Analysis Overview
SHA256
8124e622c137c8c8a02727302e712ca273485acb70c706fd24b1387a438eee40
Threat Level: Shows suspicious behavior
The file sample was found to be: Shows suspicious behavior.
Malicious Activity Summary
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Writes to the Master Boot Record (MBR)
Browser Information Discovery
System Location Discovery: System Language Discovery
Modifies registry class
Enumerates system info in registry
Suspicious use of WriteProcessMemory
NTFS ADS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-26 19:36
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-26 19:36
Reported
2024-08-26 19:39
Platform
win11-20240802-en
Max time kernel
191s
Max time network
193s
Command Line
Signatures
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | N/A | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe | N/A |
Browser Information Discovery
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\notepad.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-242286936-336880687-2152680090-1000\{B93E54D1-7275-4C3E-BB27-8C0BADECE55D} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\MEMZ.4.0.Clean.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\MEMZ-virus-main.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeShutdownPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe09323cb8,0x7ffe09323cc8,0x7ffe09323cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1908 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2364 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2700 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5272 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4688 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5488 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5824 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5836 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6708 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6952 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7152 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8052 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7208 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6708 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9080 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1872,11142990867166800887,2349760839135194727,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7040 /prefetch:8
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe"
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe" /watchdog
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe" /watchdog
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe" /watchdog
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe" /watchdog
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe" /watchdog
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe" /main
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe" \note.txt
Network
| Country | Destination | Domain | Proto |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.18.40.68:443 | pro.fontawesome.com | tcp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 95.101.129.200:443 | www.bing.com | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| GB | 95.101.129.216:443 | r.bing.com | tcp |
| GB | 95.101.129.216:443 | r.bing.com | tcp |
| GB | 95.101.129.194:443 | r.bing.com | tcp |
| GB | 95.101.129.194:443 | r.bing.com | tcp |
| GB | 95.101.129.216:443 | r.bing.com | tcp |
| GB | 95.101.129.216:443 | r.bing.com | tcp |
| GB | 95.101.129.216:443 | r.bing.com | tcp |
| GB | 95.101.129.216:443 | r.bing.com | tcp |
| GB | 95.101.129.216:443 | r.bing.com | tcp |
| IE | 20.190.159.64:443 | login.microsoftonline.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 151.101.129.91:443 | images.sftcdn.net | tcp |
| US | 151.101.129.91:443 | images.sftcdn.net | tcp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 199.232.213.91:443 | softonic.com | tcp |
| US | 199.232.213.91:443 | softonic.com | tcp |
| US | 151.101.1.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.1.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.1.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.193.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.193.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.193.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.193.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.193.91:443 | articles-img.sftcdn.net | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | tcp |
| GB | 13.224.222.58:443 | sdk.privacy-center.org | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 52.111.227.13:443 | tcp | |
| GB | 13.224.222.58:443 | sdk.privacy-center.org | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 151.101.193.91:443 | articles-img.sftcdn.net | udp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| GB | 18.172.148.233:443 | www.datadoghq-browser-agent.com | tcp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 8.8.8.8:53 | 34.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.148.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.41.67.172.in-addr.arpa | udp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 151.101.1.91:443 | articles-img.sftcdn.net | udp |
| US | 151.101.193.91:443 | articles-img.sftcdn.net | udp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.74.232:443 | api.btmessage.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| GB | 108.156.39.27:443 | config.aps.amazon-adsystem.com | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| US | 204.79.197.237:443 | c.bing.com | tcp |
| GB | 108.138.233.47:443 | api.privacy-center.org | tcp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | brightcombid.marphezis.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| IE | 54.228.243.229:443 | ap.lijit.com | tcp |
| DE | 157.90.0.38:443 | shb.richaudience.com | tcp |
| DE | 157.90.0.38:443 | shb.richaudience.com | tcp |
| DE | 157.90.0.38:443 | shb.richaudience.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| IE | 63.35.89.195:443 | ad.360yield.com | tcp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| IE | 54.220.6.201:443 | id.crwdcntrl.net | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| NL | 188.166.203.175:443 | brightcombid.marphezis.com | tcp |
| DE | 162.19.138.117:443 | lb.eu-1-id5-sync.com | tcp |
| IE | 54.228.243.229:443 | ap.lijit.com | tcp |
| DE | 157.90.0.38:443 | shb.richaudience.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 35.244.193.51:443 | lexicon.33across.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 175.203.166.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.6.220.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.33.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.0.90.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.243.228.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| FR | 142.250.179.65:443 | 837f996ba5a29cd8fd78db31a81a83ef.safeframe.googlesyndication.com | tcp |
| FR | 142.250.201.163:443 | www.google.co.uk | tcp |
| FR | 142.250.201.163:443 | www.google.co.uk | tcp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | tcp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | tcp |
| GB | 18.245.143.83:443 | tags.crwdcntrl.net | tcp |
| DE | 37.252.171.21:443 | ib.adnxs.com | tcp |
| DE | 37.252.171.21:443 | ib.adnxs.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| FR | 172.217.20.162:443 | ep1.adtrafficquality.google | tcp |
| FR | 142.250.179.66:443 | googleads.g.doubleclick.net | tcp |
| FR | 142.250.179.66:443 | googleads.g.doubleclick.net | tcp |
| FR | 142.250.179.66:443 | googleads.g.doubleclick.net | tcp |
| FR | 142.250.179.66:443 | googleads.g.doubleclick.net | tcp |
| FR | 3.162.36.191:443 | aax.amazon-adsystem.com | tcp |
| FR | 3.162.36.191:443 | aax.amazon-adsystem.com | tcp |
| GB | 92.123.143.169:80 | apps.identrust.com | tcp |
| FR | 142.250.179.78:443 | ampcid.google.com | tcp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| FR | 142.250.201.163:443 | www.google.co.uk | udp |
| IE | 54.239.33.159:443 | aax-eu.amazon-adsystem.com | tcp |
| FR | 142.250.179.97:443 | ep2.adtrafficquality.google | tcp |
| GB | 2.18.190.79:443 | qsearch-a.akamaihd.net | tcp |
| GB | 2.18.190.79:443 | qsearch-a.akamaihd.net | tcp |
| BE | 74.125.71.157:443 | stats.g.doubleclick.net | tcp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 174.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.143.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.33.239.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.71.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.178.250.142.in-addr.arpa | udp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| US | 172.64.149.180:443 | cdn.indexww.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| GB | 23.36.168.202:443 | ads.pubmatic.com | tcp |
| US | 151.101.193.108:443 | acdn.adnxs.com | tcp |
| DE | 162.55.236.224:443 | sync.richaudience.com | tcp |
| IE | 52.212.87.103:443 | ce.lijit.com | tcp |
| DE | 162.55.236.224:443 | sync.richaudience.com | tcp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | tcp |
| GB | 92.123.143.216:443 | player.aniview.com | tcp |
| US | 35.169.164.106:443 | cs-server-s2s.yellowblue.io | tcp |
| DE | 51.89.9.254:443 | onetag-sys.com | tcp |
| NL | 89.149.193.116:443 | ssbsync.smartadserver.com | tcp |
| US | 54.243.98.238:443 | api-2-0.spot.im | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 54.205.147.202:443 | sync.srv.stackadapt.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| IE | 52.215.131.87:443 | match.prod.bidr.io | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 172.111.38.54:443 | tracker.open-adsyield.com | tcp |
| IE | 63.35.37.71:443 | jadserve.postrelease.com | tcp |
| DE | 51.89.9.254:443 | onetag-sys.com | udp |
| US | 216.200.232.253:443 | sync.mathtag.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 104.22.51.98:443 | spl.zeotap.com | tcp |
| FR | 154.54.250.81:443 | ads.stickyadstv.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| FR | 142.250.201.162:443 | cm.g.doubleclick.net | tcp |
| NL | 35.214.151.10:443 | csync.loopme.me | tcp |
| DK | 37.157.6.233:443 | c1.adform.net | tcp |
| US | 192.132.33.69:443 | bttrack.com | tcp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.147.205.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.37.35.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.38.111.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| NL | 35.214.151.10:443 | csync.loopme.me | tcp |
| GB | 104.103.201.8:443 | secure-assets.rubiconproject.com | tcp |
| FR | 142.250.201.162:443 | cm.g.doubleclick.net | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 192.132.33.69:443 | bttrack.com | tcp |
| US | 67.202.105.22:443 | ssc-cms.33across.com | tcp |
| US | 52.46.143.56:443 | s.amazon-adsystem.com | tcp |
| GB | 23.46.73.76:443 | eus.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 253.232.200.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.201.103.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.73.46.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.143.46.52.in-addr.arpa | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| NL | 35.214.199.71:443 | csync.loopme.me | tcp |
| NL | 35.214.199.71:443 | csync.loopme.me | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 92.123.142.105:443 | www.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.216:443 | codeload.github.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ea667b2dedf919487c556b97119cf88a |
| SHA1 | 0ee7b1da90be47cc31406f4dba755fd083a29762 |
| SHA256 | 9e7e47ebf490ba409eab3be0314fa695bf28f4764f4875c7568a54337f2df70f |
| SHA512 | 832391afcac34fc6c949dee8120f2a5f83ca68c159ff707751d844b085c7496930f0c8fd8313fd8f10a5f5725138be651953934aa79b087ba3c6dd22eaa49c72 |
\??\pipe\LOCAL\crashpad_3704_MDJACCFIHYPFPEAP
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 2ee16858e751901224340cabb25e5704 |
| SHA1 | 24e0d2d301f282fb8e492e9df0b36603b28477b2 |
| SHA256 | e9784fcff01f83f4925f23e3a24bce63314ea503c2091f7309c014895fead33c |
| SHA512 | bd9994c2fb4bf097ce7ffea412a2bed97e3af386108ab6aab0df9472a92d4bd94489bb9c36750a92f9818fa3ea6d1756497f5364611e6ebd36de4cd14e9a0fba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 40cbfd456d56effc1ac58b67e8cbabdb |
| SHA1 | cddfcff4e69a0399e539c73a0b7438ccdefb44c0 |
| SHA256 | 225aa7fddc6e1660c4a97638aa628d9ca8b31417299da04448a9ed3935e922b9 |
| SHA512 | f5fc3a72b7fc4c8e98cf2087dab0b10624897d2720a4eb61ee953dce4e46c8e2bc513ddc82660b9bd1600975d04f55aa036215f1d3b1c4282c1a6e9bf1366437 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 74b58df8fa864fdd222309984ecb0dfb |
| SHA1 | 5b95b62a30d15578588ad7bcf8754dc3beb6573a |
| SHA256 | c893c46d890d044dadcfea8dae993d2492b163342c0f8bae6a3ebb9228445ff0 |
| SHA512 | e2472b659883ffdda9544c76f79cefd4475a3937acf798bd7f40f03cdfebee2279988f9147f5af2c2721af47f743712b0f955b581fc232bd02b66c7edb50da48 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 96ffcb881434bcd050cc0bcdcfaa8af2 |
| SHA1 | 5b6aedefc31f9e41e9f29a022db4417010e07434 |
| SHA256 | a582140e1175ae30ff188117c6da8e8d2accdd6fb3703568db7330d9945fcd25 |
| SHA512 | 9c327e423d839857bbd94e9205a013db63f2efeda7912b6e3e202fe1befa8fb9ddcfe80824cce98deaa6e8149a7a2ecae86d902611a627dc84cce9c457bcbe9a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 77a3ed5dc02b96a6e8628c012ddd2781 |
| SHA1 | f91d1cfc8e4550535fa13e7dec064e538a4d99ba |
| SHA256 | 3e7ee8e97aa2045a4a6e1998c405308cee3625820945537bd179f87872ed5fa5 |
| SHA512 | a2bef4faf76870d4e2e86966ebc352804008190fa8a137dadcca8312fe0eb6f06813f069638b5138fb16533450e52a36466cdbce4f43e20ce77efc6e34412eb9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5885e4.TMP
| MD5 | 6e3291e61eca9c20f0b2683a829c3390 |
| SHA1 | 56e0de2629486244c6d8c20b2deeb516b8f056c5 |
| SHA256 | 9627bfed988d9bede5b9d9d7f5ead0d432bc42588d79d4d8c6ae8dc50d248387 |
| SHA512 | 388e11196af95e74eed5ce0d1c65c3f244fc374b7cfc1fe0cc3ad95c585ba1c7aca08c2dd357f416b7ed027b35ff60742baee737b191ad2aa48c8746606d4f7d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5c6cdde66b8f7d4f3d053686037095c2 |
| SHA1 | 531071ebd8a876ba3558ca185248d790c9a6426b |
| SHA256 | e878b9f48fb2b4b4004ded4973b52cfa3b77d9d24accc9309a709ed679a5d9b6 |
| SHA512 | 1364da9a759a1c990ce0cfb9ffafc370783002ecf41259d66a7ab46ecbfdc7a4408c11469e73a66ec12acc1180a33b3150f8b220561bef15ad2da2552997d378 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8cfb96dc1e4cf3d77ef929f646367ee5 |
| SHA1 | 164eaf29ec79b6d41c4b36911218b63fa75165a1 |
| SHA256 | 5d4b2b217df9a9610f9498e8b36298ff1ef850ef13c3c2856e4d80bbe008ed5a |
| SHA512 | f54133c9f1392879529d27c2b71b00f3e15239c4088309160a57b8135d2eb74ca5a7690a15ecc160eb63744aceb6db2652173f15dcd585fce41c95c47a933268 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | ed124bdf39bbd5902bd2529a0a4114ea |
| SHA1 | b7dd9d364099ccd4e09fd45f4180d38df6590524 |
| SHA256 | 48232550940208c572ebe487aa64ddee26e304ba3e310407e1fc31a5c9deed44 |
| SHA512 | c4d180292afa484ef9556d15db1d3850416a85ad581f6f4d5eb66654991fa90f414029b4ce13ed142271a585b46b3e53701735ee3e0f45a78b67baa9122ba532 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 60f8cd04587a51e31b51d1570d6f889a |
| SHA1 | 88574c41d0ab81721b275252464da5c7927a4835 |
| SHA256 | 27cb4390e32a97375dd4987ae000406933bceba5199f17893711e782333b81cb |
| SHA512 | 84c12448ac55dd819749fef9be9919111a3df4bc51e66d2fa9f7376c11c101ed1349cb36aa119aa873cdd6c0c91027e201fbe23c2c83b89bc900a4d9077bcc52 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 2e86a72f4e82614cd4842950d2e0a716 |
| SHA1 | d7b4ee0c9af735d098bff474632fc2c0113e0b9c |
| SHA256 | c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f |
| SHA512 | 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | 56d57bc655526551f217536f19195495 |
| SHA1 | 28b430886d1220855a805d78dc5d6414aeee6995 |
| SHA256 | f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4 |
| SHA512 | 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | b38fbbd0b5c8e8b4452b33d6f85df7dc |
| SHA1 | 386ba241790252df01a6a028b3238de2f995a559 |
| SHA256 | b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd |
| SHA512 | 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | 038c1f469deb6932520d09a340856ebc |
| SHA1 | 8b361a8c0489b69e9ef4e132e36f20c161c5ec1e |
| SHA256 | 5fafae77cfdc093baea4dd31485ced7dc4ab8e734311b3c2aaac1dc2ed95f451 |
| SHA512 | fc3123f11323a9f18f5e1bb31c61fa229e0de8b6d07bb01b220605cfd9ba499ed63e76be0b7146e096412cc94486bdba0ee102982b38b258958c6327fc6bb6c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 52c711c44734df6fe9d00f4f9fd83cc5 |
| SHA1 | f5e83e0b80f7655afba13f19a211a090637d83f9 |
| SHA256 | 76847ecae522428ac1af3e2651f2edc01aa5458ca390fa1e1ddb7908ddb95243 |
| SHA512 | cf5f20eb198efd8b0c1d4049581744edc77b4dd0fe933665a1d2ca629dfdd66fa82bed7610a18f65756a3932dcb6ec6708be035e8a2ff4b4802728ed7e470b40 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 41b2c4a38a148c38389e23c74266937e |
| SHA1 | 006aae6759e7c35664e0c18b90adfa0d3c117ee1 |
| SHA256 | 6d5bb0fbfa4bd3c8042079e09357f8bd738bd1a85cf9eb40e8326eff9d313043 |
| SHA512 | 700f42372af58c6974d7802b70b8f1a5b9c9554434074016c856af98d3307b740d10e76a2b1475183effd4d599fa80dfe5a48ed9c870def9f7e18030de1b3be6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f
| MD5 | e4cc1ece2f2425b10ae2ccc212c1dafc |
| SHA1 | 92609e6d0093693110baa23758382889bcb30da6 |
| SHA256 | 92e9415d8bc8529e2a3f335258ef7ff159cce2965ce3b2b7c15f73720efee809 |
| SHA512 | 2848dee3a6da891b7044518bc97aeafd340705cebe846350b9a7f314b52450f1eb977b8b492638965ce4674ebaa341e4f832438199c3cad2fb0a0793ef83a619 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 917c56bc02d60d4594f83fd7e5ae6995 |
| SHA1 | f4dd3c8998692f3d0507e2cb3ef4c0a393842efb |
| SHA256 | 733947f1f3503b5a98676d21efc42be11976984c1ce40e1cce86f22a40729327 |
| SHA512 | 1021f487a2c997ec26a2f576014f5d053c9c18848f1d572e32dbe9bfe228219086b78c6fdf89342e26912717150a94be53f4bcdc79787796e29f2034c0c54109 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c307209b77fcc93a9ba3f0485880066d |
| SHA1 | 3db2149e0a044efa7ac4b754c5616833d1ad68f6 |
| SHA256 | 2458892d5fbf79652d99b551247528ea4f1780eff1d20ff62fefd774a82776c9 |
| SHA512 | bec98e5350c1873bd7329ed7569a3fe524d03e3b54ee4f1e52836794f791320a65ff03c7af99d28ba726012f513721dd63c8490767852c71424f1f4fed422f78 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
| MD5 | b07f576446fc2d6b9923828d656cadff |
| SHA1 | 35b2a39b66c3de60e7ec273bdf5e71a7c1f4b103 |
| SHA256 | d261915939a3b9c6e9b877d3a71a3783ed5504d3492ef3f64e0cb508fee59496 |
| SHA512 | 7358cbb9ddd472a97240bd43e9cc4f659ff0f24bf7c2b39c608f8d4832da001a95e21764160c8c66efd107c55ff1666a48ecc1ad4a0d72f995c0301325e1b1df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | 209af4da7e0c3b2a6471a968ba1fc992 |
| SHA1 | 2240c2da3eba4f30b0c3ef2205ce7848ecff9e3f |
| SHA256 | ecc145203f1c562cae7b733a807e9333c51d75726905a3af898154f3cefc9403 |
| SHA512 | 09201e377e80a3d03616ff394d836c85712f39b65a3138924d62a1f3ede3eac192f1345761c012b0045393c501d48b5a774aeda7ab5d687e1d7971440dc1fc35 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | f930621607e050dff86f94bbf4806b73 |
| SHA1 | d06bdf16d5794550b78713955629c465b6970676 |
| SHA256 | fe97ff9a43f7f196dcd9088da3818e6f80ecdc2ad8937a5bd4a52c8b3979a09e |
| SHA512 | df4c634c95cbc63c44c0f884817333fdb3965d225fbcf008d134a12ea99d05965b043c4f74bbe57f8356fd7f698fde30fe34638387ffcb8ca1226fe7c8b00cb7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000040
| MD5 | eda89cde75252b12a205eb955544300a |
| SHA1 | 5189cfb38c5b37097060f084767c1a3d91a38ccb |
| SHA256 | 1ae94d87d168368e3e5246b89aba25bb5f0d30cfa7aadac1febbb9ba3aa1be5a |
| SHA512 | 2474a37f79660d03cf06e3df23407e2dbde29c166efe26561b834cbd1f340108490b2b4bf237ff7184fb2c3220c71c2ccaccbf4941661460abb746f9da73b689 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7a41261151a0b9a3e11492443818a4a2 |
| SHA1 | e9873d21dafc26ee4673c88d33b94d9bcd2e7db7 |
| SHA256 | 27a47796dec32ed8bb9d7e9cde64e24e97d1ac28131bdf087d9f9b063b6717a3 |
| SHA512 | 86f40a17b209438bae75a74dd0f65e2804d0e2baf6ae74e8099f1661ed1c0676e88c9134a8e450a82ef08331e2d2ab8c12370ce708bc2c72f7e355d2b9ba0fc5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7e3b8a8a99d4715100579aadbcd0c823 |
| SHA1 | c9508f5656bcd4193e00ff28d5fc37a4c0eda57c |
| SHA256 | d3afd090cccdd1029a796647079b807a36c38c5f7bbb2ce0780bf2ac6e8c5242 |
| SHA512 | dda05d96c52fdcaa7d79a68bc5935585b91c14ad40bda0c117d572971338bd763b8332c9e8c44b5d5921d385e5a608ce7bacba9a902912ac49771326b5a61746 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 49afa1796ca3a4a9995b0a6db8d1a0f5 |
| SHA1 | af12b8a645e9cffe4d134946e1a84b28a431292d |
| SHA256 | 8e98d0af1e7013868dc2e9a679f25735ba7351eceee7fa069507ac8f71e030d8 |
| SHA512 | 11db0ffc7303a3efd377583d4e3f111ebb8a6123c3457580402a5702b1bbcdd5fd22fa8bd4224d90506111a9246443f589773a633de97281d1c4d1347ca430f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e37e8302b827b90f3d35d3bf838183ad |
| SHA1 | dd507f79c18c086b2d5a16a37f526470157e4b9e |
| SHA256 | 8cd3baa72bacc4efb98f4ee4468e6318b7d54ef96ceb507231748f89d17e1acd |
| SHA512 | 35840642a657c8631e7e343055d4082a7133c25b450c2dd2589a51f13e7ce07ee392a74400dbc94c6703e382c36ddcb923c18ce4f0313772700393b011b7e53d |
C:\Users\Admin\Downloads\MEMZ.4.0.Clean.zip:Zone.Identifier
| MD5 | 39685d43bde46abf842fb06c0744adab |
| SHA1 | e21c6bcfd8cf629b8bd13d5f8673e034cc23dc04 |
| SHA256 | e275bf42cc99ac20ac1632e77e8a21730fe8aca04d3ab346d9a96426a8150ec6 |
| SHA512 | 251164c1db871c7d628b1f42185eae6da37291f63e9e156533f74e28646ce4610a8274734e912bc47deaea324dd1cc10885ff7399aece7a487475634215b44fc |
C:\Users\Admin\Downloads\MEMZ.4.0.Clean.zip
| MD5 | 8ce8fc61248ec439225bdd3a71ad4be9 |
| SHA1 | 881d4c3f400b74fdde172df440a2eddb22eb90f6 |
| SHA256 | 15ef265d305f4a1eac11fc0e65515b94b115cf6cbb498597125fa3a8a1af44f5 |
| SHA512 | fe66db34bde67304091281872510354c8381f2d1cf053b91dcd2ff16839e6e58969b2c4cb8f70544f5ddef2e7898af18aaaacb074fb2d51883687034ec18cdd9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8800a4e5e8281fff79494c162af92419 |
| SHA1 | b93c9fcb65adc61e860394bb9a4a1728289b1e55 |
| SHA256 | a103896fef97dcc390ca84f917b01e64321ec8bc238cef483b8c124494e19d98 |
| SHA512 | 7bc498567b5f676d0e9644f27e5af6ebf810c5f670141bba311903b1c662ac56e628e9b0d59d9bc53e3e0a2305f4b65de680ec2317f9e75e5e7a3b7cddca6c18 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a2e6c59d05973f324df948a96315472c |
| SHA1 | 36908dfde986071ad81ea6ef99d9c64cf215a626 |
| SHA256 | 954e62394a4e0f848804090b2f6dd7541c380b03a974fa59be53eedce7b37540 |
| SHA512 | 9fbe7d441527f8a92207756e1fdc647b9f9dc78d2a86568ad13bc09afe3fc7d28322125b315deb946831da44d1f70022a2e3bda78c12b1753567179dd285cadc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 4c6bd270035282ae16389ede9cd0d168 |
| SHA1 | 6d675ea70c14ffc65230217ce2c184848c737d88 |
| SHA256 | 5416bd49d9b86101b7af47109b3e8033ef824e0d435431c81abc611f4be809fd |
| SHA512 | 3805ecd175713bdaf484f340d9f6941f52794e6e1ed75fd52f311cf61962808a6b6a907c5830d08ed808a78c964b3bbf090b8286a1b8071b3ec3de366781c03a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 26abbeb5c72a4d5ba5caa0b5a9baf66b |
| SHA1 | bf979cacc13be67a11f33ab4c61cbbe08033b296 |
| SHA256 | b2e957a2526cd32da76728a90c2e2ea9292eb929e00d702bc770618afb9e3def |
| SHA512 | 5c6814bc5f862904be2b4330d62fd2eece795960469478db4aa25b7085dd771d49b849a8bf122cd1c015920fbf3bcef73d35988e301f4b5e3451fb2da2ef4d22 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bfd9b5c29c5c8524_0
| MD5 | a9b826f6da626db2e3fe76ccdda70613 |
| SHA1 | 8658e629f2be27a27f6b6c39c8e36e00e5ff17d8 |
| SHA256 | 410ad84c0e012eaf215c6c670a483ed90f7a41d71947630f482efc840037588f |
| SHA512 | 079bf548c3332ac0a0f119903398cb5ea41d7e756e06217b008df591f40f49b01f878a31255e0ccd99a4e83410d7bd45a36f8803e3d8f33d9596b55c9388c2ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e55f0a6d1b533c66_0
| MD5 | 376fdc835e6debaef62a8dd3235508cb |
| SHA1 | f107e880317fb3e1b68359112b02fd486ca85b6d |
| SHA256 | aef8d3f5af1efb935af9eb92f18913d4acdbe447029ba52b117fabfc580fdde7 |
| SHA512 | 42da343173c814034056fe34a544f82a5793d241955371f38e49e39722db77f76ba7a52dd9f126086a118c14048f28897c63ef2356a0d599599e99890bfcdfea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0
| MD5 | e2efe28867f0b409ca94a2b49b06033e |
| SHA1 | be0dc1712da5fb6173a7ed67fc5fa5e9a78aafd4 |
| SHA256 | 7f197600d2ae64840bb25238615e393483a693d6844394a1fe497944a54d3790 |
| SHA512 | 5f645a603d0bd762f64896819e14dcfc66e37f94dc8ac804940265d4b14ef43812e6912f39501d4c7044fb0fa1efbaba0f1a3b4058e99126233e6eb8798328e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c4545010b9c4b344_0
| MD5 | 6759f26b21f16400fe4ca4af845d1953 |
| SHA1 | 0aa261aa299d0aca65685ae0930e4aabb0ffd279 |
| SHA256 | a1d92b6f0d31de36ee23e50f5b51c3d927d8fff8a5a1e3eb0e162fedabd017e0 |
| SHA512 | f7addbba628af18cf756a1a06a08e69fd70d5fb352e90a1533e172f69f4f45123eaba844d2985d20b2173f72f69714ce8b6e334c59b78b79238056236daa41f4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daca09b4eb185a45_0
| MD5 | b14b89b2a9dc59007d3c1ec75af70c6e |
| SHA1 | 71adafec67d82a13d31208135d51972b149155e7 |
| SHA256 | 72ee479807e0198ab93cb19fd2cc60e9656a3c492036a972e5d07f63795ca273 |
| SHA512 | b7e3abf7fd729d5d889cb7fd01f31a0db2d57b42fdee029a85d885509f52f4295cf053f95c1fff2444ca1f764b8f1da5dc802894cb3a563e90dd0be7ecc05980 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7cf9843337c39c04_0
| MD5 | 64805db799fcac1be57ad8ca6c4f5ad4 |
| SHA1 | 667bfb282d49e6cd5a6b34258b21571731dfe745 |
| SHA256 | ea8e195d85415a650806ac2a7e1dffc6a347f5c3a942c9bbf74ff454fbf3a188 |
| SHA512 | fd575421f490a12d8872e7ab5fc4aa02fc972af32938771a854c554b5a23e1b53fb4d698b6ebabdee9c9189286034467f49c38c64a42277a776eccbd950d680d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\af2cfcaf6d9b18bc_0
| MD5 | f7baa7d41d6098b60a3e4168d895c07f |
| SHA1 | d62fa7ddb682b855d74a587b61fe7450509bd7d4 |
| SHA256 | f7c6246586ef2a6c8b91e737e58d95385b54ca4bc3ba827f1450dfd33a9bec01 |
| SHA512 | dafc7dc7d742eabe12e7fd5b06cb644307ed898108d3adceee14a3ce9eecaea4066ffbcb84cdafe4be29e5caf022a92979a75885c2b61eb2bacdac41f074465f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 909a9df0e2f84b310bf87d7c679125d2 |
| SHA1 | 5e4be65ea07cce8c433600f2d9f1c7e0cf4f940a |
| SHA256 | 49f35392350500174178107b97fd9140a746055dd481f7d0a9ad6b742522c756 |
| SHA512 | a2780cae9509c35f4d107b95fe1aadeb4d3e2cf22362abbfd4e2271fe872e3e18d3b08f1c76a9a80255657028258716fe15fecc5f75945a3938dbced5b56397e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010
| MD5 | 68f0a51fa86985999964ee43de12cdd5 |
| SHA1 | bbfc7666be00c560b7394fa0b82b864237a99d8c |
| SHA256 | f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f |
| SHA512 | 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
| MD5 | 3051c1e179d84292d3f84a1a0a112c80 |
| SHA1 | c11a63236373abfe574f2935a0e7024688b71ccb |
| SHA256 | 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3 |
| SHA512 | df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 65f550d9ea20d2328427a3027fa7f24d |
| SHA1 | b57c69d5a2457c8c871d440344348e89631d3ac3 |
| SHA256 | 5f337f50f5ee09f787c48c967819714cca9d60242bc10f6c3db64dffc8c21193 |
| SHA512 | 924f0ea5ac33fc6a83f5d28d8368e5fb78929ea5a09de18ff0ecb27f2b2350ae4d8ee3c1eb65c6ace64753a1eb67ac643a7a69634d5f96166b65b1adcf2e4db5 |
C:\Users\Admin\Downloads\MEMZ-virus-main.zip:Zone.Identifier
| MD5 | c0aaf6dc437b95d10bb053831c3cba7c |
| SHA1 | f3b57f1b2dfc8a4ca0f366b7d1051d68f59110d7 |
| SHA256 | 5d3db06bf246f33b99bfabbac16d6142e6bac695092228d5367b3cc03959653a |
| SHA512 | 9effe9ccb34ac61508648e32efb4f7fe8dd5ce195259f60707c720ac4cb9ebee0f5e944bda0ebd804eb441a8a32cf56336677389a9ad59a8c1d4402c164f2ff0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\cf26be7b-860c-4d8f-8617-08fcc21d46b1.tmp
| MD5 | 66fc21e81dddcf67e5e60fda5cd3bbf9 |
| SHA1 | 469290d57bdf832f3577f592da7b54bfd432c195 |
| SHA256 | 2cbf2ef6225dd737a206182b972dbdcb39c371f9deb21c98f4d8831e49a98524 |
| SHA512 | 19c543ba15f9146d672a8d3aef977668af1e8d9add16ca53f49a94c8e137b0c1e9a698ae87fa18ac98019b46302ed5e8ef693ce7d2f4084125babed597533ae1 |
C:\Users\Admin\Downloads\MEMZ-virus-main.zip
| MD5 | a043dc5c624d091f7c2600dd18b300b7 |
| SHA1 | 4682f79dabfc6da05441e2b6d820382ff02b4c58 |
| SHA256 | 0acffde0f952b44d500cf2689d6c9ab87e66ac7fa29a51f3c3e36a43ea5e694a |
| SHA512 | ee4f691a6c7b6c047bca49723b65e5980a8f83cbbc129ddfd578b855430b78acf3d0e461238739cd64c8a5c9071fe132c10da3ac28085fc978b6a19ee1ca3313 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a70ef6e3cd856e1c0e0c1d524b758e00 |
| SHA1 | e13c956856610801ca579db36880e18daf9e2c51 |
| SHA256 | 057d55451cbd9dd44f71c50fa50fb0eb4257ad7c8e67a723372e2b120a61cb15 |
| SHA512 | cd2eb2126cb222f92fa73a0c0cf01e2ca5902f9e7b80df6212c36f27771984f31a61c43ddc38bc581d5da4eb1ad5d300bdb4f8f7f90629d9fdba2aee0c6f0a4e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 304b15ac50bc91409afda4da61cb0438 |
| SHA1 | 1821e520602eba505561cdbdafa61db837aa94a5 |
| SHA256 | e2dbdbd2fe07db511ddc36dd8a40c53558434899f4e9a682b2245b728edfa960 |
| SHA512 | 1f31ad7ac0a40bb8210b421bf41185d38f603d80f660079840092b62758431e3df358db6cd51723958317fb0e19f962ad7e1bb0d5015dbad79ec033d038ccd06 |
C:\note.txt
| MD5 | afa6955439b8d516721231029fb9ca1b |
| SHA1 | 087a043cc123c0c0df2ffadcf8e71e3ac86bbae9 |
| SHA256 | 8e9f20f6864c66576536c0b866c6ffdcf11397db67fe120e972e244c3c022270 |
| SHA512 | 5da21a31fbc4e8250dffed30f66b896bdf007ac91948140334fe36a3f010e1bac3e70a07e9f3eb9da8633189091fd5cadcabbaacd3e01da0fe7ae28a11b3dddf |