Analysis Overview
Threat Level: Shows suspicious behavior
The file https://pastelink.net/ndnztegi was found to be: Shows suspicious behavior.
Malicious Activity Summary
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Probable phishing domain
Browser Information Discovery
Suspicious behavior: AddClipboardFormatListener
Suspicious use of SendNotifyMessage
NTFS ADS
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-27 16:38
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-27 16:38
Reported
2024-08-27 16:43
Platform
win11-20240802-en
Max time kernel
257s
Max time network
303s
Command Line
Signatures
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | N/A | N/A |
Probable phishing domain
| Description | Indicator | Process | Target |
| HTTP URL | https://upfiles.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8b9d7e223f0562ce | N/A | N/A |
| HTTP URL | https://plknu.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8b9d7e4ebec36a61 | N/A | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\004-TO-006-AUG-19TH-2024.txt:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\004to006-AUG-19th-2024.rar:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeRestorePrivilege | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: 35 | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: 33 | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| Token: 33 | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| Token: 33 | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://pastelink.net/ndnztegi
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffda48f3cb8,0x7ffda48f3cc8,0x7ffda48f3cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1904 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2316 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2548 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5144 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5980 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6616 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8172 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8144 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9644 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7892 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3804 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5804 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5852 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5804 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9040 /prefetch:8
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\004-TO-006-AUG-19TH-2024.txt
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11172 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4760 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6900 /prefetch:2
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1884,3271471540274651287,17106318175683237297,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5092 /prefetch:8
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\004to006-AUG-19th-2024\" -spe -an -ai#7zMap5408:106:7zEvent24836
C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Downloads\004to006-AUG-19th-2024\004-AUG-19TH.mp4"
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004E0 0x00000000000004CC
C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Downloads\004to006-AUG-19th-2024\005-AUG-19TH.mp4"
C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Downloads\004to006-AUG-19th-2024\006-AUG-19TH.mp4"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | pastelink.net | udp |
| GB | 88.208.215.108:443 | pastelink.net | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 240.143.123.92.in-addr.arpa | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| GB | 159.65.211.77:443 | cdn4.buysellads.net | tcp |
| GB | 173.222.211.8:80 | apps.identrust.com | tcp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 174.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.215.58.216.in-addr.arpa | udp |
| FR | 172.217.20.206:443 | fundingchoicesmessages.google.com | tcp |
| FR | 172.217.20.206:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | ads.servenobid.com | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | pbjs.e-planning.net | udp |
| US | 8.8.8.8:53 | rt.marphezis.com | udp |
| US | 8.8.8.8:53 | exchange.cootlogix.com | udp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| NL | 81.17.55.113:443 | prg.smartadserver.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| DE | 37.252.171.52:443 | ib.adnxs.com | tcp |
| IE | 52.210.109.232:443 | ads.servenobid.com | tcp |
| GB | 159.65.211.77:443 | srv.buysellads.com | tcp |
| NL | 193.3.178.4:443 | pbjs.e-planning.net | tcp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| NL | 188.166.203.175:443 | rt.marphezis.com | tcp |
| US | 137.184.76.2:443 | exchange.cootlogix.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| US | 172.64.153.78:443 | mp.4dex.io | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 112.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.76.184.137.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.153.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.34.241.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.230.164.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| FR | 216.58.214.66:443 | ep1.adtrafficquality.google | tcp |
| FR | 142.250.179.65:443 | 732ed511a0dbc98c1a1cb65228e18592.safeframe.googlesyndication.com | tcp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| FR | 142.250.179.97:443 | ep2.adtrafficquality.google | tcp |
| NL | 81.17.55.113:443 | prg.smartadserver.com | tcp |
| NL | 81.17.55.113:443 | prg.smartadserver.com | tcp |
| NL | 81.17.55.113:443 | prg.smartadserver.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | udp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| FR | 178.250.7.2:443 | static.criteo.net | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 216.58.214.161:443 | cdn.ampproject.org | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| GB | 95.100.244.20:443 | contextual.media.net | tcp |
| GB | 2.18.190.141:443 | hb.trustedstack.com | tcp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| US | 151.101.1.108:443 | acdn.adnxs.com | tcp |
| US | 159.223.152.254:443 | sync.cootlogix.com | tcp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| FR | 216.58.214.162:443 | googleads.g.doubleclick.net | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| SE | 108.157.229.103:443 | public.servenobid.com | tcp |
| SE | 108.157.214.74:443 | eu-west-1-cs-rtb.openwebmp.com | tcp |
| US | 104.17.44.93:443 | gum.aidemsrv.com | tcp |
| GB | 23.214.129.249:443 | secure-assets.rubiconproject.com | tcp |
| US | 35.168.53.250:443 | cs-server-s2s.yellowblue.io | tcp |
| FR | 216.58.214.162:443 | googleads.g.doubleclick.net | udp |
| US | 67.202.105.24:443 | pixel.33across.com | tcp |
| GB | 92.123.143.216:443 | player.aniview.com | tcp |
| NL | 89.149.193.85:443 | ssbsync.smartadserver.com | tcp |
| NL | 185.89.210.141:443 | secure.adnxs.com | tcp |
| NL | 185.89.210.141:443 | secure.adnxs.com | tcp |
| US | 54.243.98.238:443 | api-2-0.spot.im | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| DE | 162.55.236.225:443 | sync.richaudience.com | tcp |
| IE | 52.212.66.79:443 | match.prod.bidr.io | tcp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| IE | 52.210.249.45:443 | g2.gumgum.com | tcp |
| US | 67.202.105.23:443 | pixel.33across.com | tcp |
| NL | 89.149.193.85:443 | ssbsync.smartadserver.com | tcp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | tcp |
| GB | 23.214.129.249:443 | secure-assets.rubiconproject.com | tcp |
| US | 35.168.53.250:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 172.64.145.29:443 | cdn.dxkulture.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 69.166.1.35:443 | sync.go.sonobi.com | tcp |
| IE | 54.75.158.40:443 | ce.lijit.com | tcp |
| NL | 145.40.97.77:443 | prebid.a-mo.net | tcp |
| US | 54.209.247.102:443 | ssp.disqus.com | tcp |
| DE | 18.184.119.72:443 | match.sharethrough.com | tcp |
| IE | 18.203.117.181:443 | ap.lijit.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| GB | 95.100.244.20:443 | contextual.media.net | tcp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.236.55.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.66.212.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.193.197.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 45.249.210.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.145.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.1.166.69.in-addr.arpa | udp |
| US | 64.74.236.63:443 | b1sync.zemanta.com | tcp |
| US | 64.74.236.63:443 | b1sync.zemanta.com | tcp |
| US | 34.96.71.22:443 | s.company-target.com | tcp |
| NL | 35.214.249.215:443 | csync.loopme.me | tcp |
| DK | 37.157.3.26:443 | c1.adform.net | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 54.204.207.243:443 | sync.srv.stackadapt.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 172.67.71.221:443 | upfiles.com | tcp |
| US | 172.67.71.221:443 | upfiles.com | tcp |
| US | 172.111.38.54:443 | tracker.open-adsyield.com | tcp |
| DK | 37.157.3.26:443 | c1.adform.net | tcp |
| IE | 54.171.130.238:443 | jadserve.postrelease.com | tcp |
| FR | 172.217.20.162:443 | cm.g.doubleclick.net | tcp |
| JP | 124.146.153.167:443 | tg.socdm.com | tcp |
| US | 192.132.33.69:443 | bttrack.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.117.203.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.236.74.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.71.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.249.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.3.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.207.204.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.71.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.130.171.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.38.111.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.153.146.124.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.33.132.192.in-addr.arpa | udp |
| US | 64.74.236.63:443 | b1sync.zemanta.com | tcp |
| IE | 34.248.195.47:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 52.6.58.23:443 | sync.ipredictive.com | tcp |
| US | 34.98.64.218:443 | us-u.openx.net | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| NL | 81.17.55.116:443 | rtb-csync.smartadserver.com | tcp |
| US | 169.197.150.7:443 | match.deepintent.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 192.132.33.69:443 | bttrack.com | tcp |
| NL | 81.17.55.116:443 | rtb-csync.smartadserver.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 104.21.65.33:443 | plknu.com | tcp |
| US | 172.67.142.83:443 | prebid.revbid.net | tcp |
| NL | 139.45.197.239:443 | glersakr.com | tcp |
| NL | 23.109.170.134:443 | orbsdiacle.com | tcp |
| FR | 172.217.18.195:443 | www.recaptcha.net | tcp |
| NL | 139.45.195.8:443 | my.rtmark.net | tcp |
| NL | 139.45.197.236:443 | yonmewon.com | tcp |
| NL | 212.117.190.201:443 | sr7pv7n5x.com | tcp |
| NL | 139.45.197.239:443 | glersakr.com | tcp |
| US | 104.21.11.245:443 | tzegilo.com | tcp |
| GB | 23.214.144.96:443 | campaign.aliexpress.com | tcp |
| GB | 23.214.144.96:443 | campaign.aliexpress.com | tcp |
| GB | 23.214.144.96:443 | campaign.aliexpress.com | tcp |
| NL | 139.45.197.239:443 | glersakr.com | tcp |
| FR | 172.217.18.195:443 | www.recaptcha.net | udp |
| GB | 23.214.144.96:443 | campaign.aliexpress.com | tcp |
| GB | 23.214.144.96:443 | campaign.aliexpress.com | tcp |
| GB | 23.214.144.96:443 | campaign.aliexpress.com | tcp |
| GB | 95.100.244.36:443 | ae01.alicdn.com | tcp |
| DE | 47.246.146.94:443 | acs.aliexpress.com | tcp |
| NL | 139.45.197.239:443 | glersakr.com | tcp |
| GB | 23.214.144.96:443 | campaign.aliexpress.com | tcp |
| SG | 47.246.110.43:443 | ae.mmstat.com | tcp |
| GB | 163.181.57.231:443 | bottom.campaign.aliexpress.com | tcp |
| GB | 173.222.211.18:443 | time-ae.akamaized.net | tcp |
| US | 172.67.203.133:443 | ewuipld.pro | tcp |
| US | 172.67.203.133:443 | ewuipld.pro | tcp |
| US | 104.21.235.169:443 | upfiles.download | tcp |
| US | 104.21.235.169:443 | upfiles.download | tcp |
| FI | 65.21.197.110:443 | s5.upfiles.download | tcp |
| US | 104.17.151.117:443 | static.mediafire.com | tcp |
| US | 104.17.151.117:443 | static.mediafire.com | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.21.42.32:443 | the.gatekeeperconsent.com | tcp |
| US | 172.67.170.144:443 | www.ezojs.com | tcp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| SE | 3.164.240.37:443 | cdn.amplitude.com | tcp |
| US | 104.16.52.110:443 | cdn.otnolatrnup.com | tcp |
| US | 104.26.3.173:443 | www.mediafiredls.com | tcp |
| US | 199.91.152.86:443 | download1586.mediafire.com | tcp |
| US | 199.91.152.86:443 | download1586.mediafire.com | tcp |
| FR | 142.250.178.138:443 | translate-pa.googleapis.com | tcp |
| US | 34.208.143.164:443 | api.amplitude.com | tcp |
| BE | 74.125.71.155:443 | stats.g.doubleclick.net | tcp |
| US | 216.239.38.181:443 | analytics.google.com | tcp |
| FR | 142.250.178.138:443 | translate-pa.googleapis.com | udp |
| FR | 213.36.253.119:80 | update.videolan.org | tcp |
| FR | 213.36.253.119:80 | update.videolan.org | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 03a56f81ee69dd9727832df26709a1c9 |
| SHA1 | ab6754cc9ebd922ef3c37b7e84ff20e250cfde3b |
| SHA256 | 65d97e83b315d9140f3922b278d08352809f955e2a714fedfaea6283a5300e53 |
| SHA512 | e9915f11e74c1bcf7f80d1bcdc8175df820af30f223a17c0fe11b6808e5a400550dcbe59b64346b7741c7c77735abefaf2c988753e11d086000522a05a0f7781 |
\??\pipe\LOCAL\crashpad_3948_WSTTPXQJNWJQMTUO
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | d30a5618854b9da7bcfc03aeb0a594c4 |
| SHA1 | 7f37105d7e5b1ecb270726915956c2271116eab7 |
| SHA256 | 3494c446aa3cb038f1d920b26910b7fe1f4286db78cb3f203ad02cb93889c1a8 |
| SHA512 | efd488fcd1729017a596ddd2950bff07d5a11140cba56ff8e0c62ef62827b35c22857bc4f5f5ea11ccc2e1394c0b3ee8651df62a25e66710f320e7a2cf4d1a77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c7739041ebf7bf794c54c10e84889118 |
| SHA1 | cafdf3a991313bee0cd42ede77c991c3ca0ced82 |
| SHA256 | f23c1640cbff2768c9b8dbd326ec7bb11824574df86e2d10b953f4ebc2f16c15 |
| SHA512 | d68a8d0497312a0dbb8c5b08b88fe76813461371797da949433d3eaad0bced92b5d72f6fc73f92f84271fad0c1a6c33047325139e3f4f7904f4a9a887585ec06 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b8e21255fe946ed9f186a01bfc07f925 |
| SHA1 | 299b67bfee28002840bb44df7132c698b6402cf7 |
| SHA256 | 1ed008526ce898b500839fe95bed36a64ec038430c4d6eb8ac206fc9006b440b |
| SHA512 | 5c8743a6e87e69867e24c7d61dd1339cc1e99226d63b89192f1de2ab2dbfdd24f1041c50bdddfaac83c240be5edc39e19333cef148af901aca0d10604ae8a900 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d04df42e2882b5ff744ffdfa302ef09b |
| SHA1 | d6af8325382e8e808313085c9ada1a26e035505c |
| SHA256 | 5e2f77c35e83427ddbf5d872078801527e18bdf1a0f1f3302e6ee00831507121 |
| SHA512 | 5ac2ea5b96322ea5e5197a9fc3940f573898d056ba27582aa886ff4b17e1d8dcb94b6e0f8c1d06497ac7cfcdeca81392cd550815209204105b7ff2a3d83af350 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 800385e21144b5db2e9289f973e16989 |
| SHA1 | 8fc2e56bf05a0cadfc519af83101120f1e58bf4f |
| SHA256 | 5ad9287170165f7697f11127b84046b9cc13577953d82fa6c7f0f347f6d08022 |
| SHA512 | e0dce3b87626a83ff48c6eb3548578f8d5653a83ee18434d334f06fb6a5b642369f1bb7cead695d98560d5779795819eb1b06e254be7b018e6683f9b20957154 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 115d96070b7870d6023dfd1d7b72c0bb |
| SHA1 | d15a6045eb4c4bcb011991a8a4d9a345752e934c |
| SHA256 | 4b466c73018ea09024f2cb9c0a3c2f97397201d6e011a51e74bc4d6fa2d0ed96 |
| SHA512 | bc3ad292d447816d0e9c04ad46ef4a70070f58987b447242f9a39a0121f954157f9c96d17fe30819c3f22fbe7a87f892a0ee07297a7ceaf0e5c504c60b1b7ce0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57ea9e.TMP
| MD5 | 2fd191a262b8c0528e04c7913b6b8c59 |
| SHA1 | e1589d058a684f31a9f5bfeaace29e7ca0183ccf |
| SHA256 | 4ffb1d26ae104dd91e2aaf25d7f1172f2988dcd7511a7306756b0bf8e9d5c39c |
| SHA512 | 009ccd79f9e686d98380ba1d3f48e007ff24bc7e3bc57ceb42be49b18cdc610a129af51c0452b0efab00f8f435b4551ec7dee37121bafdb4b3004249e875a769 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 200bf1cff9c5b992d910d89b3c8da23e |
| SHA1 | 888b63745d710358969d30d85bab5982923ffd32 |
| SHA256 | ebcec56c6b814135f16abba2f91f84395fe73a486d64cb049d7c2b051fc13fbb |
| SHA512 | 5364a1110a601579454b378e254a95e2f0231498499bd859e561068095a892b82fe0e507f73dbb0cf21e91a5bbf3d07a94676d7fa7d0da816b6be07a8913d949 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 532bff5d0e3855898dcf8bbc6d95873a |
| SHA1 | e417118a2030e98a8cd45e9db84fa2ee92ef1c14 |
| SHA256 | 96f55cd63efbe581b012d86397cd8b845f1e421f720550ac83cf1c2b8f570faa |
| SHA512 | d2469ca1059f578ae07304c7924897ae35498585ca326828e783251f80053ae29d8034e262542680c1e7e04477fd6eca0c35383d3d5ca4ea821633c9ee407921 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3063e8a034dd2167bdb9c67baeaa9b4f |
| SHA1 | 19d5b3f8b7f144ff57d9d6dbf0602b5849456ac9 |
| SHA256 | 25442cc517efff3ac05201f0bb663302032fc118d98006cbb899270a4dafec9f |
| SHA512 | 732366934ba9c3b3b23b38c27895e3a9f8dfc9d6135d1856df55e3740939e3d30dfb7682cbb1360ffb507cc50b13877fbf50da7f0a511ab371a916cb8c0bcc35 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020
| MD5 | 2257803a7e34c3abd90ec6d41fd76a5a |
| SHA1 | f7a32e6635d8513f74bd225f55d867ea56ae4803 |
| SHA256 | af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174 |
| SHA512 | e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6dfe114daf1e60853bb3d4d9164a44f3 |
| SHA1 | 86bbefac0281c575ed8e9609df261b0aaa69a366 |
| SHA256 | f4899e91c6206501785221ba4af85bcb6b7b92da1681d540b01f1a9a730d8d94 |
| SHA512 | 0cee7b208df6002878151d76969f8f261c545022992411f01b73507866bc460e1f64db059f52a9f863e1222211ff1cac5a8fb2b1b3bc5b3f481ebf652c0e7e9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c0860615a50b28ddec0cad5d119a35ad |
| SHA1 | 7d91b785fce065a004a93a35f443bef7a0619a5f |
| SHA256 | 3cfc181461a71165b56843569fe8b7890121b1afc3375d178b00ee2fa0b491ab |
| SHA512 | 72278a6822ff928c8304aae423a620ba6f9d29275627f8fff2c6ab1aacc52835300e05f25ce44c66f05675a35843c1dd95411b986b236e7c25c1b565d2bec51d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 57cbcaadb7950266d28d52bda44d142d |
| SHA1 | d6a1e08ccc76920c17715e4e384dfd30a7efad63 |
| SHA256 | 5beaebc4cf92803fc6dc93561def63b0c784630c1b55d61e7f937bea7f3b25a8 |
| SHA512 | 94684588b64a6a7ae1d3e7a507c36f5e82f6f0c5d9f1e9abb5feee5e2c3b680c12fcddf297fc9873c115265e33f78936d838c307c49fa511198f6dc0d2dd9f47 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2a7e7245c670f2d4b93de9f6614ac281 |
| SHA1 | f5429a7ec7e555ee33ca152d58fbc44af4339331 |
| SHA256 | 6aecc5b773da39429063ecccb0ea9cb3ec8523173f29837fd78a4cfb10002872 |
| SHA512 | 6eab416f3d08bcecb7d92f5211d3ede973023a8173cf4d2e75ca0fcb85a70facdddf1f2943185f8b43c98fc1c5d89a2942a6143400410063aa8a6b6a61d500a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | d9bc67c72a3716728ad545fb0c45bab5 |
| SHA1 | 6a48456a53a4af4824e5038ae87412cdb8fe2848 |
| SHA256 | e3b8d7ea3f2e6baf7dbe0fd7769337e096331ce00d27a28a854d1c9bb75adbf2 |
| SHA512 | 95558369c21a2723dd9eaf058b2c4967a23f94c7256f65be8ca39dbfc17421d7a87b179ea33d3172042b33c8fad5c48485900445edb2145e3e8ff73303398dab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019
| MD5 | ec600b7709829f76a32fa07cd6097ec0 |
| SHA1 | 00d8145c801d12ce75bd7f8aead5b49a9efde586 |
| SHA256 | 4aec02cb1374566c3dac30576488426bad939a161fbc5189e5f79777ef183dca |
| SHA512 | 807f3425f790a07cc72a3eaf1b50cf6a594f8c46135bd3a3894ca6108802b42ea827150bb079a719e5ab0ff2ad6ed9aca20b36da5a4d31c5d52a7d0c89a47ead |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c
| MD5 | 4ab82d4c7a50106e95158cfe6efc6359 |
| SHA1 | 7ed049cc41cfddcf0d79005c69e1758850443230 |
| SHA256 | 250eaa18d686e5cf195379952fca9dff556acdda3a00a94d5d1888b6f455a72a |
| SHA512 | 47584a8e95994b940591e7e73dd51300c70bacf11d5720a216b7af3b75a20f93b7d048d440741bcdc522f4306dca4aef69b5ae6becf4dbc4b18b2b15cfff1ba1 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 7b02697afa9df9d08cc13951055b250d |
| SHA1 | 41637ae70d168c9fb8ff86a22e0e454847f0a2b4 |
| SHA256 | cf510f9461a06fa89126dcc8e6910d00387a78502472f18ff46744c6aa988228 |
| SHA512 | a83b55f42f8a6275ca98ae7a510376d26a054c50fb671c192375475b5c200f393b1e3047488fadac2048948f7dcbdd62183d06d3c33b1054c9a62f1a6425a973 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | cc4e6b8a30b3676abc4c43511206beb1 |
| SHA1 | a9e0c9b354173cbfafeeb7db2f1ca7740ea62a84 |
| SHA256 | faa4a100c304f230065e703d53298f8f1a5e45e5288ffa5e824816b255de6b14 |
| SHA512 | 16a4d1149e43ad7af0bbd2843d8e44bf3c20f0da454c26ffe8b590f61de046bf0347f8ea2d83646bd2ee3f52a7dcc7ed69232f0be7e3b9d03cbe32cda6a24941 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8724e638ebe99bc8129b5feb54c9d2ab |
| SHA1 | fddd35a2be35912dc46e1b666a10f11aba7a1c04 |
| SHA256 | 0652129a18b4b3cde69b9db6fa65b20587471d5dd9406ae874d4196960b440dc |
| SHA512 | c71dd3aa02d42296feac2b20e2047e449984f86064732aacfd2f0494e624926392ec0c27d144fd020b7ba1e8b52ece171046a6e18c3570d8e3eb626e81915c02 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3653df9de9037e4eeeff177b5f53971c |
| SHA1 | 3482b3a68b50c107624304c2355fccf410e5c1b4 |
| SHA256 | e0141fe0eb4b7b44ffa4c43652ac0ba7cb102e2269b9f4a59c9e64aad1b928b2 |
| SHA512 | 019cbd4deef80b214d08bb07af27f0478501162267b1054927e3a88848dc4a24f61074eb17e42cbc3c509140fff9f7fa8a104d3d572aa281a55e2bf804168556 |
C:\Users\Admin\Downloads\004-TO-006-AUG-19TH-2024.txt:Zone.Identifier
| MD5 | 4a59c90330c30db02d4f5c72cf87f5df |
| SHA1 | 63d81db9a22bd1c7f465817b9b32405eb1108957 |
| SHA256 | 9c0f1319cef6b210cb9006906d4574bc963bce3ee3000d744351fc16eac1419d |
| SHA512 | ec3fe9cc6479623aad3321ab44b8ecc80df5038f897288ca24cdcc12923073df1f3082e8cadea610cdf207c991c11961144236a3a8cfe42d978ae30bfaccf4a2 |
C:\Users\Admin\Downloads\004-TO-006-AUG-19TH-2024.txt
| MD5 | ae9f359fe5a4c8180096a3b1768ce611 |
| SHA1 | 4a2e6e939fabaaa9ef3513ec819adf3c7fc29233 |
| SHA256 | 05f04876142a7ff194162d896c778a0aa558d259bd142c88ea9595a2ccf2e143 |
| SHA512 | a80a3442f120363523d4a59cce78963f93c224020fad3dd53ac65fa5bb52d20818e5a93aeb5c7cd3f4ae679ebe0525fb9285962553d2b98ca5f2090e98639315 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 37d4a8d9032dd248c1504ffdfae20036 |
| SHA1 | 5fbd58e7990477e8d5b22cb01e8929b3cd61fa74 |
| SHA256 | 0aa62a7e6831387fcf66ae05c270ed7ce767f8de2c98db37c2cc03a588b9c84f |
| SHA512 | abdcb7d0f4ff1964fde7ad1b4ad2e2674e8bbac57620ebf2478100de3d2c04fa965a6fe141c78bec2f5c7f3b8bc9e14d63a029673d5659f230cd1e35b68fbab0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 49cc291448d1fd8a86b04734224ebe22 |
| SHA1 | f4d5dc201ca01bd5c701806025301977aadfadbb |
| SHA256 | 497afa71430d92a6ca286661139464fb472a7ea92b5e048e27097c57cd4fdb7b |
| SHA512 | 45b52a2dd48cb6d27b686828a2bbd0b6e3dbc4eac26b85456e1a389c0ad7cb43af1e079ed787aff751066b2803d5feb25dcffa86d5466fa25532f8a860296d30 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 512298313a78d07a8f72a07dde0b1802 |
| SHA1 | 592f90ad4b441369b18e5e3d3dbd3552fa9d7f60 |
| SHA256 | 6c50d9a6b791bfddc257232ee7931b27d46026c73d67a8ebdb65378ca9561acf |
| SHA512 | 29959e642323293a1f3b2c81ffd19f6f6820993c262914cd1d9440bc882883cbb498e73591bd77d80bbf77b3d0c195e1043cfcae808ec3178a197bb849fc091d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | cecb69fa6bc9a13b6ccac355c9136100 |
| SHA1 | c25f2430353278dca3b539817d58176db7e4a776 |
| SHA256 | 34907ee3b018f7b8def658263facc3c7fc7f31765aebb3e1bf565dc1b81ccc05 |
| SHA512 | 9faf516f64e4ac7793e20e0fdedc367893a2b82dfd2856c240af5b49bc7f30e54fbeeca29c588b7a443184eeb740026151370048a1ad578f1bb7af3c08d608f9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 384f6faf77f73798bb9b8114037640ac |
| SHA1 | b338ac832a3e48d3aea33b1fccda931d3991ee19 |
| SHA256 | 595c4ebf6468b9d2ce53727c791a3cdd14566c924c5a7f595711aa8375817171 |
| SHA512 | 0a5f8bd573dd3e77c436fa4491ee818f7aa261069906507928844e79e5eca5c24f7152aecac70c2d42ca172ed8d2130582462153e8dc3d76230a4fe691120117 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | becaf930dc2d5bdc7d88df717a37161f |
| SHA1 | c48271aaa6502b7692950dc3d3a54d72906f28b3 |
| SHA256 | cc35ff3df32d50eca21e8054e6168fa21dcac754ea7e20697498476ffce08b37 |
| SHA512 | a0dff885cfeb346dc2de861870cab470e33ddc5d50dbb2c6293646710069d5a2bfd79d4effcd15be7b4ebbf6a3075629db82b58aa407ac06aaba2468eb561dd1 |
memory/2836-747-0x00007FF64A190000-0x00007FF64A288000-memory.dmp
memory/2836-748-0x00007FFDA86A0000-0x00007FFDA86D4000-memory.dmp
memory/2836-756-0x00007FFD98A50000-0x00007FFD98A61000-memory.dmp
memory/2836-749-0x00007FFD8F970000-0x00007FFD8FC26000-memory.dmp
memory/2836-757-0x00007FFD8F760000-0x00007FFD8F96B000-memory.dmp
memory/2836-755-0x00007FFD98DB0000-0x00007FFD98DCD000-memory.dmp
memory/2836-754-0x00007FFDA3A30000-0x00007FFDA3A41000-memory.dmp
memory/2836-753-0x00007FFDA3AD0000-0x00007FFDA3AE7000-memory.dmp
memory/2836-752-0x00007FFDA3BD0000-0x00007FFDA3BE1000-memory.dmp
memory/2836-751-0x00007FFDAC4F0000-0x00007FFDAC507000-memory.dmp
memory/2836-750-0x00007FFDACE70000-0x00007FFDACE88000-memory.dmp
memory/2836-762-0x00007FFD8E660000-0x00007FFD8E671000-memory.dmp
memory/2836-772-0x00007FFD8E420000-0x00007FFD8E477000-memory.dmp
memory/2836-771-0x00007FFD8E480000-0x00007FFD8E491000-memory.dmp
memory/2836-758-0x00007FFD8E6B0000-0x00007FFD8F760000-memory.dmp
memory/2836-770-0x00007FFD8E4A0000-0x00007FFD8E51C000-memory.dmp
memory/2836-769-0x00007FFD8E520000-0x00007FFD8E587000-memory.dmp
memory/2836-768-0x00007FFD8E590000-0x00007FFD8E5C0000-memory.dmp
memory/2836-767-0x00007FFD8E5C0000-0x00007FFD8E5D8000-memory.dmp
memory/2836-765-0x00007FFD8E600000-0x00007FFD8E61B000-memory.dmp
memory/2836-766-0x00007FFD8E5E0000-0x00007FFD8E5F1000-memory.dmp
memory/2836-764-0x00007FFD8E620000-0x00007FFD8E631000-memory.dmp
memory/2836-763-0x00007FFD8E640000-0x00007FFD8E651000-memory.dmp
memory/2836-761-0x00007FFD91760000-0x00007FFD91778000-memory.dmp
memory/2836-760-0x00007FFD8E680000-0x00007FFD8E6A1000-memory.dmp
memory/2836-759-0x00007FFD98A00000-0x00007FFD98A41000-memory.dmp
memory/2836-783-0x00007FF64A190000-0x00007FF64A288000-memory.dmp
memory/2836-784-0x00007FFDA86A0000-0x00007FFDA86D4000-memory.dmp
memory/2836-785-0x00007FFD8F970000-0x00007FFD8FC26000-memory.dmp
memory/2836-786-0x00007FFD8E6B0000-0x00007FFD8F760000-memory.dmp
memory/1420-802-0x00007FFDA3BD0000-0x00007FFDA3BE1000-memory.dmp
memory/1420-823-0x00007FFD8F7F0000-0x00007FFD8F801000-memory.dmp
memory/1420-824-0x00007FFD8B140000-0x00007FFD8B18E000-memory.dmp
memory/1420-822-0x00007FFD8F810000-0x00007FFD8F82D000-memory.dmp
memory/1420-818-0x00007FFD8F980000-0x00007FFD8FB00000-memory.dmp
memory/1420-821-0x00007FFD8F830000-0x00007FFD8F841000-memory.dmp
memory/1420-820-0x00007FFD8F850000-0x00007FFD8F867000-memory.dmp
memory/1420-819-0x00007FFD8F870000-0x00007FFD8F97E000-memory.dmp
memory/1420-815-0x00007FFD8FB40000-0x00007FFD8FBBC000-memory.dmp
memory/1420-817-0x00007FFD8FB00000-0x00007FFD8FB11000-memory.dmp
memory/1420-816-0x00007FFD8FB20000-0x00007FFD8FB31000-memory.dmp
memory/1420-814-0x00007FFD8FBC0000-0x00007FFD8FC27000-memory.dmp
memory/1420-813-0x00007FFD8FD20000-0x00007FFD8FD50000-memory.dmp
memory/1420-812-0x00007FFD91760000-0x00007FFD91778000-memory.dmp
memory/1420-799-0x00007FFD8FF60000-0x00007FFD90216000-memory.dmp
memory/1420-811-0x00007FFD98A00000-0x00007FFD98A11000-memory.dmp
memory/1420-810-0x00007FFD98A20000-0x00007FFD98A3B000-memory.dmp
memory/1420-809-0x00007FFD98DB0000-0x00007FFD98DC1000-memory.dmp
memory/1420-808-0x00007FFD99CD0000-0x00007FFD99CE1000-memory.dmp
memory/1420-807-0x00007FFDA3A30000-0x00007FFDA3A41000-memory.dmp
memory/1420-806-0x00007FFDA3AD0000-0x00007FFDA3AE8000-memory.dmp
memory/1420-805-0x00007FFD98A40000-0x00007FFD98A61000-memory.dmp
memory/1420-804-0x00007FFD99CF0000-0x00007FFD99D31000-memory.dmp
memory/1420-803-0x00007FFD8FD50000-0x00007FFD8FF5B000-memory.dmp
memory/1420-801-0x00007FFDAC4F0000-0x00007FFDAC507000-memory.dmp
memory/1420-800-0x00007FFDACE70000-0x00007FFDACE88000-memory.dmp
memory/1420-798-0x00007FFDA86A0000-0x00007FFDA86D4000-memory.dmp
memory/1420-797-0x00007FF64A190000-0x00007FF64A288000-memory.dmp
C:\Users\Admin\AppData\Roaming\vlc\ml.xspf.tmp1420
| MD5 | 781602441469750c3219c8c38b515ed4 |
| SHA1 | e885acd1cbd0b897ebcedbb145bef1c330f80595 |
| SHA256 | 81970dbe581373d14fbd451ac4b3f96e5f69b79645f1ee1ca715cff3af0bf20d |
| SHA512 | 2b0a1717d96edb47bdf0ffeb250a5ec11f7d0638d3e0a62fbe48c064379b473ca88ffbececb32a72129d06c040b107834f1004ccda5f0f35b8c3588034786461 |
memory/1420-835-0x00007FFDA86A0000-0x00007FFDA86D4000-memory.dmp
memory/1420-836-0x00007FFD8FF60000-0x00007FFD90216000-memory.dmp
memory/1420-837-0x00007FFD8F870000-0x00007FFD8F97E000-memory.dmp
memory/1420-834-0x00007FF64A190000-0x00007FF64A288000-memory.dmp
memory/2148-843-0x00007FFDA86A0000-0x00007FFDA86D4000-memory.dmp
memory/2148-842-0x00007FF64A190000-0x00007FF64A288000-memory.dmp