Malware Analysis Report

2024-10-19 10:25

Sample ID 240902-pazmha1anh
Target https://prxobanana2.wixsite.com/lightux
Tags
modiloader netwire bootkit botnet discovery persistence stealer trojan
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://prxobanana2.wixsite.com/lightux was found to be: Known bad.

Malicious Activity Summary

modiloader netwire bootkit botnet discovery persistence stealer trojan

Netwire

ModiLoader, DBatLoader

ModiLoader First Stage

Downloads MZ/PE file

Executes dropped EXE

Loads dropped DLL

Legitimate hosting services abused for malware hosting/C2

Adds Run key to start application

Writes to the Master Boot Record (MBR)

Enumerates connected drives

Suspicious use of SetThreadContext

Drops file in Windows directory

System Location Discovery: System Language Discovery

Program crash

Browser Information Discovery

Checks SCSI registry key(s)

Suspicious use of FindShellTrayWindow

Enumerates system info in registry

Suspicious use of WriteProcessMemory

Suspicious use of SetWindowsHookEx

Script User-Agent

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies registry class

NTFS ADS

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-09-02 12:08

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-09-02 12:08

Reported

2024-09-02 12:16

Platform

win10v2004-20240802-en

Max time kernel

495s

Max time network

507s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://prxobanana2.wixsite.com/lightux

Signatures

ModiLoader, DBatLoader

trojan modiloader

Netwire

botnet stealer netwire

ModiLoader First Stage

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Downloads MZ/PE file

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\Microzoft_Ofiz = "C:\\Windows\\KdzEregli.exe" C:\Users\Admin\Downloads\Amus.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\Qspt = "C:\\Users\\Admin\\AppData\\Local\\Qspt\\Qspt.hta" C:\Users\Admin\Downloads\NetWire.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\Qspt = "C:\\Users\\Admin\\AppData\\Local\\Qspt\\Qspt.hta" C:\Users\Admin\Downloads\NetWire.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\Qspt = "C:\\Users\\Admin\\AppData\\Local\\Qspt\\Qspt.hta" C:\Users\Admin\Downloads\NetWire.exe N/A

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\Z: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\S: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\V: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\G: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\J: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Q: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\W: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\H: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\U: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\N: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\O: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\T: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Q: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\H: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\W: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\O: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\X: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\J: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\K: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\X: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\N: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\A: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\K: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\L: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\E: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\L: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\G: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\S: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\T: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\B: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\E: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\A: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\B: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\U: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\V: C:\Windows\system32\msiexec.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A drive.google.com N/A N/A
N/A drive.google.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A drive.google.com N/A N/A
N/A drive.google.com N/A N/A

Writes to the Master Boot Record (MBR)

bootkit persistence
Description Indicator Process Target
File opened for modification \??\PhysicalDrive0 C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A

Suspicious use of SetThreadContext

Description Indicator Process Target
PID 2740 set thread context of 9040 N/A C:\Users\Admin\Downloads\NetWire.exe C:\Program Files (x86)\internet explorer\ieinstal.exe
PID 8132 set thread context of 5896 N/A C:\Users\Admin\Downloads\NetWire.exe C:\Program Files (x86)\internet explorer\ieinstal.exe
PID 9068 set thread context of 4516 N/A C:\Users\Admin\Downloads\NetWire.exe C:\Program Files (x86)\internet explorer\ieinstal.exe

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\Cekirge.exe C:\Users\Admin\Downloads\Amus.exe N/A
File created C:\Windows\Messenger.exe C:\Users\Admin\Downloads\Amus.exe N/A
File created C:\Windows\Cekirge.exe C:\Users\Admin\Downloads\Amus.exe N/A
File opened for modification C:\Windows\My_Pictures.exe C:\Users\Admin\Downloads\Amus.exe N/A
File created C:\Windows\Pide.exe C:\Users\Admin\Downloads\Amus.exe N/A
File created C:\Windows\Pire.exe C:\Users\Admin\Downloads\Amus.exe N/A
File opened for modification C:\Windows\Ankara.exe C:\Users\Admin\Downloads\Amus.exe N/A
File opened for modification C:\Windows\Anti_Virus.exe C:\Users\Admin\Downloads\Amus.exe N/A
File created C:\Windows\KdzEregli.exe C:\Users\Admin\Downloads\Amus.exe N/A
File opened for modification C:\Windows\KdzEregli.exe C:\Users\Admin\Downloads\Amus.exe N/A
File opened for modification C:\Windows\Pire.exe C:\Users\Admin\Downloads\Amus.exe N/A
File created C:\Windows\Ankara.exe C:\Users\Admin\Downloads\Amus.exe N/A
File created C:\Windows\Adapazari.exe C:\Users\Admin\Downloads\Amus.exe N/A
File opened for modification C:\Windows\Adapazari.exe C:\Users\Admin\Downloads\Amus.exe N/A
File created C:\Windows\Anti_Virus.exe C:\Users\Admin\Downloads\Amus.exe N/A
File opened for modification C:\Windows\Meydanbasi.exe C:\Users\Admin\Downloads\Amus.exe N/A
File opened for modification C:\Windows\Pide.exe C:\Users\Admin\Downloads\Amus.exe N/A
File created C:\Windows\Meydanbasi.exe C:\Users\Admin\Downloads\Amus.exe N/A
File opened for modification C:\Windows\Messenger.exe C:\Users\Admin\Downloads\Amus.exe N/A
File created C:\Windows\My_Pictures.exe C:\Users\Admin\Downloads\Amus.exe N/A

Browser Information Discovery

discovery

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\notepad.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\Amus.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\NetWire.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\Amus.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\Amus.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\WinNuke.98.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\Notepad.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\syswow64\MsiExec.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\NetWire.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\NetWire.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\NetWire.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\NetWire.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\NetWire.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1302416131-1437503476-2806442725-1000\{03F0C806-9CCB-45A2-830B-87F9573A293F} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000_Classes\Local Settings C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 139909.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 283318.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 474573.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 800034.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 922448.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Script User-Agent

Description Indicator Process Target
HTTP User-Agent header Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) N/A N/A
HTTP User-Agent header Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) N/A N/A
HTTP User-Agent header Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) N/A N/A
HTTP User-Agent header Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) N/A N/A
HTTP User-Agent header Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) N/A N/A
HTTP User-Agent header Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) N/A N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeDebugPrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeCreateGlobalPrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: 33 N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeCreateTokenPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeAssignPrimaryTokenPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeLockMemoryPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeMachineAccountPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeTcbPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreatePermanentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeAuditPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeChangeNotifyPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSyncAgentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeEnableDelegationPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeImpersonatePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreateGlobalPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreateTokenPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeAssignPrimaryTokenPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeLockMemoryPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeMachineAccountPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeTcbPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreatePermanentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeAuditPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeChangeNotifyPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSyncAgentPrivilege N/A C:\Windows\System32\msiexec.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Amus.exe N/A
N/A N/A C:\Users\Admin\Downloads\Amus.exe N/A
N/A N/A C:\Users\Admin\Downloads\Amus.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1932 wrote to memory of 2844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 2844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 368 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 1816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 1816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 2996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 2996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 2996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 2996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 2996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 2996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 2996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 2996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 2996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 2996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 2996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 2996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 2996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 2996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 2996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 2996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 2996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 2996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 2996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1932 wrote to memory of 2996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://prxobanana2.wixsite.com/lightux

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9023646f8,0x7ff902364708,0x7ff902364718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2252 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2296 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2824 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5188 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5188 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3528 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3452 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3136 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2108 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3484 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1712 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3480 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5456 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3400 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5752 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3580 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3988 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3572 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=2500 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3132 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6452 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4668 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6460 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6228 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6032 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3136 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=2008 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5400 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6828 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6788 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3600 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3544 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6976 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7000 /prefetch:8

C:\Users\Admin\Downloads\Amus.exe

"C:\Users\Admin\Downloads\Amus.exe"

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x528 0x520

C:\Users\Admin\Downloads\Amus.exe

"C:\Users\Admin\Downloads\Amus.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6544 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5168 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6944 /prefetch:8

C:\Users\Admin\Downloads\Amus.exe

"C:\Users\Admin\Downloads\Amus.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2012 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3584 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5360 /prefetch:8

C:\Users\Admin\Downloads\WinNuke.98.exe

"C:\Users\Admin\Downloads\WinNuke.98.exe"

C:\Users\Admin\Downloads\WinNuke.98.exe

"C:\Users\Admin\Downloads\WinNuke.98.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5716 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6600 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6944 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5184 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6092 /prefetch:8

C:\Users\Admin\Downloads\NetWire.exe

"C:\Users\Admin\Downloads\NetWire.exe"

C:\Users\Admin\Downloads\NetWire.exe

"C:\Users\Admin\Downloads\NetWire.exe"

C:\Users\Admin\Downloads\NetWire.exe

"C:\Users\Admin\Downloads\NetWire.exe"

C:\Users\Admin\Downloads\NetWire.exe

"C:\Users\Admin\Downloads\NetWire.exe"

C:\Users\Admin\Downloads\NetWire.exe

"C:\Users\Admin\Downloads\NetWire.exe"

C:\Users\Admin\Downloads\NetWire.exe

"C:\Users\Admin\Downloads\NetWire.exe"

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /7

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4692 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1

C:\Windows\SysWOW64\Notepad.exe

C:\Windows\System32\Notepad.exe

C:\Program Files (x86)\internet explorer\ieinstal.exe

"C:\Program Files (x86)\internet explorer\ieinstal.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 6084 -ip 6084

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 6084 -s 420

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 6084 -ip 6084

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 6084 -s 464

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6160 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7084 /prefetch:1

C:\Program Files (x86)\internet explorer\ieinstal.exe

"C:\Program Files (x86)\internet explorer\ieinstal.exe"

C:\Program Files (x86)\internet explorer\ieinstal.exe

"C:\Program Files (x86)\internet explorer\ieinstal.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6560 /prefetch:8

C:\Windows\System32\msiexec.exe

"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\Downloads\BabylonClient12.msi"

C:\Windows\system32\msiexec.exe

C:\Windows\system32\msiexec.exe /V

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding 6A21CF42AAEE5371DBB70604B683BC6A C

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.babylon-software.com/redirects/redir.cgi?type=terms_of_use&lang=0

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9023646f8,0x7ff902364708,0x7ff902364718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5312 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6988 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7108 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3592 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6748 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6588 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6440 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7040 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1568 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7332 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7624 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7620 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7660 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8200 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8224 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8436 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8656 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6704 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8044 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6496 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8920 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8276 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7132 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1

C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe

"C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe"

C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe

"C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe" /watchdog

C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe

"C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe" /watchdog

C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe

"C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe" /watchdog

C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe

"C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe" /watchdog

C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe

"C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe" /watchdog

C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe

"C:\Users\Admin\Downloads\MEMZ-virus-main\MEMZ-virus-main\MEMZ.exe" /main

C:\Windows\SysWOW64\notepad.exe

"C:\Windows\System32\notepad.exe" \note.txt

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6732 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8228 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,10857592078140163328,84210944708472915,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7944 /prefetch:1

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /7

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 prxobanana2.wixsite.com udp
US 199.15.163.145:443 prxobanana2.wixsite.com tcp
US 8.8.8.8:53 static.wixstatic.com udp
US 8.8.8.8:53 static.parastorage.com udp
GB 108.156.46.5:443 static.wixstatic.com tcp
US 8.8.8.8:53 siteassets.parastorage.com udp
US 34.49.229.81:443 siteassets.parastorage.com tcp
US 34.49.229.81:443 siteassets.parastorage.com tcp
GB 108.156.46.5:443 static.wixstatic.com tcp
US 34.49.229.81:443 siteassets.parastorage.com tcp
US 8.8.8.8:53 frog.wix.com udp
US 8.8.8.8:53 panorama.wixapps.net udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
GB 108.156.46.5:443 static.wixstatic.com tcp
US 34.49.229.81:443 siteassets.parastorage.com tcp
US 34.49.229.81:443 siteassets.parastorage.com tcp
US 34.49.229.81:443 siteassets.parastorage.com tcp
US 34.49.229.81:443 siteassets.parastorage.com tcp
US 34.49.229.81:443 siteassets.parastorage.com tcp
US 34.49.229.81:443 siteassets.parastorage.com tcp
US 34.49.229.81:443 siteassets.parastorage.com tcp
US 34.49.229.81:443 siteassets.parastorage.com tcp
US 34.49.229.81:443 siteassets.parastorage.com tcp
US 35.175.66.251:443 frog.wix.com tcp
US 35.175.66.251:443 frog.wix.com tcp
US 35.175.66.251:443 frog.wix.com tcp
US 8.8.8.8:53 74.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 145.163.15.199.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 5.46.156.108.in-addr.arpa udp
US 8.8.8.8:53 81.229.49.34.in-addr.arpa udp
US 34.149.206.255:443 panorama.wixapps.net tcp
US 35.175.66.251:443 frog.wix.com tcp
US 34.49.229.81:443 siteassets.parastorage.com udp
US 34.49.229.81:443 siteassets.parastorage.com udp
US 8.8.8.8:53 www.wix.com udp
US 34.149.206.255:443 panorama.wixapps.net udp
US 199.15.163.148:443 www.wix.com tcp
US 8.8.8.8:53 255.206.149.34.in-addr.arpa udp
US 8.8.8.8:53 251.66.175.35.in-addr.arpa udp
US 8.8.8.8:53 148.163.15.199.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.28.10:443 tse1.mm.bing.net tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 browser.sentry-cdn.com udp
US 151.101.130.217:443 browser.sentry-cdn.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 172.217.169.46:443 www.youtube.com tcp
GB 172.217.169.46:443 www.youtube.com udp
US 8.8.8.8:53 217.130.101.151.in-addr.arpa udp
US 8.8.8.8:53 226.21.18.104.in-addr.arpa udp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.187.246:443 i.ytimg.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.187.194:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.194:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 142.250.187.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 246.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 194.187.250.142.in-addr.arpa udp
GB 142.250.179.228:443 www.google.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.187.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.16.238:443 play.google.com tcp
GB 172.217.16.238:443 play.google.com udp
US 8.8.8.8:53 6.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 234.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 228.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
GB 142.250.187.246:443 i.ytimg.com udp
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
US 8.8.8.8:53 sentry-next.wixpress.com udp
US 44.199.36.174:443 sentry-next.wixpress.com tcp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 174.36.199.44.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
NL 95.101.74.9:443 www.bing.com tcp
US 8.8.8.8:53 9.74.101.95.in-addr.arpa udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
NL 95.101.74.50:443 r.bing.com tcp
NL 95.101.74.50:443 r.bing.com tcp
NL 95.101.74.37:443 th.bing.com tcp
NL 95.101.74.37:443 th.bing.com tcp
US 8.8.8.8:53 bing.com udp
US 13.107.21.200:443 bing.com tcp
US 8.8.8.8:53 37.74.101.95.in-addr.arpa udp
US 8.8.8.8:53 50.74.101.95.in-addr.arpa udp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 20.190.159.4:443 login.microsoftonline.com tcp
US 8.8.8.8:53 200.21.107.13.in-addr.arpa udp
US 8.8.8.8:53 4.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
US 8.8.8.8:53 20.160.190.20.in-addr.arpa udp
US 172.64.154.167:443 www2.bing.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 8.8.8.8:53 167.154.64.172.in-addr.arpa udp
NL 95.101.74.37:443 th.bing.com tcp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 8.8.8.8:53 github.githubassets.com udp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 185.199.108.133:443 user-images.githubusercontent.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 8.8.8.8:53 154.110.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 collector.github.com udp
US 140.82.114.21:443 collector.github.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 8.8.8.8:53 api.github.com udp
US 140.82.114.21:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 21.114.82.140.in-addr.arpa udp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 codeload.github.com udp
GB 20.26.156.216:443 codeload.github.com tcp
US 8.8.8.8:53 216.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 77.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 private-user-images.githubusercontent.com udp
US 8.8.8.8:53 48.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 185.199.108.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 213.143.182.52.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 www.babylon-software.com udp
US 174.138.88.129:443 www.babylon-software.com tcp
US 174.138.88.129:443 www.babylon-software.com tcp
US 8.8.8.8:53 edge.marker.io udp
US 172.67.70.243:443 edge.marker.io tcp
US 8.8.8.8:53 s.w.org udp
US 8.8.8.8:53 129.88.138.174.in-addr.arpa udp
US 8.8.8.8:53 8.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 243.70.67.172.in-addr.arpa udp
US 192.0.77.48:443 s.w.org tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 api.marker.io udp
US 104.26.15.104:443 api.marker.io tcp
US 8.8.8.8:53 48.77.0.192.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 104.15.26.104.in-addr.arpa udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 drive.google.com udp
GB 142.250.200.14:443 drive.google.com tcp
US 8.8.8.8:53 drive.usercontent.google.com udp
GB 142.250.178.1:443 drive.usercontent.google.com tcp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 1.178.250.142.in-addr.arpa udp
GB 142.250.200.14:443 drive.google.com tcp
GB 142.250.178.1:443 drive.usercontent.google.com tcp
US 8.8.8.8:53 tamerimia.ug udp
GB 142.250.200.14:443 drive.google.com tcp
GB 142.250.178.1:443 drive.usercontent.google.com tcp
US 174.138.88.129:80 www.babylon-software.com tcp
US 174.138.88.129:80 www.babylon-software.com tcp
US 174.138.88.129:443 www.babylon-software.com tcp
US 216.239.32.36:443 region1.google-analytics.com udp
FR 23.192.237.214:443 www.bing.com tcp
US 8.8.8.8:53 214.237.192.23.in-addr.arpa udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
FR 23.192.237.217:443 th.bing.com tcp
FR 23.192.237.219:443 th.bing.com tcp
FR 23.192.237.219:443 th.bing.com tcp
FR 23.192.237.217:443 th.bing.com tcp
US 8.8.8.8:53 217.237.192.23.in-addr.arpa udp
US 8.8.8.8:53 219.237.192.23.in-addr.arpa udp
US 172.64.154.167:443 www2.bing.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 github.githubassets.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 memz-trojan.en.softonic.com udp
US 151.101.1.91:443 memz-trojan.en.softonic.com tcp
US 151.101.1.91:443 memz-trojan.en.softonic.com tcp
US 8.8.8.8:53 images.sftcdn.net udp
US 8.8.8.8:53 sc.sftcdn.net udp
US 8.8.8.8:53 softonic.com udp
US 8.8.8.8:53 sdk.privacy-center.org udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 www.clarity.ms udp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 199.232.213.91:443 softonic.com tcp
US 199.232.213.91:443 softonic.com tcp
US 150.171.27.10:443 bat.bing.com tcp
GB 142.250.179.228:443 www.google.com udp
US 13.107.246.64:443 www.clarity.ms tcp
US 151.101.193.91:443 sc.sftcdn.net udp
US 151.101.193.91:443 sc.sftcdn.net udp
GB 216.58.212.194:443 securepubads.g.doubleclick.net tcp
NL 18.239.70.203:443 c.amazon-adsystem.com tcp
GB 216.58.212.194:443 securepubads.g.doubleclick.net tcp
NL 18.239.50.93:443 sdk.privacy-center.org tcp
US 8.8.8.8:53 syndicatedsearch.goog udp
GB 142.250.178.14:443 syndicatedsearch.goog tcp
GB 216.58.212.194:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 www.datadoghq-browser-agent.com udp
GB 18.172.148.233:443 www.datadoghq-browser-agent.com tcp
NL 18.239.70.203:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 91.1.101.151.in-addr.arpa udp
US 104.22.74.216:443 btloader.com tcp
US 8.8.8.8:53 91.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 91.213.232.199.in-addr.arpa udp
US 8.8.8.8:53 10.27.171.150.in-addr.arpa udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 194.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 203.70.239.18.in-addr.arpa udp
US 8.8.8.8:53 93.50.239.18.in-addr.arpa udp
US 8.8.8.8:53 107.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 233.148.172.18.in-addr.arpa udp
US 8.8.8.8:53 partner.googleadservices.com udp
GB 142.250.200.2:443 partner.googleadservices.com tcp
US 8.8.8.8:53 storage.googleapis.com udp
US 8.8.8.8:53 di-images.sftcdn.net udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
GB 172.217.169.27:443 storage.googleapis.com tcp
US 8.8.8.8:53 ad-delivery.net udp
GB 52.84.90.106:443 config.aps.amazon-adsystem.com tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 104.22.52.86:443 cdn.id5-sync.com tcp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 cdn.btmessage.com udp
US 8.8.8.8:53 h.clarity.ms udp
US 130.211.23.194:443 api.btloader.com tcp
US 130.211.23.194:443 api.btloader.com tcp
US 104.26.6.141:443 cdn.btmessage.com tcp
US 51.8.64.151:443 h.clarity.ms tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 8.8.8.8:53 api.btmessage.com udp
US 8.8.8.8:53 c.clarity.ms udp
US 8.8.8.8:53 notix.io udp
US 151.101.193.91:443 di-images.sftcdn.net udp
IE 13.74.129.1:443 c.clarity.ms tcp
NL 139.45.197.253:443 notix.io tcp
US 51.8.64.151:443 h.clarity.ms tcp
US 51.8.64.151:443 h.clarity.ms tcp
US 8.8.8.8:53 c.bing.com udp
US 13.107.21.237:443 c.bing.com tcp
US 8.8.8.8:53 216.74.22.104.in-addr.arpa udp
US 8.8.8.8:53 2.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 27.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 106.90.84.52.in-addr.arpa udp
US 8.8.8.8:53 70.3.26.104.in-addr.arpa udp
US 8.8.8.8:53 226.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 86.52.22.104.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 141.6.26.104.in-addr.arpa udp
US 8.8.8.8:53 151.64.8.51.in-addr.arpa udp
US 8.8.8.8:53 vbchjfssdfcxbcver.ru udp
US 8.8.8.8:53 api.privacy-center.org udp
NL 18.239.83.61:443 api.privacy-center.org tcp
GB 142.250.178.14:443 syndicatedsearch.goog udp
US 8.8.8.8:53 c9f84b3e17d048fb299175aba30c4484.safeframe.googlesyndication.com udp
GB 142.250.179.225:443 c9f84b3e17d048fb299175aba30c4484.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 shb.richaudience.com udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 ad.360yield.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 1.129.74.13.in-addr.arpa udp
US 8.8.8.8:53 253.197.45.139.in-addr.arpa udp
GB 18.154.87.148:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 61.83.239.18.in-addr.arpa udp
US 8.8.8.8:53 brightcombid.marphezis.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 id.crwdcntrl.net udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 cdn-ima.33across.com udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 237.21.107.13.in-addr.arpa udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
IE 54.228.15.144:443 ap.lijit.com tcp
DE 178.63.241.79:443 shb.richaudience.com tcp
DE 178.63.241.79:443 shb.richaudience.com tcp
DE 178.63.241.79:443 shb.richaudience.com tcp
DE 141.95.98.64:443 lb.eu-1-id5-sync.com tcp
DE 141.95.98.64:443 lb.eu-1-id5-sync.com tcp
DE 37.252.172.123:443 ib.adnxs.com tcp
FR 185.255.84.150:443 hb-api.omnitagjs.com tcp
US 34.120.63.153:443 prebid.media.net tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
IE 52.48.170.149:443 ad.360yield.com tcp
NL 188.166.203.175:443 brightcombid.marphezis.com tcp
DE 162.19.138.83:443 lb.eu-1-id5-sync.com tcp
US 104.18.36.155:443 htlb.casalemedia.com tcp
GB 172.217.16.226:443 googleads.g.doubleclick.net udp
GB 216.58.201.98:443 ep1.adtrafficquality.google tcp
US 151.101.129.229:443 cdn.jsdelivr.net tcp
IE 52.17.67.251:443 id.crwdcntrl.net tcp
US 172.64.152.89:443 cdn-ima.33across.com tcp
GB 18.245.143.100:443 tags.crwdcntrl.net tcp
US 8.8.8.8:53 apps.identrust.com udp
GB 2.18.190.80:80 apps.identrust.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 216.239.34.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
GB 173.194.76.156:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
GB 142.250.200.3:443 www.google.co.uk tcp
GB 142.250.200.3:443 www.google.co.uk tcp
GB 142.250.200.3:443 www.google.co.uk tcp
GB 142.250.179.228:443 www.google.com udp
GB 142.250.180.1:443 ep2.adtrafficquality.google tcp
US 8.8.8.8:53 gum.criteo.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 34.120.63.153:443 prebid.media.net udp
US 8.8.8.8:53 ampcid.google.com udp
GB 172.217.169.46:443 ampcid.google.com tcp
US 8.8.8.8:53 gem.gbc.criteo.com udp
US 8.8.8.8:53 ag.gbc.criteo.com udp
US 8.8.8.8:53 dnacdn.net udp
FR 185.235.86.42:443 ag.gbc.criteo.com tcp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
FR 185.235.86.145:443 gem.gbc.criteo.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
US 8.8.8.8:53 lexicon.33across.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 35.244.193.51:443 lexicon.33across.com tcp
GB 142.250.187.225:443 tpc.googlesyndication.com tcp
IE 54.239.38.253:443 aax-eu.amazon-adsystem.com tcp
GB 173.194.76.156:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 225.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 148.87.154.18.in-addr.arpa udp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 144.15.228.54.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 153.63.120.34.in-addr.arpa udp
US 8.8.8.8:53 64.98.95.141.in-addr.arpa udp
US 8.8.8.8:53 123.172.252.37.in-addr.arpa udp
US 8.8.8.8:53 79.241.63.178.in-addr.arpa udp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 98.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 175.203.166.188.in-addr.arpa udp
US 8.8.8.8:53 229.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 149.170.48.52.in-addr.arpa udp
US 8.8.8.8:53 89.152.64.172.in-addr.arpa udp
US 8.8.8.8:53 83.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 251.67.17.52.in-addr.arpa udp
US 8.8.8.8:53 100.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 150.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 80.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 156.76.194.173.in-addr.arpa udp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 42.86.235.185.in-addr.arpa udp
US 8.8.8.8:53 145.86.235.185.in-addr.arpa udp
US 8.8.8.8:53 51.193.244.35.in-addr.arpa udp
US 8.8.8.8:53 225.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 253.38.239.54.in-addr.arpa udp
GB 142.250.187.225:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 en.softonic.com udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 sync.richaudience.com udp
US 104.18.38.76:443 js-sec.indexww.com tcp
US 8.8.8.8:53 visitor.omnitagjs.com udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 8.8.8.8:53 contextual.media.net udp
DE 184.28.88.244:443 ads.pubmatic.com tcp
DE 162.55.236.224:443 sync.richaudience.com tcp
GB 2.18.190.69:443 acdn.adnxs.com tcp
FR 23.33.232.23:443 contextual.media.net tcp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
US 8.8.8.8:53 76.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 ce.lijit.com udp
IE 34.250.215.216:443 ce.lijit.com tcp
DE 162.55.236.224:443 sync.richaudience.com tcp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 csm.nl3.eu.criteo.net udp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
US 8.8.8.8:53 244.88.28.184.in-addr.arpa udp
US 8.8.8.8:53 69.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 23.232.33.23.in-addr.arpa udp
US 8.8.8.8:53 153.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 25.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 216.215.250.34.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 8.8.8.8:53 codeload.github.com udp
GB 20.26.156.216:443 codeload.github.com tcp
US 8.8.8.8:53 aefd.nelreports.net udp
GB 2.18.190.145:443 aefd.nelreports.net tcp
US 8.8.8.8:53 145.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 tamerimia.ug udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 847d47008dbea51cb1732d54861ba9c9
SHA1 f2099242027dccb88d6f05760b57f7c89d926c0d
SHA256 10292fa05d896a2952c1d602a72d761d34bc776b44d6a7df87e49b5b613a8ac1
SHA512 bd1526aa1cc1c016d95dfcc53a78b45b09dde4ce67357fc275ab835dbe1bb5b053ca386239f50cde95ad243a9c1bbb12f7505818577589beecc6084f7b94e83f

\??\pipe\LOCAL\crashpad_1932_HPRJDUCRHOFFJGQG

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f9664c896e19205022c094d725f820b6
SHA1 f8f1baf648df755ba64b412d512446baf88c0184
SHA256 7121d84202a850791c2320385eb59eda4d697310dc51b1fcd4d51264aba2434e
SHA512 3fa5d2c68a9e70e4a25eaac2095171d87c741eec2624c314c6a56f4fa390d6319633bf4c48b1a4af7e9a0451f346beced9693da88cfc7bcba8dfe209cbd1b3ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c8de58be61fb22bb3c64ca7536b6d7ee
SHA1 10bcc7a364d6e3effb3a273f3512dd60bdef1b5e
SHA256 fda05326d18a5119179400f614aa7d70387bd25adadd22a6a0bbd1dd88bfac84
SHA512 0ca48fef16c6b690271d805783934871a4120cee396e398477b5e34bb4e7e9a131850aade7ca4b1df17d09167c26cfb7306efb2ba903665420b5d4d4c72e7e4e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

MD5 afdf178676db15081def11d0a64f9cdc
SHA1 42d5900dfb04d43316391c47e297e6ab71dc991d
SHA256 5814f4edbe3894a25b3300695523dcc7c9a577c9df5e8af26fb7868b46414d08
SHA512 3e685e7b86fdda335b6a2b058bc1d020910aa3c5f58d8337ee7eb2aa6964d5d795f7083e8710b8e73194ddd0aef26a1f3a5407a5e17a6e65f6a9d7c9af133bcb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 48eefe0507b959acd9ee5226b51c8f76
SHA1 a235e436e9f0e5397e64d042f21c133441d60e4a
SHA256 115cf13968c513f89e60efaa1fe2900a6f157e02b2a480641a0c75264dda899d
SHA512 3158c6772d708b76369b3432119ac218998b616d76525cc3d5fbe5811effc990be4c8992cee72ef9a4bcbe3ec073bbb9f03bde06743d8780847030d2f321244d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ab3ba266867e55fa824e55dcd8bcb002
SHA1 665d6de2ad88d4a12709f1b87c38f8969dc38183
SHA256 394a8332df343e473a9917e6d906de0611ff472b01ab291fae665948fe887fe6
SHA512 2d48d52712b18cd7e6e6f4cc32777949bfc66a44dfbfca54279fc62644b80a858d760d2747ea8d11ba587a2d90ea41be65ac0b9a8e03f9263717243df3b24647

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

MD5 2b5dfb1918c67607a49e6f784b48797a
SHA1 a8830395cceb8de7687b3b751c6626546f307d47
SHA256 5aa5e0d95839092c4545fea0928eeffac76690e8adf533d97b600e97250dac8a
SHA512 eaab7c07e1dc33f43aae512b77a2217af2189aede83c97dc73f2be7a17da5b1a242f47c7bd272ab13c9513d837fce6ce0ed0114b27971543370413b2a9c5dcfa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 c3a6cdab067beb2f78014e56210ae536
SHA1 bd117962b45336e96e576c6243009e602d09ee47
SHA256 e605878123ff1aa07ad7665de4fb689d90ac89e2cf51e91428324d213f540ba0
SHA512 7fe893fedf95ec495216ace819e096448b544c32634c948a634e4e793b7ebc6d7740d7b739343412eb7af42604c9ba37deeadec016bc3caf286166718358ba14

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 847b283a603aa2b5e8eca3ba671824ed
SHA1 bd22d0a256cb7a4363b9d01bbf96fb932c0dbb68
SHA256 523db4796fe058fb8974fe920917652492407bca044d02852d8458495bb085be
SHA512 8195d538264aa7c7ee8c693eda12b79de3e5ae80741f4f01ab8692810170ebb51becf0b0954e48fd09cb4989c5752450e18ca10c016333815d5d4ed0cf5a92b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 26dd449426cfb623694f078179943a9a
SHA1 e6b5eb275df0689ffb600a517e88c949cd21cb8d
SHA256 262c5b3409f5263ef78b69c63e8dad52fa12fbeb8a34bd4f6e702c5985e2a608
SHA512 981f83192dfc83acd86d3f534cdb7db2149969564c5b3334e54ac329f45763d26ad98dd1f556e48a8d24b25f428f434cb74009a4826fb69af82729b07bbf82e1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581c8c.TMP

MD5 49b239da757e6755f72df97115a86819
SHA1 c25be8452d8fc87d845a0de984b826a793d89a11
SHA256 d9bf842f309af858dc8822a8aa4e2451bcdfe5410fa7b1c96375290bf29fb8c2
SHA512 6e3b1635bd2d0ad719d05644e6edbbd83f33d3bc13eecbbb5b4f1bb94fab18a01cad5426a77eb95354cceb69282da56726d5f6a26965b2d5d5b19c7ca2195fe2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d0177c5c77fc47a45dc42b9af7f5d9ea
SHA1 44e233d060af44bc86c6ee1f5ad654a75867a4e3
SHA256 354efbc99d33af86232e56bea6732484c958faa191a5f061260ec111c065eefe
SHA512 c0414199bdcfa69c37f25ed9a89fc4c5448df07792561b62f3bec126f77161c569f5ba50ac662f28975cdd871b8dd39bdfbb7fc652923e5df56b55dcf6896957

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 dcd8dbb6ecf8b17caa25494a0b8dd1c7
SHA1 2b2005df992c6b565bfe5ac98f09c49b5b1fa508
SHA256 83098be4356b5959667e8124d97db27331cffd72c60fcdb5390f5ec9e0c3f07b
SHA512 a098ff517443d47a683a7f0594915c85ed5f4b9cfbcab970d70a72ca23189f8ab608476f09711c277005146b5fe5d718c9c167ca802ff151163b22e3038d3698

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f6f70854d432c4c33b69b089b7257371
SHA1 3edc7ede63d3d8cf99513cf603aefe9d39d3c72c
SHA256 d33515b223ad8279838521c4bcb9d66392f240e4feed16aeba1eb06381f5c754
SHA512 33c3d4a2cb85cd306215b494e1ad1243b3ee0866ed7b429adc790e7a99af69f81fb81ba4fb4894cced142e7c0cb6b5a8ad5c81f6f399079da0e63d30ac58d584

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

MD5 2e86a72f4e82614cd4842950d2e0a716
SHA1 d7b4ee0c9af735d098bff474632fc2c0113e0b9c
SHA256 c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f
SHA512 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

MD5 bff21faca239119a0a3b3cf74ea079c6
SHA1 60a40c7e60425efe81e08f44731e42b4914e8ddf
SHA256 8ea48b2ac756062818bd4ee2d289b88d0d62dc42a36cb6eee5bdd2ff347816c7
SHA512 f9e5baefacae0cdb7b9c93afc43ad6ec3902b28c0cdf569e1a7013f4e5c8dfb7b389b5e2bc724b4ddfe554437320f4f2cc648642944c6f48ad2a78815acd9658

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

MD5 c3c0eb5e044497577bec91b5970f6d30
SHA1 d833f81cf21f68d43ba64a6c28892945adc317a6
SHA256 eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb
SHA512 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

MD5 56d57bc655526551f217536f19195495
SHA1 28b430886d1220855a805d78dc5d6414aeee6995
SHA256 f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4
SHA512 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

MD5 ed124bdf39bbd5902bd2529a0a4114ea
SHA1 b7dd9d364099ccd4e09fd45f4180d38df6590524
SHA256 48232550940208c572ebe487aa64ddee26e304ba3e310407e1fc31a5c9deed44
SHA512 c4d180292afa484ef9556d15db1d3850416a85ad581f6f4d5eb66654991fa90f414029b4ce13ed142271a585b46b3e53701735ee3e0f45a78b67baa9122ba532

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 f3d0a156d6ecb39d1805d60a28c8501d
SHA1 d26dd641e0b9d7c52b19bc9e89b53b291fb1915c
SHA256 e8be4436fcedf9737ea35d21ec0dcc36c30a1f41e02b3d40aa0bfa2be223a4a3
SHA512 076acfd19e4a43538f347ab460aa0b340a2b60d33f8be5f9b0ef939ef4e9f365277c4ff886d62b7edb20a299aacf50976321f9f90baba8ccd97bc5ac24a580bc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

MD5 b38fbbd0b5c8e8b4452b33d6f85df7dc
SHA1 386ba241790252df01a6a028b3238de2f995a559
SHA256 b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd
SHA512 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

MD5 540af416cc54fd550dcdd8d00b632572
SHA1 644a9d1dfcf928c1e4ed007cd50c2f480a8b7528
SHA256 e4e53d750c57e4d92ab9de185bb37f5d2cc5c4fcc6a2be97386af78082115cbb
SHA512 7692e046e49fcde9c29c7d6ea06ed4f16216ec9fb7ea621d3cc4493364743c03925e74244785588d1a4bfc2bedd32b41e7e66e244990d4076e781d7f4bbb270f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 49279a574d9188cd057e58987d94e312
SHA1 02c337898404cb62a3668949a5570a46ff3bf225
SHA256 8e49b20f7114dfb74b82cbaa19801ddd8bb02e1e00319dfd7d924bb9882a0268
SHA512 8758aab58d6daa22fa1a685425d0ef67914ce6682a7a125aaa41432816eca36e95227a279425744dc4050cc98a2fb7189d06d0eacd3529231bd8b4469b3e627f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6507d8e4b14116ae99615ba6d1b079ec
SHA1 c97c41f8cbc939c7a65757089d8fab6a541f4ca9
SHA256 c90856a2c8a44a7ffda47b971ed60c06c09bb16388421bd979377c52e830cce7
SHA512 f34dd427da981060debfa0edc20df03f936778d93461d8baa01454bcba3249d9b569ef1b74a40eb266b3ce83ea771545494e1cf668a574da9abf4762cd30a776

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b85227c6ba48f7a94dc1f210fb8ce361
SHA1 1c22fa386ba7581c524768543402397bc0608475
SHA256 9495432f204b2c0e8bb7f31d39e18d4e7b07fc3115fc6b0288dd5a3c6e667361
SHA512 21efd19d955ff6b721dcf1ebbac28dd28b5f19f2a755d86b295d470cd8df82b3beb95b266b3ca0d7b8dd3f7891b8f360027bd4c4d7f34c797b030a53ad3d0464

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 6ac841eb57693326b6bb521a010e1f30
SHA1 b56168ed9a5a70c0791cd95de4f0cb78aee1e842
SHA256 1c50de085cf5502ec090d29843f8f3cd2866ee2395f3bedb1b9b0d5c55ef7367
SHA512 b35770e56ef85f024613c5f48d78222ce2abe4e59f00800e27c95b944df8cee4d7a48acb1e14758556c3488ee553778c3fa50f3397fd7757ffd3308df9ec8e25

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 a1340c2d9d2dc601940c9ee0d523904c
SHA1 ddb377c6431d1745c914e71c52a84ca377b34842
SHA256 6d42a9c32fe9f4fb2f485a0b0bb2eb07cdde02083d0c3a3598a4a02870a1a4bb
SHA512 6515d19978bd36d41a083a87f93e4ab24cda77ca7c0a41073e1943d8d25763113098ed7b6a8143f67764840408965ccd4c22f25ff1c197708ef6b69796a18610

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d48c0ee133a94a985656cd4a2e2a5abd
SHA1 e0d2a589281a5b2f41bcb709f8df0fb6a7e484cf
SHA256 c2a7bf228880a146caa6dc41ebd1708810976264b03d97d1cb65b9617b9430e1
SHA512 0d50b91019ed2a0305105dbe1564728583f205005ac57045f44e3b354a4fe624a36acda5229207efeda1201a298ff0a6ebcf683ae890ba7f350139bf7b5380bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 24ed8cfbaa88bf143878fd608bd16fb0
SHA1 1dd72b56da3f61b47d07f36f2ea52e8b3ac41793
SHA256 0e1d120696626e2d3f61424cb97e2a820df505b9734b486fb5e8e42e8c941f31
SHA512 0bab7fac52fbe5166456bcb6575be26d026c2f1df014538c8dcc68ae83b643907637b6d74cf8312b15c445400aba99d8a49e5254d4d91c4f857b6acf342feaba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9319f1a4772ac77035c20e75b2d0d7bc
SHA1 2a38289c0e9483cbb9f40cb95e0a350eafb0d11f
SHA256 caab467c0f804c380de0ad096407a12b766204f70e7bc818e206ac78bb74923c
SHA512 b134d032627b68e4af9c1811f37f90b33520203b52fc69230a18249232ef2fd7b217602d30fce3401bdb7d10a60d85c5e44d2c7a9cc853eeb896edd74c7faa73

C:\Users\Admin\Downloads\NoEscape.zip

MD5 ef4fdf65fc90bfda8d1d2ae6d20aff60
SHA1 9431227836440c78f12bfb2cb3247d59f4d4640b
SHA256 47f6d3a11ffd015413ffb96432ec1f980fba5dd084990dd61a00342c5f6da7f8
SHA512 6f560fa6dc34bfe508f03dabbc395d46a7b5ba9d398e03d27dbacce7451a3494fbf48ccb1234d40746ac7fe960a265776cb6474cf513adb8ccef36206a20cbe9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 88371d958ead415ed4adf03554ae078e
SHA1 60ac5b81f415bd52be7d947c092a066eee733cd2
SHA256 e12f195b7432e53e986dba1565ae73edbabbdf0eecc2906398f9f3c97f8d2102
SHA512 f9f86bae85e5aa38edc80a1f8f11b32abdb0247b553b1fdd7670076e58e125265855c234e1705c4909cc2ff8dc8b9c70dca9829c153cf411820b96a36fd05159

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 51826f104982080ff9529f7045b9afee
SHA1 e80d737b0bd06f26be766d883084aabdda4cae59
SHA256 8137c6520d4396494fc77258dcadb7d351faa1351ba2494289bba3f71e5b933d
SHA512 3373bf79ef8cfb3f1b81e5a29291c1127cb3e4049ba2b87dea283f11d6f2ff98aaa01375165b9f8eb2fbefc84da982a3b73d25caccbad16080311624f74cd0f0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 cef676dc21a934e1910a98a952adf634
SHA1 5bfef1ca9cb753cb3cdb3376d2e7f3b5de2e6761
SHA256 c181a052136d90a7ef21a7724999893aef7f7fa73d5d8b4858c118d870d62d0e
SHA512 70ba6e8b62e8e32af7cf3404cd85ad810c7aca8122e674c5a70f72efa3b493ecb9eb0d8531f5a6ed0ae9210ee1f674bdbdfb910050e747e0fe1a238af3de8db5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4e308462279cec1714ab9648b3452828
SHA1 dc5339a02c11fc01445c540b45170c46c28b7894
SHA256 8220984203348a2a657e80e8c27945fb7385108c63cff10ca63dd6bdcec8b8c7
SHA512 26e884f4a38dd37f02dbae6dda2168307ce7aea63412a701ee59d033c13f31ca2fa5a884b9cd4eec420305e1e2572ec490f856a09f1abbf4f2a4b07c55fc9c2b

C:\Users\Admin\Downloads\WannaCrypt0r.zip

MD5 e58fdd8b0ce47bcb8ffd89f4499d186d
SHA1 b7e2334ac6e1ad75e3744661bb590a2d1da98b03
SHA256 283f40e9d550833bec101a24fd6fd6fbd9937ed32a51392e818ffff662a1d30a
SHA512 95b6567b373efa6aec6a9bfd7af70ded86f8c72d3e8ba75f756024817815b830f54d18143b0be6de335dd0ca0afe722f88a4684663be5a84946bd30343d43a8c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 450f614db129ed0913a37b20df4cf1a5
SHA1 ee0c33e5746e09163b09d5779010a769efe8964a
SHA256 1742963662cf8f96428d9e6548d359ed0b967d79e7253ebf6a1961db1cf06bdf
SHA512 907deed39cde2e2277f97fcc1e9075395e562d3d08c88ce2b4b82183bc0c3206c7db7f375eaa8650aee00a7aefa9557703a23746605a4d84c01c16a40ace8f43

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 b5d116e156bc035eda84e76abc619c46
SHA1 9ccdd6715070bd0ff682712de93655125a5fabda
SHA256 adff25b9c12a6fdff8cc5e16d1023e6d294dbbf54dc6518cc6ef666b74b99fb7
SHA512 66482fafb682d4c485d9ec4b7edc9badcd688f24644730ded3c7ab6a390d373984bc57e278a4b6f7d31b07348a64f99cf51b4a6313b523839802ad171795befb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a

MD5 b0ca864f370ce459aefa34bd5d1b433a
SHA1 4917d4e15e1f84e09ce8c59555b11e09bd8533f4
SHA256 c3b6214ef0277a056ac9726ddc1300f1bc05d3b0dc8d4044c710f5d2b8c968e9
SHA512 b99ab657af0471a7fff1b8479e8e70da25f629cd381e32d874f617d258d073ad5e23fb56909e3cf718269105dafa787768fa47ac41208fc1fea9216f1a0969eb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b

MD5 e5b6deae3dea235b618f729a9cf8a51c
SHA1 f969da7bdab3d314300e83d0c290ef69ee41e33f
SHA256 592cbfd0085a910e7406af8689c7640b42329227391dc20b9fab16ef7cccd2b3
SHA512 35b0d04c0faa9073b096256f82aed4788d9c905ce1abdec3ace08140d9b661cbc3a1a4671ba964318f6a8b98f4204b14732788a330b7a76a2e98f9467c0d6bd4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 2e23d6e099f830cf0b14356b3c3443ce
SHA1 027db4ff48118566db039d6b5f574a8ac73002bc
SHA256 7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885
SHA512 165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038

MD5 cfff8fc00d16fc868cf319409948c243
SHA1 b7e2e2a6656c77a19d9819a7d782a981d9e16d44
SHA256 51266cbe2741a46507d1bb758669d6de3c2246f650829774f7433bc734688a5a
SHA512 9d127abfdf3850998fd0d2fb6bd106b5a40506398eb9c5474933ff5309cdc18c07052592281dbe1f15ea9d6cb245d08ff09873b374777d71bbbc6e0594bde39b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037

MD5 0ab3157f814a486195ba86bafc7eac95
SHA1 b5746e35a7ed4b1d781ece016456cac68298c20f
SHA256 f2ca3da125f7020f78c23e0aa60f2c21b66453ece0ba1cdf8ef5cc15345d3757
SHA512 8759fc18a4002f12ae3398f13984ca3e50573bfb7d8daa16cc03d6a8655ee22623eca05549e0a9b721dd13f7e08dc6275b9cefdd96c8250fbabad31e7834b881

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

MD5 e35339c6c7ecfb6f905814a86caa7882
SHA1 2380f4be31da11f9730b20b1b209afdb42bf7f24
SHA256 3f2b391ce2229a0fd88b58ecd0e56b1113fbf27271411a28016394eac9df4984
SHA512 3cf03b85d72d40aa516d1be4315684f932437cc93fb332695fe069cd590b43c5e96c6b10208ec566c9db7875246f452b259e17ab567a4075ff484748070b8375

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 1abb5fcf0a5cde337f571d01815138ea
SHA1 5b497176ce92a000121468cfb8c73607ad8faa40
SHA256 61f6285f6d41defa47b4dc12183a4c43e76e69cc4927aa55c91904b1bb8502b4
SHA512 0082bad0d20696c64b23da3d802c300a7ec661687228f1cf025d6f7a8e3178ff1144636c2c2c2da3f809afa7239ffaa948488ef8d2afbba97bcec59eecf11e89

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036

MD5 1258482388f7b6ada91ecf01351b123b
SHA1 18256e690ade766d59600b2691b97c8d118e3226
SHA256 fa808cf05e8e516ea04fa76aff4c107391880ecdaa90bbaeec4de7252c241170
SHA512 5ab21602e28ead72808d3a4458f2f45397ab0b6e56e7eb6c00efc9335a96bb6a21def505f6fcd328079ded6422b3ed164f40803811de21c5749906d56d72a8eb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

MD5 0bf07f12c1c5dd5952718e58d82c5e71
SHA1 676971edd706766162435f60bac58fbaa233a8b8
SHA256 259a012639a62bbf10b217ce04837da2f775151efc7eb06cf290fd53c2c5ae36
SHA512 9056b0f63e196013ea6fb599d00de7bf8c1476f2e02d74a13cc93f2d2b4c129ab0da2f52a2157fe44443a4fe92df2588423d3c38f4ab38b79e394e109b43e5b3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

MD5 9458c39229e65e93245ad6de284f2dde
SHA1 d5a728dba861ffd24bec6317f105e14cfba4b2ab
SHA256 dd563bbb62335aafae055c08891ba60e191ef343c71546db64a16c5e6c1dde48
SHA512 84c39acc38a17bf73fdec1bb6bd93a0654c5bd54fa4c13ccad2069ff7b759ac2999c7e099348a91a53afdd2cdc3f056a033db3cbd0dc552e6299fffdfba8373f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 94a66764d0bd4c1d12019dcd9b7d2385
SHA1 922ba4ccf5e626923c1821d2df022a11a12183aa
SHA256 341c78787e5c199fa3d7c423854c597fd51a0fc495b9fd8fed010e15c0442548
SHA512 f27ba03356072970452307d81632c906e4b62c56c76b56dfe5c7f0ea898ac1af6be50f91c29f394a2644040929548d186e0fbcea0106e80d9a6a74035f533412

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039

MD5 8204ba87e201faf988861bfbd5505b94
SHA1 7e1051f5f9c33b95b265ffc2f8799fb3375c9cee
SHA256 12027957b89023392cc2bd4f79aa51e4d6f4ba99c91a9112cce58d384ac313be
SHA512 b848530ef8a546631ff7aaba065db429eac0682baa455e2c9f8381164af9e4b37d793cdecb9fc5e75b047dcf27440c761d979ae26cbd045e3de0034861eb33b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003c

MD5 531b54313c7e37aa9373ae02902938fc
SHA1 2f4216dba4074d48eda6f2ec432c6b36d53d131f
SHA256 ffa166b04c3e8ce908968d4029f32f26cf1d5adc49ae843d6992b8d3049af94b
SHA512 8fe11e78c01959370174c384d5cfad2a22ba1abf981deb74b8bcf5fc070250c80d75f6740e2455aada3037bfdef0ec4cd8558d4de5c5bf55a330e642f53956d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d

MD5 13c9fa26d781d5bfb4192b4d255dcfb8
SHA1 8d8c1fc8a9835aaafc017cd0ee2e41369ad3be8c
SHA256 d8f57272a95e48e67cefce9eeba43853e2cbd593b3fa7ff84624950e1238f8c3
SHA512 55229d8fd4f23f2ae243d30e7b6844f776e33402b1d00a9651539ea9d1ee014dd2f6096396ff4cb8c8674774463121876e6bc0dd68bccf172f19b9916c5b4b34

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1007432f4dae6d5d61bc63f84cd565fd
SHA1 f3a39b99c0ff0b9ea0911d8adcf4c17931861208
SHA256 fc1beb41b11c4be06483fe2403a30208ac3bcc2047dec9a9e16a9fe01172ecce
SHA512 80df315bfac8ab4099d3e706cfeb785bbda1ececee63a51c4b1aa9c795d273d154526222b4fdebbfd1dc5e2dad1539f8bbcbf5e6c7fcb063b61ca6c3b9b8e715

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 527525b1915eb71a5be273e09ac961b1
SHA1 7a7eb56d7822aae2545651b7769bfab6733c0b62
SHA256 a08d7b44cd99108fbe84c5c872e41fe1c6d079ff1e4b48f52821dd526621ce08
SHA512 8a6e07dae1ba4471e849007017faae12eb39d0d0e9eddce752ee037f4267156c2ef6f6476ba62b99ddf2671eea1f403de0b54cc24620e75496fc4900b185212f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 89c47db3b413118adf61f14088079b12
SHA1 bc8778d57c369a4dd513ac2a6fe1b898c54ee012
SHA256 4f041d342c0883aed5cb80806742389a6aa398528766dabe6a0458d762bba57f
SHA512 0b0f72be96b1dc07687420ba6a97eb2d926a8784f1d4a6788fbaa34a1f7a7509192e9ca5ddc243bb329bd9ecbedab8ea8036b5e51742a30259be17888cba9190

C:\Users\Admin\Downloads\Unconfirmed 800034.crdownload

MD5 47abd68080eee0ea1b95ae31968a3069
SHA1 ffbdf4b2224b92bd78779a7c5ac366ccb007c14d
SHA256 b5fc4fd50e4ba69f0c8c8e5c402813c107c605cab659960ac31b3c8356c4e0ec
SHA512 c9dfabffe582b29e810db8866f8997af1bd3339fa30e79575377bde970fcad3e3b6e9036b3a88d0c5f4fa3545eea8904d9faabf00142d5775ea5508adcd4dc0a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fad1e1b6155f2725fa057066da7422ee
SHA1 9f70e9dba17365d2a9018caea3c8d2345faabd55
SHA256 ea252c5ca64dbd8590c232f4fa40fcb89dff386d18bf0a2046cf7fe1bf1e8a42
SHA512 ae2edaded69617001f8c58362f9715eb945f912517679b688b4805862457cc40b9f4232e787363a544360cf5724084e3fbafd0c4ffdd7ba769fd2afdb2ef0d99

memory/1676-1499-0x0000000000400000-0x000000000040E000-memory.dmp

memory/2288-1531-0x0000000000400000-0x000000000040E000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 407359d5529da3a8c5dfceaec004df9f
SHA1 93eb7bcb81167d17d9a4abefeec8ce3d29ba7811
SHA256 a3598876ece896053ae1509dd19ed5a11fde8ae8e49681e863f0b59776e3440f
SHA512 a3ed9c9f71eb0bffed80347ee6aff4cb296ad65bcd3e0ceef201457b0973383a17b5416d78fb277f1f9540b90099b9e4554aecfa9834f463a4738cc99e8e8dff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 055bb2c8059ca8a54d8a25ac90658c25
SHA1 7b4fe31a2f050d7edf8f758e79e39acea3ac8a50
SHA256 9e5638ba580ce22fa2ccfb2edb1a0a57e4370ac3503bbd56e9dcec5d4caa8d8a
SHA512 e7b876d8c01f110c6a5975ecdcca537d6baaa5b4f40d2cc8bfa3061c41081b1c189df228116cbd1b8814885641f375f06c4396562d0a56c35cf9c0b88fb6326a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5433851e3c9e81151966a9190c879822
SHA1 1bdb2ce3180543192e76d75e27c02d7aad881700
SHA256 1f818b73c52c1e3b90ed1e4e5428f98840b88a0ef80f32c81ba67d1b59a30464
SHA512 9a5788dc3db02d78f776b18d0c9ff8de9a8fe13073941b27edb0765df559b20c2d61d0fb6f665041305902db67f8f7590ff77f48af3839cddb0ecbee5c46d1e2

C:\Users\Admin\Downloads\Unconfirmed 922448.crdownload

MD5 a56d479405b23976f162f3a4a74e48aa
SHA1 f4f433b3f56315e1d469148bdfd835469526262f
SHA256 17d81134a5957fb758b9d69a90b033477a991c8b0f107d9864dc790ca37e6a23
SHA512 f5594cde50ca5235f7759c9350d4054d7a61b5e61a197dffc04eb8cdef368572e99d212dd406ad296484b5f0f880bdc5ec9e155781101d15083c1564738a900a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 568790980ace5c4cecba59b996fb5a09
SHA1 537afcc236321bec8fea0c72ba3a4a8be499a301
SHA256 cadf99840b1ee9558d8f81f1542b32fd7089b5a66f97a3a70a6f9039788a19ac
SHA512 b36f2e4171f6abd4c0b2e511d3061f88a2f215fa9d084411d4d606b846dc0a818b23368d7b26fc90960dfc13ce123599c811e65b23242efb10ffc46b651c6a25

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0e4b6626956517cdf3282796b596a4c8
SHA1 cf9d235c6f1b8176b86083a0a3152d30ba358e29
SHA256 53b24deabedbf7c965de3229e535c16d1b0b4567dc06bcdd318ef20782a14f20
SHA512 d75397f21fc2fa458412f3f118a2424b5c25bef3160358421819adfee97e6a36e3832cd24348c7c39fd87e55d78cd33b5824d2f3a80d6a61020d5e7bbfe9c573

memory/4056-1642-0x0000000000400000-0x000000000040E000-memory.dmp

C:\Users\Admin\Downloads\Unconfirmed 139909.crdownload

MD5 eb9324121994e5e41f1738b5af8944b1
SHA1 aa63c521b64602fa9c3a73dadd412fdaf181b690
SHA256 2f1f93ede80502d153e301baf9b7f68e7c7a9344cfa90cfae396aac17e81ce5a
SHA512 7f7a702ddec8d94cb2177b4736d94ec53e575be3dd2d610410cb3154ba9ad2936c98e0e72ed7ab5ebbcbe0329be0d9b20a3bcd84670a6d1c8d7e0a9a3056edd2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 257b92f97bd224ab1db29b667f62582a
SHA1 b44c17b0a000afe416ae367caa3c99824277ed8e
SHA256 d27e37fe9ddd44749c467d2563869c98e7cd03ce2d28476d213120e83006eb27
SHA512 7ced92cf47fba32c862ec93ccc003825aca71570a6b2754fd8f606f09e5049fa025dbcca15dba28aea8fce0ee3cd18ca702c91f09bfb75a294d123bbb6c8bbcf

memory/1676-1687-0x0000000000400000-0x000000000040E000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 641e03800a99df34417837eb9fab42a3
SHA1 de202ae0dac86a952605147580c9df70999e9161
SHA256 ddd9cbc51d33ac025c08037cb42bf97a13ff7ee18fa6d306a2f0717e18b6c853
SHA512 6956077e96aad1e597450fe71c93ad8b8240e30f5972729a245889afb5657e31d60b3264bfad573ea08271b6b51d02c7c5f034c323650a91af021f4d46b8a3d1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ee21e169a95ed6d40dbe05a4e6ff83d7
SHA1 e91ba13c3432042feba4dd520df1421c7b4cfd38
SHA256 85646c0a77c1fe52dddef43eaf2033acd0b4c7f372f12d5f81ebff3d80c52243
SHA512 51a05ab591779f3bd6dcf5acd25ed0bd1468e8fd45a228d344699d1dd5fb959b8924ee0372ba40310c8c4a19c6a4081b7506504544e76c4a8f1754b48999164b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f8c336f919d9b735c62c49200223a519
SHA1 1f1277088ad466a876077237f691facb916f51fd
SHA256 41f0d0516d9eb44be06f9a23f686d0bc5fd080a420aee320f3d3857ad1121b93
SHA512 f587c7f8e1e4347b6466efb7894b6fae4b116f8fe093535204523d44686b7fa741d03c0921f54f4a132d399efc2699c24aa392bee42296e700608637bf1dd5bc

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 24fa64382418af799155099599e3b731
SHA1 f396d2859eb8ca1360fdcf687f3422616686cfbe
SHA256 74ae7dddd681f1f9abe5fb309824501e348aa5e69dfa35234ece32c2222466f9
SHA512 fa1dfba40de41f09d06e3d014330f10644578500aa00e26fd8948ef72078fda85970ca3f08d10ddf0c84b4829084b008e6ddfda9fe1d089495696197b188bb7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9dd6a0d334ffb0b97642a956e7c5d067
SHA1 57703c13f12ae3896c1566335bcdedb728794145
SHA256 446592ab44b387941c3c158a418d9b58c3ac18c095f2bd64d0bf18609f7971ad
SHA512 e9b1de53ddfec27f03c681711116c6e02f0c52b9b85d67ffff26a5f35558dde14b21233376ddf9fafea17aa084f19ee84182e09550d431c0f6de2a4ec9795585

C:\Users\Admin\Downloads\Unconfirmed 283318.crdownload

MD5 7621f79a7f66c25ad6c636d5248abeb9
SHA1 98304e41f82c3aee82213a286abdee9abf79bcce
SHA256 086d35f26bd2fd886e99744960b394d94e74133c40145a3e2bc6b3877b91ec5d
SHA512 59ffcf6eeac00c089e9c77192663d0dc97b2e62cedb6d64fe7dc2e67499abc34e33977e05113c9d39ca6d3e37e8b5c3e6aa926c8526215808b147c0152f7dbfd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c844a2d13f2516b6eac7fee7409fc001
SHA1 53547bad8c6b1afcb925d0b76ac01be4eddccdc2
SHA256 90f479b9eec92093739b4ec4910c3f46b35493a56a70e40162aafd2f917723c2
SHA512 1c5f37ebe4d2fe41f1be9af0932e585afef14511b3417e858359165becbc2a130d2734cadb50740bb4753448f2b0558f522d1e28d2db95dea8377f8b4fbc197f

memory/2740-1898-0x00000000006B0000-0x00000000006B1000-memory.dmp

memory/2740-1897-0x00000000001F0000-0x00000000001F1000-memory.dmp

memory/4580-1896-0x0000000010410000-0x000000001047E000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 2be69b152fcf291db2b13d8ab42272d2
SHA1 8524f90886e87ff299498987592dda98868633e1
SHA256 e2a12c48ef24286f4250ea0b29a6404b9d6406a2248b3b2aa87f4b270685ef19
SHA512 56813ddf1c32987ed7f02c1b78c75e621f802135cc7d526c6b2a945e1c707bbea4b2ea047c13fea7950bed6ed091351ab4baa605dbf1a1327a2889a177dc38e6

C:\Users\Admin\Downloads\Unconfirmed 474573.crdownload:SmartScreen

MD5 4047530ecbc0170039e76fe1657bdb01
SHA1 32db7d5e662ebccdd1d71de285f907e3a1c68ac5
SHA256 82254025d1b98d60044d3aeb7c56eed7c61c07c3e30534d6e05dab9d6c326750
SHA512 8f002af3f4ed2b3dfb4ed8273318d160152da50ee4842c9f5d9915f50a3e643952494699c4258e6af993dc6e1695d0dc3db6d23f4d93c26b0bc6a20f4b4f336e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 e7c6db567ad60e46e5b56d90c58e74c7
SHA1 90276ca77a69a369c8999e66a549816e3ba27424
SHA256 0304d78d3e369d2861272f42ef3f83157a7631a5c7b9ca7a103e132596b85761
SHA512 fb6f43ffc3b3e103b6a881ef2fef87f6b772341a0611696d9962ce1a94d8a18b4f63d91b27f1268aa7dd00df94b959b6869683ccafb442b7c873f6e0d90227e4

C:\Users\Admin\AppData\Local\Temp\MSIFAE4.tmp

MD5 6425466b9a37d03dafcba34f9d01685a
SHA1 2489ed444bce85f1cbcedcdd43e877e7217ae119
SHA256 56f8ca5b2079bc97a7af9c015ed4b6163635baef0d9a287d19fc227fc330c53d
SHA512 62f4c79d165282db14b662d4242a065af4c8a642f2023032ab5a059e2d6001f0b80e9a0562989013acf01a80a67491be9b671e6bd99220cf9d4fb44a17719371

C:\Users\Admin\AppData\Local\Temp\{09EAD19A-804B-444F-B17C-15F8C5837E63}\BException.dll

MD5 a2d4928c9836812735b3516c6950a9ec
SHA1 01873285eec57b208fa2d4b71d06f176486538c8
SHA256 79ca108d5c51259d8fb38ed1cfcc5a70e9cf67a5954e52a4339b39ff04fa20c8
SHA512 d03964a2bb597bf0fdefb787de3b462010c4cd02d286b16587a03b5228553a307d1b8f472c312e0d8bb53f21570aa5b112d85193cf42b83ef33fb7905855eba7

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 ea86ee5499326ae16947e70cb88d67e0
SHA1 68c8ee32beb4fbb5257d53a6431cc2d0c7a833fd
SHA256 19538ce54ed06846cfe7f913a6ce56623b0fba55e749a22d4091a9464c690724
SHA512 3c9bb2cfc6ced5cbea6e884cd08343f099f446832075db427be8b28f92fd254603b798c3fe652548fcc963816aa048f6b08375bb1c566ddc643e2b656ff9cd31

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4d220604415ae0e298565dd2f205aaae
SHA1 6ad18a3b64f91a7e539c687057df04f6758e752d
SHA256 c974ad192e153ffc3f2fa43d1afa0f7865cf2c5b430911a0b33da2dca0723e83
SHA512 9e650776f496137106fa60ba48766b88917d947069fa023b41524e5d16a4902b681946faf0bb4063941bc0113cdcd30bc4b80e60425d7f72bfcc4bd4882cbd6c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 514ff8412b4903596c9fee110a16d391
SHA1 fed1890af2fb79b18b2afe8bbc063607c54008ba
SHA256 1a8b316e7c6ccd39fc4d877374c8b5fa7e00381b04aec1e9e4a5130f54310279
SHA512 d1a11f7d197eceb94466b821237ca50120cdf31738fbc286aa7ba3288aea3275e023da0c854d2cc1d686e7024c5be04589d5139c3ec9c98635e83cab137a4e85

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 de1eee72a3664ca8b8f5a0d5555339cf
SHA1 3c1e18b68988856d189785a31582d9ee977109d6
SHA256 80d6e049798b9596ff7251ceb880cbe4c02d6cc6ba60b2dc8028fd7b0b1fdd4f
SHA512 b3b326345fcf72e5b6f18432657ee9e7506510440b66de444066db58bad017bf749ef71f715b3e63fcba579fb2fa625c3f8670b47a7383bbd965c94e65e691d8

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 f118c9e278360fb56b3dc8ed5bc41c6a
SHA1 d532d973453370bcbc4889a6802e6c450276c67e
SHA256 7c724631b515a022a15e403a01e7f881883db705607d95536cb2175d9c39e3f9
SHA512 d80f94e36b399b6f0726e34da1ae21d51a1170bda43e7e62878368cdebbb7ae606f0a491779b143eac70764e4cd52928c6240ab3891d4f06410e94dfad8bc29b

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 ce991a39f9cbc8fd5ecd80bc0b69cb34
SHA1 75d5e5559721c61f6064ea5da6ebb752069a1597
SHA256 de4e0ab89596d9a60190dea67e755123bb07c7231b6a42a5de729a12ceb01e61
SHA512 1bdc127b4ca65db81ca0941aeaeac333db6d54c9a5c18711bb7ee54fe12155770cd7819b5152ea9e3735df67bfa35c6d06ed1c442008e55ccec07a398b11a48f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 cf604c923aae437f0acb62820b25d0fd
SHA1 84db753fe8494a397246ccd18b3bb47a6830bc98
SHA256 e2b4325bb9a706cbfba8f39cca5bde9dae935cbb1d6c8a562c62e740f2208ab4
SHA512 754219b05f2d81d11f0b54e5c7dd687bd82aa59a357a3074bca60fefd3a88102577db8ae60a11eb25cc9538af1da39d25fa6f38997bdc8184924d0c5920e89c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

MD5 209af4da7e0c3b2a6471a968ba1fc992
SHA1 2240c2da3eba4f30b0c3ef2205ce7848ecff9e3f
SHA256 ecc145203f1c562cae7b733a807e9333c51d75726905a3af898154f3cefc9403
SHA512 09201e377e80a3d03616ff394d836c85712f39b65a3138924d62a1f3ede3eac192f1345761c012b0045393c501d48b5a774aeda7ab5d687e1d7971440dc1fc35

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005b

MD5 c03c97cd263581f7fd2873443dae36ac
SHA1 24a553a05ccb463d4c45da10c7167c23823fae4d
SHA256 034767bda52d7ea8ae3577f48dc54c81f88369c5732a59f0a30505dc6072ebd3
SHA512 33b9666ca69241e448db148f975d0b95b1f42017bc8a26275bf9a7906e13d2a60db87f42edad9a26e0ae1c3176dfbf5c3498db5cea1dc0307f64780d9c83eefc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

MD5 1de4708beee6992745a7c14b7d8580da
SHA1 03bb2b7dd07f1701da7cf19b68dd23a2b298827b
SHA256 ba0ecf05941451756a9acfc7a913e64dd56ddee8f3811c8a9f1cdd0a219ad64b
SHA512 5d21cd342f3f70a7dc4bdd3b100e6677e74a7fec22af3ffc9d048618d1daeb5dc5e3f1511ffaa2fddf2f3e49b31351d7d4613f7f03e21d2b609483ad6aab9c86

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 55dab544a6993f73fb2105acd0b02da9
SHA1 076776009cfc18038f9f0815a2d99e18982febbd
SHA256 0120796453772ebbed70c28e91217be1919e9a128041c6a8dae2d3ba0a1adaae
SHA512 8e1d3397465d1f7ef2c6b3c562a416fa6a5c53180a9f8f4ab7131fbb7ed1d7f90c1bf22c759a004fadc5485023cdd7fee653130403969f1e70e54918f89e9668

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ce0d5f50ec62cfa094fe42f4ffa40c4f
SHA1 a18b882ceb745a7921a2a5785c56aafddad0bf26
SHA256 c26c6bc944ee2a1ef8ed3dea128e68437d36fd8816e163a361f492f0b42e22e5
SHA512 92164a0b4e9f10a6a8d2588cf7142b73b7bb23b3021ac165d89cd7f4320dc6f50bbaafe94cb351e40c675a84ed9467eb495037ab33dec2fe0c3e82251f339264

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1935c829c7b7e569f8713c48f3881777
SHA1 b3d9570c481554bd707b5e16a3324b45fa1c33f3
SHA256 fb6e31746a2894a420dcf93fd50e90fe782b73d611e7b6d49e4d0b269d447d26
SHA512 f9bc0f7245ece94c36e96913bcfa918eb3c4941cba70feaaab1bba0700e383fb09daadd9c7aae0fe87c50e6a0599ed5640dbcdc0b84f166585b696df82d2f432

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007d

MD5 a2b03561cabc0d346e9a6be3f5b11b5e
SHA1 ba0aea2acc1c20700c4c09c5b2b8d0bfbd33ce6b
SHA256 09588f4db755d8d88d9e521f5189d97c2ac781ee7ad782bb0c644eb9f69feef1
SHA512 3602c58bf569bbf22d2a559f0a62c4ac8d6c9868dd956cf0d75d694d104eaf2f82d22c9427636a46ec82cc24e758ad1eaad75fab771ce843308c1b2fe57c6ddb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008a

MD5 8eff0b8045fd1959e117f85654ae7770
SHA1 227fee13ceb7c410b5c0bb8000258b6643cb6255
SHA256 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
SHA512 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000077

MD5 e7226392c938e4e604d2175eb9f43ca1
SHA1 2098293f39aa0bcdd62e718f9212d9062fa283ab
SHA256 d46ec08b6c29c4ca56cecbf73149cc66ebd902197590fe28cd65dad52a08c4e1
SHA512 63a4b99101c790d40a813db9e0d5fde21a64ccaf60a6009ead027920dbbdb52cc262af829e5c4140f3702a559c7ac46efa89622d76d45b4b49a9ce01625ef145

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 740d5ddbecb25a5041b886ce6ff835b7
SHA1 0857568311b4ab410b7bc3c8562c7cb510aefabb
SHA256 ee22898c5b42190099347c68a679866b7cecda65679737b44f3e169c79626e98
SHA512 71e95b8fd96e1289b69c22fb903625d8140050d504f3db8c9f271732fd4d1db26cacfce75685e157ea10fc463ecaa074f2332a37bd7e3fd4ac5684bcdd807196

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c26f28277c46d0125a806c693f75d64d
SHA1 fd5b73a47eafa7c2d3a53b130f36a5686716a885
SHA256 52be7686bcb1ce3276aa1054e3c1dd692014706bcbc63ff7d7500ef82fc3e032
SHA512 a715a1f56fc5ced1fd61559b4c7deb3c520504864f6dc32a6452278eb3a02a441cf65140919c510b6fd6a8a9f08b2ebca031ce6b5ab97af899f5c040c4188dc0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\94dcdef20a7e63c5_0

MD5 58ec10096499bca23f5d1b75c430dd7f
SHA1 ef60bec65159acc917fb5a41bde9e96e95b2be20
SHA256 bee71cdf6387fbd790819edc7c1598501a7ebfdcd91c05b86b0fc7410c950f11
SHA512 9c1b9c52e24582103eb7260f112066ba09dc3184eac4d4badcb6390ed6b6b62138f51f05d73741be967fc4e77f3b4f8ca1eec65780e0a74cd952e9eecd3a2812

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fa74c5956deb275a_0

MD5 fca69097c00b49a84bd7c895d0ed37c2
SHA1 12015bd0648c3e1b48dae9799caa988b51abd7fd
SHA256 c8bf9d1c9a032162becbe86af9535da440b399330d71ceb1dee036ab8c0ed92b
SHA512 ad9afca9b7fb57155b11c34f6488a2add2447d85afed29223e46f25bcd4290eb3c8a6998dbde88c30f1c1230dab67be66ed72465fcc0b032992c2f37f3eb8d5e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7fa523eaaa6ba06e_0

MD5 fdd44f8c6c7a0c002337e6d635cb1aaf
SHA1 d0c544374bcbafa1b2dce4ceb39f13bce91e235a
SHA256 6500242731fb40c80444780a317178097e9b84560de80f0186186b2f5a5c9dd3
SHA512 616c783b8c74b519c8d1bf8f02f0bda0dde3deea3f49b343df789ad51c030985a86d14881686348292c035bba9ad05b5b67b957e25f45bfcfbf9664f4c9254a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8bc1337b70b9c76b_0

MD5 3e8ed3e5087669d2c608649ee7815645
SHA1 42628f7042c07ad638d81f6b5c81cf5f7d5273bf
SHA256 cd2edfb1b1dbda291ba933c8e64bc56fb779129085fab913affa57ba731b6fa3
SHA512 6ea0012e7aeb731f745b437e86352a85ff28c2c9985ad536541cd98d0a5b4f0549f6fbf0fe25cf551281b1836618ec26ae52a0646c5a60b286a3d107ba47bede

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c117a477b2bc5c30_0

MD5 4ac462427d71b1edfd89ee25bf3124d8
SHA1 e35c3e80428662f8f876493bea9032e34bbd5550
SHA256 e91374184b59405be60357cd24b5af855bc13e687d58e100bd5d05a6899de804
SHA512 55fb99a68b45f3a6b2dde66bf94f1952e6e65eb928a5143c6a729e3d88ea1e86e780bd018a8eda6139299ef9291d2072f238cd6f75883af3714490e52dad61c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\38599acdd466e6c2_0

MD5 169eb388c7d3005c73703a1fd5872ebd
SHA1 570631def986f2a22f8a38578d3aa42769cf725c
SHA256 cf145ed95d8b80a17bf0a930dff268f5eea3afd212fc080be4691463cb3ad01d
SHA512 5b92bf98cb27a1cef2a6eca437566613e026b20f2b54e0c3db1caf496362433a12cba330a2f226f39a2b0ad6b5f3ac9924e6545b4c388d49972b793742402a55

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d1c9b160fc1bfcd7_0

MD5 02f6a69d81feb7e8a0a4b57ca1370df0
SHA1 c5aa19294e31dc1a3369eab46d0f777cf15da5e7
SHA256 6a790c43f47f0906c452cb09103bc62aaa7e0169f50127083ae76be86015efb6
SHA512 a5e221223ef016bec51bf5cab0e98dbe7a5c4f9ee3ae93cf2709cabd31cb56b1ce3451eca6df1a8c60a647a15b1f299dfc286652e5efb1dbb697d11fffea33c0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fddeeb7c9bd16fd1_0

MD5 f30df0180d09090165d50a78774fe94b
SHA1 a6543c145cb6b863270d83e1a8ab05478b2623ca
SHA256 4ec8d77946b2972a806e98a2147d40deb973f3390c0b8736437817029a3f4af9
SHA512 440d778d623bb7cba2f1b8a8678ea607dd41f41f049b149dfeb4b02273199614f6efc48cc7f4c1eeca3833773ef43db07780e0dd19d695ace644805d363c7d8b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8a296853b720071b_0

MD5 2dc869c229add5d4dceb0acb74969c31
SHA1 9139deedd7ecfec32bb250c18bcdeb3313e78d61
SHA256 99ff352eb2214068b735bdd2dacf0b7785de479ef8a682e91bd11c40f0178f4a
SHA512 5f7824e78927b1eaf5e8f63e0f610ab5ad59aeb56a056c6a6e9f04de752194ce66788c6bdc6ba27fff11ab071336e03fc2eb3069a20a85842bdc88b816c7d1bc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6d2c1567fbb2d29f_0

MD5 b397523bb8bcdc5e5458645d4d873341
SHA1 0335760c3eefd90fd0cb7c8542c027ff04bb6da5
SHA256 c311da6621d58c7a63aadd5aa33a91b388e9caec76e370d04fdbe81076ebd138
SHA512 e96c6e1254986f79560df84aed195882d359a80c574729cef1fe9015485c73f98fa8c72d393b405f073c4dfdc51dd130302dad2b7da98a7d9010de79da9a9065

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8bf9a0dbc145b9e6_0

MD5 14a559edf9c656df885489ba45940b4a
SHA1 c50a7c506641d64f9747041bdf3bd05acc7a84af
SHA256 f59556923fa68e1353c0f9e3f89040960f7a6199f25500a0d000302a1df17985
SHA512 05cd8a9497c0e480cb1d4d5dec00dfae92c719508b329fd231d0baa3ee9cbaa7bb8ec4f04d9084682e0cf232072d93abe4aca93cfbc6c89fdb02d4c779a70d13

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1b10c5824122b84d_0

MD5 4721bbd26b25a70b7a6fffeea35df0fd
SHA1 8e5da261d59bad48d635cd1325c4d4b35bced185
SHA256 8c509d56f928ae9bfe3227b4887025b2ea07325045b825a5f7dcccbec249f740
SHA512 ddc536bcd9b085b95a4e582b31f9578c01ea737dfb3f3eec50c16f2d81c1ff5300ebc2e8e8409ae4a5ea6f538af7e7c2646cddb340bd27e9cd6f53713d6d238b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f27b37247deb0d3b_0

MD5 89e8fd90adc310d319c1ffc9a9efe067
SHA1 811cbd9b82a316cb0293459968b3bf61a98b82d6
SHA256 642361e9cde379ccd757a6932966574e43de48deef8c9864ca26ef2b73926a8b
SHA512 11f996f117f2ee34f21f6a7118da11e40cd66206e93fbe138ab996572167159ca66c18eaa009d604c6c342e930af055112286fb2a15d5a577ca9cccff6bcc72b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c6af54289e3854c6_0

MD5 4a2a7e69201bc84e8ae3db95a1d8d9af
SHA1 00545e4fc9db70bb720f25a28f2ded9e206a07f8
SHA256 faa554d4bbabfc6172eafc4738482314a49fbc11b0e1e16b638480cb4cd3cd80
SHA512 580520a01bd619741abca4c737712d2fc6f969474372e1207a4c08ebd56822a2784791e717b40ae0d514eef032f2f0849a2dd77348b7250287d279c4ff4051f4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a02df7c313f59d27_0

MD5 86b3376c7cfbaa4536d1890c6a722737
SHA1 d9f6eb1da5a2d85b3c950721e64f54066cf054ec
SHA256 02fbae1fc3df945aea16a502b63d20e863d8fdcf9ce1889b87b25f1b1c0f7481
SHA512 ac66904610267cb7e329731dd4db08eeb1d6ebc6a8d230039889f00385b0f09882283ee77b3d5bb3b1d90f9bc275816538b010e9dc6dd69ffdce9f2977682f98

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\56858010a7af1199_0

MD5 118d8c4365cd648a79658baa8431682f
SHA1 ef311d83bd904ec4dbbf7bb0c5faca1e6e7b0343
SHA256 6763bb8c03e7995fc4f74e5b85f7b17a1530c46fab00c3005661a58542426301
SHA512 3c6676ba93821ebf21f5cca8f26f286b78085333ce2341d821b9169ce48d6c82aa4577e956bbd6ce342398da09335a6dda3d3d8f98e0b622fbd158195c160015

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\698c23615377e931_0

MD5 28c362697acfbec0f49859559b72d386
SHA1 884965ac83d3a52242ba2c142efc6779da309428
SHA256 4cd0c595203f1eb189fc47d396efa3a3ef099498c7705b7150a0813b6df5b2b8
SHA512 e057eeec84212f7ecf6533676b8b8d13f95015ca3f791f3d0d636c34bdbba3a0676f875ff6fcbe41bcc4e97d0fcb2ee9170e33905ca11f21ed6e02258c64b657

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b6f58a58fcf3816b_0

MD5 53e6ad477ce7d7c503b9906672431351
SHA1 628a5b51f44c5e85fb5608731f500fa0c62c5524
SHA256 c2a62d1d2611b8353d5834fea3f71652a24ecf1d2884cee9fc7975cbe8d95394
SHA512 6c366f36d3e32056d02e3cac38fd0c7986fc715e1ff84571e302c000df25b6c1592617e121bdeceb158621945ec5dac77f64fdbf226959f6c314244c293ab3ea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1b656fe85bc43465_0

MD5 aee233d560e2a1bc638fbf262ea3a4ed
SHA1 d74a241ffd0a6fabee39f6c80e5d18a09d87850d
SHA256 f5ce223cde1d995d652f21de8817acfa9c02c2e6d4dc87fabe0bc9bcb50fafd8
SHA512 073a8c5a4c128ce214493ee217a42be4bb114269630528f60acf80080d9bbf58daaba29151ce6d5cfcd2dd8367df030aedaa3fe4cbc77701076705a40a78c607

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a53b1b5ec3a15f25_0

MD5 3cbf15b275ca342debbd36823b2e4537
SHA1 5dd64be38d9613d754d0bcabd3a2ca7fdef2fe19
SHA256 b1466e941edfed39bbaa07d43ac7283031f46074a8d368409222c7ef6d925c81
SHA512 666595227d17636d866427e845134a782e6f5082fe9011e9fabc3d1b70430691296d0ad91932920d6877c7fcd113f32d3681ce2f0d1babfe674d9b9b604a3c51

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2df2c057a5731c19_0

MD5 c523943ee972bd825b89337ea2b7ef9c
SHA1 a6a9299d9ba9ada7fc8d4b10a0e8232ea040c51b
SHA256 95381d8da5030eda5fe12cd9f7f7ce7fe88509f99d615587cd9fccf995f7f7c7
SHA512 a87993502bc47475f8512872def60c6044dcd2176d4f0f54e218a57dac3bdb6e7125d38641b5b473349de77d1f3aa902522f5ecba8d3e6881eb39c86e7cae345

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\df9da550ea6d3003_0

MD5 6e4f5d98068b5ccb838de681fe5ae33d
SHA1 dd2cfcdd0a42520f3741518103900dd88a5b732c
SHA256 dc9868effd49ff1e719754a72974c3825fa178cb3f2cb631182f9a26dc919ece
SHA512 4cc85d39057234fc603557fb900df0c275bd0fe1a9b954cca1b226cc308f53bf45fe261c1868c97ba7960065afcac56ed7e8e53371a03d578978d9d1274c3ba3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b3af26fdb0a014ec_0

MD5 421536e9c7ce53c1b2004f09659f559e
SHA1 b7dfa25886b9b90aca02807c3dc29b24257ca912
SHA256 1d6500409d15b69407d8f0eb25656751a6548213b1aea22a3d906851bed4cf97
SHA512 77155534729659fc2ba776bfe68b268909adce4a4c3ab361b49c3bdf5c264704bbaef627c4a4ca77411a78a8164be615ab9020131197fb1c43bbbbdc46bb63f5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f412068969394996_0

MD5 2e7564b741876984b18e68ecc705adc6
SHA1 c3ea96ae77b31ae62ed909975849aff27a1b1e62
SHA256 dc41e7b101daeddb337ac954c9f508337105760dec9c7e3cbbee7b166b2e9169
SHA512 bc38096f4421bf9aaea4fb3cfe6473a230616754f5fe33ed395fd730fa4bdaf7bb6d626831396fc68c311237b83cee9b335ed6c1ffdd0f5b0c4536ef8867ff16

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b0ee9f1655dc1655_0

MD5 be86560888001c92fdcde5278f75dc16
SHA1 dbb21f5926de7124f794ab87446be4ccabffeae1
SHA256 b09ba21af271fcbafb777eb2754dc1c27d9b62b49c4ae2ad0d513ee481f64a12
SHA512 ec26e419452481d28378d81398a47208762c7e7ca3c14398ddbc50751b97936029cbb2d4a85a338c33283ebe78a87c7391f22b94c3d8ffdbb4dbc3760873ee2e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\17e886410b479632_0

MD5 6b9dd95a79a4c921d56387af9df9a5b8
SHA1 66668ad73482f74ee90d9bc200669e45d6c4caf0
SHA256 afb578b4fe406e5d527c9ad7ecab83555a49a3875798a90490caba509ee5830e
SHA512 91a50f90c2a54df6c136b8e4460f85e14909640653f4931a1844cea369483de691622b03056e72f03badb2a8d629e17d95a9b2bf7f0d5cf002b176fdc9476da5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7c671069a6846c7c_0

MD5 b8c62f7d3c1fe147f33331f54dcce0da
SHA1 656380d6b4c03347f2212006ccd5692da6ba7a6f
SHA256 e4f9a14a7408712d664e22590747438afe3bdbf3997f9a8d15313de8de1dce00
SHA512 af221f41349635741a1025690cf6ca6079db3d639eca99d06ecbc3ad097751ed87e98b5b479516e7faf3d541e22fe45f23f20cc50827fe952e79ed65d573d8cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d772930c75b57fdb_0

MD5 8506db44fb803bfa33765468e4e9e130
SHA1 9f938986be141253f8436e456b59b3b4119994bf
SHA256 d6c55d91df910a923f12b63a66f3703397f70f7a8821a63ea628c7d761555f09
SHA512 e14dd8226ff635ff9ce839e78cf59b5c0fedf83a223dbb8bc8103e99bcb0fa2192966aec8ea7d077f220d730665ae4c18bb0c0c9e27d5e365d1ae5d1360e143e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6870cbb9284d54e2_0

MD5 d9d421724b3c5009553fa23c0cb689a6
SHA1 4f39a20d4e908e2d19cd8c4e4bb7cfa659cb5896
SHA256 b4a67bb255464e8798a0f92798cb5552bb908b70834f845e33ec48fbf21e11eb
SHA512 8fde09b0a167fada6616eee6125ff59008ee3112c9c0df2e0b75151f910fb6e5930258f2579e2479e34ff982b3eb2efd719f437064c3ae294822a2ad71aef5df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5df19512b232e76d_0

MD5 3f1e50b25439961033aac26467be0d6e
SHA1 d96560533c6f4c839c1187939ee487c0d3164956
SHA256 946d358835b37415c0687fb512bbf73b929c81fcb2f483eb2689ccff010b8bd5
SHA512 d24871831089cdf6cb9857dbad7f8b3ce0fc04a8bb6b10398e99b750444ab186e762322ac8e934e27dc47030e77350fa26045c2876e43e70e2143fccbd95a4e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45ef484a783af53f_0

MD5 0eefd59fcd22be291a1acf4931f95b85
SHA1 8610b19300e8ccc976f45d60de5ae57199495fd3
SHA256 52363ada28fe229d4ee3868cf0015f7813885377731a4b59d545fc6046bcfae7
SHA512 397a8b37e20c8cbe03fe6b23de21f8f22e3da57b7ff72fb1157f50c4b98198fb7426e17bc1822afc6b5821393149048965229bc8878002c69d5a4f8934bd9f7c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7fe85d7249e8dc55_0

MD5 3c0d7f4664f6d26f2127cfd5f6567b21
SHA1 5d0c116b3276b7a7bad287a0a7c9589924741dd6
SHA256 326f9d5f9ef6463195ad04052762875186c1112a16f99266975ee2a700d2297c
SHA512 01ab87d980acb9998c88797e72b3964f228de7088b85970cb318ac2ca0cede11b4e8207a661ff5dfe4f8c8d3b9042230be2cee15a042b16dcb7892d3f672f726

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\20dac1bd8ef32ebe_0

MD5 fa289f0d23deed5a1d6311066af22139
SHA1 356615ecbcae93d89eeeb4fa355e6e05a01f732e
SHA256 a60fd9fda8f17874e3df85985ca326341095a0bd869070f05f6c4c66e9434e48
SHA512 28b0aa191458eda67961ec9b8d55c0ee20eda05f9c6bfb835bd9609fe9994a8a9c3a1523bb27689d775b307e19bbcf6b9e0dc616e93145519f01dbc24b1be263

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ba872977e7eafed0_0

MD5 7880612a49b9878276c52c9d20957824
SHA1 0682b7931b8d85f34a83950507c9f22d7f47276d
SHA256 87c57063e278b1f2c168d4fe03d8eb71f5d8257a52a96e1500932801389f3917
SHA512 19cd1addbd8979ee7b698ffebea9017cec66301daf083c37636f0a3b2c2abc53c5f5370e148789814dca09d5fddca3fe87192c3fb188a8ad351a81a82b559386

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\65029c17e720c1c5_0

MD5 8d92d1a3eb7dfe81e70578290c3d2cf7
SHA1 41446c01f4744c57422d69984733db8889e54589
SHA256 44ed7eeeaf93efd5ef554ae9152627f41e1ffe19418c239fabbf9e968a201336
SHA512 818d1e498e07b6eab29d612a539619aaeb7a4f9a1a9adfef6f586d3da3f38a6c99c23c87e65a1a879514f6946943939a5ab83bb8307c4db61907a4dec0180779

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\951674a2601a33d9_0

MD5 b497bfc21b0db02f9994d2be7e6371fd
SHA1 1c31491f9e7467e9607406847f1eb63b2066d899
SHA256 3e0bf77a01d65449175b71fa27af9502c055f40387c773df2cd783e084ec02c6
SHA512 0ed004ef60f077d5d3fc9f6089727dd0beca53fd0850ec0ee82d0e07e69f2e7dca5fd41c29a8b302fbc6d0cf8cca9353f7eb89bbc465994ed741628ad3088f44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\552e9cab9e32a74c_0

MD5 c702d4457b860f869f867239cd20e85a
SHA1 b5d23d0257124034c3c8e82cc88a10f6059b6e3b
SHA256 32d97d7c404da5c0414afe3ef630f3878d6147f7c1b39e3994ccca9866297c57
SHA512 68dc969aaed8fc51fe11968488c4db5baf10c72ec5f924866d475cb22653bfccd776574b8f234e0211b2f8850a2f207bf28d265311de8b8c8f903d6f0871b821

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cf4436542c566b96_0

MD5 c5170771d0427afdd7cf6524e22e4770
SHA1 8a4580436c9606382096b986aa1031dfd4a14c87
SHA256 c9521ec1d24f6e0796608b9b32f5297d4989a06f8f897de842281a7e0b0cac73
SHA512 a4b1e44b8c3685fbf65b048b6851b7ea7d9e24f957ab1a1476b53313d2bb4f64ad34d3c5b105d72d2eaa79d921b48392fb96bd8c7c073fadc88134b4719f9d86

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1f09fbf9f0dca9c4_0

MD5 3d9d3ba1d03b1cc645b4a4aabc411168
SHA1 c60f3a3f99b507befa3426706c696318a63f0810
SHA256 47674736338fbe3755813d74246e652aecf062d67a559510e84d90f717660853
SHA512 90dc33f168e4810de42a66f946c4b73849219abc15fc2fc074afd98eb1255a05f732e0314ae7f616b54887270dfe0bde69c98e1db5877137ff6234c81c313710

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ecf2894edd297fb3_0

MD5 e4b4d2b61ae455b080ff2beb4e433c65
SHA1 095937c774ff4e7865895778b90e100739cf55dc
SHA256 47d60c903f6a6a0d058ee70643251a44f9fe70f4bc7a3aa628ede90f6b774db0
SHA512 f08301afc01b1a3c0168028d8bc1ed7e92f5ddea14758771953a1fc2bfd1743d29a9512f0e5ca75a094910b18996fc4f9adbb1dd6bf1740d7ab7cac0c1803990

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\33b6039aba237011_0

MD5 139cb7238831c09698e02c17c832fb09
SHA1 92937bd975666a82995f5a452baff4cad4b83e47
SHA256 a6736d0fe6fd903e9a5791d4199c7cbc2453ab7a4925721ed06e0de3118ee49c
SHA512 fd34836053474209b261a94a62f6138a4191a67481d54c9249fd11e40b74e49e58eb24b678ee8640a8459245d91726f117797e7ff6edd7bbd4d4674f68f4d7e8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a7e7921c6642f313_0

MD5 3dd0a600a66f99f37fd14cf06690cf26
SHA1 3724ee84ce7ead6b35460f515c09136faaf4d769
SHA256 507e012015227665abfa1f0905e7b20281175f242b2a4d5a22bfe44a8f04422d
SHA512 117ef5524b7beda9b78cc361846c1deaa8b7868187fd65ec5f82ae07d73c66549d82ebe66d15174271021887fdbbccc1c8c06dc6252789a1d717e73c15827717

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dee176f27e0e4b9e_0

MD5 731928ffe5ed67183e386e70f4ca8d70
SHA1 00159f083220d8253bb7c756bf71016fdca1ff4d
SHA256 07fa41e8fa5c4b5bdcd89d983b552f537367d1593c46848cf77f7a0de728d3d5
SHA512 e789db3168a221e64dcf4ca6649ae9a38d3c9be765000b19bbd91664ec2d099904a6a3504b34caf26394e7271a880e486cf5ddcaf5e12ebb24c1eb15ada93783

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\37bb96de86870082_0

MD5 320b9ae79214da00d23183c4a1d8fa88
SHA1 835fea816c605855f9bdbbc9f102dc9b04d98d59
SHA256 6ddb7bfa8410a15c6f3a06ac4458c9af1bf2d425915c13b794a6d323da0534fd
SHA512 5d1710c263c7e67d4612c1f5bf261bee325a20ca0f33574b8a12179ab9162cd5c94aa550e1f352a4fdcc6d68e2db8ea9fae7aef6d90f05e808264d6f1ec1a8ba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3fce2772ba8b623b_0

MD5 d930b06f44b3f1db88887469c0d68899
SHA1 ac66b15ba20231883d2bae99303cf41f658dcbbc
SHA256 b023c2a090a13d8be9ab2aa2fe79c5a6ac0fcc927eabf8137b3c7d264a8c146b
SHA512 a2a0de39d6ac777ff8c584d2368dfd99b7728e1733317108ec431d5b5ca651786c59db27c4ccf74e8381bc1c94968073df44bfedf5affd9983e633353e8b2c1c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3091bc43fa8d85d8_0

MD5 2986e909748e74473154ed5ba9a00eab
SHA1 dd195a66a67103d45ae0fbcf18ea40df5a3ed6df
SHA256 f74f2e0f88451fc23f366c477348d25ed6e7bae629b72009ed6c4a1dd29334fc
SHA512 f50d67bad67db61e3a236a83624076c01ee26b122bc5872baf76c221c67ab5b80734d99f5143b99726e73a74447c2ad52da00228ec178048c4f6f3598152643c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3c0976e826452b12_0

MD5 0784469a981090ce3104e503262a2773
SHA1 9c563aec48bf3711e9fbaff0553fdb41bc218953
SHA256 2077ecafd08b0d0f8ee9288515dfb590f16ff8441218749c155dca1d00a22f5d
SHA512 c7900aca2263bd73036dc237759378ad5ee843fcf4bfd8b9935cc6b5d22141cb084b632805671eb2b2d456faab24427ccf07cee5a4fefaa1ff1d1f59ca29ae38

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c8468cd06a065a5a_0

MD5 0cb81d635284bb8b04d2f48ce973c130
SHA1 bcce140149c9af07598afc7f14b15f8a03ff609f
SHA256 bd0b7f552b5edd9c2184d90e278365292326b382d96db60d39e5c89136a9b78b
SHA512 36abe85e6a9d9ce66b86abbea03cabdafaf41ca8f1266ae22475f442dd20c9d23af1e63d5c97ae32040393042574ef3318319355995cc276c4d21eeb0f289ef1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f7987cc513bf9f81_0

MD5 4dd9eb027dd64934ebc584c25ad9ffaf
SHA1 1b704d5d34c1e9ab335a691305c90725a1ad7e8e
SHA256 0f73d73680518f4f66edf017f6d7f4d4394bd40a570273de6f2e8c7c5900d82b
SHA512 983bdb17dfc4d866573999b87c87c1b4a564f1eaf855cbac5fb7acdcfec163034274f1c4a38bd040b5f86c3063cad7a375e7045a505fb2fae198f6cb2eee80ba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1e54725c590c3137_0

MD5 ddf29107c581aa877dfa969b81697ed6
SHA1 40fe1eeb6c5d4492b0c5d4f63e2ca15a02d3fd45
SHA256 e28c63a543ebf4f5044e2e9f5055c04303d992cb7cfc036cc9435e09a1442869
SHA512 eb11f44ad53941df6b37b0cd5701d87dba9ddddd7364ac332fc06bbde76922e1b8b6b6be4e39902811707d49b42d439c9414d5270790eed92a499d2eb8ee46a1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f57901cffb2f9efc_0

MD5 70f1eaf817b0471029b8426ec7fff155
SHA1 71e4ee9f317497d02771f44f23fdf25c82e897c3
SHA256 e0a28af3377a82bb065cc945cb6a4570e795ff224dd8f9e062166cd7f5d6b535
SHA512 55aa316472e2b026a914b9e0f11daf79d617783465938b8d04f4ab5b1b736a60450654e796813569180576fd3199b23642b28a75a95c5fcf23cd9f0e66a5663a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3b4c655e44be0673_0

MD5 f051d3a7e563c476e26dad86b3042273
SHA1 d59daa0f16713cbe8106eca547f4b49a4f359bdd
SHA256 ada61f29f692f813e3e861c10c2a68d9407a3b6c25f7987de99410a362a9d891
SHA512 b96b2778bd7f77a1db878a9a235082ee46f11606b4fa79bc79eb587f814be72430b63b7e685c598429293876897ed25e6fd0623d3833936554191e531a20607b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c414246b586be9db_0

MD5 8fe1248573c7003b8f7bc19f05c8cdf8
SHA1 a19bb4a5f176a2b63ebf9cc4e096bb0d53d2315a
SHA256 999e13d7dbe50730e18a23afedf1d14d4c12cf82bfc555b43ea73ac2db231122
SHA512 bfc9dc83d3886451df17d4f07202c72dc8941cad2e50ec62065f2290b38b270cac0eece61b5a1532bd9a2dd16127dde50a8887d99892b79790590674cc68e656

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b9fbbc8358bcf265_0

MD5 d049b239fdb7bdab8c3f6a6edd3d9d5b
SHA1 e5020e985e81c0a10ec04b0d236755432665a595
SHA256 c95aca86109d4ada1da82967f4bf6ce4e9187d60511cba5e7f9d66dcf0406156
SHA512 f031c5e366153c6523b61706fd0387954e9ec307fd9e7203d2b8ce75f219d0b00d59f1ed712baba617104fa7ff35bbbff0261108b5678ffbec4f99b9465a66ca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\202ee61178b3d1b4_0

MD5 f5a1998d2a123b861c0ea45951281e0e
SHA1 f6587be2329daf6f0a0607cd2b2efd9d411d30c6
SHA256 4bb5435070faad9a4ae7acb0584f5132cd4c160c3a043173c82e2f633c99c0dc
SHA512 ed69fb5e1f8845a91f52bb62411a20cf0489c021203be89641104ea8abe49d044570d67d25ac9359b15666a619efdf590f7d8fa00e04c53c5c0d916a3867292f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8648952d5ff5512a_0

MD5 bb9f9e205c8bcd0c14e6324ffebedc70
SHA1 6a87ab64b7f6d10391a2f9ade8e4347b18ea6ee8
SHA256 126df6917392b8674cde147a32c35c0747bd2f0c85a83498f2362489eb23bd2f
SHA512 9dbfbb6d40b83dfb63aba4a1c1d183297b5546685783101f279ce323c464a6f0f9ab09725e64edcf3e8e6dc12a65b753aff23a1f9b0fb9bbf7dc3611341205d1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3be6c89ea27c49f2_0

MD5 38dd8bbe7ff4533979b32f9c429c655c
SHA1 2b8b9672deb79be7a5e1bc63a7cbe3149dae1b19
SHA256 d9e7ee5e0bc881ddc54c0f3a001a3c70e93b2ad0390d0838fe4e0cc78d1c7f85
SHA512 a7c6d5b6d16ec6d2e5521c51cd47557fa797e51a854472354a2b0a8b95fae3190eb0e0d98bf035194bce25cd5ae350bf9213731f2d3a0c026548109d248de289

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\14e1f39eec108653_0

MD5 1b4acb82afe48c67ab89f3ac0498cfe8
SHA1 d9159235640a76705d036c6a4e5126639e9b93f8
SHA256 3a26f1370b5eee5a3db226719dfe117f326ced77065136020488a5407ce98ffc
SHA512 632af072430b7c5d4d911c9a58cb01cfdb62c976cd64cd5f3e599ffd7f286e246dcff3309a9f174b6660742c536cabd75e6bec45d6c2f4a35159c83fc6af346f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fad43496817469ba_0

MD5 66024fd9c402a63bf037c70bec428207
SHA1 e441c3043174950fc4f5811c3f18d9518b2a04e9
SHA256 c6ff5561ebc01ae31f003d189922092d9ef90d31e1a7c4659f9779dec1006cd4
SHA512 134cf871978be00bf2ac5426cce03737d69309ad5a08607204802a40d7afe11ee74784096ea2e45eb2d6b7ea5d51acc32bea9247fcdfb507f826b6ae6c5c376f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\130971a1d51c63f8_0

MD5 bb6cee1e851c7a57a8eb626618637a7d
SHA1 6c0becb318c92f9b52abb0d3f02fa3b954a1f927
SHA256 32190d7ef7e6c9aa63eee722550e0fab0e457ba64f1c82335b4353163d56644e
SHA512 422b4cb2314de7eb1cca05bee01a96d5e3963cd7569d3e1aeeff9fc3850d504ee303520848719e09b80d598a1f607d92e40b50620d95308c984457a1521cdc48

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\563bca75b0754a50_0

MD5 cf6eeb9d2965ca3efd8f555872709710
SHA1 f82f36753dfd57258afd9107e86a8f54d90ad353
SHA256 3ee8bb577e93cc5d342f3f433c29aedbb2f785e4c7ee0d59d70b5568b394eb4b
SHA512 4685a2784f1df06d68cf08dfef077cd9377325da5b452362811105f1f05879b2464048376c737bdc8fcbd7c0df1955b907ce86fa2ebdf88179e185d49255b781

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bb49198161f60db7_0

MD5 cec7f696259dafe9856cf968b40a62dd
SHA1 355647a63c97798e0497be50fb988220d305c9ef
SHA256 0b013f56b8629b3475e2237348f38c8d2bf0cf7e38668746090c626856875837
SHA512 9398228f8baad1e97aeccfd69c1cb88d462972cc39a5761794a89739dbd287a77454805ddff8abd5377fcf19fc5a1b3d95b04bfd752337514c24b241771075ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\11e23cecd4ae9551_0

MD5 5a5a7de911c2ef842153c31a12097b12
SHA1 f59d8e7a7e61b9fa2b178a5931af28f0156aa2ee
SHA256 5b4fed7db5132a2192d9bd9eb4cb23b3de7137cf58432a273688ca42954eabab
SHA512 968701fec569628b15c1cc507f7a5117baa61b04584914ed831686b0368c69ea9d82548db141eb742da4ff1e4f54ab552b5d563ec94dae1f42a8bbffb44f373c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d5667bf87cc6b1b8_0

MD5 8c420f404f388fd06a0b983bfbda4ea9
SHA1 0c56c8cdee8bb7d84804b693c9ec9c95c406f3d2
SHA256 fd4eb7354c86c289ba3d3f8fb26d01d01bf0086ad9f6df4aed5dc724e27b37fa
SHA512 241d68f70120a15bd3ad73044fa89d80adc76a0ac37fd34125efbf663d964eabfeb59499583ebac50b59f765848d2f175321cf8b78762f106cee81041c94ccc7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a8057fd16705971d_0

MD5 2d694671909164880268929999bd351a
SHA1 58082214355379be32a38d929ddfe3b453b08eda
SHA256 63674d0a9b9f48f4e290c9c849447b8c47abf5c58bb9c09051b6b5b11bb22db3
SHA512 e140c3d110a3f0dfc85f2be1fb81fcf78c7ef02a10e92757646bfbacc3295c1d50d5c4a1bdc44589396dc09bf3b0ad99274798a43c75cf57a8465fbce65f25a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\427075385d94c9da_0

MD5 3adce8e48404d9b65bfbb263d4a7c625
SHA1 4441e7fd94f23e18b402e21db8e1242515c98926
SHA256 260c0c29b03144ef5012791d31bdbded3dcf487e6c27e5d735adece185ab2087
SHA512 05346102eb9ae0d9178555d9d2b989b263e15d35282550e8ec3076af5f184b4cc82e07b1f2fafd902f7d8557cf82a83cb8a5f2ca7f0689086049e37652b5f4f6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cb307b4160083434_0

MD5 123716287daeb65a31655de2a9d63915
SHA1 e129f0fd75de60b4f52cbfa5b720f911f65e437c
SHA256 f814478a07d0ea0c6ebc396d2056ff6343855bdfcfcb56e08808b97d77e0c86d
SHA512 7577cd7f276eaf5d6f394ea6c6c4aeb8e5394c9b245d7e829dbb3640c9e740f0846777a9f445af8e83d7abd2a0d29bfbb66ea15c6d3c80c1e37820976fbae9cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\91ee556ed30c23b9_0

MD5 93f5c91502febac919277b21b589b59f
SHA1 093866fa295975dc7fb7ec0e2c3858c237b1da62
SHA256 9f46f3bdc7ef86c858ba5e2df7c0525fc65ea11572383eb7946bccaa653084f7
SHA512 13f3e24c27e42b1162a8aafa32595b61b2b73cf4ca37543837246cadd0d3a97a2b5f1e448a009b512a90e4fca38e1b531a50aec8cf276acd31cfa556d71a12a3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a5931e4588909370_0

MD5 d0c5db2885a237d512974f468881d73c
SHA1 5f93e9ce56a70b39057fd6119dc57ab9a196f2a9
SHA256 d9e3a3e894f77446b5c2dc6c13baf06aaec215ec1fe41b7f0b1377adf9cb85e7
SHA512 47524d27c91c58fea65095f2bfb76666641db166b7eec4f57c69315a6e0751c7c1b87a14aafdb47dde1d63c2a1a61cc512d74cf49c5fabe16678004cb72d6563

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c12c16ce8dea77f5_0

MD5 7fa1ea1fa427391576005a22c3ef6fb1
SHA1 b69c272680387955064ab39a08321aa59c9d232d
SHA256 e442768d165434e2022c6c30a66b0b4c651f6ba71503430da4084f794aa45a67
SHA512 6019a9fa7a26ac60316b68ba8a11e12c0336bfd955564da4d74eafeacc43650d8ee615455d4d621d1d40753d9dc8a9b2fff83c396180384fbf75abd9339a1d4e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9497b593bedbe947_0

MD5 9f8a14ac61b439891909788e851c9055
SHA1 1655a12dd6b6ecbd9bbf8766bf96ccdaee09a9a0
SHA256 b7e0cfe4d4050ca668236bffd562565b0b54dca0053ac3d145bc27a29ff12828
SHA512 19d237e0e78668fda7b959db91002010b5020a5875cc49141e89965b111661a1fb7dd6e19121ffb495e9821e51fea4b796fd5d3baa00b025679b2ae1ca7f2d50

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a90a6e2af9cd5e50_0

MD5 fedde90510c6c799f895d1e314f0e261
SHA1 35e73a85088a1245b8464c784452f55803faea40
SHA256 1792327fa03cb283145d30557df67a902632f14d039c7d3d260747eb2fa44d58
SHA512 d27cf997146759b7a69cb7a1187f3aee17dc93828f584ebc4874ddce4ec8f540c5e44449cf5658dcae5c5b724048bc2d9f83b7c066effbe360e2cc5c9392a4bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6e1cfa841cdd2312_0

MD5 c1fadc8f0d85b2a58671c589c8ca6cf1
SHA1 c0e2b96e9b9b58d1473eea7e8b3218c9022b7ab5
SHA256 8b86e2bfed07d3451ae7a2f36be5088617b94c72660a96823c424c68c5b18ced
SHA512 b2ad040d0110f212c2ad3bdce1074274e2744d29f771a86ea000945e76c85c3998dff8d5674138a29b296abeac858d335cb121fe4e3c45a752ff4874e0de6ecc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\115807c81f46d2fa_0

MD5 b851a570546a7ca0a752914ac3611ebd
SHA1 b21c0353e999b2c36b536c45634d685486732b85
SHA256 9d821989dcd4ef73b9518d1124eb4873f8215ef651218ad4094bae3e4321a23c
SHA512 3bd218f3abb03f7a1661b15114bf96c1f83d3faef7f5eee738576fe3ab6874e9ae801d314c0989011a3682d9f53c9931961a634c50a307bc771aa6d9d4a84ed6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d6ee81079c1cbac4_0

MD5 23d4b62e0484808f2ba3e4a26742cf22
SHA1 78a7986e00c119cdda5ce597f3ee5c194435594e
SHA256 a860337e8b203d0f7e5794b85d91d2718517588a6ea87bb853d4bc0a5a80cdaa
SHA512 856a456159aa190b56526d0cef99feb487aa2ca7033289c4b65bf4ea4b93dbfa4424a9f5686278e653c7909daedb808b8e4e20cbaa49ee073dbec0d77d5a1726

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dd5012c10630a084_0

MD5 79642f08ec1b5ac8b8b796624e5b0f13
SHA1 179348c429755b926d4e7993da6d7df96d24679e
SHA256 307921511a41dd358a2f2d384bdc908c1e8d6ad2340ae0a279c29e66ae336ed7
SHA512 0a9c9574feea7dace3eeb13ccab060b3fb9069b151ee6356175eb83f1202207dcdf4e5a21ed01fa8a6ec7032663c5d4ad61d8871c656b4b3605682bf91c6632b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa61758ad53dced9_0

MD5 284b802ebf187bfd78760f4dba902c70
SHA1 64f7f865852eb4e9d009d51c82a046ffdf82a3d7
SHA256 eb3d44ebcd5d97e572c23ff9a8a5064de50edcfd44d04838c5615dc06b0b9804
SHA512 e23eee34062f5d011db9c7bef4e4f1c078eeec6a4022dc27e3774096618b0e94cfbdc8dbcee1bdc067716810d378e74e585acecc12f9eb86bab2ec632f95f09b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b32e5a1fcce92a86b85c60a61c5337fd
SHA1 c2db4b12e5909b3481636e6ee7181d67a362e664
SHA256 e88740c28b0adc21d2201bc456f17ba2e615b12b007960150df24edbe35be8cc
SHA512 5e9a3b9e85b513ec0460a10fa24692e37288d23006abfd2056c1e3d95de6533de621c32f1fd342923cfed03463e62e1e303d8a1abbf982493c006ef5f6ab0939

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c4f2da4e4b4dba36_0

MD5 c86148ffa447254ca8bcefd2c89d436f
SHA1 b51bf9ffa7030eefda498e331f8652e566455052
SHA256 a1d22c8c3e6ac562bc29f94d74cc8887f86cba08c14bc990fe7d105a1edba0a8
SHA512 7628c789faa5d74ee8d03bf54d4282091c8222e9b8019a096ac874cef86177ccaa9d21c6791d9066a9dc0072add0b00894586e5c9a62f98068143771f827143e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 27de57cde2ccff1a418c78acb7cbdec8
SHA1 f0583396d450454a9fb2792477389e9c9d826e1e
SHA256 d1aadffabc073d56bdfcbbeae6fd46a195dcb4869465f2e96e59fc42dfffbda4
SHA512 4ba59d5836dc8f71ac8361c0c92a452310ffc9167e741b495b759499aff6071147c42b052a33a9add3bcb021742fe9784b3a31b138d8db0c3e0499a43a94bf12

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3ef612687418abb957121820c78a088e
SHA1 8c3ac37ef34f2c3a9c2239f68eaa5e78258bba3e
SHA256 95a4b5c117abd3a8adcea3947141c711cdd2b8f61935aca13ef164393e7ece88
SHA512 507f3aa3b04c580db0cb44e5207c632df5179ae776e7634774f253ae2b0fda9c99d388d0eee6a2de0182b0773476d1691739a70aed49453e6c4f7627e4f0d516

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 427420c7d589c9620cc3feec40b3dbb8
SHA1 6b92911342fa02fb47c34630e7283bd2627f58f2
SHA256 8902c7c5b93be82ba85157312928edb5ae8840ba82a11b1de11df538fe9df47a
SHA512 8aef6f18acd22e579e3d0d925296dee15070474361643885edb7652dd2dd6cb26f4da8d1e6d92311bc811b9151293dbca028850047aeb184f5754737c3c8e0cc

C:\Users\Admin\Downloads\MEMZ-virus-main.zip

MD5 a043dc5c624d091f7c2600dd18b300b7
SHA1 4682f79dabfc6da05441e2b6d820382ff02b4c58
SHA256 0acffde0f952b44d500cf2689d6c9ab87e66ac7fa29a51f3c3e36a43ea5e694a
SHA512 ee4f691a6c7b6c047bca49723b65e5980a8f83cbbc129ddfd578b855430b78acf3d0e461238739cd64c8a5c9071fe132c10da3ac28085fc978b6a19ee1ca3313

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 af9ab408ffc8957485b7847ad34f9e0f
SHA1 c34b88c666e38b0d859b71e18d965ac955b8da3d
SHA256 b2ba73424dcd5fbc87909f812a2b566a520de1c26af1c499042f39033c3647df
SHA512 39734ea9a6732b4eb63f3beb9eae00a16427b808ed35711e9eb936e1827f7fbc62e2a6708fd15babd37295e8f7e85d14b9eccf59c9fb077c8000da767c32932c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 45fa034e6ba37d22876768163b7ef6d1
SHA1 d32f0bdc82517d1331decacc782f00582e01f364
SHA256 642e3920b4a3addec1ecf896e562526684e4f6c44a995752790169dbf9b59e0b
SHA512 38fee2ab44f59a715b8592a491fa9ca6447b94036969d47200e2976ffa05ccb71d259285fcd229fc4c47d99777a715605780ec087890f76730cf9555cc4d9e8f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e33669f1482889f83b289fee894fbc0d
SHA1 37973c1fce5439ac5f5f07ca6450349715b1523b
SHA256 aadf2f23ea7eeb26a5b2264d9093bb67ea1310a8d05f4fbf605208c59162dd93
SHA512 7e7f16cab4d1ed37cbca9e28b206ac6f352bb6bd1647eb2d8c303a54dd8b05906dc4b1daa072fccd1a5f6da2c90042f0bf3c6dc3b75a89d824c9a5054c443ecf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 a2a1cb64c6e6f32d6edf4b5d6b77cf72
SHA1 c88d7c69689b16a565aa8e551b2e1aa148897e39
SHA256 d69ee0417f1377a0a232b05db7cc022a8ae93406abc7391c527e3f15e3c1cafa
SHA512 1e3150f9e1a5182091fbb0e0e4d4f746c5cf33bc5825280441148bf969247deaaf14012d5256cbd75ec2b3d082c24adc9f2eb4e81e076c9bc5302ceb2a317df4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 49d3ab3c31f07f5e78862aa556b3ed93
SHA1 e2a074d99928ddfe76e1b3b8df3dad4ff0a98c61
SHA256 99180af6d8123f355aa2d48ff8fb04520f65f396fa115c9e922210a8999f5e18
SHA512 b94adb8b25cf39969a1c82e49dd041311fb158b639e47c41df0628c63d848c954789f8df6f66f92da065e217eb7136e01541a95ae8cf783a36c2198ce9551e40

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5e23cc6b6961e67222b84eb416c6d000
SHA1 ed86f03f252b9f833d0db126c2aece4250cedbb2
SHA256 8ee348fc5dee3005031b54d78512bf8dd992331df6c22d3c89c391976838ed01
SHA512 12672f3d71e652b440ca7e0f857a8cbe25892cfc220c121913ea2cc0115f5fe83a78142c5108e2856ff95713d6dc3b16a07e4b851aac2d163f900bddd6fbe6c8