Analysis Overview
Threat Level: Likely malicious
The file https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwjSocKam5WIAxXQimgJHdyTIAIYABAAGgJ3Zg&co=1&ase=2&gclid=CjwKCAjw8rW2BhAgEiwAoRO5rG34iU46puXyFXESbQ3-8qUZ1_rlAzPtq2vh2xWAp7UvnpMcnkthQRoCRf0QAvD_BwE&ohost=www.google.com&cid=CAESVuD2oeZj0nWjHisg96RTaCMwg5iulzpUPoIFwLKjirzK1UyMk4GlSZ2x7VCJwUssw0p_CXkj8EuldKiaESnestFjfrT9RrwcjFp74c9ZkBz59HGj3H6x&sig=AOD64_0tQiEkT2HFDK1hmSX7QcxC9eTWBg&q&nis=4&adurl&ved=2ahUKEwjzz72am5WIAxWkTaQEHRz6JEcQ0Qx6BAgIEAE was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Loads dropped DLL
Executes dropped EXE
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Adds Run key to start application
Checks installed software on the system
Subvert Trust Controls: Mark-of-the-Web Bypass
Enumerates physical storage devices
Browser Information Discovery
System Location Discovery: System Language Discovery
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Enumerates system info in registry
NTFS ADS
Suspicious behavior: EnumeratesProcesses
Uses Volume Shadow Copy service COM API
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Checks SCSI registry key(s)
Modifies registry class
Suspicious use of WriteProcessMemory
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-27 12:51
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-27 12:51
Reported
2024-08-27 12:54
Platform
win11-20240802-en
Max time kernel
148s
Max time network
150s
Command Line
Signatures
Downloads MZ/PE file
Executes dropped EXE
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\Temp\{DA1A4B80-779E-4F9C-98FD-9DE3F7EB74DE}\.cr\4kvideodownloaderplus_1.8.5_x64_online.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\{efeb71da-4b7d-4471-a893-2c8eca651a01} = "\"C:\\ProgramData\\Package Cache\\{efeb71da-4b7d-4471-a893-2c8eca651a01}\\4kvideodownloaderplus_1.8.5_x64_online.exe\" /burn.runonce" | C:\Windows\Temp\{213C16EE-3130-406F-AE25-F9EB66D361F3}\.be\4kvideodownloaderplus_1.8.5_x64_online.exe | N/A |
Checks installed software on the system
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | N/A | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\4kvideodownloaderplus_1.8.5_x64_online.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\4kvideodownloaderplus_1.8.5_x64_online.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\Temp\{DA1A4B80-779E-4F9C-98FD-9DE3F7EB74DE}\.cr\4kvideodownloaderplus_1.8.5_x64_online.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\Temp\{213C16EE-3130-406F-AE25-F9EB66D361F3}\.be\4kvideodownloaderplus_1.8.5_x64_online.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters | C:\Windows\system32\vssvc.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters | C:\Windows\system32\vssvc.exe | N/A |
| Key created | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr | C:\Windows\system32\vssvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr\PartitionTableCache = 0000000004000000b63f186ec435d5ff0000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000c01200000000ffffffff000000002701010000080000b63f186e0000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d01200000000000020ed3a000000ffffffff000000000700010000680900b63f186e000000000000d012000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0ff3a0000000000000005000000ffffffff000000000700010000f87f1db63f186e000000000000f0ff3a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000b63f186e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\system32\vssvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr\SnapshotDataCache = 534e41505041525401000000700000008ec7416a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\system32\vssvc.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2227988167-2813779459-4240799794-1000\{66568D2B-C798-46FA-BB0B-093C8339D7D9} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Installer\Dependencies\{efeb71da-4b7d-4471-a893-2c8eca651a01} | C:\Windows\Temp\{213C16EE-3130-406F-AE25-F9EB66D361F3}\.be\4kvideodownloaderplus_1.8.5_x64_online.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\{efeb71da-4b7d-4471-a893-2c8eca651a01}\ = "{efeb71da-4b7d-4471-a893-2c8eca651a01}" | C:\Windows\Temp\{213C16EE-3130-406F-AE25-F9EB66D361F3}\.be\4kvideodownloaderplus_1.8.5_x64_online.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\{efeb71da-4b7d-4471-a893-2c8eca651a01}\Version = "1.8.5.116" | C:\Windows\Temp\{213C16EE-3130-406F-AE25-F9EB66D361F3}\.be\4kvideodownloaderplus_1.8.5_x64_online.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\{efeb71da-4b7d-4471-a893-2c8eca651a01}\DisplayName = "4K Video Downloader+" | C:\Windows\Temp\{213C16EE-3130-406F-AE25-F9EB66D361F3}\.be\4kvideodownloaderplus_1.8.5_x64_online.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\{efeb71da-4b7d-4471-a893-2c8eca651a01}\Dependents\{efeb71da-4b7d-4471-a893-2c8eca651a01} | C:\Windows\Temp\{213C16EE-3130-406F-AE25-F9EB66D361F3}\.be\4kvideodownloaderplus_1.8.5_x64_online.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\{efeb71da-4b7d-4471-a893-2c8eca651a01}\Dependents | C:\Windows\Temp\{213C16EE-3130-406F-AE25-F9EB66D361F3}\.be\4kvideodownloaderplus_1.8.5_x64_online.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 654801.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\4kvideodownloaderplus_1.8.5_x64_online.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeBackupPrivilege | N/A | C:\Windows\system32\vssvc.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\vssvc.exe | N/A |
| Token: SeAuditPrivilege | N/A | C:\Windows\system32\vssvc.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\system32\srtasks.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\srtasks.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\system32\srtasks.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\srtasks.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\system32\srtasks.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\srtasks.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\system32\srtasks.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\srtasks.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwjSocKam5WIAxXQimgJHdyTIAIYABAAGgJ3Zg&co=1&ase=2&gclid=CjwKCAjw8rW2BhAgEiwAoRO5rG34iU46puXyFXESbQ3-8qUZ1_rlAzPtq2vh2xWAp7UvnpMcnkthQRoCRf0QAvD_BwE&ohost=www.google.com&cid=CAESVuD2oeZj0nWjHisg96RTaCMwg5iulzpUPoIFwLKjirzK1UyMk4GlSZ2x7VCJwUssw0p_CXkj8EuldKiaESnestFjfrT9RrwcjFp74c9ZkBz59HGj3H6x&sig=AOD64_0tQiEkT2HFDK1hmSX7QcxC9eTWBg&q&nis=4&adurl&ved=2ahUKEwjzz72am5WIAxWkTaQEHRz6JEcQ0Qx6BAgIEAE
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffcfef63cb8,0x7ffcfef63cc8,0x7ffcfef63cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1960 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2532 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4900 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5792 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4828 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6540 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6120 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8780 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6088 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6780 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8540 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9280 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9468 /prefetch:8
C:\Users\Admin\Downloads\4kvideodownloaderplus_1.8.5_x64_online.exe
"C:\Users\Admin\Downloads\4kvideodownloaderplus_1.8.5_x64_online.exe"
C:\Windows\Temp\{DA1A4B80-779E-4F9C-98FD-9DE3F7EB74DE}\.cr\4kvideodownloaderplus_1.8.5_x64_online.exe
"C:\Windows\Temp\{DA1A4B80-779E-4F9C-98FD-9DE3F7EB74DE}\.cr\4kvideodownloaderplus_1.8.5_x64_online.exe" -burn.clean.room="C:\Users\Admin\Downloads\4kvideodownloaderplus_1.8.5_x64_online.exe" -burn.filehandle.attached=584 -burn.filehandle.self=592
C:\Windows\Temp\{213C16EE-3130-406F-AE25-F9EB66D361F3}\.be\4kvideodownloaderplus_1.8.5_x64_online.exe
"C:\Windows\Temp\{213C16EE-3130-406F-AE25-F9EB66D361F3}\.be\4kvideodownloaderplus_1.8.5_x64_online.exe" -q -burn.elevated BurnPipe.{BD788FE8-A5DC-4CCC-908E-289599B095A9} {8805B296-FCED-4558-8DB0-33AB3D68916B} 6828
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\srtasks.exe
C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:2
C:\ProgramData\Package Cache\1B9F1CBFDB480DCC694C23FB063A4CD527E73A4D\msi_analytics.exe
"C:\ProgramData\Package Cache\1B9F1CBFDB480DCC694C23FB063A4CD527E73A4D\msi_analytics.exe" --regkey "Software\4kdownload.com\4K Video Downloader+\Analytics" --an Wix --av 2 --ec "4K Video Downloader+" --ea "before-install" --el "x64" --af ""
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5156 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6708 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4936 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1952,18188577768916344321,13476572128162086021,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=4960 /prefetch:2
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004AC 0x00000000000004B4
Network
| Country | Destination | Domain | Proto |
| US | 151.101.193.91:443 | sc.sftcdn.net | tcp |
| US | 8.8.8.8:53 | softonic.com | udp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 199.232.209.91:443 | softonic.com | tcp |
| US | 199.232.209.91:443 | softonic.com | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 13.224.222.112:443 | sdk.privacy-center.org | tcp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| GB | 54.192.139.162:443 | c.amazon-adsystem.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 13.107.253.64:443 | www.clarity.ms | tcp |
| US | 8.8.8.8:53 | 91.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.209.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.139.192.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.222.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.253.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.39.156.108.in-addr.arpa | udp |
| US | 151.101.1.91:443 | di-images.sftcdn.net | udp |
| FR | 216.58.214.174:443 | syndicatedsearch.goog | tcp |
| US | 151.101.1.91:443 | di-images.sftcdn.net | udp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| GB | 54.192.139.162:443 | c.amazon-adsystem.com | tcp |
| GB | 18.172.148.233:443 | www.datadoghq-browser-agent.com | tcp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| GB | 108.156.39.35:443 | config.aps.amazon-adsystem.com | tcp |
| FR | 142.250.179.91:443 | storage.googleapis.com | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 172.67.74.232:443 | cdn.btmessage.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 151.101.1.91:443 | di-images.sftcdn.net | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| US | 204.79.197.237:443 | c.bing.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| IE | 63.32.216.206:443 | id.crwdcntrl.net | tcp |
| IE | 63.32.216.206:443 | id.crwdcntrl.net | tcp |
| FR | 216.58.214.174:443 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | brightcombid.marphezis.com | udp |
| US | 104.26.2.63:443 | wct.softonic.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs-simple.com | udp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 18.244.138.116:443 | aax.amazon-adsystem.com | tcp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| NL | 185.89.211.116:443 | ib.adnxs-simple.com | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| IE | 52.215.209.19:443 | ap.lijit.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| FR | 142.250.201.162:443 | partner.googleadservices.com | tcp |
| NL | 188.166.203.175:443 | brightcombid.marphezis.com | tcp |
| GB | 18.245.143.83:443 | tags.crwdcntrl.net | tcp |
| FR | 216.58.214.66:443 | ep1.adtrafficquality.google | tcp |
| IE | 52.214.206.94:443 | ad.360yield.com | tcp |
| DE | 162.19.138.120:443 | id5-sync.com | tcp |
| US | 172.64.152.89:443 | cdn-ima.33across.com | tcp |
| DE | 162.19.138.120:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | 162.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.241.63.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.206.214.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.152.64.172.in-addr.arpa | udp |
| NL | 188.166.203.175:443 | brightcombid.marphezis.com | tcp |
| FR | 216.58.214.66:443 | ep1.adtrafficquality.google | tcp |
| FR | 142.250.179.65:443 | 522f161509f239b18c218a6c8d9e9c87.safeframe.googlesyndication.com | tcp |
| IE | 52.215.209.19:443 | ap.lijit.com | tcp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| NL | 188.166.203.175:443 | brightcombid.marphezis.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| NL | 185.89.211.116:443 | secure.adnxs.com | tcp |
| IE | 54.228.205.114:443 | ad.360yield.com | tcp |
| NL | 185.89.211.116:443 | secure.adnxs.com | tcp |
| GB | 88.221.135.104:80 | apps.identrust.com | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 104.26.2.63:443 | wct.softonic.com | tcp |
| GB | 74.125.71.156:443 | stats.g.doubleclick.net | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| FR | 142.250.201.163:443 | www.google.co.uk | tcp |
| FR | 142.250.201.163:443 | www.google.co.uk | tcp |
| FR | 142.250.201.163:443 | www.google.co.uk | tcp |
| FR | 142.250.201.163:443 | www.google.co.uk | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| GB | 74.125.71.156:443 | stats.g.doubleclick.net | tcp |
| FR | 142.250.201.163:443 | www.google.co.uk | tcp |
| GB | 173.222.211.49:443 | qsearch-a.akamaihd.net | tcp |
| GB | 173.222.211.49:443 | qsearch-a.akamaihd.net | tcp |
| DE | 46.4.139.58:443 | s.richaudience.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 49.211.222.173.in-addr.arpa | udp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| IE | 52.94.220.185:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 108.138.233.27:443 | api.privacy-center.org | tcp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| DE | 157.90.211.246:443 | sync.richaudience.com | tcp |
| FR | 104.115.88.227:443 | ads.pubmatic.com | tcp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | 129.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.220.94.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.233.138.108.in-addr.arpa | udp |
| US | 151.101.65.108:443 | acdn.adnxs.com | tcp |
| US | 151.101.65.108:443 | acdn.adnxs.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 35.244.193.51:443 | lexicon.33across.com | tcp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| FR | 142.250.179.78:443 | ampcid.google.com | tcp |
| GB | 74.125.71.156:443 | stats.g.doubleclick.net | udp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| DK | 157.240.200.14:443 | connect.facebook.net | tcp |
| DE | 162.19.138.120:443 | id5-sync.com | tcp |
| FR | 142.250.201.163:443 | www.google.co.uk | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| DE | 162.19.138.120:443 | id5-sync.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| FR | 142.250.179.97:443 | ep2.adtrafficquality.google | tcp |
| FR | 142.250.74.227:443 | p4-a4axtrghxuese-o3jfsay6th2k74uc-if-v6exp3-v4.metric.gstatic.com | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | udp |
| FR | 142.250.74.227:443 | p4-a4axtrghxuese-o3jfsay6th2k74uc-if-v6exp3-v4.metric.gstatic.com | udp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| GB | 95.100.244.20:443 | contextual.media.net | tcp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | 20.244.100.95.in-addr.arpa | udp |
| US | 52.71.88.198:443 | sync.srv.stackadapt.com | tcp |
| US | 54.243.98.238:443 | api-2-0.spot.im | tcp |
| US | 67.202.105.24:443 | ssc-cms.33across.com | tcp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| FR | 149.202.238.100:443 | ssbsync.smartadserver.com | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| IE | 34.248.137.99:443 | match.prod.bidr.io | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 54.90.152.160:443 | cs-server-s2s.yellowblue.io | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| GB | 104.91.71.145:443 | player.aniview.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 172.111.38.111:443 | tracker.open-adsyield.com | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 192.132.33.68:443 | bttrack.com | tcp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| DE | 51.89.9.251:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | spl.zeotap.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| NL | 89.149.192.73:443 | rtb-csync.smartadserver.com | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 192.132.33.68:443 | bttrack.com | tcp |
| NL | 89.149.192.73:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 100.238.202.149.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.137.248.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.98.243.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.88.71.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.152.90.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.38.111.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 192.132.33.68:443 | bttrack.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| NL | 89.149.192.73:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| DE | 18.184.119.72:443 | match.sharethrough.com | tcp |
| IE | 63.35.37.71:443 | jadserve.postrelease.com | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 52.46.143.56:443 | s.amazon-adsystem.com | tcp |
| NL | 64.158.223.137:443 | equativ-match.dotomi.com | tcp |
| NL | 35.214.249.215:443 | csync.loopme.me | tcp |
| DE | 18.184.119.72:443 | match.sharethrough.com | tcp |
| US | 52.46.143.56:443 | s.amazon-adsystem.com | tcp |
| NL | 35.214.249.215:443 | csync.loopme.me | tcp |
| NL | 64.158.223.137:443 | equativ-match.dotomi.com | tcp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.37.35.63.in-addr.arpa | udp |
| US | 74.121.140.211:443 | sync.mathtag.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| US | 74.121.140.211:443 | sync.mathtag.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| FR | 154.54.250.80:443 | ads.stickyadstv.com | tcp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| US | 104.22.50.98:443 | spl.zeotap.com | tcp |
| FR | 142.250.201.162:443 | cm.g.doubleclick.net | tcp |
| FR | 142.250.201.162:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | www.softonic.com | udp |
| US | 8.8.8.8:53 | 56.143.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.223.158.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.140.121.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.249.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.50.22.104.in-addr.arpa | udp |
| US | 44.227.9.220:443 | www.4kdownload.com | tcp |
| US | 8.8.8.8:53 | 162.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| FR | 142.250.201.162:443 | cm.g.doubleclick.net | udp |
| GB | 23.214.129.249:443 | secure-assets.rubiconproject.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| US | 151.101.1.91:443 | articles-img.sftcdn.net | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| DE | 162.19.138.120:443 | id5-sync.com | tcp |
| US | 35.244.193.51:443 | lexicon.33across.com | udp |
| DE | 162.19.138.120:443 | id5-sync.com | tcp |
| GB | 18.245.143.7:443 | js.adscale.de | tcp |
| GB | 18.245.143.7:443 | js.adscale.de | tcp |
| NL | 185.172.149.104:443 | static.4kdownload.com | tcp |
| NL | 185.172.149.104:443 | static.4kdownload.com | tcp |
| NL | 185.172.149.104:443 | static.4kdownload.com | tcp |
| NL | 185.172.149.104:443 | static.4kdownload.com | tcp |
| NL | 185.172.149.104:443 | static.4kdownload.com | tcp |
| NL | 185.172.149.104:443 | static.4kdownload.com | tcp |
| DE | 178.63.248.57:443 | push-sdk.com | tcp |
| DE | 23.88.8.123:443 | push-sdk.com | tcp |
| US | 8.8.8.8:53 | 123.8.88.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| DE | 23.88.8.123:443 | push-sdk.com | tcp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| DE | 3.66.23.182:443 | ih.adscale.de | tcp |
| DE | 3.66.23.182:443 | ih.adscale.de | tcp |
| GB | 18.245.162.115:443 | script.tapfiliate.com | tcp |
| FR | 216.58.214.66:443 | googleads.g.doubleclick.net | udp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| DE | 23.88.8.123:443 | push-sdk.com | tcp |
| IE | 34.242.110.69:443 | frstre.com | tcp |
| US | 8.8.8.8:53 | 69.110.242.34.in-addr.arpa | udp |
| US | 67.202.105.24:443 | ssc-cms.33across.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| IE | 34.248.137.99:443 | match.prod.bidr.io | tcp |
| US | 52.71.88.198:443 | sync.srv.stackadapt.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| IE | 34.248.137.99:443 | match.prod.bidr.io | tcp |
| US | 52.71.88.198:443 | sync.srv.stackadapt.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 151.101.66.49:443 | sync-tm.everesttech.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| DE | 18.184.119.72:443 | match.sharethrough.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| NL | 93.123.17.254:443 | dl.4kdownload.com | tcp |
| NL | 93.123.17.254:443 | dl.4kdownload.com | tcp |
| GB | 54.192.137.11:443 | widget.trustpilot.com | tcp |
| NL | 93.123.17.254:443 | dl.4kdownload.com | tcp |
| US | 34.213.215.111:8018 | sa.openmedia.co | tcp |
| GB | 88.221.135.105:80 | e6.o.lencr.org | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| FR | 142.250.201.162:443 | googleads.g.doubleclick.net | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| NL | 185.89.211.116:443 | secure.adnxs.com | tcp |
| NL | 188.166.203.175:443 | brightcombid.marphezis.com | tcp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| IE | 54.194.124.85:443 | ap.lijit.com | tcp |
| IE | 34.250.95.85:443 | ad.360yield.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| NL | 185.89.211.116:443 | secure.adnxs.com | tcp |
| IE | 34.250.95.85:443 | ad.360yield.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| IE | 34.250.95.85:443 | ad.360yield.com | tcp |
| NL | 188.166.203.175:443 | brightcombid.marphezis.com | tcp |
| NL | 185.89.211.116:443 | secure.adnxs.com | tcp |
| IE | 54.194.124.85:443 | ap.lijit.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| GB | 95.101.143.182:443 | www.bing.com | tcp |
| GB | 95.101.143.182:443 | www.bing.com | tcp |
| GB | 95.101.143.182:443 | www.bing.com | tcp |
| GB | 95.101.143.182:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | bing.com | udp |
| GB | 95.101.143.183:443 | r.bing.com | tcp |
| GB | 95.101.143.210:443 | r.bing.com | tcp |
| GB | 95.101.143.183:443 | r.bing.com | tcp |
| US | 204.79.197.200:443 | bing.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| FR | 142.250.201.163:443 | www.google.co.uk | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| NL | 40.126.32.134:443 | login.microsoftonline.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e8115549491cca16e7bfdfec9db7f89a |
| SHA1 | d1eb5c8263cbe146cd88953bb9886c3aeb262742 |
| SHA256 | dfa9a8b54936607a5250bec0ed3e2a24f96f4929ca550115a91d0d5d68e4d08e |
| SHA512 | 851207c15de3531bd230baf02a8a96550b81649ccbdd44ad74875d97a700271ef96e8be6e1c95b2a0119561aee24729cb55c29eb0b3455473688ef9132ed7f54 |
\??\pipe\LOCAL\crashpad_5028_GMZRLQCBOVMSXNTV
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 3e2612636cf368bc811fdc8db09e037d |
| SHA1 | d69e34379f97e35083f4c4ea1249e6f1a5f51d56 |
| SHA256 | 2eecaacf3f2582e202689a16b0ac1715c628d32f54261671cf67ba6abbf6c9f9 |
| SHA512 | b3cc3bf967d014f522e6811448c4792eed730e72547f83eb4974e832e958deb7e7f4c3ce8e0ed6f9c110525d0b12f7fe7ab80a914c2fe492e1f2d321ef47f96d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c97183d91234d9a2795c7d935fadc898 |
| SHA1 | af953f633876c60e4da56fbea794e9b668a052f7 |
| SHA256 | 2baa83482e8591abf180bb385c9845f74c2b63c892593980d84b0d5e56dd6ba9 |
| SHA512 | 937edb7a325e86434c3a4af2ceb3e9593d320239c65b09a707fc59c9cda4b59faac71291c9b931159ebebf5516fa333433932984413e1b05da4f68c867e9d3ad |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
| MD5 | 2e7026b2c2819625ce53fba718a7a75f |
| SHA1 | c036e4dc352f6b3124115370042986fa8d738573 |
| SHA256 | a3db7bc5b01572574cedeecc39e68351b04fceb870046e52e70a34d413bf154a |
| SHA512 | c9b45f7e6fc188a2c04343078dbe49d84174920c0654c54f841b141b1b010d56de34c59372816f24524bee138e0bbd8ac500af391dd17cdbd4cfc73f028d82f2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
| MD5 | 9a65987303ff9bc2785b78203bfa10ad |
| SHA1 | 8683082508749f0e5ebde075d56ab33722ffe82f |
| SHA256 | 67f7b0ad5a72d3043a6ad6b9d38e6f70335fa5e0b6d75059e65c61d6367ca4c0 |
| SHA512 | 1cbb1662dda538ea63c515fe12950a48a798da97a8923db30dc9a8f9458b62c660890887c3ccfa1f614b40ffb092d40aaedd84ae134b844164d6a99e45390d36 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 043e0b9cd03cd9e7e70d52caacad86c1 |
| SHA1 | 5100eab8228b1eaf7dcd3ff63a2a20ba2e5fc2e0 |
| SHA256 | 846705df5fed4c41668f90ac5944da974ce635971222f2fd6600a29584547908 |
| SHA512 | 12a03e60af31565643e9f617c8f5d0295f5adea64aa3a97079a9056a762c2ba629d508227041a40723d2099667d6fe18c07226261439a0bf1ff93de0b022ae22 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bcf8558994d0190ebe8d1390022ae56e |
| SHA1 | 10818dc0849317c378a9428c8b256f008e2e0674 |
| SHA256 | 819ffff79c32a616c7bf6c11a3c343d4fd1f49c9455f52d522d7f30cbb1a5c63 |
| SHA512 | 0b27a6b08cc5516e1ddd611ee2beeab4719545d37ccffbabca32337c9ab157cd0afa378bb5f214172620f8c5c51fb387568b18966687ddd1018da9201b3b28bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e
| MD5 | 2257803a7e34c3abd90ec6d41fd76a5a |
| SHA1 | f7a32e6635d8513f74bd225f55d867ea56ae4803 |
| SHA256 | af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174 |
| SHA512 | e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3ffb08b716a0c83a807bb8466b8e535b |
| SHA1 | 768b284622bc4e6e25ae958493f214b14ac9be38 |
| SHA256 | bb4be9449d24ec9ccbf3e2ce5f4a9b564036e7dba343d0ce81fa25dac210e5e9 |
| SHA512 | 6b53cdb1b67fd61117ec74c15cac8b5f0a2c7de6c4942fcb73214049c86b039a2f85734511b6e380743dc658aa334563f798f3acc8e36eade57d5ead6b000ca3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57cdef.TMP
| MD5 | 762b0d9bcb0bb8843a902ea923f32c92 |
| SHA1 | 2036ed3cc9c87de8c52012c238aeb021cf20544d |
| SHA256 | 229650db872b4f1b31e3519205ef1e68d1bd9f20343ef1fb523a30bf3838cc2e |
| SHA512 | 4a1ed4b2689e9422389e45bcf4b93dafecc2f12911aacdbca483968b0cb5a007391bc2701e6a5c9cf7a6fe3eb16f83a5b467821ce5e23d610f3f53e742a74358 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e
| MD5 | e93848e7f29b9126e8c2ed6b0bc630a7 |
| SHA1 | 10c9807e351a13104c0ee913fe7002f6324199d6 |
| SHA256 | 4e857dc011248d1ccd8fcf8972714cccc44d7045e0b9dcc18e663b2d754e4bc6 |
| SHA512 | 54c9b845fef1dacf236f88e7a7de0d1b36a4a4bd20eb926d81ccb6a3f8e7ff78c04ea24fe757c677a2007249713dde30dbb18edefad38d0ad6888d61aa14fca7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036
| MD5 | 8eff0b8045fd1959e117f85654ae7770 |
| SHA1 | 227fee13ceb7c410b5c0bb8000258b6643cb6255 |
| SHA256 | 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571 |
| SHA512 | 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037
| MD5 | c83e4437a53d7f849f9d32df3d6b68f3 |
| SHA1 | fabea5ad92ed3e2431659b02e7624df30d0c6bbc |
| SHA256 | d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb |
| SHA512 | c2ca1630f7229dd2dec37e0722f769dd94fd115eefa8eeba40f9bb09e4fdab7cc7d15f3deea23f50911feae22bae96341a5baca20b59c7982caf7a91a51e152f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f
| MD5 | 681684b98337ff2d590ec8145f8f95d4 |
| SHA1 | a3d12dd3e20be6520c06bda3c188ab58478370e6 |
| SHA256 | 6ed6c1fd7cf2572a27b0de9b5797bda243394eef1cce39c5583b9aa8e9b6ca26 |
| SHA512 | 0743b836ce01b920723eb59e79ceffe2a068ec1dfb55523ac7850ebd9c432788677f0327c9ce8b27aa60d9d8e9294b08bdda53c20651f38f1cb0be073a859a2c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | 67e30bbc30fa4e58ef6c33781b4e835c |
| SHA1 | 18125beb2b3f1a747f39ed999ff0edd5a52980ee |
| SHA256 | 1572e2beb45d2de9d63a7e7fe03c307d175b2b232bad2e763623dceb747729ba |
| SHA512 | 271d4a65d25b0a5d2ff2fe8f3925fc165d9b4345893abfd919061d78ffc5ffe8890ded35e41274ad8b860f06264b027cfea6030ec9411a4e03bc6d7cb4d4d228 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | 19a3928e66f3d99256821c74031e1947 |
| SHA1 | 08a85904578fd955c4b5d14d8aacfc47099bd35e |
| SHA256 | 77d1e5595cb083b74750469dfd43e97c099def538e8dbf01b74d6aeb7b283ffc |
| SHA512 | 16ae3675b5433081db6d7841bf7cc226c04e096b0751a6ada8028aef4ac41e87cf67e2d047f76df1fa487efa14b69858236210804a149df4c9c878f85e44752d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | e108cc3d1cf6dd5675e64f40ce87fa10 |
| SHA1 | 6fb4b6b9aba31ef89135c0f8d88ce83f8bc77e57 |
| SHA256 | dd2a649fd2ea6bd6af87a03b9d3c349e2c4945890ea6773ccb59943da5bc0222 |
| SHA512 | e4b61694779d95b8c784d49cedaf4cb735122f295a2bcdcda55a61180dd1d6cfa5d18512bb1190eb01d28fb3bb12f6ff95850ce7ddb6a89b419ee8ab13fd59e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | 5072a6ef7d0e660d70d2666a29f9f40c |
| SHA1 | 4083c4b29008491236104e1bd4fcd7c20d5b1969 |
| SHA256 | 2ad270b2b00a19d543083eeeb243c3302c1687e2de25d96c71fbee1664b3eaa4 |
| SHA512 | ed0bd2811cc58b560354c3cf8158b7203b761e47d793bea3d00466f4d10a515b65ea947f88a9b08efb076d51a45e5b8986a528a3921851761306b901f60a81a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 4c1ffe713b793bf90d79c2f32a4129cf |
| SHA1 | e6113904135d4e92c94dbbfa70c8dba8a17439e8 |
| SHA256 | aa0f62854f993a49a676956c84e24c6564acdf1031aba68c5fb5f9f1d3a7ab80 |
| SHA512 | f4bb906bf8183f63b2a2db5aa8b22ef7c5e6082c0384b73f909c8709980096c845d5e468e61a8a2b5fbaab8ee071694b6afe1be60a930c71c8567dc219d4afd0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | ea38b36b69f8ff5c455637737115221e |
| SHA1 | 3d5276103c751b9f6d8b608f42254330869e7230 |
| SHA256 | b07df4a10ed3c583a76621db79ca5764ded16e8a6873723188e6bb0bdb5127a3 |
| SHA512 | 0fa6f23911dfb5d0d39521dd179e055bec4202585c52f20c7d8ac672a2c9cc4ba7e25d0e1c3a37ca52cbff2bd626e51667e32af4cff3377ded302402cf070d43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | 7651b1187bb58ac4c7be625337b35e5b |
| SHA1 | 307d969ef4137a66fe2793737dc1c546587c7f43 |
| SHA256 | 0632850d01a46bc2f8c223155a4bf6c398b33596bb711e098440623f118c3968 |
| SHA512 | a81d2f768af155bdc642941404e7ddf95a2cea33c9374acb5fe32f6f5266e337fbef32f904551f61fcc9f9ab5a1c6a5ad130ab85b38bc2258e2f82c0ca1e9c7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
| MD5 | bfd9a9963f8b1fc86c4075a7d4eb3905 |
| SHA1 | a9aa1b77df53e2728edd839acac685b1ffe62287 |
| SHA256 | 5fb423c3ce2463404c10f01552dd72629f88806e557381b3945fdeeb0f686423 |
| SHA512 | b93a25ece5c72f28cbd20483b693cabe1fb9b86cc3682b2b1246fdad22333b470fbcda090e3dff42720185192a05a03ca341082d6b60d5cdca3b9ac2273bc31c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | d6c2839990a382e7d8ecc7a6eba5c743 |
| SHA1 | 63c3b8976aefee0378796e7a7c41de783ab4f06d |
| SHA256 | 8e287c97289fbc126d17879c303e2fa7c1bbd37854afa5ee003b63ccfc3ca481 |
| SHA512 | 3297ca91769e30b073a3362cf181814120e5b518e936e32799919c9bd501e99bf01d4c0699e8bef2c42af967420d61f61fdee47e1f4cd5a09764b2be20a56010 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
| MD5 | 29cebe17a7b69c1f1d5b2670285a2a66 |
| SHA1 | 33e37cc197d725d832544ff82615ffdb2da014c2 |
| SHA256 | 51e2b52df407f06c21afc0a8c28a2be5322e93f69497ec7d69e7cc7fd07839cc |
| SHA512 | 4e28b8c4de489f1794e97752cacc2691a164f03efc19b686e030a24c767f37967b22e858eeae7b6a5499d12a20aa600be8c324b9b6d5e027adc44b23b2bc9461 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
| MD5 | 592a193443e50c2fee58aa2fdc26a324 |
| SHA1 | 4cd3a50beb62547bc7f1de816ae480a071bb8db5 |
| SHA256 | e1f6bcee8bda99ee1e162e9ac53af2bd1510e14bee56a8c01391fc64c756ec41 |
| SHA512 | 12d7a6f40d948d9289115f9cac584febf4a6c4a222c255e68704dd2ec50023091211ac9ac86623d16bf9de06dfcc391fcc6c1df41dd89332431d69fbca86673e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010
| MD5 | a85641dbbc2e737f08a83875d8e7706e |
| SHA1 | 6e4acbef413babea2733c3c689ccfd7788e2091e |
| SHA256 | c274acf372114f67c76a61b7df530b657e371997ba617b000363342c0abaf3db |
| SHA512 | 9b967a390c47d29be598ea89691f9944927ce2335bd4f296402055b9432941707e2a22672e55d5d6684adf0f2e46506749585b51c53b05631e316065af3916c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
| MD5 | 70cd9e8a26b7fd9cce37b1fcf45e8ff5 |
| SHA1 | 75ca118e8717576ad26affbef5effd063389a2f2 |
| SHA256 | 1f71111a8391727fc1c8f8d2dbc89ac61083f4ca88dda8bfe7c1c7af6427c5ac |
| SHA512 | b09007f94b7a37dd638ac2a2a9adec4e7e7f1e0854073cf7454005387a25ae828d0e6e1f04fac1735e4be20ac764ff43b62bad303525afab7b338ed5f4f94c64 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 27eb4e5359ab9fda9c210ea180a5a628 |
| SHA1 | 2513daa5299a99d71438b917b2a3bf4b109344fd |
| SHA256 | 4958106ed7294de973a9e2fa5f30c960f73f48fde72781dc8755a6daa3b3b796 |
| SHA512 | a2ee3c6b842eb220d599a67d12a1617b8931afd000e8139ad6074dd937c8b6d6b1b23739a734ab59b5b29287ef8ccbaa94dac8d9529be0978cf7f9b9ba914da8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018
| MD5 | 7846cc807df882429656a0d2dfdf8b66 |
| SHA1 | 1745b6a86d67bb5112142166c4b9779b56c34758 |
| SHA256 | 95fc7477e77b4b79f470ebcdceea3846bb44b8eca0bf95c0c6ce6c6bad80176b |
| SHA512 | 42c79cc34e41efe8da9e3ef8a8ba35fee12cde198ebfd17c8d5ef5f3e99eaf284e0d17dbc099563d384d5333c443c8336c7b5b09c5e9cda7717e92bbb7da93fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
| MD5 | 97a3bed6457d042c94c28ed74ec2d887 |
| SHA1 | 02ce7a6171fb1261fde13a8c7cbb58992e9d5299 |
| SHA256 | ae56cf83207570afbb8a6ab7cbc4128b37f859cb6f55661e69e97a3314c02f67 |
| SHA512 | 6c8cf955ec73ad9d97bbb36c7ce723bfa58c9aef849aa775ee64ce15afa70afb40e8cd45989dadec420d2e8edda9ec0f05cc76a0602df0b6c4e5d45de0f4ce7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c82274529552445a4c43e5f615645d85 |
| SHA1 | 5b58222a43a6f06bfb6d21ba2a7865ad10fb7827 |
| SHA256 | e6ae0079b4f263f2b84d33d39b127b645b5cd32b165b1132a703bf56a58c73a8 |
| SHA512 | 9cd82fb9559928afa777d46a894bfd7341975cbfa355ca665fd50513669c4d5ccf4dbe012ab67b2cf14e3809611b7f1db23dde7d9fbd336a2d2e86999585a7e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | f63e56ec82507fa448d137d06cbc4272 |
| SHA1 | 5485ee7a2ff9368c7f380a215b93adc15eed542a |
| SHA256 | 0038efbc659769d0c93e78070a844b9068e98826c7cdcfb80981ef49a829f9dd |
| SHA512 | 6c4108da2c95d8ebf90add765f3ce1fd5a81155cec952744aed283507c1ecf5cb41de5fed6cd5b451241ae6fed5277d1216ce6ad3b9468cfc9cc48c52cc2220d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016
| MD5 | 79cf44db94eb465700d65a45a527b379 |
| SHA1 | a9ea6a3d2b3a3a61bf80caa643b077dc7fc10787 |
| SHA256 | 78996e6ffff1656b85b4b50393b4a9f1133550694f87e66f9c2b937bc7dd2c4e |
| SHA512 | 7a2edf730c401e21b69b86528489adf587f4b830ceba0af2834bc7c69937e754c0a3e18ee9a174910391846a94394fc87bf927fb101fe899275bf072c804a519 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | b1c9b4614e5bdd3c01840291a460d30a |
| SHA1 | aa90709d680f481a7ae16aab2bceab65613733a2 |
| SHA256 | 4b6efc87cc0da37f9a510f963df1dac2ebc392f93996346d9ba8fd1dd4636e77 |
| SHA512 | c105d5ffd554542038b03c4afac16a7a04193eb96e23e5416f35f158b6bb121eb10c4bcd3d53ae8f07df25f403b93be9de41311adf6f23a06f9054a4a4d63f69 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017
| MD5 | 7079ad47d945017a7842cce44651d6ab |
| SHA1 | 06fda9a4c5fe471952f788f777be0fa7f488161f |
| SHA256 | 276e4ca8a15c5f3e22990633c1d7d22a629f61e033dd74a0a8a74309ad2790e3 |
| SHA512 | 52e20005856654cd4d40cfb7afc5f0d83ff1a3e575c77a33a9338244217cb26ed623bb50649a719dae6d193c2c91d77021fc5522e4b7e0bbef94b5e66df605d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d
| MD5 | 9708e5224c10eb91f435950128a72070 |
| SHA1 | cc66f87dad487f1db80dc78942a7016d26725ae9 |
| SHA256 | 834c60d1648bb2b2c84ab278eb0690ffdbd6f9dfa393d561eb38aa026dbdef8d |
| SHA512 | 8a7a126e028f6def7f03d4fc69831c2bccabebc48b7d97b816eb263a817934b8db1beb9baf1763ec7421640ef594e0a7fb65ef21cbfdadd90c3c88332f4022c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030
| MD5 | c594a826934b9505d591d0f7a7df80b7 |
| SHA1 | c04b8637e686f71f3fc46a29a86346ba9b04ae18 |
| SHA256 | e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610 |
| SHA512 | 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2c20c64d444c6329_0
| MD5 | 7c2bb35a05a0ad6d84e5bac595178776 |
| SHA1 | 6c3affb0c608b5a55f48138839d6a87abe8c0b6c |
| SHA256 | 5d4d2fcfcd74110be8b961d053ce9564620794f1b34750af1df2971a08bd562a |
| SHA512 | a3b8c7a5f5079b4a5a314908eb517b13d742caf53221af560b4bb591dd6e5f5aa63172c6ec59836a3ad477a2ed79cf15286b6608e946687f318761140bb39fac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9bff5583eae22165_0
| MD5 | 3759cc7ff3e657da65bb79c37d456df0 |
| SHA1 | 8988b6e587eef1a318c921c187eddae1471626f0 |
| SHA256 | 7f5b185e32bf794c45eab71fa895098825a0e9ad4faa063b603d6a8e7c504be1 |
| SHA512 | 680955322dcab207675ec22809e7a4f6c0ea810f3031e1776683b61b23d0082392192240e4c71dd171f11b5cb20ff695dbaea6fa3c5a337087fbe18b3046de5e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b
| MD5 | 9c6b5ce6b3452e98573e6409c34dd73c |
| SHA1 | de607fadef62e36945a409a838eb8fc36d819b42 |
| SHA256 | cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc |
| SHA512 | 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 74ba8acae62956ca4df948c763c0205b |
| SHA1 | d33c5fa170453d414b2f80a55a97712ee74a3d94 |
| SHA256 | 70e001070ebeb7cf49ae51eef91ed01000f2a745a6fb1a440d06bf084e5fea90 |
| SHA512 | fda3745c24e2613bb037b74017f4983c3f3280f8d0196d476d73f9bb16110997be5794f353ad99c5c5af62a978605cba12ec02d5458d292fc86ce66185b08659 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8e2507e4be625cec492258883b199091 |
| SHA1 | 521964bac3bcaa41c69525551761fb743cb27a17 |
| SHA256 | f7a6c3fea386722528691749fb7bd1acbd8cf1ab25fb398688fc484be39b819c |
| SHA512 | c552667436814144925a424e7e458e82ae5fa04e2de2a030e3c7698a1cc2d458d65c7b0e4b5282499d0edc92eafc3ad4f9a3925c8557ba554afa707b371e8fa5 |
C:\Users\Admin\Downloads\Unconfirmed 654801.crdownload
| MD5 | c4dc6e0553abe19480e18a623fd0ed16 |
| SHA1 | 5e09cd0c63f0722cd61b9e6a088e838210584f47 |
| SHA256 | 6f108a32d56aadf46556fecb32ddd550b34366a93d240ce392244e2bacf8b47a |
| SHA512 | ad079eb6e8a68391084481e63909316fb9e7c73fd7834ad932b0fd9788893ff46cd34931bd8c69ac4391be9ff8cf2df02cc86b6a3428eb3a54d8f3a6199b1040 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e5b00dc43aafa9d19d8bfa7ef50ea8a3 |
| SHA1 | 44f2e3be1b33564c04b68873555326a24cb2ca43 |
| SHA256 | 459b3a3cf027afd5a3b47b5addda3ca89082113864d0ffce2cb0455d03ffecc1 |
| SHA512 | b364795fb2d8a963fb25709ccc63f060c93d90459b7bc4e55e57d30a51bcc79d788975c0caaf70674fbb00d30f003850b4787acff60109a038a23a4bf0c7de08 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ec62cb18bb8cafa84f8e1b3654230b15 |
| SHA1 | 258254157f214025093b8f67db325b42526d3262 |
| SHA256 | e1ad27b99d58cd0e93e4d63f2c92cd7f9ed83e2ad0ddfb422119cc907369eb72 |
| SHA512 | a066042044c77de583da32fa56cca83bfcb2fa55e23b44c364d278f18eea5e6da415ac3a01f0add3af7a48da1a28fc2c678d0286e1c0983caf5a2ae58f6fdbb2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ea5d3984f86bbd143e395ab846a1bb18 |
| SHA1 | 72dfdebabc0e630a541771d936fbabea5cf45e0b |
| SHA256 | ee78b94f639e3a2a071fbcb48f62922b539e196b6deb6d2ad004c7cb72da33ce |
| SHA512 | 26128bdd4d7c669605d904ee69aa95bad8699c9223b24f290325487211b9c045135d1e551d53867e6ba5bb0d60a25b95a8ca6e921f82ae957b61a5e1c545d6aa |
C:\Windows\Temp\{213C16EE-3130-406F-AE25-F9EB66D361F3}\.ba\logo.png
| MD5 | 0bf1911014ac159acc884ef38dd37d2e |
| SHA1 | e36be8cdf1cd4c1145c0e572cd6f1b747ffdb8e7 |
| SHA256 | 37fecc5656210a96ef13153d4941c564143a172ef762a81116093cbbd6bf503a |
| SHA512 | 5a0bf6fab4b1fdfe7077aa37e533522df0d17d62faf6eee7e81ddd883f9a7290c4cc3b94b2581992aec5ca6ac0a39e4d3c45037cf13a85d302080d2c80bd428a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 087a99468d63e9ae661aab62934b9114 |
| SHA1 | cbe6c0d133f4213a0c43dbcff294b743df0e8cd0 |
| SHA256 | ae8ac365881ed594acb0b98e1f51e66946309d807bdec5910c975e6aa49c869f |
| SHA512 | 1544d5770b64dd57a10c64054b588e6f36cdff73816b972d51cd4b152b63aca52bc23737defcf0df42216bae6ae8de8a78749d4599b4b5a0351dc51192a552b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c4386ae3b95f9c916c39f239c2bf366c |
| SHA1 | 548cdbea87c4adda3a7aa2f6bd3f77de40102102 |
| SHA256 | 6b2b9c51baa1403e857dbae738b040018aed3159d4090fd659aa82f6123a1d2b |
| SHA512 | 6cb613aaa6984b6fbd47f278c6e56315a4f01de687703de1db9323d77458c7e70ea0c23b3e86e7bd59297faaa683c9511d54b2e46abf996033e147b17fdb3b97 |
C:\Windows\Temp\{213C16EE-3130-406F-AE25-F9EB66D361F3}\.be\4kvideodownloaderplus_1.8.5_x64_online.exe
| MD5 | 29c60670558fe72372fc97433e62e344 |
| SHA1 | 5913dfdd13df3163158b154db2a3ea1afd745121 |
| SHA256 | 2ea10014606de5a86740472c7d105fac97baa97ee2dbedc20c9681b8d901dc80 |
| SHA512 | 9ee4327e53eec434b6b44e60c59b606ae2f8fbfe47c2b3148312fb3c02abc5739dff7031c5a9b79864990c265a2ce83cd32552a80b280eb515fce10b06176c45 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a
| MD5 | a4da976dde535a4f11ff4c9d57a8a56c |
| SHA1 | fc4c29049db6d81135507dc3736cb638340f55aa |
| SHA256 | 6b85680498d0061e6b748f0fd9c904c74eb9f265f7d6ff6b33a37a0656164bf9 |
| SHA512 | e3db7eb080a2c927ec3a223d16d818cc76f9da51525a91b8eb3cc9e15106e2939ef6d550121b8cdf76d38c001971662d833d70a269ccf35d36278d25cf42aa18 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039
| MD5 | c0b6bb8bf06770448a0226486a3fa5c5 |
| SHA1 | 11324fc181adb507aae8bd8f06018dd0980f4cf2 |
| SHA256 | 51b8e76e663104d57b8772579bdd2803c2f0d92e9420f576729e0147d383530b |
| SHA512 | 4e47255d0cc444f87e367f61a245d83aacb82a911ca0045a25e3aa4ce9bd9c000a4e0d80092b57662cd3c054c3677c0848b5c23afb466ca9b70357ed27b7a097 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ae28b7c6de21019eaa63e5f5c361d872 |
| SHA1 | f89e10d3f5c7aebd1a16c90dd3d8581073fdae1c |
| SHA256 | 4d84486d1c4849687889d38ed976b5b4a5fb8281d0c956c7baad29665704f86e |
| SHA512 | 97493b53daedad619925c2aaec2f67fde37b90cbe2c29c3d06d66b6bc2be491f784b17f24135c5c90b43bb7a0393f22fbf51e26f0943a862a5f9c78dbd6bde41 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2f416a3a5a2ce65a076dcfc03ff255cb |
| SHA1 | 9ae40fbb7d168f211d03cddd853bc2fb0b17daaf |
| SHA256 | 0a78193dbf37143042900415e7abdb9ca443fac1009dc05fa1716037b24adcb0 |
| SHA512 | e2b309a1472ff72f690ffb215197dfe2b51dc3120f6ba4849d50c5171741fe2060493adc9823a29f55f60af7d779b4ecca27171e33bbf001952f4fff9f62a9a5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 46932e572f660c5ef8cc0d8533bcd04e |
| SHA1 | b4304f70613b3202589e187d0bbc3ef61de566b4 |
| SHA256 | 5d98083fb8986e6edf8de09026b18d6d53fd5cd59b02e9fe28c432cb4d9785be |
| SHA512 | a64f9e80b9512f222533e18837f1e2989f4b400eef560c31c119b1c80b3190ca7e10e513aeda01f1ff466aec8452061e3b1082297e24f603824207da9c8252fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 4538df11ba23a07865b2a4c98f31bd61 |
| SHA1 | eabac4b510f70b35e1ecabcfa04f274a88734698 |
| SHA256 | c6c1fc7d43d914f90b32b5d87bfd7a11c36504b175a51aea012691dbab79b8dd |
| SHA512 | 397142c2ef3e54d0129713ec123c38b3bae08f2c065dc101d7c3b1af84ac784e68d0b29745c2b1205a2a35ba0ade8771cf24684f74ee393e39826c615c4a06f7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f2224012e63c5816705929508a590a96 |
| SHA1 | 3ee4f2a2c6368b357e2246f30c3fd29fd540822d |
| SHA256 | 32642cfad58c5f07ecd234d905dfe49a1f2fd2654543e2c8a2c4f93872b9a045 |
| SHA512 | ca006b622b83ca7d888c9d3545075b17a433af9520e00943fcb84918a43dc161b42844e1860579ac0acd750ae3d078620079dae6c0e7b2a34776837643dbc392 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1e97106d66f47a521e9a8f02e5718658 |
| SHA1 | 8d2f91861972995b1a937ec9c6b41ee47b928a68 |
| SHA256 | 9e5b27ffd2592c9fcdb08c3110b4bcba8ee09e825a55e805fe3b5f93fc6653de |
| SHA512 | e9ffccb181bf34e6833526a55f0c6824729ed64ded9006774b2789be5442c434fc6a3d049794dd790e8e347ff6cb552de6344dea20e76523f890708e7884f0b0 |