Malware Analysis Report

2025-03-15 04:11

Sample ID 240825-tbmfsateqj
Target https://luadist.org/beat-banger/
Tags
discovery motw phishing
score
6/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
6/10

Threat Level: Shows suspicious behavior

The file https://luadist.org/beat-banger/ was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery motw phishing

Mark of the Web detected: This indicates that the page was originally saved or cloned.

Browser Information Discovery

Enumerates system info in registry

Modifies registry class

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

Suspicious use of SendNotifyMessage

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-25 15:53

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-25 15:53

Reported

2024-08-25 15:57

Platform

win10v2004-20240802-en

Max time kernel

230s

Max time network

234s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://luadist.org/beat-banger/

Signatures

Mark of the Web detected: This indicates that the page was originally saved or cloned.

phishing motw
Description Indicator Process Target
N/A https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html N/A N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-786284298-625481688-3210388970-1000\{6FA0EBE5-24D0-4276-90D0-1FB890B72062} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4776 wrote to memory of 1784 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 1784 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 4780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 208 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 208 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 3296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 3296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 3296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 3296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 3296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 3296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 3296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 3296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 3296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 3296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 3296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 3296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 3296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 3296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 3296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 3296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 3296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 3296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 3296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4776 wrote to memory of 3296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://luadist.org/beat-banger/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd8f2946f8,0x7ffd8f294708,0x7ffd8f294718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2288 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2868 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4744 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5584 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5584 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5680 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5896 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5928 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6628 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6292 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4940 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6612 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5144 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6236 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6600 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6520 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6468 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6464 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1788 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=212 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6976 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6816 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7336 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7460 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7584 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7692 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7772 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7904 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7912 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8508 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8728 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8860 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7224 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9324 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9620 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9660 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8336 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10108 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10336 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10468 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10632 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10004 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x2c4 0x244

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5072 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3632 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8696 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7272 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9144 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7292 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9136 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4800 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8696 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10024 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9296 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,7826144247398642004,938054567359207787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7300 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 luadist.org udp
US 172.67.215.55:443 luadist.org tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 stats.wp.com udp
US 151.101.129.229:443 cdn.jsdelivr.net tcp
US 151.101.129.229:443 cdn.jsdelivr.net tcp
US 192.0.76.3:443 stats.wp.com tcp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 55.215.67.172.in-addr.arpa udp
US 8.8.8.8:53 69.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 234.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 131.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 229.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 3.76.0.192.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
FR 172.217.20.162:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 pixel.wp.com udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
FR 172.217.20.206:443 fundingchoicesmessages.google.com tcp
US 8.8.8.8:53 226.21.18.104.in-addr.arpa udp
US 8.8.8.8:53 162.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 162.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 206.20.217.172.in-addr.arpa udp
FR 172.217.20.206:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
FR 142.250.178.130:443 ep1.adtrafficquality.google tcp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
FR 142.250.179.97:443 ep2.adtrafficquality.google tcp
US 8.8.8.8:53 130.178.250.142.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 www.google.com udp
FR 142.250.178.129:443 tpc.googlesyndication.com tcp
FR 142.250.179.68:443 www.google.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com tcp
FR 142.250.179.68:443 www.google.com tcp
US 8.8.8.8:53 97.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 129.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 68.179.250.142.in-addr.arpa udp
FR 172.217.20.162:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 s0.2mdn.net udp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
FR 142.250.178.134:443 s0.2mdn.net tcp
FR 142.250.178.134:443 s0.2mdn.net udp
US 8.8.8.8:53 bucket.cdnwebcloud.com udp
IE 18.66.171.74:443 bucket.cdnwebcloud.com tcp
US 8.8.8.8:53 134.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 74.171.66.18.in-addr.arpa udp
US 8.8.8.8:53 neural40.cdnwebcloud.com udp
IE 18.202.27.254:443 neural40.cdnwebcloud.com tcp
US 8.8.8.8:53 65.140.162.3.in-addr.arpa udp
US 8.8.8.8:53 254.27.202.18.in-addr.arpa udp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
GB 88.221.135.33:443 www.bing.com tcp
GB 88.221.135.33:443 www.bing.com tcp
US 8.8.8.8:53 33.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
GB 95.101.143.202:443 th.bing.com tcp
GB 95.101.143.202:443 th.bing.com tcp
GB 88.221.135.27:443 th.bing.com tcp
GB 88.221.135.27:443 th.bing.com tcp
US 8.8.8.8:53 202.143.101.95.in-addr.arpa udp
US 8.8.8.8:53 27.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 aefd.nelreports.net udp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 20.190.159.73:443 login.microsoftonline.com tcp
US 8.8.8.8:53 73.159.190.20.in-addr.arpa udp
GB 173.222.211.40:443 aefd.nelreports.net tcp
US 8.8.8.8:53 services.bingapis.com udp
GB 173.222.211.40:443 aefd.nelreports.net tcp
US 13.107.5.80:443 services.bingapis.com tcp
GB 173.222.211.40:443 aefd.nelreports.net udp
US 8.8.8.8:53 40.211.222.173.in-addr.arpa udp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
US 8.8.8.8:53 134.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 f95zone.to.it udp
US 172.67.159.49:443 f95zone.to.it tcp
US 172.67.159.49:443 f95zone.to.it tcp
US 172.64.154.167:443 www2.bing.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 8.8.8.8:53 icons.duckduckgo.com udp
IE 52.142.125.222:443 icons.duckduckgo.com tcp
IE 52.142.125.222:443 icons.duckduckgo.com tcp
IE 52.142.125.222:443 icons.duckduckgo.com tcp
IE 52.142.125.222:443 icons.duckduckgo.com tcp
IE 52.142.125.222:443 icons.duckduckgo.com tcp
IE 52.142.125.222:443 icons.duckduckgo.com tcp
US 8.8.8.8:53 49.159.67.172.in-addr.arpa udp
US 8.8.8.8:53 167.154.64.172.in-addr.arpa udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 8.8.8.8:53 200.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 222.125.142.52.in-addr.arpa udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 s.w.org udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 192.0.77.48:443 s.w.org tcp
US 192.0.77.48:443 s.w.org tcp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 48.77.0.192.in-addr.arpa udp
US 8.8.8.8:53 192.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 dnvwgnr.xyz udp
US 104.21.50.182:443 dnvwgnr.xyz tcp
US 104.21.50.182:443 dnvwgnr.xyz tcp
US 8.8.8.8:53 69ysqyck.cfd udp
US 216.239.34.36:443 region1.google-analytics.com udp
US 104.21.7.23:443 69ysqyck.cfd tcp
US 104.21.7.23:443 69ysqyck.cfd tcp
US 104.21.7.23:443 69ysqyck.cfd tcp
US 8.8.8.8:53 182.50.21.104.in-addr.arpa udp
US 8.8.8.8:53 23.7.21.104.in-addr.arpa udp
US 8.8.8.8:53 rentry.co udp
US 104.26.3.16:443 rentry.co tcp
US 104.26.3.16:443 rentry.co tcp
US 8.8.8.8:53 cdn4.buysellads.net udp
NL 152.42.150.143:443 cdn4.buysellads.net tcp
US 8.8.8.8:53 16.3.26.104.in-addr.arpa udp
US 8.8.8.8:53 143.150.42.152.in-addr.arpa udp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 172.67.41.60:443 btloader.com tcp
IE 18.66.167.55:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 srv.buysellads.com udp
US 8.8.8.8:53 exchange.cootlogix.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 mp.4dex.io udp
US 8.8.8.8:53 prg.smartadserver.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 bidder.criteo.com udp
US 8.8.8.8:53 ads.servenobid.com udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 pbjs.e-planning.net udp
US 8.8.8.8:53 script.4dex.io udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 8.8.8.8:53 ad-delivery.net udp
GB 159.65.211.77:443 srv.buysellads.com tcp
DE 51.89.9.254:443 onetag-sys.com tcp
IE 3.162.140.27:443 hb.yellowblue.io tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 35.186.253.211:443 rtb.openx.net tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
NL 89.149.192.240:443 prg.smartadserver.com tcp
NL 89.149.192.240:443 prg.smartadserver.com tcp
IE 34.254.33.22:443 ads.servenobid.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 193.3.178.3:443 pbjs.e-planning.net tcp
FR 185.255.84.150:443 hb-api.omnitagjs.com tcp
US 172.64.153.78:443 mp.4dex.io tcp
US 104.26.2.70:443 ad-delivery.net tcp
US 104.26.2.70:443 ad-delivery.net tcp
US 178.128.135.33:443 exchange.cootlogix.com tcp
US 178.128.135.33:443 exchange.cootlogix.com tcp
US 172.67.75.241:443 script.4dex.io tcp
NL 185.89.210.141:443 ib.adnxs.com tcp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 3.165.232.16:443 config.aps.amazon-adsystem.com tcp
GB 18.245.250.165:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 cdn.hadronid.net udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 c.4dex.io udp
US 172.67.75.241:443 script.4dex.io tcp
US 104.22.52.173:443 cdn.hadronid.net tcp
US 35.241.34.106:443 c.4dex.io tcp
US 35.241.34.106:443 c.4dex.io tcp
US 8.8.8.8:53 api.btloader.com udp
GB 23.49.161.153:443 secure.cdn.fastclick.net tcp
US 8.8.8.8:53 cadmus.script.ac udp
US 3.165.232.16:443 tags.crwdcntrl.net tcp
US 104.18.22.145:443 cadmus.script.ac tcp
US 8.8.8.8:53 apps.identrust.com udp
GB 88.221.135.104:80 apps.identrust.com tcp
US 104.22.52.173:443 cdn.hadronid.net tcp
US 35.241.34.106:443 c.4dex.io udp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 104.22.5.69:443 id.hadron.ad.gt tcp
US 8.8.8.8:53 73.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 60.41.67.172.in-addr.arpa udp
US 8.8.8.8:53 55.167.66.18.in-addr.arpa udp
US 8.8.8.8:53 77.211.65.159.in-addr.arpa udp
US 8.8.8.8:53 211.253.186.35.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 70.2.26.104.in-addr.arpa udp
US 8.8.8.8:53 8.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 241.75.67.172.in-addr.arpa udp
US 8.8.8.8:53 27.140.162.3.in-addr.arpa udp
US 8.8.8.8:53 78.153.64.172.in-addr.arpa udp
US 8.8.8.8:53 240.192.149.89.in-addr.arpa udp
US 8.8.8.8:53 139.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 3.178.3.193.in-addr.arpa udp
US 8.8.8.8:53 254.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 22.33.254.34.in-addr.arpa udp
US 8.8.8.8:53 141.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 166.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 33.135.128.178.in-addr.arpa udp
US 8.8.8.8:53 150.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 165.250.245.18.in-addr.arpa udp
US 8.8.8.8:53 106.34.241.35.in-addr.arpa udp
US 8.8.8.8:53 16.232.165.3.in-addr.arpa udp
US 8.8.8.8:53 153.161.49.23.in-addr.arpa udp
US 8.8.8.8:53 145.22.18.104.in-addr.arpa udp
US 8.8.8.8:53 104.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 173.52.22.104.in-addr.arpa udp
US 8.8.8.8:53 a.ad.gt udp
US 172.67.23.234:443 a.ad.gt tcp
US 172.67.38.106:443 cdn.id5-sync.com tcp
US 130.211.23.194:443 api.btloader.com tcp
US 130.211.23.194:443 api.btloader.com tcp
US 104.26.3.16:443 rentry.co tcp
US 8.8.8.8:53 234.23.67.172.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 106.38.67.172.in-addr.arpa udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
DE 162.19.138.117:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 static.criteo.net udp
NL 178.250.1.3:443 static.criteo.net tcp
US 8.8.8.8:53 120.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 117.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 gum.criteo.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 gem.gbc.criteo.com udp
US 8.8.8.8:53 ag.gbc.criteo.com udp
FR 185.235.86.143:443 ag.gbc.criteo.com tcp
FR 185.235.86.173:443 gem.gbc.criteo.com tcp
FR 178.250.7.13:443 dnacdn.net tcp
US 8.8.8.8:53 acdn.adnxs.com udp
US 8.8.8.8:53 buysellads-d.openx.net udp
US 8.8.8.8:53 public.servenobid.com udp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 sync.cootlogix.com udp
US 8.8.8.8:53 visitor.omnitagjs.com udp
US 151.101.1.108:443 acdn.adnxs.com tcp
US 8.8.8.8:53 ads.pubmatic.com udp
US 165.227.81.133:443 sync.cootlogix.com tcp
GB 95.100.245.251:443 eus.rubiconproject.com tcp
FR 185.255.84.152:443 visitor.omnitagjs.com tcp
DE 51.89.9.254:443 onetag-sys.com udp
GB 23.36.168.202:443 ads.pubmatic.com tcp
US 35.244.159.8:443 buysellads-d.openx.net tcp
GB 108.156.39.118:443 public.servenobid.com tcp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 143.86.235.185.in-addr.arpa udp
US 8.8.8.8:53 173.86.235.185.in-addr.arpa udp
US 8.8.8.8:53 108.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 13.7.250.178.in-addr.arpa udp
US 8.8.8.8:53 251.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 202.168.36.23.in-addr.arpa udp
US 8.8.8.8:53 8.159.244.35.in-addr.arpa udp
US 8.8.8.8:53 118.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 133.81.227.165.in-addr.arpa udp
US 8.8.8.8:53 152.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 g2.gumgum.com udp
US 8.8.8.8:53 pixel.33across.com udp
IE 52.211.243.178:443 g2.gumgum.com tcp
US 67.202.105.23:443 pixel.33across.com tcp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 104.18.36.155:443 ssum-sec.casalemedia.com tcp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
US 8.8.8.8:53 token.rubiconproject.com udp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 8.8.8.8:53 cdn.dxkulture.com udp
GB 23.214.129.249:443 secure-assets.rubiconproject.com tcp
US 3.212.19.99:443 cs-server-s2s.yellowblue.io tcp
US 104.18.42.227:443 cdn.dxkulture.com tcp
US 8.8.8.8:53 ce.lijit.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 p.rfihub.com udp
US 8.8.8.8:53 sync.go.sonobi.com udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 8.8.8.8:53 ssp.disqus.com udp
US 8.8.8.8:53 match.sharethrough.com udp
US 8.8.8.8:53 hbx.media.net udp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 69.166.1.34:443 sync.go.sonobi.com tcp
IE 18.202.134.149:443 ce.lijit.com tcp
US 52.6.209.65:443 ssp.disqus.com tcp
US 8.8.8.8:53 eu-west-1-cs-rtb.openwebmp.com udp
GB 23.46.72.29:443 hbx.media.net tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
NL 193.0.160.130:443 p.rfihub.com tcp
DE 18.197.30.174:443 match.sharethrough.com tcp
US 8.8.8.8:53 gum.aidemsrv.com udp
GB 13.224.222.101:443 eu-west-1-cs-rtb.openwebmp.com tcp
US 3.212.19.99:443 cs-server-s2s.yellowblue.io tcp
US 104.17.44.93:443 gum.aidemsrv.com tcp
DE 18.197.30.174:443 match.sharethrough.com tcp
GB 23.46.72.29:443 hbx.media.net tcp
US 8.8.8.8:53 player.aniview.com udp
GB 92.123.140.19:443 player.aniview.com tcp
US 8.8.8.8:53 ssc-cms.33across.com udp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 178.243.211.52.in-addr.arpa udp
US 8.8.8.8:53 23.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 8.8.8.8:53 249.129.214.23.in-addr.arpa udp
US 8.8.8.8:53 227.42.18.104.in-addr.arpa udp
US 8.8.8.8:53 149.134.202.18.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 130.160.0.193.in-addr.arpa udp
US 8.8.8.8:53 88.199.214.35.in-addr.arpa udp
US 8.8.8.8:53 34.1.166.69.in-addr.arpa udp
US 8.8.8.8:53 101.222.224.13.in-addr.arpa udp
US 8.8.8.8:53 93.44.17.104.in-addr.arpa udp
US 8.8.8.8:53 99.19.212.3.in-addr.arpa udp
US 8.8.8.8:53 65.209.6.52.in-addr.arpa udp
US 8.8.8.8:53 29.72.46.23.in-addr.arpa udp
US 8.8.8.8:53 19.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 sync.adkernel.com udp
US 8.8.8.8:53 creativecdn.com udp
US 8.8.8.8:53 api-2-0.spot.im udp
US 8.8.8.8:53 dis.criteo.com udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 sync.richaudience.com udp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 8.8.8.8:53 match.adsrvr.org udp
NL 77.245.57.72:443 sync.adkernel.com tcp
US 8.8.8.8:53 image8.pubmatic.com udp
NL 35.214.199.88:443 rtb.mfadsrvr.com udp
NL 185.184.8.90:443 creativecdn.com tcp
US 54.243.98.238:443 api-2-0.spot.im tcp
DE 167.235.114.248:443 sync.richaudience.com tcp
IE 52.215.131.87:443 match.prod.bidr.io tcp
US 15.197.193.217:443 match.adsrvr.org tcp
NL 178.250.1.9:443 dis.criteo.com tcp
GB 185.64.191.214:443 image8.pubmatic.com tcp
US 70.42.32.191:443 b1sync.zemanta.com tcp
US 70.42.32.191:443 b1sync.zemanta.com tcp
US 8.8.8.8:53 c1.adform.net udp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
DK 37.157.2.233:443 c1.adform.net tcp
US 8.8.8.8:53 jadserve.postrelease.com udp
US 8.8.8.8:53 tracker.open-adsyield.com udp
US 54.161.148.55:443 sync.srv.stackadapt.com tcp
NL 81.17.55.122:443 ssbsync.smartadserver.com tcp
NL 81.17.55.122:443 ssbsync.smartadserver.com tcp
US 172.111.38.86:443 tracker.open-adsyield.com tcp
IE 54.171.130.238:443 jadserve.postrelease.com tcp
US 8.8.8.8:53 cacerts.rapidssl.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
FR 142.250.178.130:443 cm.g.doubleclick.net tcp
US 8.8.8.8:53 id.rlcdn.com udp
US 8.8.8.8:53 bttrack.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 35.244.174.68:443 id.rlcdn.com tcp
US 192.132.33.69:443 bttrack.com tcp
US 8.8.8.8:53 tg.socdm.com udp
NL 147.75.84.127:443 prebid.a-mo.net tcp
IE 52.31.116.101:443 ap.lijit.com tcp
IE 52.31.116.101:443 ap.lijit.com tcp
FR 142.250.178.130:443 cm.g.doubleclick.net udp
JP 211.120.53.206:443 tg.socdm.com tcp
JP 211.120.53.206:443 tg.socdm.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 us-u.openx.net udp
US 8.8.8.8:53 pr-bh.ybp.yahoo.com udp
US 8.8.8.8:53 sync.ipredictive.com udp
US 8.8.8.8:53 match.deepintent.com udp
US 8.8.8.8:53 bh.contextweb.com udp
US 54.161.228.108:443 sync.ipredictive.com tcp
IE 52.50.71.3:443 pr-bh.ybp.yahoo.com tcp
US 169.197.150.7:443 match.deepintent.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 8.8.8.8:53 ads.dxkulture.com udp
US 8.8.8.8:53 sync.aniview.com udp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
US 45.55.126.71:443 ads.dxkulture.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
NL 77.245.57.72:443 sync.adkernel.com tcp
US 8.8.8.8:53 sync.adotmob.com udp
US 8.8.8.8:53 72.57.245.77.in-addr.arpa udp
US 8.8.8.8:53 217.193.197.15.in-addr.arpa udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
US 8.8.8.8:53 214.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 87.131.215.52.in-addr.arpa udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 248.114.235.167.in-addr.arpa udp
US 8.8.8.8:53 191.32.42.70.in-addr.arpa udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 238.98.243.54.in-addr.arpa udp
US 8.8.8.8:53 233.2.157.37.in-addr.arpa udp
US 8.8.8.8:53 122.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 238.130.171.54.in-addr.arpa udp
US 8.8.8.8:53 55.148.161.54.in-addr.arpa udp
US 8.8.8.8:53 86.38.111.172.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 69.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 127.84.75.147.in-addr.arpa udp
US 8.8.8.8:53 101.116.31.52.in-addr.arpa udp
US 8.8.8.8:53 233.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 206.53.120.211.in-addr.arpa udp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
US 8.8.8.8:53 108.228.161.54.in-addr.arpa udp
FR 45.137.176.88:443 sync.adotmob.com tcp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 rtb.gumgum.com udp
IE 52.50.71.3:443 pr-bh.ybp.yahoo.com tcp
US 8.8.8.8:53 wt.rqtrk.eu udp
US 35.244.159.8:443 us-u.openx.net udp
US 8.8.8.8:53 usersync.gumgum.com udp
DE 57.129.18.111:443 wt.rqtrk.eu tcp
IE 34.247.205.196:443 usersync.gumgum.com tcp
IE 34.247.205.196:443 usersync.gumgum.com tcp
IE 34.247.205.196:443 usersync.gumgum.com tcp
IE 34.247.205.196:443 usersync.gumgum.com tcp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 192.132.33.69:443 bttrack.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 8.8.8.8:53 7.150.197.169.in-addr.arpa udp
US 8.8.8.8:53 172.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 71.126.55.45.in-addr.arpa udp
US 8.8.8.8:53 88.176.137.45.in-addr.arpa udp
US 8.8.8.8:53 3.71.50.52.in-addr.arpa udp
US 8.8.8.8:53 78.45.240.172.in-addr.arpa udp
US 8.8.8.8:53 196.205.247.34.in-addr.arpa udp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
US 45.55.126.71:443 ads.dxkulture.com tcp
US 45.55.126.71:443 ads.dxkulture.com tcp
US 45.55.126.71:443 ads.dxkulture.com tcp
US 8.8.8.8:53 eexsync.com udp
US 80.77.87.108:443 eexsync.com tcp
US 8.8.8.8:53 idsync.rlcdn.com udp
US 8.8.8.8:53 108.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 174.30.197.18.in-addr.arpa udp
GB 173.222.211.40:443 aefd.nelreports.net udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 csm.nl3.eu.criteo.net udp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
US 8.8.8.8:53 25.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 aefd.nelreports.net udp
GB 173.222.211.40:443 aefd.nelreports.net udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
GB 95.101.143.201:443 r.bing.com tcp
GB 88.221.135.27:443 r.bing.com tcp
US 8.8.8.8:53 201.143.101.95.in-addr.arpa udp
US 8.8.8.8:53 steamdb.info udp
US 104.22.73.111:443 steamdb.info tcp
US 104.22.73.111:443 steamdb.info tcp
US 172.64.154.167:443 www2.bing.com tcp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 104.18.95.41:443 challenges.cloudflare.com tcp
US 8.8.8.8:53 111.73.22.104.in-addr.arpa udp
US 8.8.8.8:53 73.80.16.104.in-addr.arpa udp
US 104.18.95.41:443 challenges.cloudflare.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 8.8.8.8:53 41.95.18.104.in-addr.arpa udp
US 8.8.8.8:53 shared.cloudflare.steamstatic.com udp
US 8.8.8.8:53 avatars.cloudflare.steamstatic.com udp
US 172.64.145.151:443 avatars.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 avatars.cloudflare.steamstatic.com tcp
US 104.22.73.111:443 steamdb.info tcp
US 8.8.8.8:53 105.42.18.104.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 719923124ee00fb57378e0ebcbe894f7
SHA1 cc356a7d27b8b27dc33f21bd4990f286ee13a9f9
SHA256 aa22ab845fa08c786bd3366ec39f733d5be80e9ac933ed115ff048ff30090808
SHA512 a207b6646500d0d504cf70ee10f57948e58dab7f214ad2e7c4af0e7ca23ce1d37c8c745873137e6c55bdcf0f527031a66d9cc54805a0eac3678be6dd497a5bbc

\??\pipe\LOCAL\crashpad_4776_MICVAHZARLFGVLQF

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 d7114a6cd851f9bf56cf771c37d664a2
SHA1 769c5d04fd83e583f15ab1ef659de8f883ecab8a
SHA256 d2c75c7d68c474d4b8847b4ba6cfd09fe90717f46dd398c86483d825a66e977e
SHA512 33bdae2305ae98e7c0de576de5a6600bd70a425e7b891d745cba9de992036df1b3d1df9572edb0f89f320e50962d06532dae9491985b6b57fd37d5f46f7a2ff8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 33e2525248c0fd8ae3d2cd908dd9b958
SHA1 fb1166b02dd1a37ee71ee7ff198fbb2e33726afb
SHA256 9e4a4343ee3681073d92fa1b008650aac04a573092558622a441626431c9c1d0
SHA512 a45106367709dba3d22562b7ecd6313f5bdbe845e553ad3836fea1586812c88f746820e951b80eb4da32b4f6652397b6bc814bdbb4c6786041b7cb99464b3095

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 2e497ab72286da6790a926692e8fb51a
SHA1 354add4a392977e806a8f6a0cbdc1141f98e6806
SHA256 fbb0f93a6e1ffcaa7f6fb921f903bcc2f62e14a419249faf0a7eea69465da837
SHA512 75c8ef378b551f9ae12af662441e6df208c379389205520a26fe6ed3d0f7ae144c5b69dab0498e62b34a26132360b3acda055117ebf6311017a098c0c515813a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 82ec0f2c0c877ad8fecb31464693a073
SHA1 a88df75b3a488d665e69e11303cd7aec4adb085a
SHA256 8f40406dba071bc4c085e6580bf608750f2d901394db139b7bdad3d78afdcbf6
SHA512 769ef447b7e88f1a8b70e04d3b0a7c346243bbab34515a011e5a2f7716e963954996c71d1afda2bae99fcff9f7dfbe761e012aee1eb7a287b74e8c06dce4006d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9ef294ccdbf93dfcc788eba629112a66
SHA1 a6c96a40df03c84e2063241aa0873c3b402a6d14
SHA256 09c63a5bb13585fcf363ae441f490aeb01fcf2363c1da938e4fcbf3c9f3ba7a6
SHA512 28daba3b7d8c2d74a6e22042924780305c99c1d501e5147bf99e9c103aa8297fea56f81c92f19ba48a2570f2bd5466ea6b705c0835b830d9cafb5d193d2548c2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 34d816891cb10324d829cdb3bb3a684e
SHA1 a6c221af3b708ff04238fa4e02391f69d5b60c8c
SHA256 54c03146bc5c09a697813d0cc8b5dba3d60f9982c80113583c8d8125a0d4faf8
SHA512 9140d8898e972dd8609c6dfd287326d08b90167989c8666ab9b407c3b480432c5786a5ad02ecebdad21b19a26ceadb0bf3bf883e4f8e6d73381c80d3f683082a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58053b.TMP

MD5 c33bb0f1791bae820d8172b0ef1d72d7
SHA1 27f4b5f0725bc8c55e23a9dbd5203ca7f7ada8bb
SHA256 83b7ab08d4730169cae5c46634dd97acfead7055d4bec5343d4201219688d8a3
SHA512 1a295486ac35aa542b8df07a13dc55ce1f904ce6547afab55a7630222e40e7689e6c7d6fb26a77998ba1641433da0563f84d19c74a4e0c874004c443f7452f44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f425223095859b507625c20ea0b59137
SHA1 3ab2b3f45208c4a61237aa7f6d75483d94dc6871
SHA256 435953b963d8fea48b678081fca453e112d86ab6ce55960660e6e30b25216a98
SHA512 44089db9f1af2d3d579a085da449eadeafea97893da20dad3d4636478429e094113fffda1c378df8cccaef02a37a75321e182353605d1e51aceb6be0f3ee95af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c946d0459232af320958eff79c3cdab7
SHA1 93cce761ead18225551eef8c706c5f4ad74c6e38
SHA256 57bf5679c4ccc438b2a05052655770cda390a9072228fd40e9d7bb9c3b7663c7
SHA512 d1cc3d01d718c94e6fc5506986ff4527d84bb78e5c7e3cbef1c36f040468188a27096f51cb3937dcb2a2700a84509a79758b92004b9c25c0396c9a08d4a43f54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ad2c482400284d2dffc63ed79b9e83a5
SHA1 cecb4936023ecabba8ebbf6384f9e581c9d281ab
SHA256 02f1ccaa7239d6a920a46f23f5fb703bdad1545ef25393c8ae772370ddb97565
SHA512 6f55adaa15151314580707f612ed40a5f9749ac116ab40a557924a132ebed313ab3f8f43e9d994033efc9275a46a4560e932eec517b6643a9a9ab197b40312d6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\5ad6420b-f9bf-4115-8b9f-daa1c71d31f5.tmp

MD5 0b272e2067f299c0abec331bafd8592a
SHA1 c52271d4007dec1616bb333be1d08a67ad6b4cf2
SHA256 5e3e2fe78ea0090e84422d0e323699526ef146b2008c7149dd855a9a4fd1e53f
SHA512 4da94f14897be9f4b9b6b9e14d68209fd84c744b22b619d6a97088883212d16fe0c63a85ecfc608db6980057879e887d93ad2b9ee44c4b78cf0add55c13b1752

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 12919170305e45d0db3698b4df911159
SHA1 76d7aae06c5379978115b64c91f4ad4b982c25a5
SHA256 8c0f535e9d3cb2e092e7d3e1f17e5d4b56f9febaa459c86708bf8156671e9ee8
SHA512 1e8763cb7dcd97dd2ac369f4e1dba314a8883500fa2f2631acd23e575dd29dc14207ecb59bafe71ee92133d79bb55e6aa4bbecbb5b993464946b3a2d23830489

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 638e09dcc8da944495cdb50ecaa6bd49
SHA1 ecb9845621fcb32e195f45034196ae2ddc4a8754
SHA256 9108f2a8e5e512b11e81ccc73b1ad67ebba6f222542ebe4f28aae402794d0058
SHA512 de68c9b1776ec854c4058b3de2e227ad7247c17a15467b74af2cbb03cf560c2e21a6b115e22485890e2c476a98c2dfa9fc19aa4ae9aafe2c57dae8a71a4c23a6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 42de351e916044feaec4ffd19218d457
SHA1 b18a01923529e51f4cf7b74a1b38bcaec79c647d
SHA256 d2bb937c00553b3a1edabde7057efe9ee930c9a57980f06eac66a3efd6d13bda
SHA512 c5040875e76da524376c31e374c61965ec9428990c00417933dad328aae37fb0b168f0b82313153578513a268c5156a1fee6ba5f749ff846aebb27f8538f5fd7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 832945b514c760ba129b2a015849fc02
SHA1 7e1b6b0b4279bd7acd7495f03a211551e78fe196
SHA256 c2f00f360897d7093905a882a9a3665174812c40a781815479ae9b06fcb65356
SHA512 c5cb7187f37499b4431fa957cc5aae04f3d774a552aec73a1d15bb3430a44c5c426677d784380417d8b894e468bc8c0f1cb9e42dc7f599e1865edf983dc497ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 8d4fe061c3e9c84a5cf11434a3af8598
SHA1 4691503cb04bb65cdad4f9b19b4921d49ae4320d
SHA256 1de1ef1c3fb136ab4d11b82ad2bee35da4b05ebdb10767d84f3d36994985c7f1
SHA512 29b6bcbbf4756678621cb729420bab4b7991e8976a290ed89c518cb487338c50d632dddcb39352cb9c497a92cef9bf2b5c9190be641228782bb1b17733cb6fa4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 877abbd538c66616ecbb9f7111cd1819
SHA1 27d247b6373d3d6dfb5d4e47be1a8742ab903151
SHA256 e4e73dd20bf6f8758ed3b7471ea948df5d9c1cee18fec9b9f0cc54bdd9606e90
SHA512 96ea7692ae93c61535d2fe89963e596554c3c939d68d5bb526c78271049d874965d60510246e43d3b9a01023a881daf85eef6e8c781bfd69892163ab408ee229

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

MD5 60f8cd04587a51e31b51d1570d6f889a
SHA1 88574c41d0ab81721b275252464da5c7927a4835
SHA256 27cb4390e32a97375dd4987ae000406933bceba5199f17893711e782333b81cb
SHA512 84c12448ac55dd819749fef9be9919111a3df4bc51e66d2fa9f7376c11c101ed1349cb36aa119aa873cdd6c0c91027e201fbe23c2c83b89bc900a4d9077bcc52

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 ed124bdf39bbd5902bd2529a0a4114ea
SHA1 b7dd9d364099ccd4e09fd45f4180d38df6590524
SHA256 48232550940208c572ebe487aa64ddee26e304ba3e310407e1fc31a5c9deed44
SHA512 c4d180292afa484ef9556d15db1d3850416a85ad581f6f4d5eb66654991fa90f414029b4ce13ed142271a585b46b3e53701735ee3e0f45a78b67baa9122ba532

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

MD5 56d57bc655526551f217536f19195495
SHA1 28b430886d1220855a805d78dc5d6414aeee6995
SHA256 f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4
SHA512 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 d6b36c7d4b06f140f860ddc91a4c659c
SHA1 ccf16571637b8d3e4c9423688c5bd06167bfb9e9
SHA256 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92
SHA512 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

MD5 76a3f1e9a452564e0f8dce6c0ee111e8
SHA1 11c3d925cbc1a52d53584fd8606f8f713aa59114
SHA256 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c
SHA512 a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

MD5 b38fbbd0b5c8e8b4452b33d6f85df7dc
SHA1 386ba241790252df01a6a028b3238de2f995a559
SHA256 b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd
SHA512 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 038c1f469deb6932520d09a340856ebc
SHA1 8b361a8c0489b69e9ef4e132e36f20c161c5ec1e
SHA256 5fafae77cfdc093baea4dd31485ced7dc4ab8e734311b3c2aaac1dc2ed95f451
SHA512 fc3123f11323a9f18f5e1bb31c61fa229e0de8b6d07bb01b220605cfd9ba499ed63e76be0b7146e096412cc94486bdba0ee102982b38b258958c6327fc6bb6c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d10c1ad1ea80924950d52bc97664308d
SHA1 97c7fb278f8fb319ebecf5469939722e5bddcf2c
SHA256 8ee6db8b475ae69863876c270dc34da2204a236291427a985e628992b1c4f397
SHA512 98fbec1f78591ba0609d6492c2024020270130bd43cfa85e16a7ca83a6e6505d3b5f3507e2cb9a3a0ab68f491c2ca965bea2e06e8e4914a29a103cec75a0fa5b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7e7aefd424d5937f9f9e0147664d04a2
SHA1 f37bb694861e375cc1e206265cf0a3fa456935be
SHA256 2ec5d338bd4aab59dcf762b64afa59916035496520bcbc637897cb3e6b7fc71a
SHA512 9886286746209e4629e1af3ce600a90b0c978fd8e9a6463dc2946229e8729800616b965ba32e320f371da0d288082caa54f95e993cdd1898b550900836c58053

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0d323590987df6f9f18347461cede4d1
SHA1 4faba7334a49ca0b42d63a4b32912861bf141b2f
SHA256 09d5db19a91c088fc58f1599f8a59c692bb3ae0d9fc0028f64f4fd759fb90ce6
SHA512 48e1e8f3fa542565be273ae6338ce14fc2a98c93c64b7db66264449d95b0b31bb9b707ce92793ec39b6bc39c188ae222e0cb8723bd51f13e8955e4e5a338bf85

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bf4d04be1f30b2156b8de583662af751
SHA1 482bf6e82256d02d0025c7619c7a441b5fecd22b
SHA256 17874abb333829ba526af4cca5b41e1e668000527913e07e655a7ad0a784739a
SHA512 e0fabb97e3a8c26c0baf139851f2fbd8e4c09c24c079e578d86b55266eac10e5f7d0ba854e5cd4c268ae376047d51f82d051c8fb6d2a76e65c539a29f3201de3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5a563f.TMP

MD5 8eae09d4afbb8b0989f1d40cdb2ee26b
SHA1 f6e9248d91fe2faeda82411bc2d12da014445460
SHA256 37ce405d2f6ae5e9bd4c929fcd79e12a641dceab85ad8af69e14d6ba76bd3a7d
SHA512 ea319f9dd80e75a8afc956d8f8adac77723eed6ac521b44f7ff4edb1ce486d66303183c8b1bec574389db7d76e040fd46143974ed9b08e6d0e4862117a4c20c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 c07ab6bbe5cbe95b82b65fa4f6e96002
SHA1 422622c528db750fec45201398472893d1cea588
SHA256 318d0427489d9e8ea1ba9806ebdbd5dca8d4602adf495e14cf733f7735a00acd
SHA512 10c40bff5accda5b7c9fc52ffd83b4851ddafcfedd60eda30331caf6fb548c9a5818859dee89818e220f7fc8444729a43ba9365876cd537db95a70bfd2ac328c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 858adde5811c9ae99fa925b1596acb05
SHA1 2f1d2ca7a09a3f551d483217887f1ef30828f279
SHA256 09a23107a498e041e541bc2877d638bc3124e21c02db28f1b5de7e381d769caa
SHA512 c047736a2d2a1862c41e68cbf32d77eac55eae1c115c463d2c00e830041799a7949961a9844ecf785624b5bcff3933860e002df61adcd8c1e629241aab31d7e6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 c9f99fad4bea58249934530ee8b0f91d
SHA1 44985586b30c1e0acab6a8ffe522f25489c880f7
SHA256 e7a45fb6011930bbcb375e6da986ae8eb86426b246dc7f44f0f73010cd6cfcee
SHA512 a894f316a68385e453076b1239a6192bcd9db87a8d8980e8fd92be5b4c784e9e98f5beb39a05f79ed7e42edbd2f33af10830ff404c8be4cc118618384b8660b9