1a511f4edd13e7fda104abfacf131dfa5f186799b1eb2cef17f6c7f539e04a3633222f92bfa9b96a797258a22

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 178c849bc8d993400e004de841abca5d
SHA1 25ed94e13cf9b120f3eada45c71c88094df35c96
SHA256 81e0dcb699270f5e32ea1a07ad20999a407aea26a0dd03e2b1f5c88127b9c44b
SHA512 f4919229f64ac6c7be72d46fd0ba061fb6fabdc2d8b1565fe6a7470a35069936632045e0d8c1ce9478036963196abd5e49f6efa9fd73f3172f21ba2f410d0ef3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5e27fb1f36b9b9216e2b3e683db07dfd
SHA1 819a1f182823e28bfec700eb337b175f87906248
SHA256 4c19354b04b7a2cd01f5518f7376b414a2d825088b9879dd10dfb099fc480baf
SHA512 6f468c32f365d033ef82aa0f8ea9ab3dfde8005f524ca6fb2e5a9ff66d082888e8b2c643c63e417f07635c17733874c5bf9b932ab9c8777a9bc1fab67bd8922e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 00a455d9d155394bfb4b52258c97c5e5
SHA1 2761d0c955353e1982a588a3df78f2744cfaa9df
SHA256 45a13c77403533b12fbeeeb580e1c32400ca17a32e15caa8c8e6a180ece27fed
SHA512 9553f8553332afbb1b4d5229bbf58aed7a51571ab45cbf01852b36c437811befcbc86f80ec422f222963fa7dabb04b0c9ae72e9d4ff2eeb1e58cde894fbe234f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 31a8cbb13da8f1d686ae095eb2ed59eb
SHA1 79a2b813c893743b261b9cb83e7ee12bded75f6c
SHA256 6d066387e25a035c0c253908e7acac98c79c937ef42911f086e9c7d9a94d327b
SHA512 cf813aa5c7c4dd9805395412178edc3f68721cc6baa9eb2e2c4ab5f748b0cc24693a6d7657acc6be827cc1f1e088c7eb5469f34a5ca16f28f2ac1eab4056e185

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 aa8f15defe830f558adbe1472cc39281
SHA1 ee8953a2026e8b36779eef483986434adc98cc6c
SHA256 b8b4ca8ed54e68ee78c63d8eeeca8937ab82d43ee89ee14249e37e8d6eeb2859
SHA512 fda00fe531b49c82f9f5674bb69a8910652b9cf074601338d244627da28b8655651f2654b4f561736ea8d4d54e1d5637bd10e16315ab37963c59bce51c513a87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8f120570a24b2785b42cd30822d9f1f8
SHA1 8fecde4811b382de8dc2db90a591706b93237c65
SHA256 3c4b9fa34f40dad388c279e9e62a62e3b5689133657f5aba7743727651791aaa
SHA512 74096c5d75ef307a466ad95e370bb91a8c6a41469fc7b009f78ec5faaacd1e9715dd39827e6ad04b1a505d5b47a2add872f1f96fe78ab95854d0f5b456308c77

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2fef7deea3b96a78c18dbdb64ff370db
SHA1 495304a988826bf37013fa54a84869f5b70e4a05
SHA256 73f21f2901d48d20384622ddb35b3960a5c64773a2682a91f26222c0b0af056a
SHA512 924f01a382a22b390072ea7f59da0012352db3609ecc2d913b9a6540ebce03857de31265b6ced7f35b464937f76c4ec21299715b6fb37d399342627306a82c80

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\GPUCache\data_1

MD5 d0d388f3865d0523e451d6ba0be34cc4
SHA1 8571c6a52aacc2747c048e3419e5657b74612995
SHA256 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b
SHA512 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\c3e91d1f-d31d-4422-ac60-056ee1fe3e3e.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico

MD5 c857bae5a9eab59c2f5080b798de919a
SHA1 c2db3057371e0fdef3ccc33b511b76ac41bd72ee
SHA256 78a819cebbd01fe4fdd106df46172a0b254f6ed912bfa12ee8959f744feaaa88
SHA512 d6db75919dec2fe780822906ea4c838b7f2f0407dee66165b6a93e7a0338b0864056aa6a9421a06462eaf330149fade42fbf77ca714ce9b4a5318941a7724413

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Code Cache\wasm\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\Desktop\Work - Chrome.lnk

MD5 c11e590e8e5d1c9198526a96c292cd73
SHA1 76655a4018703bb3b494024b792dd301cbe8743c
SHA256 6314c24575f7fc9c50ee6a75f07d9b6101561096611a28c8fb7c4778f4cf5ffd
SHA512 c208ae38eae429a6987a7249ba07b4cc79ee2924ffd5df33a292929428eb7c8c4d57a2a86ff3d4a5a7e8260bc8567680f4743a63bb43f001f0171dc8efa17082

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\fmgjjmmmlfnkbppncabfkddbjimcfncm\Icons\64.png

MD5 9ca95e4d4941acee74cd1bef23eaba35
SHA1 1717e5136bf97a89b5dca5178f4d4d320b21fb48
SHA256 80c1e2f4d89d5266f82dc0295f232eda894812820c5c625a036adf980536e5a8
SHA512 9fb11e36e626b0d9eb43548ba0e90cda27e70d027361c52437f01287e94f07d07da01a385ee2466963e305516f56e37020644ce03d1132322d7e796440c633b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\fmgjjmmmlfnkbppncabfkddbjimcfncm\Icons\48.png

MD5 f484337ddad3b425b5788e5ce7082bc8
SHA1 79c7e4c0202a06ef3a287cc76ea498fcf26009c2
SHA256 fa58e3209e408e4f0d60a7ed330d6f62884ccf9b593e37cde03e7916c116dd1f
SHA512 518a8e3d53fe86dc714a59cc70f8f0c44396d7569d25837c1cfe6212a10204080e0c4d19c43729f1815093af9f075693decbb9496700a2f00bd57dd3ed0b0a3c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\fmgjjmmmlfnkbppncabfkddbjimcfncm\Icons\32.png

MD5 cfd1c4fa219ea739c219d4fb8c9ccf8d
SHA1 1bd9c4a0c08a594966efe48802af8cdd46aa724c
SHA256 36670568a87c7b3cd1a4448ffe5bde9b6fd3d65b58e6dca38cc4ea2e9e8c11b3
SHA512 59918179057447aa18668abbdaacd11ee3f5e83c25a93f916a050a559ea1457d6ab61abd3db9def22b5214a1767911e9cf9fa8e638852032cca3696424c6a903

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\mpnpojknpmmopombnjdcgaaiekajbnjb\Icons\64.png

MD5 6078ddcccd0966b6c8506d28eed2026f
SHA1 86b7c92bcfb0e02d9a72bebaa6731891fa90e29f
SHA256 d982bca9f433bfdf7f7d8f759576273ee8a131e676a784a6d6231b068e21de25
SHA512 850dd615ea2422f00001b37603f25756e6304e190669aca90aaab08d2ca97d163402b3fe7a4747e76040fc9dd944861b5639c31d1b40528ca806f5f920fa3d4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\mpnpojknpmmopombnjdcgaaiekajbnjb\Icons\48.png

MD5 b7593fa2971ae16ea2aaefefab67658d
SHA1 df5455a066a4aa91aba3d2ad0df25e3634d04a49
SHA256 1407047a49f6220843e0b5eeb147273ac894fffb489ff02b7e920096f1cf23db
SHA512 0036d5d5b708feb7fa9dc96a705e0ef98c8dab39ee182e760515ae008e100200ee4645afa75359290f09dd1fc7f16c7830e39faaa5e302a8dd6a647adcd431c5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\mpnpojknpmmopombnjdcgaaiekajbnjb\Icons\32.png

MD5 1958a9b92332cc7b500636c414649c72
SHA1 3433cd43afc96397650ecaa2f3d4c82d985aa86b
SHA256 282c4fd7aec92fbe494f71a136c9c9111a453ff07f701ba21cf2f14b24f9ff15
SHA512 9a6791a1ffcd7b2442ffa33a132b95bc66dcfa5b2814bf5b84d8385e69b7243bed9b6e4a1677c3b88cc9de421067468ef186584c43a90b7aba78e2e19a1fd81b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\aghbiahbpaijignceidepookljebhfak\Icons\64.png

MD5 65e00211feede352e87ff869cd3d1b1e
SHA1 2ede8e165651f24a165f31bd2b4591d124d5fdde
SHA256 dc78a4be5b92c40c32dbbd4bcc3c65057105db062c088fadcf835a5e161095a1
SHA512 1fec808d0591868de3e27863e095ded619cfb825239eb05aab61f9ddb09bca28534e5a1a6f0d39a47affb7a3371d07cca9701b8dabcd297ff2fd116c9123fe61

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\aghbiahbpaijignceidepookljebhfak\Icons\48.png

MD5 9e1a6c45e7a5b26e6dfcb060fe4ec411
SHA1 8895839baaf4a6ce1189fd8c5572c3c8298ddcc0
SHA256 102aeb88e02ce1cd5c91ce4ab3c5880be33b6a440ee7f24c9e38741e79b46273
SHA512 323180dbdb0ebed3f398d5e7233f681ec85bd0815ef463d8351e17e99ee6f9f47badc9bdd9ab197249fe85e2c0d2457760f7bb7550c9c55110f333d13bfbe8fb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\aghbiahbpaijignceidepookljebhfak\Icons\32.png

MD5 40c4ea664da063cccf37a00d0dea5f88
SHA1 f524c4c8544d5e8b7d5a29ba74fbe865c0fa303b
SHA256 91289705a496311822aa52d067f2a029025293f1c22779f3a8bc483e211ce1d8
SHA512 bbe182958560fa196423bc1b50575b078e4a3b2b170427074442a42a3f21ae7d91d3115e75f38335c778070142d2d1bc929bfa22bf0fb2ae644c0478f6d58d51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 b78141fc75278d1a4877698f99124941
SHA1 b95fae4ec92d9b710217026b8482403475fc2b9d
SHA256 509db7db991e8934a134bb0c648fc79f5207e525c5a6fee28fd397a3fab98294
SHA512 1eed650c3229f67c2a57bed6cd8f37f85c3ee41ffd6de823b3211143825cbb4ed9fc01f7408e9b3e06f974a8e96ef51aefa7e4161748a7fa35291b213276d700

C:\Users\Admin\AppData\Local\Temp\df8a8f66-863d-449e-84a9-230ee9d7580e.tmp

MD5 83ef25fbee6866a64f09323bfe1536e0
SHA1 24e8bd033cd15e3cf4f4ff4c8123e1868544ac65
SHA256 f421d74829f2923fd9e5a06153e4e42db011824c33475e564b17091598996e6f
SHA512 c699d1c9649977731eea0cb4740c4beaaceec82aecc43f9f2b1e5625c487c0bc45fa08a1152a35efbdb3db73b8af3625206315d1f9645a24e1969316f9f5b38c

C:\Users\Admin\AppData\Local\Temp\scoped_dir4824_1471087863\CRX_INSTALL\_locales\en_CA\messages.json

MD5 558659936250e03cc14b60ebf648aa09
SHA1 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825
SHA256 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b
SHA512 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.80.1_0\dasherSettingSchema.json

MD5 4ec1df2da46182103d2ffc3b92d20ca5
SHA1 fb9d1ba3710cf31a87165317c6edc110e98994ce
SHA256 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6
SHA512 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.80.1_0\_locales\en_CA\messages.json

MD5 07ffbe5f24ca348723ff8c6c488abfb8
SHA1 6dc2851e39b2ee38f88cf5c35a90171dbea5b690
SHA256 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c
SHA512 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7b2e3ea7b0bba623f80513be4c118a5e
SHA1 6c4308295bfdfbe013a52ee2723f7165bcdfadfe
SHA256 fc5a6c3ca38b8acd08592326b5eae6727c1fe8599ef45b7b9c17da92ccfa269a
SHA512 402269b24f80271a22022008862ab5b993589442b62e4e3144ee5ec52608ef922d88cc8c881b9def95b1ec4dc72163328bcdc080c5aaea4a8b64d49f00b82eec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 646f0bd64ee1617c3f718bc49683b5d1
SHA1 c741146021701e98702d56f07c0487d3a3b387f9
SHA256 42541d16c833118aeedea1bbb88654e957dbce1b5c64a0432285856cfdcd04c7
SHA512 81dacef0781255647ebc77df1ec07e45c3297474046674ed0d8b06b68141a23cc63b8215b3cbc4c973aecf5d2f461dfbe77e2f68b8a25323e1c395879f48f8b9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

MD5 838a7b32aefb618130392bc7d006aa2e
SHA1 5159e0f18c9e68f0e75e2239875aa994847b8290
SHA256 ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa
SHA512 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

MD5 5da49ecb210d437d5ec87eb81ea083a2
SHA1 f3d5bcf4e4592f766caa4787013f506ed15b9181
SHA256 60834f61d40001db233091ec49c4183d9ecf7843b37e6932c89bdc73c745bffc
SHA512 0054c30979060c2358f915f1d7479d4f1b6cfef9dd599e994a83f04b3e35db42f6228e4abf36170ac4dfe52d5bbc6b15fdbe27989fc7784c95b8016c8074db27

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

MD5 5e62c85c97264bc4b67f21431d1d14e5
SHA1 7e76b974806d9174442e0f2a887da3a79f5a0177
SHA256 7a1e9ad4517b53199b395852630f7d1f9e28046458c306f0efd65e389bba1bc4
SHA512 1b40f7558ac338e6d49dcaf7dbba2303deea5d0e64bad645d277846d1855c73a5fd446331c4f9008d50297b6a330d49cb541954cd4ecf5b28a0abacac76c31ac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

MD5 5d60a85c5b44ea6ca1a662b07d47806f
SHA1 78963676cfecb07dae42df8876414a8421694070
SHA256 23c76994cfd2303a1c36d3b7b29153d0504eb4e4db65941690ca4ed112934f25
SHA512 61d9a1178451d66ca64f1cf2b926c0c739d46570ca59db4a1802481afe35c23f6a776d62d3b07ebaaa14bb084f33e7901cfe5f74aa3d404028f1f33337544119

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

MD5 85aadcc3a4540792f4bf44e70b2850cd
SHA1 0f0388d3cd6e916da7efd7346c3de8e48b532351
SHA256 0c2a7dde032f4674d9b8753602df3ac8012801101cffd64c7f1c7b4868923345
SHA512 90e65022aa64180a382723f168698e4ba52d03ff2cdfbf07117c3b66bb35ed23b7868badc35d19fa7af80733cf112f264e83cf305e54293113344e9e94d15c11

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13369064750058753

MD5 86df9d463bb8145fab624751fe5f5209
SHA1 a3059e44579e86eb596c6639cbed9c0e7661977e
SHA256 95e645b1a129ec3d4811f0de3556feca240caf1bf22927f642e410ee2173395f
SHA512 2886c391cda5f84ec7cf8773a10e60d65a7994f0d506bfa1a6995c7c8918acca2883c0ea1df10eb07855e88914acb6953c7fe97d00c06882fa1cf1ee4c625443

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

MD5 a4d9de2d5f30c0b938c41dcec59e9fb1
SHA1 a5bccb386d2f98a6890137136755be6b6bf64a30
SHA256 8006a35435e55c3a1a1123357278d0b3e1d80be33ae3b59e79516c64597be317
SHA512 3bf4c15a419fda2564b3ee261d1118f47f27cc4b815105e70c4f5c775a061c2d834021361fb594a8ec70636c133345e7eb425657558f9c6f3c9c4560fcf6e4e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

MD5 cef391092403fae94aabe3cc16d0127a
SHA1 6a6239c5463cb243624290ea8d5f288ba264eed8
SHA256 4a5506f745dba2d19d35a6dbc9177705f29a698004be9dac47e9ec081211387b
SHA512 5cb1cf8e43d1b8b7d548ada149b5da210071869c2cc4752595f786f224856fe75ce119d7be3b173c584ed382ab6f55904d78f25f6e31737724784fd73608b44e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1

MD5 f9e057d64c279f37365d992fbeea4108
SHA1 a90885df7a60eabd3607abe651714883de840e35
SHA256 744333c1cffd93a16387ba2528bddad341ebf8d597402c693c67d9a182d6228d
SHA512 e013bd21c0d6480fefaf23e49109796a2776f1e906c9fa17250238a1adcd74617ad79c080fb854bf52b7720a4eec51b7f7950dd5d4dc439fcdfa3b4c42f8815f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 9a35e10619e92fe055bc1ed9a2767107
SHA1 9abb6520603eb621d39a8fef96bbc008a8df4f27
SHA256 5906159de73933d3b5d0ca64cf4ee4504c71b4ece33c175886ab559f423df815
SHA512 782cd307d3ab9aafb39bc1434a096a13ec898ff5b09478c60f6728f321cbb21a8c1dbd681b507cab5e632baa5ea4e2c31b99715c7ab1402dd27efc94bed72cd6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache

MD5 a9851aa4c3c8af2d1bd8834201b2ba51
SHA1 fa95986f7ebfac4aab3b261d3ed0a21b142e91fc
SHA256 e708be5e34097c8b4b6ecb50ead7705843d0dc4b0779b95ef57073d80f36c191
SHA512 41a1b4d650ff55b164f3db02c8440f044c4ec31d8ddbbbf56195d4e27473c6b1379dfad3581e16429650e2364791f5c19aae723efc11986bb986ef262538b818

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0639a8a8bf2a0e41bb02185f6e19afa7
SHA1 98c236e4402a8f8314e0517377c6420e34e27408
SHA256 73170e48cb2f6a7d08bf682b79c9229d17086dfc004500597f24d8a0ef2af898
SHA512 05f37f9680ebc972fcd4188da923b07e92609b24eeb1bd0d4e913f1ea6dd7983f553ffee82524323bb82765dbf42767acf6388656acc6062e3b3a1192a848e48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9a63f580b2a61b9a213b38241edf34bd
SHA1 52a8f26a0d3e400077187e0ac4a8a256e315c713
SHA256 51f628cd8846770b72449cb35ba92fb19df960486f5838a2bac6a4db642f7d89
SHA512 e8e6b4cd13ff1aa5c58d662e1f980665685ae1fe61fa182736c2dd83f209f492d72f7248a4d5ffb6a5ab397cce9adb97fadccbcedaf1d408a45c328d3f599770

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Code Cache\js\index-dir\the-real-index

MD5 ab204e842429ca98ca11b27cd69b32c9
SHA1 ee39cefd4b8a2abfc31d7478fd47e659a2b6c2c4
SHA256 c597eeeef36cfd0a11c32857e5fa57e903c6656782c04e2bd2ba8f74bfd5d01b
SHA512 8ef070f2faa7760bcc4993cd9b93a3622a68a6400ec2d1e181331ffafaf09414b94ca76135602fe41fcaa5e4602716c6860375d5b89ccaf15001dcc9a8993ffd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Code Cache\js\index-dir\the-real-index~RFe5c3197.TMP

MD5 17acc44d826d5cb731b34406e4a76409
SHA1 2a2a89d5b82d07e02f0756d68188fd2f3fffc71b
SHA256 15457fc1e4bc59605ab78e14f9397b55458a6553312f1855e6cb31146ef536a4
SHA512 11033eec169ad417edeb9d81329c185068bde38e5914225bb10abfefe74131ab8063436afe3c86e75177b0588113964e1303625bf5734b7e11032c273d81c413

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 618c03d08edf9ba58c7266775f734fda
SHA1 c224e368e9397e3895e4da0be214bc8aeefe4d40
SHA256 433713c102ffc8614266b1fb767a5dd4b62827157ac373accb0a38c6c01b7452
SHA512 aafe22b19a815beb05eb08cd620d5acd27988b1ffea430eb64005d66415eb06ee71ab937a69070077e5360d7e0a4312430de692056ab050024b8d6dee82c48ac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Service Worker\ScriptCache\index-dir\the-real-index

MD5 7feebfb4fdea390d9c79e01556d1c6e2
SHA1 71236ae971c329974e6d165fe3915c85422bda80
SHA256 ed5afd8e686e8e5295cec89f11df9fcbcb28173936738eb04f0df7a44ce7c232
SHA512 ed0409e65a44dab8d42df90246ba38c6e784ead6de171c26d856883d14c22c395a6fbda278fb01a6d8b88a037326d84ee2c72f48107ae3143c46e01b5f444745

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Service Worker\ScriptCache\index-dir\the-real-index~RFe5c3e78.TMP

MD5 fb513198ac09c783b383b285f178b992
SHA1 1a89af002defcae64535a10dc1a9b0767ad565be
SHA256 9c350232e9b025ad46ed5de048a105c261ced1887ec604e7b65075e1e0898ec0
SHA512 2eda57e4489e57fc8cb505eb2df1dab8bbfa0fd0540a28f3ba6661bea2e9783a2bedb5bba8521c7ef7f5781400a738b81380ce7d1fbb62f9364d0d646e8a5e0a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 0ed59f15e690f546403a650f9a009b04
SHA1 15ee124aadee08eaab218150ed02234c7d5d0989
SHA256 e390ad2daa78fb4fbfe31830f028bde7fea274591c8ee8fae3a050db5abd4580
SHA512 99faf35bc4c2a577a852afad9f840cba9fcce377dafe5d9de3dd9bb55fb841b4b617471345541d8acdc69e7951b20b44d79ea30a5efcc7fde05dae09b17a8c77

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 5930a5c8964a2a1315e0a2f3adc3d4c8
SHA1 a443ef61a19324a6c63217594c5d37b7d1cca540
SHA256 ad4222c98b19d3abace75a71cdaea9ad8b507b9341e24703424f63b726727216
SHA512 4bf4f565cab7b11400d8d3a2611d6f8bb86b3b24a16f3fb0e3c5548f06d979f165cb5a20b0f5a01d888c237c38040abb4d9920eb1a55def3d336ddb7f0a5a58d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 d770eb02c13b17cf8c6c06ee86a25c58
SHA1 470319b9e51276af97845e877bd001f1f51ccb81
SHA256 9d4c0cc6eee1ad8a76a188bb93a506cb0edca0714ac83fd58389cef0f9e9c917
SHA512 b06517add3d1356f8ab0b7d2e57021351828339c1329cad5a25b00ff081204c7acf61715fed108cd190d4a75b6fe2935faea170cc7173c8fe93e309121d779a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 2e9c0a05c13a049635e793552c7ea547
SHA1 3b383d167e325366f1304b3fad27fd27c9fe7697
SHA256 09edaeecabe64897af9616bbad3ecd323f34db70b33bd4be65e7b56f67090144
SHA512 096f70d5a85054db2f999b679279d013de6e62644e3e3a82d72f0ee6b045b182ed8b7e54c338718b6f3153d74fc1fbd8ecf5665587ec6b6a95da9d833b63260e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 883dfe33a0a40e00f1e0e253dc1326d3
SHA1 49958c70f762584df2eac72ac7a1a825a1ff7061
SHA256 7421f56439ad56f8f5e06bfee5e768ea548d1b07f6a2e1298f71afc9d1fb37fd
SHA512 fcb1b346c8c2cf25bd87e3c43e4c7b1f7e0ecb24a75cb1dd0b049e441b73c8764102e881c329f0fbdbdcdf5713de87528f223d7b44c4b5edf06768ddcd5395c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 45c789540790013d9774f3ff7e7c6eae
SHA1 0119ff1d3890812388429ce55e1496c9299ee799
SHA256 c0dc132e3c89f0d468305230fb0a2d8f40501413e11f0564241f905c3b1633bc
SHA512 df5a99ceee33bf7df9a81ae9faa140d73385448eef61166c97a44140a61018003e47c0f5fccf73ec5004249dd2e69f89b129a26599b7bf752b96e1d34445022a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7bcc33007f6c23010e5adeb9a5d0c539
SHA1 6f2ca850fdd6300c41e142b1a4505f28713d8f60
SHA256 22692ba011625b8d5f436e0894f1052d912c45ad659b20d915c3aa216ae10e01
SHA512 11a940e8fcafb35dc893da294e99d7e37ffd4c48224084628302acc10998c51a05dced18d7f6693e41f28f60ee8badb0247242f4f0303ae2f1f2e8fc9c8f622d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\8e162194-5b78-40a9-8877-d4b36df6818a.tmp

MD5 8cb5a6c34028099f6e454fec55a9d75e
SHA1 a22e21aeddc4695ee4ec4c6f42138a932acd57d6
SHA256 934c78a120aa1a374153c77e65837d79321672ca44fc7cd5c10f52632ded602d
SHA512 37f0d21c109bcb9d4441cfffcd70beea8d8f9557bd43b64e25f79459c8c22f422559f7e612bccd4de9ef1823a710047c2c24057641d9c2a488bb4653c763ba15

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\04f85ce9-d04a-42c1-a4df-8095552ae7d9.tmp

MD5 cbaa24af52f9da5fe8fe9fe5cf190b8c
SHA1 1e21d9844f61823a316959450d0de857a5aef3cc
SHA256 211c6d056bec017854c11895635d31a5d34e0d58dd64dbbcbe28ce06ae679b42
SHA512 7388947248f36aa7c13420676acdf75edc4e26dcdd9c9bb840a69e138c89c7de7855dc277e4dd5158423ac2e54f71e5adce629747a6cacdd13a096837ebd9417

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5c7f69.TMP

MD5 64ce763009807d0f0423206e557da90e
SHA1 3255bbf643b452cc0ff70222068edc36bdeba595
SHA256 0a2b1f2a64097718f65d5337ec6016a1bf376d5f0dd25a43ab03596936ce0089
SHA512 b3a21f3d0ac5c34589a8ce761c586f99d22e704115a415bafaa50d9f083dba3935b9cb5ba706b04e1f163050af1ed2cb3c2740651ce4d6179e78c6fff6de1f4d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1a60ffd797951bb5604b857fd668c381
SHA1 1843c19a025a29db2a17376c663d4cce12bcf6f4
SHA256 4f22e0559b7133e697ea41308f62825379069307979471c261eb142602c508d3
SHA512 ebddea2d4e1b19f992eff7ed3a3c99fc15e0e9c481c03c3859c24db297ef72f4c1790458fccc0a7cff86087621d174a1c643f12ed231dcaa9474147840aa0d1c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5c9060.TMP

MD5 b714d54e3e8274202d46d7883b863a89
SHA1 bbc9aa4c5baf3da75ba0506d1fd47c66ccf88b57
SHA256 49aff98b05ee99bc696f9820a11e711ced6e89f78faa8b71e0cd5dd769260a69
SHA512 e0537f39d50babc9ebfdca77f0e93a31dc2b24e2354e61c7ed477520df9ca33fc8865d623f0db524a3c20c1805a99753de762bd5e118991eaba24f51c35657a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 903df1f22c43ae4e42235a9daea45f32
SHA1 646085ce9b3a8b6feb522a238170860d254b4269
SHA256 8bd71a8a7cf3541223a69cb0e0681a19cf7fac0ad8948362dd5c73bece9295b6
SHA512 9b2a6a855cb694c38919539f12839e20937f1b9b2ccc4ede9eb0c99a41207065d4e7193d12a9d6656efcff0ff413d57bda247f7afb0045b72608e1ea2e35a26b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\610b18af-d2a0-46ec-a2ef-bf61f4562ed7\index-dir\the-real-index~RFe5c94e5.TMP

MD5 395033050c9f031cef18de5303ea4f50
SHA1 ddce525f3c9770ae6755bdf6f8b0129c2ce16b89
SHA256 a543f898bd70924fdc30ade2a04e3e11b38777faafd13d48f7e7aa55e1ab7008
SHA512 a735e8c6831782aa6f5372f5aec3e5c298331a2450dc555d89d25b8fd5e16127a38a4484ff9b2a58301e9f506feb02724a43acfc1370c6b0074d58a70095dc34

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\610b18af-d2a0-46ec-a2ef-bf61f4562ed7\index-dir\the-real-index

MD5 f5283852181046dab8310c995aaadb02
SHA1 dab9fe8581ed7050bbefecf1a550f52a7ece5877
SHA256 e81cb641dad1d8b7b4033415fac5eb8586061d1a2e52c23f978fafb25c745c2c
SHA512 72f9813230df3f8f14364f9b2164ac631e681b66ecc0757a78930d45fcbd945fcff4db7bb832bcf256237cdee3c26854f37f1cb0c8abacace3e2979da9df0a45

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c3f333a3-3095-4001-a629-52d752832ffe\index-dir\the-real-index~RFe5c9821.TMP

MD5 2909763494f1d92301ad20fc1cda9bd8
SHA1 adb9f76f97732b0545ac974f1cddd7f406154ea1
SHA256 1a966206cbb0bfe1deb151dadc623dff5f9d2aa8f7f971513470f5221c95d3da
SHA512 9799f5bbeb4abdb229430998ecb2b4cf9e04e7f935c2bc7931b14a8d9b3e35cf0939985d3ad817b91ab73729a0b30a0ac737d63ed1cb8ce34693acbbfa661f76

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c3f333a3-3095-4001-a629-52d752832ffe\index-dir\the-real-index

MD5 1825043798ce775b13e3ac2a9d05653d
SHA1 c1d52358a63f14030c6c102a0f1c17bddd18b5f3
SHA256 42b1f5d5bce5072ddcd068ede5f69ef7d864155ea4e67c2143269519cd09ba1c
SHA512 7f420383d54d504910a7bd4eb24b4422b61444266ebfccf866039157627b002743312a56f0462556f5ad690e37b60544aca7f00b52437233bb601f9d8d66759c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 3a3ce4b79892afe0d8026a173ddc0585
SHA1 024dd0f6d6d1c9eff7678baac39442883d4e6183
SHA256 44ac2401af6696bb6db6755624b3ddb8be75b4739bab1bcb0933d1144f1ce2dd
SHA512 0d6a80917840c4390566ad70340916dee74535a6ef24a1b5a83b77670ed0d33d9c9fa340c507a54cce55fb61c3e326220839a5420e0da2b508d3e7c07c74d7f6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c9d85d26145a90201184b1648b2d9c6d
SHA1 7661f36a8a4a2d2a92b2f68aeedb8ae5c8bfe079
SHA256 7a339d0ac9e00bdbb11b9391e7d1ab22de982b51f306b970baf50d5e66d0b155
SHA512 cc2b1b4a6f08204120e379cf8bde370f8d34345f668ee53f02e4e99217d60cec2ecbca102c1f64e5d1cc04108725ed4ff60a624830efee2425fff7aa615c972f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2526e86431d42652f350362c0ebaa61a
SHA1 79ac19d29fbbb4038c4a06d83a6f1efbb4714d40
SHA256 c81398883a693ffebe10856c8eee419ff7726cde90206ec7d5241c04bdf14094
SHA512 adcd9616a3536d82a2dc96affa5897100a04ddb27a01db1339449f1ac64b8c04a199d611935859245cbb4910abbd0a1873cbb004c35420649ad547ce72b696a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 6bc9e1bacfb69c0c4ae305842d97765d
SHA1 68fc9a6ce33d2fad0599fe3350670185cd64f0bc
SHA256 46ff47ac5b636d6af629252e7cbb6cf9770ec5bf34d0f07af5f0e0362bf4151e
SHA512 b0b35e1dba72440e32bf9e9bc1ce648407eba33c6a5d34c1194cf69322d62ce3aab8e3a62640b5ca88bc060b7a343965e6e01002da5c0196ccf7b125a46b3754

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Network\Network Persistent State

MD5 053fb085e599c8c3a8863e529eacaca0
SHA1 6fb9d555983353621b6fb713a1bde8ff27f7d2db
SHA256 dfb1a7962095cbc5e268816c13e3a02fbc5e2a91ece777c8bffec78c23b4dfa8
SHA512 0088181d922d7ed3a370bef0d5d4dc255af638fa1c3ac5dd15c0c340d7690ca16a792ddc7a4a979489b590d254f99ed6fe56dc07fa9d8bc19cfcb7b602bb204a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Network\Network Persistent State~RFe5cfd24.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 259e70d21a202ccbc856995195211819
SHA1 39371fe3dab261829c093d44f30b32f580b08905
SHA256 ab4d4fb3f3c453c86e86b0c14974e8bcc2249c64509c997d956b4590b312b7c4
SHA512 f42fc7eb0183811c3d85f9a4c324cbc2c1f7710d240c4e4524f9903a39be30423b4aa2fbb67e114851bfa6c63a3a838a4446e047596fbf311057b47a8f060775

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 79bf529e24cc29272b22fbdc45a4fa87
SHA1 2cbd4bd914ea671899d40b4bca51f02a0e4cf276
SHA256 e75b48dda5717858d8375e7701b07f4f281f6213f8b3c719707628c1caadcb9e
SHA512 594f19a28c4a4217bd0356ebb561d19495be5e367d0249591f87d808ed883155c1ba78ff052ce378525505848a86c24bc1bf09fb7c259b789d60f421d7a3b4b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a92df161792ece0fc7a7dba671eb93f3
SHA1 0301f6e4c1c57538c9554f3bf6a39c3162fc2eab
SHA256 489a591b4edd2d99c0d95980df9de298f736d21d07515aa1cb1cca73574b8a43
SHA512 cd75e0fcb62f87b76ddc9378e76e30c734d78c1802d5c036e5b2aefb02988da37700f2bc3fd88532e99cedddeeee35cf5e3776de197200c0ef94c8b70807c881

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6dbb413d3a82ce5742fdd91541168d2a
SHA1 d61503654404e8014c16b68222c85ae89b160de5
SHA256 c115d18507c3e4139a4015ce8c01406e137facebaa20e1f982dbf9f5c8b132a0
SHA512 1589803b5848f849fae5a1d0984e0c4f74515a800eb2fffb1c904c9f77f01c3868b6299eeeeda3e1e148e72e5c660b84e3d9f8cce3959a89f869bb64e9c04890

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9b8bf559367dbe0e2c4e4d95ee34a9ab
SHA1 e52620ea362ac40484e1ccd9005959113080e0c5
SHA256 8919af28bee501be3b66499ee30cce6301bf34c3cde862f213adfed8f740adf3
SHA512 4ef6543994185d696ac8f61b609a6103e4911dad8f86c982f01f92abbf9ea9fb59551a8990d079c163dee07ced6131167f57a360a11e5df19d9a37f76a183a33

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f7d3a6719801096e5ef6a5e2caad2ee6
SHA1 b720b216f3089a19082bb482e3af7c622c0fb4d6
SHA256 f5f7bb0dfd1254f85833d1deea7b843b1a6198c53cc2a86671b11e5fea7728bc
SHA512 ce30e2d73ac82789aad1e2853e3b3bd24bbf1bc35d7a44d74032b63effde651ffb6713b0dbe74ee4dcf1b17239be198ce4f67db3289cf7cfb74eefdbabd65f17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 10c33c525f8714348d0618c6dbffa744
SHA1 1c9cdb090ea53698d4942ce24c8dcc03aefc3281
SHA256 adab03363155ea8ffb0a363e7242c4c68b5e4c66e11c2e6d4089c88af67af8f1
SHA512 2e153cd7b3a0740e9d6daa18cf90ad16dc72939094e3dc0231bea7bc5044d474ecdaccef716e1fb19e3a1762b62901c8a77049fee2ed9f4cc159ba25d8e50c67

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c3f333a3-3095-4001-a629-52d752832ffe\53372c5e42e545c3_0

MD5 101635c24b9bc54df4a9ff950f519be6
SHA1 e776f2da8cee884dcd6e73355cb2e1a7dbf4a234
SHA256 29456f5306c21280206901a317f88ef891a39659eb8f2a3c06ab29859ed51102
SHA512 0ac4365f9c77ea3454292a2ff18fc4428fb7af8c112b7160844c6f4c4126abb988b9903355fe898e6fded05f9a181aa748acac4c24ddd63c3e3e7f3658f3bc42

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\610b18af-d2a0-46ec-a2ef-bf61f4562ed7\index-dir\the-real-index

MD5 9034c0ff458afc6b822fc3ddc2703a0d
SHA1 42ea11359dc193cdf80ccd360e3eec31b0871ce3
SHA256 df6abbe7a73757239c4f4dc79a3d3361186e6590ece8d8486bf3298975a89fa6
SHA512 5f3c6f5c8514ec526cc71db4d19dc812cf350a094b0c17f7f4d42b840b6c6823591331359e1c7dd83e78dd0e1789b426e7f8a4d953466c6d2c4b64a0960bc449

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 21aa6df9c76a149f29dd31080eeb5ade
SHA1 8d783249318c3bc6ba67e7a12b526fe62a738299
SHA256 56b59379cc8548d3bcdd668849300af8d7c6e5c657ce45b596c713407b152598
SHA512 33e691167530048179b20cf4733759feb869967ab56d8cfab5c52efd826ec3d160421ffa31383c93093c8b05e4d32368f371992ccaf935d5a7653fa83acd3f73

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8bcae424ceb46593b98b0930f987665d
SHA1 6b7b569765a302c7f01a7cf45ad285a4a3f37272
SHA256 969452dcd9fdf0907539a47c6a79670153602a70f92bccede477721ce25aeadb
SHA512 b792c4904ab130dbf50a918efabbf205ecc2a6be216d7f5b52dd281fe540db056658380ebcb712f7dd090042e0a0cbac2a4d49a7af29079d45dab3918a49b966

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\610b18af-d2a0-46ec-a2ef-bf61f4562ed7\index-dir\the-real-index

MD5 2f2ffed7f43af1a02782d48b2e7136ce
SHA1 72e9165003e2ae6317598ce5aac85b54270aa919
SHA256 ebda66ed498e6a52abef84ffe106d40e571597a538fe97001a5537f95de58f05
SHA512 6ee3c9d8ee374d14e128d93fc9358bf292d0b03ec522f81f7e914751f90fb696a5d8428f324841f0800a9bfbb7a9f9918fc560c6a9fec39fc78f9019041068e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b0b37d2b52720400461b46f80aad97dc
SHA1 c4cfd91019f35444c461d7c29cbb68bd0dcfe435
SHA256 72f86c77dbc824d4c9b0ceedc2f79d7e2cec210faf70b72fa1cfa2d30cf6fb3e
SHA512 cd014a56eb8c6a8ba640a9258dca543bd5c8b37c5cf54f76b28183531c789de52b02af7faa03817458733218db65fa5c1bc35369cb2c4e17cd2616226f5a54ba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 425350d32883366506dfa23697f85b45
SHA1 cf855b240dd22082d667a1000ac9f7edac50164e
SHA256 851d892a6280736f2eab13df674c61ab7ddc17e30fc65079ed4352cdc6b24741
SHA512 540fff6db834af8ecbaa0428c85b39d1995af3ce8e6ddce28b7761810a43284f81dc00edd614a3c548266e47d66c425d02dabb665a42a0773fbe561ba549f9bd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 54176984fc5b37eeb4b789a04bce0051
SHA1 cf429d6d33572d032df3593cfa2ca53d084f9e0f
SHA256 b197de855006f00910cc548b37d846cfc9ed8a15f5972aa405bf68f0bb4b7a73
SHA512 9b20b6588ab97bd7ad901f257cec196d3fd0994a22848981dd05a6c3af846f3d631292149e9c45d25ce773ff6cf555bfc81761c1c3f904dfd214de946fe64fb2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 5e4ae3237f221cedb80f3caf8e12dcd1
SHA1 06f10a8f3ea7d27012593fbbb272b3101631e538
SHA256 5de096069c91fdb2c30d44f5452b24c4ee0c8e8ae13fd172ff305f05e7766d69
SHA512 64e4118f1528af1d853cf09fb4ccec93c96f968ea8331e9aa976f0c39112e9409f36b5c0912ee965abc70ffe8e88519cb816f1c707f5d50cdd78ace789dc2bfe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 847b283a603aa2b5e8eca3ba671824ed
SHA1 bd22d0a256cb7a4363b9d01bbf96fb932c0dbb68
SHA256 523db4796fe058fb8974fe920917652492407bca044d02852d8458495bb085be
SHA512 8195d538264aa7c7ee8c693eda12b79de3e5ae80741f4f01ab8692810170ebb51becf0b0954e48fd09cb4989c5752450e18ca10c016333815d5d4ed0cf5a92b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d77f0eb982a13dc2e23e748176888cc1
SHA1 ca4c3227bf0d9dcad5d7d246157357960ed6cdf0
SHA256 91efb8a7f5e9f5762a52ebcf1e847eaceacff133be86ba44bcc5e406661bad4f
SHA512 e6fb5c71c3907951ae1406fb3feb33c5d2c0399ded58a5ecf158ea59c19a04e693ab06a5243b041eae775b072fd6fd72679ae2c60e843f554391cf3cb32f5a9f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3018814ee6899e9ea3600876d25249ea
SHA1 6e005fda5d63cf7b48b61cabd6ef3fa179a2b593
SHA256 92a301e2c508ea05cd56733467506c04a780faf9799385941d1506f16791f908
SHA512 eb0d3544db849a9d93e5bb854447bff286a7b4ee91129123502bfec2ec9f051e6a757b42bd0dd4f3a267423be67ff0e3acb2ffaa12beab532d20aac6cf794104

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bc216039e0b0553a670dccbaa0c654a2
SHA1 1361974deea31806742110de6ea7d8344e68e46f
SHA256 ec7f6796f118b3547713d26526100311acf6681f2fe8ba0af28bbefad44b14c7
SHA512 9ea50f8270f8de98a9baf53fe8259b7f08d5022c58237d56bc084505782ac72cbf8a5825ad267e446e120228f82f111fb2efd99734a0f45b7ff461a075e5afb7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d4431bf295393a50b2ed6534bd6df37a
SHA1 cb39f495c9cfbd6e6ca8cbde6d0b715e3bc47b74
SHA256 765803c094424bede5ed56a889833a0e3a6d1ac55966407e8415fb27fc80c3ec
SHA512 a0238efedae2eee543bc5ac12db4d9c5c20f44404b9edad5f61f85e9d8a91fcfc1c90c3f8242a71bae3241ca5521b1d4c2cb0939b2f04201b5d6528c29ec0999

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 bea18777f2311994d4608dca82151bf5
SHA1 221526b3b4fe45125af368e031e5465c4e7ff6da
SHA256 012b2e7eff080e3bc38a1b563fc562f12c37854343715608c169278408b96b03
SHA512 7a1264d0be059eb33ad017bf6ece2a278d0e26ec15da04573feaa7b7a525a0d6a456b50d3e74a3f8362c46e4031f57e5a0aac5f7f9af1fbae65f9d3382eb7989

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 7b558828d09f95e2c62d9f533893bbf6
SHA1 238417860f56064be0d8fefd061c9779d0001054
SHA256 0f9a1f98b1c4cb741ae21051f3eff698f5c0ebb6f3585cd468a50682b5ac3e92
SHA512 897bd7c8ef4bc67d80985e00d4952d12f2dbbeb16acb699f749173aa3fb28166c88399ddccb2668b2cea101e3dc7218896055b0c381175673e03f49a5cb7a7f9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\5cf21c5c-d45e-4949-86c3-0998bc67a9fa\index-dir\the-real-index~RFe5ecc76.TMP

MD5 07dbb2dd11d5c08b007375c522138f63
SHA1 2b54bad9a14f39faec5ed685b86b32bd2969f48d
SHA256 1a1a7f277e60196d5e6ae5c844513f80ce00fe51da286570a12d7e5b909f3f1a
SHA512 63208aeeff352ecde175ddea091b08735d48c314c37412cbb567c2c759ad2654014775e472b86804aadbc1446abf9e775f37dd722d6d0b9416197dfcdb5bd645

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\5cf21c5c-d45e-4949-86c3-0998bc67a9fa\index-dir\the-real-index

MD5 f7e1229f39c9e4d18134b927064cdb8f
SHA1 efd8c385ec0147e2a2114c579c76f6433b1b1110
SHA256 67b55ecaabe55987ec62861a93f5a96fb641f653322efa316c9eaeb393c34372
SHA512 cd267b0c2f10eee7859490c39ad4ed663fad13d0bdc6cc350b75386ab6752530afc93a583b60100343156320ecc0a351cdc45365bc58f3f029de2136fa42458d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 40bc3b45f2978079f69a72fbc673ad37
SHA1 71988157093a1decdfa1adac3e47bf3a00223944
SHA256 22355bff2105fbfad444723787bc90be0b0bce9ec212bcf8cee0cf28ca4e6782
SHA512 e499930f1d368152d49527bd86835af049b7746ce7d80a7db4320fa5514a7824b26100ed8ed62cdd08e248c9a4d2293257810c62929268c3d7ac4fa088acee44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e731e6d27ca30572dc8bda10a388dd5a
SHA1 7f17828de2fb2b30ba22d34836c56fba467c47d5
SHA256 edff29b9d2b48170fecf8b3fc5aa18df7fe4f53796484282fdc3d7accbc80d29
SHA512 bd1a0c3c52b7270c760f90adb9c1a1a3118d54d9eb1b3d2379f04d45c90c6cb58ee172808b16fef0029bc02fce257c4e875dfd554e7837f2cf09381674237d79

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6e1c0368f3bc78a2b665c03958447c8a
SHA1 c3f0664b27ba1c60e23fd9e87b53edc502e443b7
SHA256 c2ede61eef148736c7120fc33a7154d9ad5dbf362bbddc658f20220175fa7c52
SHA512 4ff5072f8bd94ce6bbbcfd98405476bf8328fbac0ee8828e294e548512506db49cb8ced17cb6973530a86a25387e33e2bd4977b44df2db191e9248e7229be9f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 63876d4fed2a697182d2288936321799
SHA1 3fa50126acb5873253c71f03f5b01568acce7ba4
SHA256 2c71f0d410a95adac8fb39c264b1a21280b37c44e8517d94c404b80c61219980
SHA512 7a311d206ccbc405d93611df4c8848eda7a383e085ca2003be54a97776d1eaf91e8ac2b6c25ba9b9873ee5023be3482f7f7f777dd76d35239481de77eb267e21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b4ac1c740658b7d458656b863c7a3ce0
SHA1 f92ce56e661cb49eef7d8cc26a58f9bf9b9b7783
SHA256 acc700cfc954579a1b9c977cebbb7441225fd641ef903f0d5c0dc85ab366cfb5
SHA512 55d91302fba1baddb5b31a6f9eb70be87c6830587118a5901976027e1dc505c0c6f5d1410a41122e1e32a2674ae782f588457a5035c6e980e2c16d7845de26d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6dc6c146eca100a4c684cdfbcc5c23d6
SHA1 bacd9110a43242eb5aef5dff5159b43ea1d363cd
SHA256 af544120bb00e06e34949c25d7842760d21774ed12a022bde2416cf480c36f39
SHA512 f8a6f3f031e3e6ad37e160c0f3799921a90f92ed10838b79aaac24e21cf66e5a0e1bad2700523f353ad51f2405244e97d2e4265902b5fd2772a2c2d5a56ce257

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 1158cf43e58800f951e3a4cd69a07947
SHA1 28362682c4bbfaa052c36b86f50475edba0dee91
SHA256 6f23fe6875c0eb69bd3eeb6143db7db04accefa5dc9121411ee02fd4bdd84bf8
SHA512 ed1bf4e8c34e8838beedcecacf7a2aa0de7098f6ef27e504e750c7818908f86d1b1de2409552eafe3dad846aee59ae6d76d7198a1156a5388e4e153fe22e4f54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c436bfbfa5aeb230ef3b86b16c4491e2
SHA1 a89393fd86ba0effe0eb817e34216890bc5876a2
SHA256 429a07e68245b753fb21c86eaa881a329a8090e3370412b1f860335c169a501a
SHA512 5ca9c6f1ae557f52c3dd65f387510d0497215560796a1ce80fa88e58f3e0bebeecb4cb6189b6e6ce27936b7c345cce44f6471e51ef34a85230e72d3a826c33d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\5cf21c5c-d45e-4949-86c3-0998bc67a9fa\index-dir\the-real-index

MD5 abf0e21b413971552b819f65f2f9e00e
SHA1 838c315a8e417dc730537a037653067d0c60c1b5
SHA256 fa7654fb245ffafa0cc1a148c410b2211815c24dc8a141a7b056e527a1390fed
SHA512 1ce4bca0eb1734cfb2b27feab7c7a8bfe34619abc86374d0441fe92333cdec18438e8828049de1cb4fb178da3d23ba8476da123113c9720e7b2af436ab713b1a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8fbce8024735da99709a06f77c7bdbd5
SHA1 aeda21e2183da504f588c4bb2b53b7f95baac669
SHA256 12b3bde7dd1b43805b97db32696ca5783c09afd196788647c935da81a7a6416a
SHA512 af261e276b78a6faa14d4521b892b4a16883e5c010ee86ceca888aa0c13a05c86858471702689fd40dc5dfbcde8a0f18626194197d499d20145cfb15066f78ac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 97a0d30baa0e22f2871b2e78ee9a7d14
SHA1 32c15b788b9f73828dfa52a5b9ca454c4cb2c657
SHA256 0669a3f26e866964e2441ef075eae34ad34254bdcbcbdf3e35786fce6bb09e03
SHA512 2904a78ad7aa93703736f0255c2ace9cda2bbdb05517951481f252139b451047ffb248bb1d6e1b4823f2623fe88bc8e1b817241584b62fed0b3de23e68896008

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 b8c0e01f59c34b9a469c44bfab21b2b5
SHA1 03b014fc1297fe791f6e819cd381fcd012dc41cc
SHA256 52f5c159a7a4a77d6721b1df461fcd79ab9ac82d1062222e789ed577f61205be
SHA512 d070d2ccffa06f030504ccdd22c3a59014855a5c16da48358f6cf24fa9fb951a9eb866f9c465859f39e123e27e2fe3d523a629bc00c87911cabcefba037800b5

memory/4040-2594-0x0000000007A50000-0x0000000007B72000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6be6dc14830af0616a792d098bd4fcf2
SHA1 a14b508c2b184e7e038849ec8b4f21ed88bee387
SHA256 0874de5d66dd39a9ec834722b281bad66ab2ccedbfc99176f931565a51d0ac27
SHA512 8cd1e01a4ff336e15cc662c4e5de8a613a30329251dc6a499a5e485ae1e3757dd53e41c30589c12b20803aee9c9ad626458d5d1e42a9d190a2c8351991d2c76e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7d0529d04c0da17bc426792a1a5022c7
SHA1 33d1fcedcd49e4e8ea4944a67b2ee61868295b93
SHA256 a53dfc45337f8139e5965eadaf26e5ce5128aacf555c11b0365d985a8ec30bdc
SHA512 61342c076eedce2fbe63fa9384fb0c5cf1be5cdbc02e769238da7f089e217e3c3ff31b151c1c9572800d6174cec2d2f7bb1dc4fb415eec792cb3ebfc1e70c6f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 de905791148bd9936e4cae4c77dc0c64
SHA1 c98132c0c0d994082b44081873b81b7b5897303b
SHA256 d5247dd7b8eebac11050e1aa141309de13b43b1d0775cfd2d90dcff63e6b2133
SHA512 993bc59e6021f1e1742dbdf127de5f26ede19686b3941dd210216bd03dde5c91ab12f50f967f608499224fe4b0a9af6ba4a3e59a9b9569e477449309682f388c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9aae93038e0ef5b5aec7ffa115c0fd3d
SHA1 33e7ba0332d450a94a8da0d2de2f21928b213c95
SHA256 4cb968ac14b8a964536a860e3f15c4643aa5c2f1344643aa24124b609ffaac45
SHA512 a045cadce8d0e08ad3fc5a54f235bf0109cb7a751de337908dda7d9b6d64430fbcad6f1c23489ce460e12f5314621fc9c523a6e5a6b1111aba07f43eedd4808b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4bda6b4f39731e1894fa778289870973
SHA1 e31b36c901a69e0abe6c960bbd8f28ffa0481778
SHA256 a1ffd7f7a9080e8503dc89fd6f267fed1e6ed92dac5f966fdb620ce865818f59
SHA512 c97c8afec1847fb6263f10185f4c6085b96969549ad1987e1a40cda42ddfb367d04794099a9aad0041ceb720bb3488103ddf5bf869f29d7791ab89ca443a0c8e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ffdb60ad8bb3d191dd0f85037d1abd16
SHA1 1cb3aa5ca15cf45fb109839d5bdd3beaabb42263
SHA256 b85313217e59de8b01b6031f7f8466c76050e68d7e896731d42aa2adbb685a80
SHA512 6c34b2c42e4c9fb180bd6f9034e0c6ac52dbacf2ac9c85cbc7f45892f3e87144f6155430a525016aff0f0972aa90f15d2f8ca4073d9c56b2fe81a504a9fef1e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 698c0ea5cc5a316d08b6754eac809124
SHA1 f8e355d3a4e3009e2a0734db840c1b0252d50a01
SHA256 3a3a0c5ceafa0d55a69f9cd2732845fb35fd18efde88ebb750669b710c9029df
SHA512 ef6111dfc1d63979f249996dc893222e90ebd3bbfaf5364edeed66c6dfb2eb9aaa37bbc87956128b1c3f94b543c7ff2de10c84bc6c4c2808be52201ef6a15ea9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 50925c339a10db0d386c1e167927c32e
SHA1 ba1de6d8181332a2afd5f05afbf210b36aaeb28b
SHA256 c5cf931f9cc45d6525c05725e1ef773a5ea71021d89cdde8adfffaafe994234a
SHA512 c165e4b247230ea9e57a8db4edc876729790fd0202d88da90ce3be9bdac6b33ee254b949bc4f828bfe89206583dc5be5ca5bd157dda5ac42e7940fe2a6161277

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 128e0e84cd6a672453cbcacd2e42a724
SHA1 740be889d4c264aaecd9c0d6d176ba5f2f8d32c8
SHA256 931105da4e7c0a541649b84e30df6512b1bc0e0e768c8fce2a5b12a59dc26a91
SHA512 5b0a5012252866844c2f7dae8c00ed7fb0593c1ab78aa7b1b7f8821fa4a5536f9db8b5ac9e2bee780fb9d6ce320f284069f50f44b7387598700a37b9750ebcbb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6df00a7ad8323aac3a8862e53bacb6fd
SHA1 387b38c504a94e4603a23ebcc4b7658dbe7af9dc
SHA256 f09b36acdef4857250eda834755dcfff6a208e44402585f2f30ddae8bdf91e79
SHA512 bfaa83564798a3b64627cc6ff776df6e5e158c36a979e2eeb2f3ca6eed7287962ba00933834b8a5516871ab492b22c85dcb044a4965716af1c8b109f15ee89ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eef05967cbe150161d38a7217c968421
SHA1 07b5414f728d4f6388b682fed4c28bdeae9ae35c
SHA256 647499f1e6208bb0b2ffa89e7b4d57908c5f7e38b465a99b742d501df8ca4c4b
SHA512 a26a1be5eca3dc1c626cbe6324750b5dc0764324f07e48df2db307be95a3736c19d99660930c79362aaab52ae24b762fd56de234661e89e353987c6ff2af91d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 28cf18d623e22cdf7dcfbb23517c0d18
SHA1 990633835752261451c91858e389de02d88c3faa
SHA256 fb9b8107903207d747c511a022eed6e1a91ddaa21cb3ed18edd02bacfbed1c7a
SHA512 e33d83cb401b06e334bfd929404005e066fd1e054681b8e08b87e08699dc812440a2e34f6669795f5ff0f3a79a1e9ac59423a8f88fbc09a9b10d16008aae0869

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 6d5f158b3058ffed491d51e9dadbc00d
SHA1 de1f4e23c425b06e1707165fb1dd1e999f16ad64
SHA256 cbdcde7f711c82b8931af6e10ec522fdfce6954effe2f6992be4efcc20c43c29
SHA512 3c13b5d22e7f18b271e2fe419d2f35a439356431b213e82e0779e4ae7380423ab4d3b5227cf600cfe89a02d33a35aa37f3e4dede78a460a30ea7f4244a765e20

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 54018ab11387ca965567333ede8c7928
SHA1 760aed2a1d132a30d820dcab71553af02cc15a10
SHA256 12b28e6b2967a4a0d76f6660ae1f633340c1abe96220a56cd9e5ba926e08eadf
SHA512 7b17517b7229dab110b5f4cf2f17618d0302913a9815808575258e94ef6c3aa1a31edcafe20bf57b736f7dc08dc6a92b05be86a1577042dde6172d153db20c00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cbeaa54b54f0f8b2842b657cd11e49fb
SHA1 1d4df7ca76e87e9cbc856e4ec2f1d01fd685e775
SHA256 ebc3f9c0489f124172da135e50fc9c97c61c18feacf5d41b2cae8c866efb0a24
SHA512 6c9e8bb856e5f3f60000e7c163d19b496a6fcf32d26292ba8dd0431630828cbbc484177e819cd64d37e4d376f70cefa5325dd8a67daf12486e61d42c40f275e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0cabf37e747c10e442f25bf793536892
SHA1 ddec4a87bb5d7f147f1d85e0deab87ce5fc577fe
SHA256 07b52787132097e6c83ebd344614126f3c14da634613bd022de85ebc593a0a5b
SHA512 eb884767a12d8326f621ba8e78fcebd43ea08e4dd0875860025e04a084e48114773a18037c72e0bc813d2767f34d9c01b9ff88c2a1282b35ca1456194aded8e6

memory/3732-2741-0x000002AB9EE60000-0x000002AB9EE78000-memory.dmp

memory/3732-2742-0x000002ABB93D0000-0x000002ABB9592000-memory.dmp

memory/3732-2743-0x000002ABB9BD0000-0x000002ABBA0F8000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 97f653281aa83d8d9a53f6abe7ca1a1c
SHA1 316693ddf50e50dd04adedd0f13f07f646899216
SHA256 82442b9d9c20ce3c894aac1b868af541754987f986e32dcfdd3f56842b25dc73
SHA512 21eae4fb87cb11c6d301c8f210e2a37b98448f5e55485b325a5daf789b84a954b4a3795cbc3e158979d115d93e085bc99e83d56784a1b839d371ac96c0cd1b94

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 00acce93b7fe6531b59815b398f8a596
SHA1 700ac2267a93939c2d62acc8914b27588fad3e0d
SHA256 8c07fd6116e9a2146bd416f44818ca0e09befdb477ad741f5903d2f606ea2ae5
SHA512 5750accf7ff0dc67539132b0f733bb4432f0b082192a1282612a3f2fbc2cd35e15add423bab51629d46282a7baac537e34b53fd55bd6700a77a72c98410c7176

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a8f3094e7270b75e5ff97a9827c96573
SHA1 922455e0d2a923133c2b4f824de9dcb74886e72e
SHA256 a2e9e16dcd8877d54b1c84fa91b687dd88b30246c4eb4fe2159ad2dd10c15719
SHA512 8390a95ffb61bd29961346e719ebd131e678424c9b3f51c7e2581b06780a6e9263028cc9d7c752ee4ac16b55cb2bb58581e8f4dad42050a85385d7cc181c3f59

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 09b3c15f9f8b971686ba0a9656507723
SHA1 963ce2ecef024723895b5dbc4f1bfb3f2200befd
SHA256 3e314f902572e2f8fc118504b69b8d911f17b38928d7c665da357aac6e5ff74f
SHA512 ea45ae93263e5b8813a3b597bac47a8754c7a42673a267b0d86d5ec945fc8f8634c90ccd9a7811af8809291c986efb249e3b4c7337c4a49aaa180f0fc543e9e0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 51f37b65de5124d7975141c698c73a71
SHA1 fa74eda8c1f32b8c86196200aaa39e841debe240
SHA256 102a547ad2f18b6ca61257a6cd5827cbedf9d4b95e1ff9a728bed33b6b888814
SHA512 297a6d5f3d8d2f7af371117a19e61a26ac27d5a1955f9ff7eec310c99731c188660109dda01bfebaa31ca5d0a237dbb5669addeba6235ccd88c59c873bff62d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5a5d67da61ad64be101259d096ce291d
SHA1 45a3132758d9d56df5252598414f82487b5cea95
SHA256 51c2ae23968afb2bb1a6fc6b566185ae9a4f60b98e84b9ebe1bf3d3accfe22fe
SHA512 f046b4b65e026736f6c4ce55e535323d5744e8a60af5e9a4715eebd2a9b3e5d5cf1d9025e85f770c58704e2186fa8e4f00a40b803b97d66353131f3ac4345577

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 da484d4724030bcd8957750357e25cbd
SHA1 d60b2485842565c2e4dfd66d2072baae6bb609bf
SHA256 76ef94daf871c844c6f31743c589d6c17d7ad70fcfaa8647afd9fc44666413d9
SHA512 4b338cbe52e756aaf2105fdf18205dd9ffda9a90319e6cf400cf9e9acae05eb081a2371f63057bd8faef9efae956d603cb51dad7ada61d3494bd4766f85c813d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 879ff5126f4dc5014cafe0a97dabe71b
SHA1 e05101b4f9037d3ea600737b967cf58c39bb7378
SHA256 aa849f47f00f2a283acd45a32a8c194328e07b0b55663f29106a76e8bc295279
SHA512 cf1ade0af96b608cb7f6daeb4fb3eb9d15ccf877859865d3d560672a549b0f7dd9ebee17d0466a9304f837a5d06bdd28cdd3c84b390fa3940bb037b6ba509224

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cd43b8b720c39a44182f8a2dd0a7b53c
SHA1 62d375955d9d64c53738249ee91a9e888a20a5b8
SHA256 7408ff7ceb1c79e985c86f8b2a742fd636096a63e488f1cd972337a23cb310a7
SHA512 50b93a0f00400699fa7252eca95ed530064224ddbf5ebb20386ff8bf947461f47616d038a4ce34c04b657ecbcc8a754464a61bb30098fca0aa6fe0c89b953af4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 059f0ba67628d6652fe4f1d8b0ae907d
SHA1 f82184310380dd33acdad5f389a7aa898f97931c
SHA256 aff7b5d36530b5bd5a3884f566bf5379b5bddf5a7b83d53bcb78598bf60bbf46
SHA512 d0971294b2b4990b792ba8897a5b35b6b3e3429e4269feaa3d380916be56fb520e8a7ca2d976077dda1506aacb46540cfbaa636e5d665e77ff654041e9acacbd

memory/4040-2835-0x00000000749E0000-0x0000000075190000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f8b40f50bc879f9c14bcabd6e8b4d35f
SHA1 6606a84ed06e14b79def8a6964866d042c43d4b4
SHA256 20466d7063d8235c092698e84e4e7ff3133b2eda37e36367283cd7dd97d2afb2
SHA512 105a9ac63fbf47f6f8461594c466da077d3809106c32aa4e176e0bd17ceeb8b50d6a24074d8274d975c64595cea15d4d4276f7ff95e2d41cc1100b04f3f82fc5

Analysis: behavioral3

Detonation Overview

Submitted

2024-08-25 13:02

Reported

2024-08-25 13:05

Platform

win10v2004-20240802-en

Max time kernel

131s

Max time network

135s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\dnlib.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\dnlib.dll,#1

Network

Country Destination Domain Proto
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
US 8.8.8.8:53 4.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 57.169.31.20.in-addr.arpa udp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 29.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp

Files

N/A