Analysis Overview
Threat Level: Shows suspicious behavior
The file https://buzzheavier.com/f/GJHt0zeNQAA= was found to be: Shows suspicious behavior.
Malicious Activity Summary
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Browser Information Discovery
Enumerates system info in registry
Suspicious behavior: AddClipboardFormatListener
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-26 01:22
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-26 01:22
Reported
2024-08-26 01:24
Platform
win10v2004-20240802-en
Max time kernel
72s
Max time network
75s
Command Line
Signatures
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | N/A | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://buzzheavier.com/f/GJHt0zeNQAA=
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb61b246f8,0x7ffb61b24708,0x7ffb61b24718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2100 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2700 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5004 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5004 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5752 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6172 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9852 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6952 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8644 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=9728 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2cc 0x500
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=9444 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2084,15527298698205435629,10019608334692863865,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8748 /prefetch:8
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Downloads\##!!s͜etUp_Use_2444_P͜@s$C0DE$$✔.rar"
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Downloads\##!!s͜etUp_Use_2444_P͜@s$C0DE$$✔.rar"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | buzzheavier.com | udp |
| US | 104.26.4.225:443 | buzzheavier.com | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 225.4.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| GB | 2.18.190.81:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.95.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 150.171.28.10:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0polkser.xyz | udp |
| US | 104.21.91.152:443 | 0polkser.xyz | tcp |
| US | 104.21.91.152:443 | 0polkser.xyz | tcp |
| US | 8.8.8.8:53 | 4p5jdcvm.cfd | udp |
| US | 172.67.172.165:443 | 4p5jdcvm.cfd | tcp |
| US | 172.67.172.165:443 | 4p5jdcvm.cfd | tcp |
| US | 8.8.8.8:53 | 152.91.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 165.172.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rentry.co | udp |
| US | 104.26.2.16:443 | rentry.co | tcp |
| US | 104.26.2.16:443 | rentry.co | tcp |
| US | 8.8.8.8:53 | cdn4.buysellads.net | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 16.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.20.217.172.in-addr.arpa | udp |
| NL | 152.42.150.143:443 | cdn4.buysellads.net | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | exchange.cootlogix.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | srv.buysellads.com | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | pbjs.e-planning.net | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ads.servenobid.com | udp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 167.99.22.253:443 | exchange.cootlogix.com | tcp |
| US | 167.99.22.253:443 | exchange.cootlogix.com | tcp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| GB | 108.138.217.48:443 | hb.yellowblue.io | tcp |
| DE | 37.252.171.21:443 | ib.adnxs.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| NL | 193.3.178.4:443 | pbjs.e-planning.net | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| NL | 81.17.55.99:443 | prg.smartadserver.com | tcp |
| NL | 81.17.55.99:443 | prg.smartadserver.com | tcp |
| IE | 52.51.169.167:443 | ads.servenobid.com | tcp |
| NL | 152.42.150.143:443 | srv.buysellads.com | tcp |
| US | 172.64.153.78:443 | mp.4dex.io | tcp |
| US | 8.8.8.8:53 | c.4dex.io | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 104.18.22.145:443 | cadmus.script.ac | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| GB | 108.156.39.27:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| GB | 23.53.174.156:443 | secure.cdn.fastclick.net | tcp |
| US | 104.22.53.173:443 | cdn.hadronid.net | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| GB | 18.245.143.58:443 | tags.crwdcntrl.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.150.42.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.252.227.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.74.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.120.38.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.8.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.223.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.153.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.178.3.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.169.51.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.22.99.167.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.34.241.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.22.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static4.buysellads.net | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| GB | 18.245.162.102:443 | static4.buysellads.net | tcp |
| US | 104.22.4.69:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | adsdk.microsoft.com | udp |
| US | 8.8.8.8:53 | acdn.adnxs-simple.com | udp |
| US | 8.8.8.8:53 | cdn.adnxs.com | udp |
| US | 8.8.8.8:53 | fra1-ib.adnxs.com | udp |
| US | 151.101.1.108:443 | cdn.adnxs.com | tcp |
| US | 13.107.246.64:443 | adsdk.microsoft.com | tcp |
| GB | 92.123.142.144:443 | acdn.adnxs-simple.com | tcp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 34.95.69.49:443 | i.clean.gg | tcp |
| US | 104.22.5.69:443 | a.ad.gt | tcp |
| US | 34.95.69.49:443 | i.clean.gg | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 151.101.65.108:443 | cdn.adnxs.com | tcp |
| DE | 141.95.98.64:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 95.101.143.201:443 | www.bing.com | tcp |
| GB | 95.101.143.201:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 27.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.154.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.174.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.53.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.143.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.162.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.4.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.69.95.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.98.95.141.in-addr.arpa | udp |
| US | 104.26.2.16:443 | rentry.co | tcp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| FR | 185.235.86.53:443 | ag.gbc.criteo.com | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| FR | 185.235.86.125:443 | gem.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | buysellads-d.openx.net | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | sync.cootlogix.com | udp |
| US | 8.8.8.8:53 | public.servenobid.com | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| DE | 51.38.120.206:443 | onetag-sys.com | udp |
| US | 35.244.159.8:443 | buysellads-d.openx.net | tcp |
| US | 159.223.126.40:443 | sync.cootlogix.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| GB | 108.156.39.59:443 | public.servenobid.com | tcp |
| US | 151.101.129.108:443 | acdn.adnxs.com | tcp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | eu-west-1-cs-rtb.openwebmp.com | udp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| GB | 13.224.222.56:443 | eu-west-1-cs-rtb.openwebmp.com | tcp |
| US | 104.17.44.93:443 | gum.aidemsrv.com | tcp |
| US | 54.175.57.209:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 67.202.105.22:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| GB | 92.123.140.19:443 | player.aniview.com | tcp |
| US | 8.8.8.8:53 | 251.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.108.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.126.223.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.222.224.13.in-addr.arpa | udp |
| US | 104.17.44.93:443 | gum.aidemsrv.com | tcp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| GB | 23.214.129.249:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| NL | 89.149.192.244:443 | ssbsync.smartadserver.com | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| DE | 167.235.114.248:443 | sync.richaudience.com | tcp |
| US | 52.1.95.45:443 | api-2-0.spot.im | tcp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| IE | 34.248.137.99:443 | match.prod.bidr.io | tcp |
| US | 70.42.32.31:443 | b1sync.zemanta.com | tcp |
| US | 70.42.32.31:443 | b1sync.zemanta.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 8.8.8.8:53 | g2.gumgum.com | udp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| IE | 18.203.167.224:443 | g2.gumgum.com | tcp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | cacerts.rapidssl.com | udp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 54.204.207.243:443 | sync.srv.stackadapt.com | tcp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 8.8.8.8:53 | pixel.33across.com | udp |
| US | 8.8.8.8:53 | tracker.open-adsyield.com | udp |
| US | 67.202.105.24:443 | pixel.33across.com | tcp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 172.111.38.54:443 | tracker.open-adsyield.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| IE | 34.253.170.144:443 | jadserve.postrelease.com | tcp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| IE | 63.32.219.61:443 | ap.lijit.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 192.132.33.68:443 | bttrack.com | tcp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | tcp |
| US | 8.8.8.8:53 | cdn.dxkulture.com | udp |
| US | 8.8.8.8:53 | 209.57.175.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.140.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.129.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.131.71.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.137.248.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.114.235.167.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.32.42.70.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 45.95.1.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.167.203.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.207.204.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.170.253.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.38.111.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.219.32.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.44.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.33.132.192.in-addr.arpa | udp |
| US | 172.64.145.29:443 | cdn.dxkulture.com | tcp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 8.8.8.8:53 | sync.adkernel.com | udp |
| DK | 37.157.5.133:443 | c1.adform.net | tcp |
| DK | 37.157.5.133:443 | c1.adform.net | tcp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| FR | 164.132.25.185:443 | rtb-csync.smartadserver.com | tcp |
| GB | 108.156.39.10:443 | s.ad.smaato.net | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| FR | 142.250.201.162:443 | cm.g.doubleclick.net | tcp |
| FR | 142.250.201.162:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tg.socdm.com | udp |
| JP | 124.146.153.162:443 | tg.socdm.com | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| US | 8.8.8.8:53 | match.deepintent.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 52.46.151.131:443 | s.amazon-adsystem.com | tcp |
| IE | 52.212.38.212:443 | pr-bh.ybp.yahoo.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 169.197.150.8:443 | match.deepintent.com | tcp |
| US | 52.6.127.99:443 | sync.ipredictive.com | tcp |
| US | 8.8.8.8:53 | usersync.gumgum.com | udp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| US | 8.8.8.8:53 | ssp.disqus.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | sync.go.sonobi.com | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| JP | 124.146.153.162:443 | tg.socdm.com | tcp |
| US | 8.8.8.8:53 | hbx.media.net | udp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | udp |
| US | 34.98.64.218:443 | us-u.openx.net | udp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| IE | 34.247.229.60:443 | ce.lijit.com | tcp |
| US | 69.166.1.67:443 | sync.go.sonobi.com | tcp |
| US | 52.207.124.73:443 | ssp.disqus.com | tcp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| NL | 147.75.34.177:443 | prebid.a-mo.net | tcp |
| GB | 95.100.244.20:443 | hbx.media.net | tcp |
| DE | 18.184.119.72:443 | match.sharethrough.com | tcp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| US | 8.8.8.8:53 | ads.dxkulture.com | udp |
| US | 8.8.8.8:53 | 29.145.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.25.132.164.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.57.245.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.5.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.38.212.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.153.146.124.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.205.247.34.in-addr.arpa | udp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| US | 69.166.1.67:443 | sync.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | 20.244.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.229.247.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.151.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 177.34.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.119.184.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.150.197.169.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.127.6.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.124.207.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.126.55.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.1.166.69.in-addr.arpa | udp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | mega.nz | udp |
| LU | 31.216.144.5:443 | mega.nz | tcp |
| LU | 31.216.144.5:443 | mega.nz | tcp |
| LU | 31.216.144.5:443 | mega.nz | tcp |
| US | 8.8.8.8:53 | eu.static.mega.co.nz | udp |
| LU | 89.44.169.132:443 | eu.static.mega.co.nz | tcp |
| LU | 89.44.169.132:443 | eu.static.mega.co.nz | tcp |
| US | 8.8.8.8:53 | 5.144.216.31.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.api.mega.co.nz | udp |
| LU | 66.203.125.15:443 | g.api.mega.co.nz | tcp |
| LU | 66.203.125.15:443 | g.api.mega.co.nz | tcp |
| US | 8.8.8.8:53 | 132.169.44.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.125.203.66.in-addr.arpa | udp |
| LU | 89.44.169.132:443 | eu.static.mega.co.nz | tcp |
| N/A | 127.0.0.1:6341 | tcp | |
| N/A | 127.0.0.1:6341 | tcp | |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gfs206n165.userstorage.mega.co.nz | udp |
| BE | 94.24.37.75:443 | gfs206n165.userstorage.mega.co.nz | tcp |
| BE | 94.24.37.75:443 | gfs206n165.userstorage.mega.co.nz | tcp |
| BE | 94.24.37.75:443 | gfs206n165.userstorage.mega.co.nz | tcp |
| BE | 94.24.37.75:443 | gfs206n165.userstorage.mega.co.nz | tcp |
| BE | 94.24.37.75:443 | gfs206n165.userstorage.mega.co.nz | tcp |
| US | 8.8.8.8:53 | 75.37.24.94.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | update.videolan.org | udp |
| FR | 213.36.253.119:80 | update.videolan.org | tcp |
| FR | 213.36.253.119:80 | update.videolan.org | tcp |
| US | 8.8.8.8:53 | 119.253.36.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e765f3d75e6b0e4a7119c8b14d47d8da |
| SHA1 | cc9f7c7826c2e1a129e7d98884926076c3714fc0 |
| SHA256 | 986443556d3878258b710d9d9efbf4f25f0d764c3f83dc54217f2b12a6eccd89 |
| SHA512 | a1872a849f27da78ebe9adb9beb260cb49ed5f4ca2d403f23379112bdfcd2482446a6708188100496e45db1517cdb43aba8bb93a75e605713c3f97cd716b1079 |
\??\pipe\LOCAL\crashpad_3620_DXVLAXAFTMFFOOEU
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 53bc70ecb115bdbabe67620c416fe9b3 |
| SHA1 | af66ec51a13a59639eaf54d62ff3b4f092bb2fc1 |
| SHA256 | b36cad5c1f7bc7d07c7eaa2f3cad2959ddb5447d4d3adcb46eb6a99808e22771 |
| SHA512 | cad44933b94e17908c0eb8ac5feeb53d03a7720d97e7ccc8724a1ed3021a5bece09e1f9f3cec56ce0739176ebbbeb20729e650f8bca04e5060c986b75d8e4921 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b8187c6438c69f36756422942a750d98 |
| SHA1 | 31b34196738daf62b713c29df70680db33d2916d |
| SHA256 | abfa7c11e5837bab502eb0797592d0f9186ede5f3ff86da1ceded0f617ab31df |
| SHA512 | d6067a0afb3c281446cc8e3e8fd4e218495e2902e36b05f636a1a7413367710aeb5894d8e3eff60f63899a0f95a05db311d8c2ab8af6c5be256170420972a09d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e05d2e206eacf727bc9aaaf98016549a |
| SHA1 | 732bad8caaf1329a84bd6bffac4185a0039dfd26 |
| SHA256 | 7cdc5ee573bb94495a0090129850646800ac5e7cee41b4d142084bbfd689a9b8 |
| SHA512 | 9f1481ddb8b6e0a346c80245df1b03f7ff1fcfaa7b9142d4d26d177c60a898ad0fcb16ba266fd7d69f2a68b97428de6ea75af749ce313f84650790bac34ef678 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 70af7bea8f36203472b770af51bb6fc3 |
| SHA1 | bc93d9f493ab88b05dda4e24b103af7397faa2a0 |
| SHA256 | 313bcd3ae7953a72fa331340587de526999745d09f5275c7ac34ff68a9e2ec12 |
| SHA512 | ab3334281c759818e5a8652ed6b4d03e999965c8aba7f570701b849d0a079ee91ddf593814c55f53cf5707793af6cf4d504930a2bff6fed5b4444a0cee114cb0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
| MD5 | fb3b3a463e11c4e5f22da74950411769 |
| SHA1 | b53d5c80579ca95dca9eecc57098d6b90d7fd46e |
| SHA256 | 582ff394c62eb3bf5fb53274dbe4fa5e2f114d54925191100612c66fdaab093b |
| SHA512 | c0191fa938c5f23a707008b019c20e64fbd97482f63cdf7e4efd8cab35fd4433262b2cefb285f3aaa424ee54acb574a0f681a90dd5862d1517832d2ac2609f29 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
| MD5 | 55540a230bdab55187a841cfe1aa1545 |
| SHA1 | 363e4734f757bdeb89868efe94907774a327695e |
| SHA256 | d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb |
| SHA512 | c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | cd3f61a4f9fcd86dc46b8f2421d60654 |
| SHA1 | f317d064cef0d374e8f1a5b67e436a31c0227f2e |
| SHA256 | d5f6830aef91198b77c904f3b14821471b3bc8fa3223d567bd0012d342e8ccb6 |
| SHA512 | 8d097ecec3d64c0f3e02402eb51afec9f478ab621518c01b0c841868f090ff569d5111a83911efe0c67a610c56128acfe69798cec59e26b1e9d0bd2d499502b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1b8f8d6da7358fc24b29853c7412d7fd |
| SHA1 | 5c921a1f5138c6105d1c6c4c15b58a1505876b35 |
| SHA256 | e9af764c59ed7e813347f1e88267bf8d36aa2a68a5a584b4d6eb25e63b102bdc |
| SHA512 | 4caa604af47792f61eff6113163af3a6023eddbbaddeffb9c10acbc071de633ab294f836fb0b9b2b2bdc51f92ed7afbd507147ecacd2a410a7d9e6b57acaa55e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9fe989b830f0955849a5788e2749338d |
| SHA1 | 03293c4beb3d8ab9495b248962036d59fbb1c2d3 |
| SHA256 | 788cdef481914fb7f405aeda5a11586cb8a683efbe8801ba8da095a983c8b4f8 |
| SHA512 | 6e3414139cf0a53935c5bc7bd78fab46a855a2b9381199b369b6e7c306de939dd59b4a51390d0a8c4a1403a0536a7211372146b5e4ad19efbab4edd4540e2bd6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe584b9a.TMP
| MD5 | dcaf8e8b4d048c454715d389d671c2b5 |
| SHA1 | 6eaa4b196dd9aa7a3bdd0b20ecc228ad13965abf |
| SHA256 | 13bd0ef53c251dc4cfed33c35010e72b405559a4ff9c1cb21c9551ba97dda8cd |
| SHA512 | 0aef32c1a57366a0add24f59874266c87156cccd47f6c12642004c99e40d388bd2fb38289f050e14abee6c268526e3c8931f20444e18961bbabc24b19383d69d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2dff59d33c78acabc40b97f5a0379fab |
| SHA1 | 0da1e11388ef9073957ebc37c0fad3106753e9f8 |
| SHA256 | bb226752364004be3ce6c7e39279907d8481493c031be0f74fc0e7c886b1fa65 |
| SHA512 | b43ca354207f26a8907b40909ef26e660612ebfaaa540cf89ec14791f6725f912d48fc4efd588e9a6e539e6f00cddbb747807a2b9666f14b98792a787227afe4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | a9d2756ca56fefb5a249ad63f83c98ac |
| SHA1 | 3e405a72f1904f54b2bb09e6ea351fefb16684f0 |
| SHA256 | 8810f4b8b9bf7c1bdf5f2415823bd871344fea4dd2bed0c297a784617c5c7e06 |
| SHA512 | 226d4617b031ef0374aae492e1d2ffcb99a92d1987afd73e58aeffd5401e919bab2b076470d3a520f0ff4f24496ef0059a41bdd866710e5a0e39fcafa5f44f34 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe587c40.TMP
| MD5 | 09e52163e2e9328321347680954dc622 |
| SHA1 | ef126b83eb0642b58cdf5927c2869b3c7721278b |
| SHA256 | 46c71eb43dc12928bbeac881d6dcd282634d84dd729c8ff90069cb976727c132 |
| SHA512 | 200a2b9251e7e4c535227557cbe79de629526c45a2633c17b2c40f81ceaabed13b26a68f3aa67b57ec03c78640cb760926c7f13ef5d5a2f14aa9560601826cde |
C:\Users\Admin\Downloads\##!!s͜etUp_Use_2444_P͜@s$C0DE$$✔.rar
| MD5 | a38a8fee54eb3744701aba4b0846e9b5 |
| SHA1 | 365e724d64e0bff266c9812e79430938a68cba61 |
| SHA256 | ce537a5213e10276efff84a178d270358a906280a1df8b4da7f1202b1d275cd3 |
| SHA512 | ec7d953270eb1741cb7a55fd2568b844af17cbf525e1651e7a16608f55d62855649f7eae68705adaa3f5e59d8b2d94f2f735bf4e3ba4f053cd30e9172e36e784 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c544adfba9ca6ae76da3cb8606fe4be4 |
| SHA1 | 59b90dcf2d4296500453ea7657ffaa81abfde985 |
| SHA256 | 4a9caa93b45a3fd5f786d0e356d32ad95bf433e7c8d7d7cfbef647c32e895f9f |
| SHA512 | ad94062e197b9d01f888a48362c9346f7f1dfe66444591ee46abae37c9091b28117185372ce5d321f55f4ef5b0ec355c1c987ef08687c7f5510c8a3c68fca0f8 |
memory/8012-371-0x00007FF713C60000-0x00007FF713D58000-memory.dmp
memory/8012-372-0x00007FFB50560000-0x00007FFB50594000-memory.dmp
memory/8012-373-0x00007FFB4CC50000-0x00007FFB4CF06000-memory.dmp
memory/8012-374-0x00007FFB47AD0000-0x00007FFB48B80000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 64dff0a788ae5754f7b66b36d33c5f02 |
| SHA1 | ee3e4f3476e6f86c3fa9f47fefd1de4d4ff65dd9 |
| SHA256 | b72a4c0691b4e9fedfa2278f872f6177ceba544b875f657e3b28cba1b1afc6cf |
| SHA512 | 83b75599be4aecb728a38a102e65b6bd202da55451b0ffed5aab3379873a1b49ad8b4b9ab7fe0e98c1c9265b9d30cc8ebbf785bdf07e3a07726e7d6dabb0957a |
C:\Users\Admin\AppData\Roaming\vlc\vlcrc
| MD5 | 7b37c4f352a44c8246bf685258f75045 |
| SHA1 | 817dacb245334f10de0297e69c98b4c9470f083e |
| SHA256 | ec45f6e952b43eddc214dba703cf7f31398f3c9f535aad37f42237c56b9b778e |
| SHA512 | 1e8d675b3c6c9ba257b616da268cac7f1c7a9db12ffb831ed5f8d43c0887d711c197ebc9daf735e3da9a0355bf21c2b29a2fb38a46482a2c5c8cd5628fea4c02 |
C:\Users\Admin\AppData\Roaming\vlc\ml.xspf
| MD5 | 781602441469750c3219c8c38b515ed4 |
| SHA1 | e885acd1cbd0b897ebcedbb145bef1c330f80595 |
| SHA256 | 81970dbe581373d14fbd451ac4b3f96e5f69b79645f1ee1ca715cff3af0bf20d |
| SHA512 | 2b0a1717d96edb47bdf0ffeb250a5ec11f7d0638d3e0a62fbe48c064379b473ca88ffbececb32a72129d06c040b107834f1004ccda5f0f35b8c3588034786461 |
C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini
| MD5 | 990b8db13df98b620ce23ee699898da7 |
| SHA1 | 9db73d2eb6b590382b52a663d8f0794184082864 |
| SHA256 | 2f280fcf73576f85182a318edb52f210c8bac36067c3f17d460ff02ad34a732d |
| SHA512 | 293c3c6c6526247d52e1149a19581b024a33ebd4e90b7822b825c1ab2a662a4d12460eb119bdf4b8edde192382f7643313bda3ac7211b2aadcc075cd7134ba42 |
C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini
| MD5 | 56272e9c62878c114c1d09f9f25a0183 |
| SHA1 | fb040626575bca1acf27b001f02ecd47a37da34e |
| SHA256 | c02a4bd0bc5e2711a27b6440fe6c9760442b3d209e8a9b213ef50607cb20c90b |
| SHA512 | 7a4aa4628a7b59ac5f17c8e8ebb893e8c88da8ba67fc09ad013748cbd82bf0363735593341bfe65498108f7b140520242f996d884204e0d61d502f118004d870 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 5c49867e302af91f51b28d12edcf9052 |
| SHA1 | e2c174048d1ff15a68caf2dd5f49141f14e8da07 |
| SHA256 | a2e047079810cc2bc3c05995cac24232d1b283007160c8b9058dd94b26a21d5d |
| SHA512 | 009e3d3edda0754b89c42d10b85a01fdc0ac6448753a027fe6f443a21e5391af7d71cd371cec97bf5621467f4016dcb8c28f76f1d64140747deaf9b3ebea047a |
memory/6860-430-0x00007FFB4D920000-0x00007FFB4D954000-memory.dmp
memory/6860-432-0x00007FFB4A8A0000-0x00007FFB4A9AE000-memory.dmp
memory/6860-431-0x00007FFB4B780000-0x00007FFB4BA36000-memory.dmp
memory/6860-429-0x00007FF713C60000-0x00007FF713D58000-memory.dmp