Malware Analysis Report

2024-10-19 07:15

Sample ID 240905-s34zgatejn
Target https://github.com/Hacker2425/Ransomware-Builder
Tags
chaos credential_access defense_evasion discovery evasion execution impact motw persistence phishing ransomware spyware stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://github.com/Hacker2425/Ransomware-Builder was found to be: Known bad.

Malicious Activity Summary

chaos credential_access defense_evasion discovery evasion execution impact motw persistence phishing ransomware spyware stealer

Chaos

Chaos Ransomware

Deletes shadow copies

Modifies boot configuration data using bcdedit

Downloads MZ/PE file

Deletes backup catalog

Boot or Logon Autostart Execution: Active Setup

Executes dropped EXE

Drops startup file

Credentials from Password Stores: Windows Credential Manager

Reads user/profile data of web browsers

Legitimate hosting services abused for malware hosting/C2

Drops desktop.ini file(s)

Enumerates connected drives

Mark of the Web detected: This indicates that the page was originally saved or cloned.

Sets desktop wallpaper using registry

Drops file in System32 directory

Subvert Trust Controls: Mark-of-the-Web Bypass

Drops file in Windows directory

Browser Information Discovery

Enumerates physical storage devices

Suspicious use of SetWindowsHookEx

Checks SCSI registry key(s)

Opens file in notepad (likely ransom note)

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

Uses Volume Shadow Copy WMI provider

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies registry class

NTFS ADS

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Modifies data under HKEY_USERS

Modifies Internet Explorer settings

Uses Volume Shadow Copy service COM API

Suspicious use of AdjustPrivilegeToken

Uses Task Scheduler COM API

Interacts with shadow copies

Suspicious behavior: GetForegroundWindowSpam

Suspicious behavior: AddClipboardFormatListener

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-09-05 15:39

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-09-05 15:39

Reported

2024-09-05 16:08

Platform

win11-20240802-en

Max time kernel

1667s

Max time network

1668s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/Hacker2425/Ransomware-Builder

Signatures

Chaos

ransomware chaos

Chaos Ransomware

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Deletes shadow copies

ransomware defense_evasion impact execution

Modifies boot configuration data using bcdedit

ransomware evasion
Description Indicator Process Target
N/A N/A C:\Windows\system32\bcdedit.exe N/A
N/A N/A C:\Windows\system32\bcdedit.exe N/A

Boot or Logon Autostart Execution: Active Setup

persistence
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000\Software\Microsoft\Active Setup\Installed Components C:\Windows\explorer.exe N/A

Deletes backup catalog

ransomware
Description Indicator Process Target
N/A N/A C:\Windows\system32\wbadmin.exe N/A

Downloads MZ/PE file

Credentials from Password Stores: Windows Credential Manager

credential_access stealer

Drops startup file

Description Indicator Process Target
File created C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.url C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File created C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\read_it.txt C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini.6xpa C:\Users\Admin\Desktop\COOL-decrypter\Decrypter.exe N/A
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\read_it.txt C:\Users\Admin\Desktop\COOL-decrypter\Decrypter.exe N/A
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.url C:\Users\Admin\Desktop\COOL-decrypter\Decrypter.exe N/A

Reads user/profile data of web browsers

spyware stealer

Drops desktop.ini file(s)

Description Indicator Process Target
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Public\Music\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Public\Desktop\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\Desktop\desktop.ini C:\Users\Admin\Desktop\COOL-decrypter\Decrypter.exe N/A
File opened for modification C:\Users\Admin\Music\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Windows\SendTo\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\Documents\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\Pictures\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\Pictures\Saved Pictures\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Libraries\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Public\Pictures\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\Contacts\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\Pictures\Camera Roll\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\OneDrive\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\Favorites\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\Downloads\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Public\Documents\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification F:\$RECYCLE.BIN\S-1-5-21-242286936-336880687-2152680090-1000\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\Saved Games\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\Searches\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\Links\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\Videos\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Windows\AccountPictures\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Public\Videos\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\Desktop\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\Favorites\Links\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\desktop.ini C:\Users\Admin\AppData\Roaming\svchost.exe N/A

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\D: C:\Windows\explorer.exe N/A
File opened (read-only) \??\F: C:\Windows\explorer.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A sites.google.com N/A N/A
N/A sites.google.com N/A N/A
N/A mediafire.com N/A N/A
N/A mediafire.com N/A N/A
N/A mediafire.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A sites.google.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Mark of the Web detected: This indicates that the page was originally saved or cloned.

phishing motw
Description Indicator Process Target
N/A https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html N/A N/A

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Sets desktop wallpaper using registry

ransomware
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\AppData\\Local\\Temp\\t42r0ncut.jpg" C:\Users\Admin\AppData\Roaming\svchost.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\AppData\\Local\\Temp\\8b983qeah.jpg" C:\Users\Admin\Desktop\COOL-decrypter\Decrypter.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Subvert Trust Controls: Mark-of-the-Web Bypass

defense_evasion
Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Chaos Ransomware Builder v4.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\winrar-x64-701.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

Checks SCSI registry key(s)

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\ConfigFlags C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{a45c254e-df1c-4efd-8020-67d146a850e0}\0011 C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 C:\Windows\explorer.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A C:\Windows\explorer.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName C:\Windows\System32\vds.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\0064 C:\Windows\explorer.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Capabilities C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\explorer.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\HardwareID C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{a45c254e-df1c-4efd-8020-67d146a850e0}\0011 C:\Windows\explorer.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Capabilities C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Windows\System32\vds.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002 C:\Windows\explorer.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\explorer.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\HardwareID C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{afd97640-86a3-4210-b67c-289c41aabe55}\0002 C:\Windows\explorer.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Capabilities C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0002 C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\0064 C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\0064 C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 C:\Windows\System32\vds.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{afd97640-86a3-4210-b67c-289c41aabe55}\0003 C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000 C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\0064 C:\Windows\explorer.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName C:\Windows\System32\vds.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001 C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\explorer.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 C:\Windows\explorer.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A C:\Windows\explorer.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0002 C:\Windows\explorer.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Capabilities C:\Windows\explorer.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\ConfigFlags C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\explorer.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName C:\Windows\explorer.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\HardwareID C:\Windows\explorer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{afd97640-86a3-4210-b67c-289c41aabe55}\0003 C:\Windows\explorer.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Interacts with shadow copies

ransomware
Description Indicator Process Target
N/A N/A C:\Windows\system32\vssadmin.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000\Software\Microsoft\Internet Explorer\GPU C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Key created \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000\Software\Microsoft\Internet Explorer\Main C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000\Software\Microsoft\Internet Explorer\Main\DisableFirstRunCustomize = "1" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Windows\explorer.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133700254604244452" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\5 C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16" C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
Key created \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\9\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\9\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\9\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616193" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\9\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 020000000000000001000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616193" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202 C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\bing.com\Total = "13301" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 05000000060000000100000003000000020000000400000000000000ffffffff C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4" C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\9\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\LogicalViewMode = "1" C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\9\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\www.bing.com\ = "13301" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\TrayNotify\PastIconsStream = 1400000005000000010001000200000014000000494c2006020004002c0010001000ffffffff2110ffffffffffffffff424d360000000000000036000000280000001000000040000000010020000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000ff00000060000000000000000000000020000000b0000000ff000000ff000000ff000000ff000000ff000000ff000000ff000000ff000000ff000000ff00000060000000200000000000000020000000f00d0d0df09d9d9dffc8c8c8ffe5e5e5ffe5e5e5ffe5e5e5ffe5e5e5ffe5e5e5ff8f8f8fff000000ff000000603f3f3f66000000ff00000060000000900a0a0af0c0c0c0ffe5e5e5ffe5e5e5ffe5e5e5ffe5e5e5ffe5e5e5ffe5e5e5ff8f8f8fff000000ff0000006056565660e2e2e2ff474747eb000000d0000000e04c4c4cee999999ff939393eeb1b1b1f0e0e0e0ffe5e5e5ffe5e5e5ff8f8f8fff000000ff0000006056565660c8c8c8f7adadadf6858585ff000000ff000000ff737373ff999999ff999999ff999999ff999999ffa0a0a0e8868686ff000000ff000000606d6d6d88aaaaaaebb2b2b2ffb2b2b2ff7a7a7aff000000ff000000ff696969ff999999ff999999ff999999ff999999ff5f5f5fff000000ff0000006045454571b2b2b2ffb2b2b2ffb2b2b2ffa7a7a7ff1b1b1be8000000c0000000b0080808f08f8f8fff999999ff999999ff5f5f5fff000000ff00000060303030607f7f7fff7b7b7bf67e7e7ee2525252e20a0a0af0000000f00000003000000020000000f0101010eb5a5a5af6505050ff000000ff00000060303030607f7f7fff7f7f7fff7f7f7fff676767ff000000ff000000b000000020000000000000000000000020000000b0000000ff000000ff00000060303030607f7f7fff7f7f7fff7f7f7fff777777ff080808f0000000d0000000000000000000000000000000000000000000000060000000ff00000060000000602c2c2ceb5f5f5fff5f5f5fff3f3f3fee080808f0000000f0000000300000000000000000000000000000000000000000000000a0000000600000000000000050000000b0000000f0000000ff000000f0000000a000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000ff00000060000000000000000000000020000000b0000000ff000000ff000000ff000000ff000000ff000000ff000000ff000000ff000000ff000000ff00000060000000200000000000000020000000f00d0d0df09d9d9dffc8c8c8ffe5e5e5ffe5e5e5ffe5e5e5ffe5e5e5ffe5e5e5ff8f8f8fff000000ff000000603f3f3f66000000ff00000060000000900a0a0af0c0c0c0ffe5e5e5ffe5e5e5ffe5e5e5ffe5e5e5ffe5e5e5ffe5e5e5ff8f8f8fff000000ff0000006056565660e2e2e2ff474747eb000000d0000000e04c4c4cee999999ff939393eeb1b1b1f0e0e0e0ffe5e5e5ffe5e5e5ff8f8f8fff000000ff0000006056565660c8c8c8f7adadadf6858585ff000000ff000000ff737373ff999999ff999999ff999999ff999999ffa0a0a0e8868686ff000000ff000000606d6d6d88aaaaaaebb2b2b2ffb2b2b2ff7a7a7aff000000ff000000ff696969ff999999ff999999ff999999ff999999ff5f5f5fff000000ff0000006045454571b2b2b2ffb2b2b2ffb2b2b2ffa7a7a7ff1b1b1be8000000c0000000b0080808f08f8f8fff999999ff999999ff5f5f5fff000000ff00000060303030607f7f7fff7b7b7bf67e7e7ee2525252e20a0a0af0000000f00000003000000020000000f0101010eb5a5a5af6505050ff000000ff00000060303030607f7f7fff7f7f7fff7f7f7fff676767ff000000ff000000b000000020000000000000000000000020000000b0000000ff000000ff00000060303030607f7f7fff7f7f7fff7f7f7fff777777ff080808f0000000d0000000000000000000000000000000000000000000000060000000ff00000060000000602c2c2ceb5f5f5fff5f5f5fff3f3f3fee080808f0000000f0000000300000000000000000000000000000000000000000000000a0000000600000000000000050000000b0000000f0000000ff000000f0000000a000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000424d3e000000000000003e0000002800000010000000400000000100010000000000000100000000000000000000000000000000000000000000ffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffff0000fff90000fff10000800100000000000000000000000000000000000000000000000000000001000080070000c0070000c80f0000ffff0000ffff0000ffff0000fff90000fff10000800100000000000000000000000000000000000000000000000000000001000080070000c0070000c80f0000ffff0000ffff000000000000000000000000000000000000000000000000010000000800000002000000040000002400000001000000000000000100000000000000 C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\9\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\9\Shell\SniffedFolderType = "Generic" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DomStorageState C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Key created \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\ApplicationFrame\Microsoft.Windows.PeopleExperienceHost = 6801000088020000 C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\www.bing.com\ = "14679" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\TrayNotify\IconStreams = 140000000700000001000100050000001400000050003a005c00480066007200650066005c004e0071007a00760061005c004e006300630051006e0067006e005c005900620070006e0079005c005a00760070006500620066006200730067005c00420061007200510065007600690072005c00420061007200510065007600690072002e0072006b00720000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50100000000000000000000e8070800420061007200510065007600690072000a00410062006700200066007600740061007200710020007600610000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000019ae0a54eee4da0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000007b005300330038004f0053003400300034002d0031005100340033002d0034003200530032002d0039003300300035002d00360037005100520030004f003200380053005000320033007d005c0072006b006300790062006500720065002e0072006b00720000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e8070800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff75ae2078e323294282c1e41cb67d5b9c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000007b005300330038004f0053003400300034002d0031005100340033002d0034003200530032002d0039003300300035002d00360037005100520030004f003200380053005000320033007d005c0072006b006300790062006500720065002e0072006b00720000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e8070800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff81ae2078e323294282c1e41cb67d5b9c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000007b005300330038004f0053003400300034002d0031005100340033002d0034003200530032002d0039003300300035002d00360037005100520030004f003200380053005000320033007d005c0072006b006300790062006500720065002e0072006b00720000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e8070800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff82ae2078e323294282c1e41cb67d5b9c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000007b005300330038004f0053003400300034002d0031005100340033002d0034003200530032002d0039003300300035002d00360037005100520030004f003200380053005000320033007d005c0072006b006300790062006500720065002e0072006b00720000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e8070800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff83ae2078e323294282c1e41cb67d5b9c00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\9\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202020202020202 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\FFlags = "1092616257" C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
Key created \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\2\MRUListEx = 00000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\FFlags = "1092616193" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\9\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total\ = "14679" C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Pictures" C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4" C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a000000a000000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\GroupByDirection = "1" C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
Key created \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\9\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\hqdefault (2).jpg:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\hqdefault (3).ico:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\winrar-x64-701.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\Downloads\hqdefault.ico:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\hqdefault (1).ico:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\hqdefault.jpg:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\hqdefault.png:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\hqdefault (1).jpg:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\hqdefault (1).ico:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\hqdefault (2).ico:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 176648.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Chaos Ransomware Builder v4.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Opens file in notepad (likely ransom note)

ransomware
Description Indicator Process Target
N/A N/A C:\Windows\system32\NOTEPAD.EXE N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Roaming\svchost.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\VapeV4Crack.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Roaming\svchost.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\system32\vssvc.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\vssvc.exe N/A
Token: SeAuditPrivilege N/A C:\Windows\system32\vssvc.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 33 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 34 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 35 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 36 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 33 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 34 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 35 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 36 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\system32\wbengine.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\wbengine.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\system32\wbengine.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Desktop\COOL-decrypter\Decrypter.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701.exe N/A
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701.exe N/A
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701.exe N/A
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701.exe N/A
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701.exe N/A
N/A N/A C:\Users\Admin\Downloads\winrar-x64-701.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1072 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 3084 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 4580 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 4580 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 5092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 5092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 5092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 5092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 5092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 5092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 5092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 5092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 5092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 5092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 5092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 5092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 5092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 5092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 5092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 5092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 5092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 5092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 5092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1072 wrote to memory of 5092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Uses Task Scheduler COM API

persistence

Uses Volume Shadow Copy WMI provider

ransomware

Uses Volume Shadow Copy service COM API

ransomware

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/Hacker2425/Ransomware-Builder

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe09323cb8,0x7ffe09323cc8,0x7ffe09323cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1796 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2356 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2848 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5468 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5032 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1988 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4112 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1988 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6184 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6268 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1784 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2620 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3412 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3480 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6408 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6424 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5536 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6420 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1020 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1052 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7024 /prefetch:1

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe

"C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6852 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4860 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6728 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3168 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2608 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2592 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7304 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2120 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7352 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7220 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6792 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7088 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5700 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7344 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7548 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7672 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2120 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7076 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7084 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6240 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7824 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7736 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7084 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8008 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8220 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8544 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8720 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8856 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8712 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8396 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8932 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8176 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9408 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9548 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9972 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10936 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10040 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10068 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9932 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6392 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10916 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10224 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10092 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8716 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10088 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10044 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7296 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11132 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9960 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8268 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8736 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6856 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11044 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10848 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10976 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11260 /prefetch:1

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\1cocm24i\1cocm24i.cmdline"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\irqvtqwi\irqvtqwi.cmdline"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\11vwlz2a\11vwlz2a.cmdline"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8920 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7656 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10964 /prefetch:8

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\q2jqsicv\q2jqsicv.cmdline"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11088 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10032 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10904 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7760 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9872 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10044 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11232 /prefetch:8

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\pe0xrgto\pe0xrgto.cmdline"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\zy1m2nnf\zy1m2nnf.cmdline"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10808 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8636 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10932 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11132 /prefetch:1

C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe

"C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\izyqfyji\izyqfyji.cmdline"

C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe

"C:\Users\Admin\Desktop\Chaos Ransomware Builder v4.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11212 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,13402701102274744134,17734116906399743256,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8244 /prefetch:1

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\f4hn2ify\f4hn2ify.cmdline"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RESB86F.tmp" "c:\Users\Admin\Downloads\CSC2F958CE2BB0E488A880B9CA8F7EDB0.TMP"

C:\Users\Admin\Downloads\VapeV4Crack.exe

"C:\Users\Admin\Downloads\VapeV4Crack.exe"

C:\Users\Admin\AppData\Roaming\svchost.exe

"C:\Users\Admin\AppData\Roaming\svchost.exe"

C:\Windows\System32\cmd.exe

"C:\Windows\System32\cmd.exe" /C vssadmin delete shadows /all /quiet & wmic shadowcopy delete

C:\Windows\system32\vssadmin.exe

vssadmin delete shadows /all /quiet

C:\Windows\system32\vssvc.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\Wbem\WMIC.exe

wmic shadowcopy delete

C:\Windows\System32\cmd.exe

"C:\Windows\System32\cmd.exe" /C bcdedit /set {default} bootstatuspolicy ignoreallfailures & bcdedit /set {default} recoveryenabled no

C:\Windows\system32\bcdedit.exe

bcdedit /set {default} bootstatuspolicy ignoreallfailures

C:\Windows\system32\bcdedit.exe

bcdedit /set {default} recoveryenabled no

C:\Windows\System32\cmd.exe

"C:\Windows\System32\cmd.exe" /C wbadmin delete catalog -quiet

C:\Windows\system32\wbadmin.exe

wbadmin delete catalog -quiet

C:\Windows\system32\wbengine.exe

"C:\Windows\system32\wbengine.exe"

C:\Windows\System32\vdsldr.exe

C:\Windows\System32\vdsldr.exe -Embedding

C:\Windows\System32\vds.exe

C:\Windows\System32\vds.exe

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Roaming\read_it.txt

C:\Users\Admin\Desktop\COOL-decrypter\Decrypter.exe

"C:\Users\Admin\Desktop\COOL-decrypter\Decrypter.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdf578cc40,0x7ffdf578cc4c,0x7ffdf578cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1792,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1780 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2060,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2116 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2232,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2192 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3104,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3240 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3112,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3316 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4496,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3576 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4812,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4804 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4820,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4848 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5084,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5116 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4412,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3176 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4916,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3428 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4836,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3436 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3292,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5156 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5128,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5016 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5416,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5436 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5628,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5644 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5652,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5592 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5616,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5724 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5880,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5888 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5624,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6044 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6200,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6220 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6340,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6360 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=6528,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6516 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6660,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6520 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=6828,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5760 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=6836,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6820 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=4824,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3484 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6052,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6040 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=5024,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5932 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=6904,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5872 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6916,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7384 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=6932,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7408 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=5288,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5384 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=5612,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5132 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=5028,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7172 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=5744,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5180 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=6156,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6896 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=7248,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6912 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=7672,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6940 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=7356,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7824 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=5732,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5804 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=5844,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6616 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=7676,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6844 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=7444,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8264 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=8180,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8288 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=6820,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8548 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=8280,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6892 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=8812,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7656 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=8844,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8836 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=8864,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8856 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=9176,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9168 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=3736,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6928 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=9160,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6876 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=9124,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7896 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=8220,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8820 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=8212,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7212 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=7340,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7208 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=6612,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5332 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=6608,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8828 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=9068,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7484 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=8920,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9024 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=7284,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7452 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=9028,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5412 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=9076,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9088 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=9044,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9388 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=7912,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9584 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=7388,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9608 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=9228,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9724 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=9340,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7212 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=9356,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8184 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=7336,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7696 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=9100,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7280 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=9348,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9448 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=9104,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8936 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=8988,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7488 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --field-trial-handle=7876,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7840 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --field-trial-handle=3144,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9308 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --field-trial-handle=6920,i,16516199614049568391,15791911947049933260,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9144 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdf578cc40,0x7ffdf578cc4c,0x7ffdf578cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1964,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=1960 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1836,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=2024 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2208,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=2228 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3120,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=3128 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3136,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=3176 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4420,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=4424 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4264,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=3784 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4816,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=4828 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4984,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=4556 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4896,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=5008 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3312,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=3444 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4864,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=5012 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4456,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=5312 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4892,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=5348 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4352,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=5332 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3424,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=3580 /prefetch:8

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" a -i#7zMap11119:62:7zEvent11145 -ad -saa -- "C:\Users\Admin\Desktop\VapeV4"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3580,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=3308 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4888,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=5396 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4844,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=5380 /prefetch:8

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Desktop\VapeV4\" -ad -an -ai#7zMap7446:68:7zEvent16650

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" a -i#7zMap19321:62:7zEvent26401 -tzip -sae -- "C:\Users\Admin\Desktop\VapeV4.zip"

C:\Windows\system32\sihost.exe

sihost.exe

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {9BA05972-F6A8-11CF-A442-00A0C90A8F39} -Embedding

C:\Windows\explorer.exe

explorer.exe /LOADSAVEDWINDOWS

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe

"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe" -ServerName:CortanaUI.AppXstmwaab17q5s3y22tp6apqz7a45vwv65.mca

C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe

"C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5480,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=5500 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5712,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=5700 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=3388,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=5364 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=6020,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=5964 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5876,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=5772 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6164,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=6196 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6184,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=6328 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6496,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=6492 /prefetch:8

C:\Users\Admin\Downloads\winrar-x64-701.exe

"C:\Users\Admin\Downloads\winrar-x64-701.exe"

C:\Windows\system32\werfault.exe

werfault.exe /h /shared Global\90c283fa573449408aebb98b701e22b6 /t 4264 /p 2016

C:\Users\Admin\Downloads\winrar-x64-701.exe

"C:\Users\Admin\Downloads\winrar-x64-701.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6948,i,15228088157749585244,13555833686245558991,262144 --variations-seed-version=20240905-050113.669000 --mojo-platform-channel-handle=6352 /prefetch:1

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" a -i#7zMap14843:62:7zEvent8065 -tzip -seml. -sae -- "VapeV4.zip"

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" a -i#7zMap11873:62:7zEvent12649 -ad -saa -- "C:\Users\Admin\Desktop\VapeV4"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe09323cb8,0x7ffe09323cc8,0x7ffe09323cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1832 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2296 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2568 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4464 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3672 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5224 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5420 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3608 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5748 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4444 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5420 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3960 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4504 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6088 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3988 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4040 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5312 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6112 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6368 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6484 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6500 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6508 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8500 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8624 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8528 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8948 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8760 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9772 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3668 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8816 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10236 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9332 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5880 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9596 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2744 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9616 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1656 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1720,16474752598593520845,2509276793852648818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7300 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.110.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 81.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 80.14.97.104.in-addr.arpa udp
US 140.82.114.22:443 collector.github.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 140.82.114.22:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
N/A 224.0.0.251:5353 udp
US 185.199.109.133:443 avatars.githubusercontent.com tcp
US 52.111.227.13:443 tcp
GB 20.26.156.210:443 api.github.com tcp
GB 95.101.143.203:443 www.bing.com tcp
GB 95.101.143.203:443 www.bing.com tcp
GB 95.101.143.35:443 th.bing.com tcp
GB 95.101.143.35:443 th.bing.com tcp
GB 95.101.143.179:443 th.bing.com tcp
GB 95.101.143.179:443 th.bing.com tcp
FR 172.217.20.206:443 www.youtube.com tcp
FR 172.217.20.206:443 www.youtube.com tcp
US 13.107.5.80:443 services.bingapis.com tcp
NL 142.250.102.84:443 accounts.google.com tcp
NL 142.250.102.84:443 accounts.google.com udp
FR 142.250.201.174:443 www.youtube.com tcp
FR 142.250.201.174:443 www.youtube.com tcp
FR 142.250.201.174:443 www.youtube.com udp
FR 172.217.20.196:443 www.google.com tcp
FR 172.217.20.206:80 www.youtube.com tcp
FR 172.217.20.206:80 www.youtube.com tcp
FR 172.217.20.196:80 www.google.com tcp
FR 172.217.20.206:443 www.youtube.com udp
FR 142.250.179.78:443 www.youtube.com tcp
FR 142.250.179.78:443 www.youtube.com udp
FR 142.250.201.174:443 www.youtube.com udp
GB 88.221.135.27:443 th.bing.com tcp
GB 2.19.252.146:443 aefd.nelreports.net tcp
US 52.167.30.171:443 fpt2.microsoft.com tcp
US 204.79.197.201:443 testfamilysafety.bing.com tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
FR 142.250.201.182:443 i.ytimg.com tcp
FR 142.250.201.182:443 i.ytimg.com tcp
FR 142.250.201.182:443 i.ytimg.com udp
US 8.8.8.8:53 www.giftbox.com.au udp
US 8.8.8.8:53 cdn.shopify.com udp
US 151.101.193.124:443 www.giftbox.com.au tcp
CA 23.227.60.200:443 cdn.shopify.com tcp
GB 2.18.108.33:443 res.cloudinary.com tcp
GB 2.18.190.81:80 apps.identrust.com tcp
US 8.8.8.8:53 33.108.18.2.in-addr.arpa udp
US 8.8.8.8:53 81.190.18.2.in-addr.arpa udp
GB 88.221.134.3:443 th.bing.com tcp
GB 2.19.252.146:443 aefd.nelreports.net udp
US 172.67.25.240:443 cdn.freeconvert.com tcp
US 172.67.25.240:443 cdn.freeconvert.com tcp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 104.18.24.111:443 eventexistence.com tcp
US 104.18.24.111:443 eventexistence.com tcp
US 52.219.178.241:443 s3.us-east-2.amazonaws.com tcp
GB 52.84.90.27:443 static.adsafeprotected.com tcp
GB 52.84.90.27:443 static.adsafeprotected.com tcp
US 104.22.56.144:443 cdn.freeconvert.com tcp
US 8.8.8.8:53 241.178.219.52.in-addr.arpa udp
US 8.8.8.8:53 111.24.18.104.in-addr.arpa udp
US 8.8.8.8:53 43.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 27.90.84.52.in-addr.arpa udp
US 104.18.24.111:443 eventexistence.com tcp
US 3.132.89.144:443 pbjs-stream.bydata.com tcp
US 3.132.89.144:443 pbjs-stream.bydata.com tcp
US 3.132.89.144:443 pbjs-stream.bydata.com tcp
NL 142.250.102.84:443 accounts.google.com udp
FR 142.250.179.78:443 www.youtube.com udp
GB 162.125.64.18:443 www.dropbox.com tcp
FR 142.250.179.78:443 www.youtube.com tcp
US 34.120.248.16:443 sdk.birdeatsbug.com tcp
US 34.120.248.16:443 sdk.birdeatsbug.com tcp
US 34.120.195.249:443 o1056786.ingest.sentry.io tcp
US 104.22.57.144:443 notification.freeconvert.com tcp
US 8.8.8.8:53 144.57.22.104.in-addr.arpa udp
GB 54.192.137.4:443 widget.trustpilot.com tcp
US 104.22.56.144:443 s46-hzfi.freeconvert.com tcp
US 104.22.56.144:443 s46-hzfi.freeconvert.com tcp
US 34.120.195.249:443 o1056786.ingest.sentry.io udp
GB 2.19.252.148:443 aefd.nelreports.net udp
US 8.8.8.8:53 148.252.19.2.in-addr.arpa udp
US 8.8.8.8:53 r.bing.com udp
GB 95.101.143.177:443 th.bing.com tcp
US 204.79.197.200:443 bing.com tcp
CZ 176.227.168.129:443 www.photopea.com tcp
CZ 176.227.168.129:443 www.photopea.com tcp
CZ 176.227.168.129:443 www.photopea.com tcp
US 104.21.75.193:443 vecpea.com tcp
US 104.21.75.193:443 vecpea.com tcp
US 104.21.75.193:443 vecpea.com tcp
US 104.21.75.193:443 vecpea.com tcp
US 104.21.75.193:443 vecpea.com tcp
FR 142.250.179.66:443 googleads.g.doubleclick.net tcp
US 172.67.211.190:443 cmp.uniconsent.com tcp
US 172.67.211.190:443 cmp.uniconsent.com tcp
US 8.8.8.8:53 66.179.250.142.in-addr.arpa udp
GB 18.245.150.14:443 dsh7ky7308k4b.cloudfront.net tcp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 mp.4dex.io udp
US 8.8.8.8:53 ssc.33across.com udp
DE 37.252.171.21:443 ib.adnxs.com tcp
US 89.187.176.168:443 ssc.33across.com tcp
US 104.18.34.178:443 mp.4dex.io tcp
US 8.8.8.8:53 prebid.adnxs.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
US 8.8.8.8:53 btlr.sharethrough.com udp
NL 185.89.208.11:443 prebid.adnxs.com tcp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 cdn.confiant-integrations.net udp
US 8.8.8.8:53 edge.hyth.io udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 d1zndhgj5c3q5g.cloudfront.net udp
US 8.8.8.8:53 floor.pbxai.com udp
US 8.8.8.8:53 go.affec.tv udp
US 8.8.8.8:53 currency.prebid.org udp
US 8.8.8.8:53 cdn.pbxai.com udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 8.8.8.8:53 id.crwdcntrl.net udp
FR 172.217.20.162:443 securepubads.g.doubleclick.net tcp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
GB 143.244.38.136:443 cdn.pbxai.com tcp
US 104.22.5.69:443 id.hadron.ad.gt tcp
NL 178.250.1.11:443 dnacdn.net tcp
US 15.197.193.217:443 match.adsrvr.org tcp
US 54.209.171.54:443 ivt.pubgalaxy.com tcp
NL 18.239.70.203:443 c.amazon-adsystem.com tcp
IE 63.35.244.190:443 go.affec.tv tcp
GB 13.41.61.124:443 floor.pbxai.com tcp
IE 52.19.190.163:443 id.crwdcntrl.net tcp
US 104.18.43.90:443 cdn.confiant-integrations.net tcp
GB 13.224.222.98:443 edge.hyth.io tcp
GB 54.192.137.22:443 d1zndhgj5c3q5g.cloudfront.net tcp
GB 18.245.253.63:443 currency.prebid.org tcp
DE 52.28.189.81:443 pbs.360yield.com tcp
IE 34.250.128.141:443 ap.lijit.com tcp
NL 89.149.192.65:443 prg.smartadserver.com tcp
DE 18.159.212.21:443 btlr.sharethrough.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 185.64.189.112:443 hbopenbid.pubmatic.com tcp
US 35.244.159.8:443 u.openx.net tcp
DE 51.89.9.254:443 onetag-sys.com tcp
US 172.64.151.101:443 htlb.casalemedia.com tcp
US 104.21.75.193:443 vecpea.com tcp
FR 172.217.20.162:443 securepubads.g.doubleclick.net udp
DE 37.252.171.53:443 secure.adnxs.com tcp
IE 63.35.244.190:443 go.affec.tv tcp
IE 34.252.219.11:443 map.go.affec.tv tcp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
GB 23.49.161.153:443 secure.cdn.fastclick.net tcp
US 104.22.53.86:443 cdn.id5-sync.com tcp
NL 18.238.243.129:443 config.aps.amazon-adsystem.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
US 104.22.53.173:443 cdn.hadronid.net tcp
GB 18.245.143.118:443 tags.crwdcntrl.net tcp
NL 18.239.68.199:443 aax.amazon-adsystem.com tcp
NL 13.227.219.37:443 ats.rlcdn.com tcp
FR 172.217.20.174:443 fundingchoicesmessages.google.com tcp
US 8.8.8.8:53 11.208.89.185.in-addr.arpa udp
US 8.8.8.8:53 162.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 136.38.244.143.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 217.193.197.15.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 124.61.41.13.in-addr.arpa udp
US 8.8.8.8:53 203.70.239.18.in-addr.arpa udp
US 8.8.8.8:53 90.43.18.104.in-addr.arpa udp
US 8.8.8.8:53 120.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 98.222.224.13.in-addr.arpa udp
US 8.8.8.8:53 190.244.35.63.in-addr.arpa udp
US 8.8.8.8:53 163.190.19.52.in-addr.arpa udp
US 8.8.8.8:53 22.137.192.54.in-addr.arpa udp
US 8.8.8.8:53 63.253.245.18.in-addr.arpa udp
US 8.8.8.8:53 54.171.209.54.in-addr.arpa udp
US 8.8.8.8:53 101.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 8.159.244.35.in-addr.arpa udp
US 8.8.8.8:53 112.189.64.185.in-addr.arpa udp
US 8.8.8.8:53 65.192.149.89.in-addr.arpa udp
US 8.8.8.8:53 141.128.250.34.in-addr.arpa udp
US 8.8.8.8:53 139.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 254.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 21.212.159.18.in-addr.arpa udp
US 8.8.8.8:53 81.189.28.52.in-addr.arpa udp
US 8.8.8.8:53 53.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 11.219.252.34.in-addr.arpa udp
US 8.8.8.8:53 153.161.49.23.in-addr.arpa udp
US 8.8.8.8:53 86.53.22.104.in-addr.arpa udp
US 8.8.8.8:53 173.53.22.104.in-addr.arpa udp
US 8.8.8.8:53 129.243.238.18.in-addr.arpa udp
US 8.8.8.8:53 118.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 199.68.239.18.in-addr.arpa udp
US 8.8.8.8:53 37.219.227.13.in-addr.arpa udp
NL 18.239.83.45:443 geo.privacymanager.io tcp
FR 172.217.20.174:443 fundingchoicesmessages.google.com udp
IE 67.220.226.238:443 aax-eu.amazon-adsystem.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
GB 18.245.255.11:443 cdn.prod.uidapi.com tcp
US 104.22.5.69:443 a.ad.gt tcp
GB 18.245.162.16:443 connectid.analytics.yahoo.com tcp
US 172.64.152.89:443 cdn-ima.33across.com tcp
US 34.96.70.87:443 invstatic101.creativecdn.com tcp
US 34.102.146.192:443 oa.openxcdn.net tcp
DE 52.28.189.81:443 pbs.360yield.com tcp
DE 52.28.189.81:443 pbs.360yield.com tcp
IE 34.250.128.141:443 ap.lijit.com tcp
US 172.64.151.101:443 htlb.casalemedia.com tcp
NL 185.64.189.112:443 hbopenbid.pubmatic.com tcp
DE 18.159.212.21:443 btlr.sharethrough.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 135.148.55.236:443 pbs.nextmillmedia.com tcp
IE 52.208.173.48:443 mweb-hb.presage.io tcp
US 54.84.92.154:443 report2.hb.brainlyads.com tcp
DE 3.124.64.248:443 tlx.3lift.com tcp
US 34.120.63.153:443 prebid.media.net tcp
NL 18.239.50.10:443 hb.yellowblue.io tcp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 sync.go.sonobi.com udp
US 34.120.107.143:443 oajs.openx.net tcp
US 34.214.191.204:443 ids.ad.gt tcp
US 34.214.191.204:443 ids.ad.gt tcp
US 34.214.191.204:443 ids.ad.gt tcp
US 69.166.1.67:443 sync.go.sonobi.com tcp
NL 198.47.127.205:443 image2.pubmatic.com tcp
US 172.67.23.234:443 a.ad.gt tcp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
US 8.8.8.8:53 192.146.102.34.in-addr.arpa udp
US 8.8.8.8:53 153.63.120.34.in-addr.arpa udp
US 8.8.8.8:53 48.173.208.52.in-addr.arpa udp
US 8.8.8.8:53 10.50.239.18.in-addr.arpa udp
US 8.8.8.8:53 248.64.124.3.in-addr.arpa udp
DE 3.75.62.37:443 ups.analytics.yahoo.com tcp
DE 3.75.62.37:443 ups.analytics.yahoo.com tcp
US 34.214.191.204:443 ids.ad.gt tcp
IE 52.208.173.48:443 mweb-hb.presage.io tcp
IE 18.200.152.50:443 ad.360yield.com tcp
US 172.67.23.234:443 pixels.ad.gt tcp
US 34.120.107.143:443 oajs.openx.net udp
FR 51.178.195.217:443 sync.smartadserver.com tcp
US 34.214.191.204:443 ids.ad.gt tcp
US 34.214.191.204:443 ids.ad.gt tcp
US 172.67.23.234:443 pixels.ad.gt tcp
DE 51.89.9.254:443 onetag-sys.com udp
US 35.244.159.8:443 google-bidout-d.openx.net tcp
FR 172.217.20.193:443 c4d868e8f06b8aa005a7c5ead7395e88.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
US 74.121.140.211:443 sync.mathtag.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
GB 185.64.191.214:443 image8.pubmatic.com tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
FR 154.54.250.81:443 ads.stickyadstv.com tcp
US 80.77.87.162:443 cs.admanmedia.com tcp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
FR 178.32.210.230:443 ssbsync-global.smartadserver.com tcp
FR 216.58.215.33:443 ep2.adtrafficquality.google tcp
US 8.8.8.8:53 168.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 226.74.250.142.in-addr.arpa udp
US 8.8.8.8:53 193.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 67.1.166.69.in-addr.arpa udp
US 8.8.8.8:53 204.191.214.34.in-addr.arpa udp
NL 35.214.136.108:443 x.bidswitch.net tcp
FR 172.217.20.196:443 www.google.com udp
FR 142.250.179.65:443 tpc.googlesyndication.com tcp
FR 142.250.179.65:443 tpc.googlesyndication.com udp
NL 35.214.136.108:443 x.bidswitch.net udp
IE 52.209.255.105:443 protected-by.clarium.io tcp
US 209.54.182.161:443 s.amazon-adsystem.com tcp
FR 142.250.179.66:443 googleads.g.doubleclick.net udp
IE 54.194.117.186:443 pbs-cs.yellowblue.io tcp
US 8.8.8.8:53 8.213.145.82.in-addr.arpa udp
US 8.8.8.8:53 65.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 105.255.209.52.in-addr.arpa udp
US 8.8.8.8:53 161.182.54.209.in-addr.arpa udp
FR 142.250.179.70:443 s0.2mdn.net tcp
DK 37.157.5.132:443 c1.adform.net tcp
US 35.244.159.8:443 u.openx.net udp
GB 95.100.245.251:443 eus.rubiconproject.com tcp
US 34.96.105.8:443 tr.blismedia.com tcp
IE 99.80.52.60:443 ce.lijit.com tcp
US 34.149.40.38:443 u.4dex.io tcp
US 76.223.111.18:443 eb2.3lift.com tcp
US 151.101.65.108:443 acdn.adnxs.com tcp
GB 2.21.80.228:443 ads.pubmatic.com tcp
US 104.18.38.76:443 cdn.indexww.com tcp
GB 95.100.244.20:443 contextual.media.net tcp
IE 34.251.113.22:443 ms-cookie-sync.presage.io tcp
US 76.223.111.18:443 eb2.3lift.com tcp
US 192.132.33.69:443 bttrack.com tcp
FR 163.5.194.35:443 prebid.a-mo.net tcp
US 35.186.253.211:443 rtb.openx.net tcp
DE 18.197.30.174:443 match.sharethrough.com tcp
US 8.8.8.8:53 60.52.80.99.in-addr.arpa udp
US 8.8.8.8:53 22.113.251.34.in-addr.arpa udp
US 8.8.8.8:53 211.253.186.35.in-addr.arpa udp
NL 35.214.199.88:443 rtb.mfadsrvr.com udp
US 80.77.87.162:443 cs.admanmedia.com tcp
DE 18.197.30.174:443 match.sharethrough.com tcp
US 34.149.40.38:443 u.4dex.io udp
DE 37.252.171.21:443 secure.adnxs.com tcp
DE 18.159.212.21:443 btlr.sharethrough.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 34.120.63.153:443 prebid.media.net udp
US 54.84.92.154:443 report2.hb.brainlyads.com tcp
US 34.160.55.127:443 navvy.media.net tcp
FR 142.250.179.70:443 s0.2mdn.net udp
US 141.101.90.29:443 attr.eurowings.com tcp
GB 2.19.252.148:443 aefd.nelreports.net udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
DE 18.159.212.21:443 btlr.sharethrough.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
DE 37.252.171.21:443 secure.adnxs.com tcp
DE 3.124.64.248:443 tlx.3lift.com tcp
US 54.84.92.154:443 report2.hb.brainlyads.com tcp
FR 172.217.20.193:443 c4d868e8f06b8aa005a7c5ead7395e88.safeframe.googlesyndication.com udp
US 44.217.44.138:443 adrta.com tcp
US 100.24.150.122:443 adrta.com tcp
US 35.244.159.8:443 u.openx.net udp
US 100.24.150.122:443 adrta.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
DE 37.252.171.21:443 secure.adnxs.com tcp
US 54.84.92.154:443 report2.hb.brainlyads.com tcp
DE 3.72.78.234:443 btlr.sharethrough.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
DE 37.252.171.21:443 secure.adnxs.com tcp
DE 3.72.78.234:443 btlr.sharethrough.com tcp
US 54.84.92.154:443 report2.hb.brainlyads.com tcp
IE 108.128.133.249:443 ads.yieldmo.com tcp
IE 108.128.133.249:443 ads.yieldmo.com tcp
GB 18.245.143.8:443 static.yieldmo.com tcp
FR 142.250.179.70:443 s0.2mdn.net udp
US 3.91.171.154:443 kinesis.us-east-1.amazonaws.com tcp
US 3.91.171.154:443 kinesis.us-east-1.amazonaws.com tcp
US 3.91.171.154:443 kinesis.us-east-1.amazonaws.com tcp
GB 18.154.84.16:443 sb.scorecardresearch.com tcp
GB 18.154.84.109:443 matchadsrvr.yieldmo.com tcp
US 3.91.171.154:443 kinesis.us-east-1.amazonaws.com tcp
US 3.91.171.154:443 kinesis.us-east-1.amazonaws.com tcp
US 3.91.171.154:443 kinesis.us-east-1.amazonaws.com tcp
GB 2.19.252.146:443 aefd.nelreports.net udp
DE 3.72.78.234:443 btlr.sharethrough.com tcp
DE 37.252.171.21:443 secure.adnxs.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 34.160.55.127:443 navvy.media.net udp
BE 74.125.206.154:443 bid.g.doubleclick.net tcp
IE 54.195.125.98:443 fw.adsafeprotected.com tcp
US 34.205.126.68:443 dt.adsafeprotected.com tcp
US 34.205.126.68:443 dt.adsafeprotected.com tcp
US 34.205.126.68:443 dt.adsafeprotected.com tcp
US 34.205.126.68:443 dt.adsafeprotected.com tcp
FR 142.250.201.162:443 www.googletagservices.com tcp
FR 142.250.201.162:443 www.googletagservices.com udp
US 34.205.126.68:443 dt.adsafeprotected.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
GB 2.16.170.123:443 code.createjs.com tcp
DE 37.252.171.21:443 secure.adnxs.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 54.84.92.154:443 report2.hb.brainlyads.com tcp
DE 18.153.93.230:443 btlr.sharethrough.com tcp
NL 62.122.173.156:443 eu-3.admanmedia.com tcp
GB 18.245.218.37:443 ts.amazon-adsystem.com tcp
NL 69.173.156.131:443 beacon-ams3.rubiconproject.com tcp
US 100.24.150.122:443 adrta.com tcp
FR 142.250.179.65:443 tpc.googlesyndication.com udp
US 80.77.87.162:443 cs.admanmedia.com tcp
GB 18.245.218.37:443 ts.amazon-adsystem.com tcp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
US 80.77.87.162:443 cs.admanmedia.com tcp
GB 2.22.101.110:443 secure-assets.rubiconproject.com tcp
US 67.202.105.22:443 ssc-cms.33across.com tcp
NL 77.245.57.72:443 sync.adkernel.com tcp
US 8.2.110.17:443 sync.admanmedia.com tcp
US 35.244.159.8:443 u.openx.net udp
GB 2.22.101.110:443 secure-assets.rubiconproject.com tcp
NL 77.245.57.72:443 sync.adkernel.com tcp
US 8.8.8.8:53 match.sharethrough.com udp
US 8.8.8.8:53 ad.360yield.com udp
NL 35.214.248.67:443 csync.loopme.me tcp
FR 91.134.110.137:443 rtb-csync.smartadserver.com tcp
GB 18.244.114.53:443 public-prod-dspcookiematching.dmxleo.com tcp
NL 141.226.228.48:443 sync.taboola.com tcp
US 70.42.32.191:443 b1h.zemanta.com tcp
IE 52.18.159.91:443 ad.360yield.com tcp
GB 108.156.39.126:443 s.ad.smaato.net tcp
IE 52.210.15.1:443 usersync.gumgum.com tcp
DE 18.195.234.25:443 match.sharethrough.com tcp
US 80.77.87.162:443 cs.admanmedia.com tcp
US 8.8.8.8:53 48.228.226.141.in-addr.arpa udp
US 8.8.8.8:53 91.159.18.52.in-addr.arpa udp
US 8.8.8.8:53 1.15.210.52.in-addr.arpa udp
US 8.8.8.8:53 csync.smilewanted.com udp
NL 154.59.122.79:443 ums.acuityplatform.com tcp
US 8.8.8.8:53 ssp.disqus.com udp
US 8.2.110.13:443 sync.adprime.com tcp
DE 18.195.234.25:443 match.sharethrough.com tcp
US 80.77.87.162:443 cs.admanmedia.com tcp
US 104.22.30.209:443 csync.smilewanted.com tcp
US 52.2.212.242:443 ssp.disqus.com tcp
US 52.2.212.242:443 ssp.disqus.com tcp
IE 54.155.70.212:443 ice.360yield.com tcp
US 8.2.110.230:443 cs.visiblemeasures.com tcp
NL 63.215.202.146:443 match.sync.ad.cpe.dotomi.com tcp
US 20.33.59.55:443 sync.inmobi.com tcp
US 80.77.87.162:443 cs.admanmedia.com tcp
US 8.2.110.97:443 us.ck-ie.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 35.82.175.167:443 visitor-illumin.omnitagjs.com tcp
IE 52.17.8.237:443 ce.lijit.com tcp
US 35.82.175.167:443 visitor-illumin.omnitagjs.com tcp
US 80.77.87.162:443 cs.admanmedia.com tcp
US 208.68.37.219:443 sync.cootlogix.com tcp
US 8.8.8.8:53 97.110.2.8.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 167.175.82.35.in-addr.arpa udp
US 8.8.8.8:53 237.8.17.52.in-addr.arpa udp
US 8.2.110.230:443 cs.visiblemeasures.com tcp
US 80.77.87.162:443 cs.admanmedia.com tcp
IE 3.254.236.147:443 sq-tungsten-ts-eu.amazon-adsystem.com tcp
DE 18.153.93.230:443 btlr.sharethrough.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 54.84.92.154:443 report2.hb.brainlyads.com tcp
US 3.91.171.254:443 kinesis.us-east-1.amazonaws.com tcp
US 3.91.171.254:443 kinesis.us-east-1.amazonaws.com tcp
US 3.91.171.254:443 kinesis.us-east-1.amazonaws.com tcp
US 3.91.171.254:443 kinesis.us-east-1.amazonaws.com tcp
GB 2.19.252.146:443 aefd.nelreports.net udp
GB 52.84.90.56:443 static.adsafeprotected.com tcp
US 3.132.89.144:443 pbjs-stream.bydata.com tcp
GB 162.125.64.18:443 www.dropbox.com tcp
GB 162.125.64.18:443 www.dropbox.com tcp
US 104.22.57.144:443 s58-hzfi.freeconvert.com tcp
AT 3.165.206.64:443 widget.trustpilot.com tcp
US 34.120.195.249:443 o1056786.ingest.sentry.io udp
FR 142.250.179.66:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 btlr.sharethrough.com udp
US 34.120.63.153:443 prebid.media.net udp
IE 54.229.93.246:443 ap.lijit.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
DE 18.192.67.89:443 btlr.sharethrough.com tcp
DE 51.89.9.254:443 onetag-sys.com tcp
DE 52.28.189.81:443 pbs.360yield.com tcp
NL 185.89.210.82:443 ib.adnxs.com tcp
FR 172.217.20.162:443 ade.googlesyndication.com udp
BE 74.125.206.154:443 bid.g.doubleclick.net udp
IE 54.171.217.32:443 fw.adsafeprotected.com tcp
IE 99.80.129.39:443 protected-by.clarium.io tcp
FR 142.250.179.70:443 s0.2mdn.net udp
US 44.218.66.254:443 dt.adsafeprotected.com tcp
NL 2.16.106.196:443 www.bing.com tcp
GB 2.17.209.59:443 th.bing.com tcp
GB 92.123.142.42:443 www.bing.com tcp
GB 92.123.142.42:443 www.bing.com tcp
GB 2.17.209.59:443 th.bing.com tcp
US 8.8.8.8:53 ts2.mm.bing.net udp
US 150.171.27.10:443 ts2.mm.bing.net tcp
US 150.171.27.10:443 ts2.mm.bing.net tcp
US 150.171.27.10:443 ts2.mm.bing.net tcp
US 150.171.27.10:443 ts2.mm.bing.net tcp
US 150.171.27.10:443 ts2.mm.bing.net tcp
US 204.79.197.201:443 testfamilysafety.bing.com tcp
US 8.8.8.8:53 ts1.mm.bing.net udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 8.8.8.8:53 tse4.mm.bing.net udp
FR 172.217.20.162:443 ade.googlesyndication.com udp
FR 172.217.20.162:443 ade.googlesyndication.com tcp
GB 2.19.252.148:443 aefd.nelreports.net udp
US 8.8.8.8:53 r.bing.com udp
GB 92.123.142.18:443 th.bing.com tcp
FR 142.250.179.66:443 googleads.g.doubleclick.net udp
FR 142.250.179.66:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 btlr.sharethrough.com udp
US 8.8.8.8:53 pbs.nextmillmedia.com udp
US 18.205.199.98:443 pbs.nextmillmedia.com tcp
DE 3.78.93.150:443 btlr.sharethrough.com tcp
DE 51.89.9.254:443 onetag-sys.com tcp
IE 52.31.16.134:443 pbs.360yield.com tcp
NL 185.89.210.82:443 ib.adnxs.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 54.84.92.154:443 report2.hb.brainlyads.com tcp
US 34.120.63.153:443 prebid.media.net udp
IE 108.128.5.110:443 ap.lijit.com tcp
FR 142.250.179.70:443 s0.2mdn.net udp
US 3.216.205.10:443 dt.adsafeprotected.com tcp
US 8.8.8.8:53 110.5.128.108.in-addr.arpa udp
US 34.160.55.127:443 navvy.media.net udp
FR 172.217.20.162:443 securepubads.g.doubleclick.net udp
FR 172.217.20.193:443 c4d868e8f06b8aa005a7c5ead7395e88.safeframe.googlesyndication.com udp
AT 18.66.27.103:443 static.yieldmo.com tcp
FR 142.250.179.65:443 tpc.googlesyndication.com udp
FR 142.250.179.98:443 googleads4.g.doubleclick.net udp
IE 54.217.175.130:443 ads.yieldmo.com tcp
US 3.91.171.214:443 kinesis.us-east-1.amazonaws.com tcp
US 3.91.171.214:443 kinesis.us-east-1.amazonaws.com tcp
IE 99.80.129.39:443 protected-by.clarium.io tcp
AT 3.165.206.101:443 sb.scorecardresearch.com tcp
US 8.8.8.8:53 214.171.91.3.in-addr.arpa udp
US 3.91.171.214:443 kinesis.us-east-1.amazonaws.com tcp
GB 2.19.252.146:443 aefd.nelreports.net udp
FR 172.217.20.196:443 www.google.com tcp
FR 172.217.20.196:443 www.google.com udp
FR 172.217.20.174:443 chrome.google.com tcp
FR 142.250.178.142:443 clients2.google.com tcp
US 45.55.107.24:443 file.io tcp
US 45.55.107.24:443 file.io tcp
AT 3.161.119.19:443 www.file.io tcp
GB 143.244.38.136:443 hb.vntsm.com tcp
GB 143.244.38.136:443 hb.vntsm.com tcp
US 8.8.8.8:53 19.119.161.3.in-addr.arpa udp
US 8.8.8.8:53 hb.vntsm.io udp
US 8.8.8.8:53 hb-vntsm-com.global.ssl.fastly.net udp
US 151.101.1.194:443 hb-vntsm-com.global.ssl.fastly.net tcp
US 172.67.36.131:443 hb.vntsm.io tcp
US 8.8.8.8:53 ad-delivery.net udp
FR 142.250.179.99:443 www.google.co.uk tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
GB 173.194.76.154:443 stats.g.doubleclick.net tcp
US 104.26.2.70:443 ad-delivery.net tcp
FR 172.217.20.162:443 securepubads.g.doubleclick.net tcp
AT 18.66.22.14:443 c.amazon-adsystem.com tcp
AT 13.32.110.93:443 cdn.exelator.com tcp
US 8.8.8.8:53 154.76.194.173.in-addr.arpa udp
FR 172.217.20.162:443 securepubads.g.doubleclick.net udp
AT 18.66.22.14:443 c.amazon-adsystem.com tcp
AT 3.165.206.48:443 config.aps.amazon-adsystem.com tcp
FR 172.217.20.174:443 fundingchoicesmessages.google.com tcp
GB 23.49.161.153:443 secure.cdn.fastclick.net tcp
GB 23.49.161.153:443 secure.cdn.fastclick.net tcp
US 104.22.53.86:443 cdn.id5-sync.com tcp
US 104.22.52.173:443 cdn.hadronid.net tcp
US 104.22.5.69:443 id.hadron.ad.gt tcp
FR 172.217.20.174:443 fundingchoicesmessages.google.com udp
NL 89.207.16.210:443 proc.ad.cpe.dotomi.com tcp
FR 172.217.20.174:443 fundingchoicesmessages.google.com udp
FR 142.250.179.65:443 lh3.googleusercontent.com tcp
US 8.8.8.8:53 93.110.32.13.in-addr.arpa udp
US 8.8.8.8:53 48.206.165.3.in-addr.arpa udp
US 8.8.8.8:53 173.52.22.104.in-addr.arpa udp
US 8.8.8.8:53 210.16.207.89.in-addr.arpa udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 a.ad.gt udp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.119:443 lb.eu-1-id5-sync.com tcp
US 104.22.5.69:443 a.ad.gt tcp
GB 143.244.38.136:443 hb.vntsm.com tcp
IE 34.254.143.3:443 load.exelator.com tcp
US 15.197.193.217:443 match.adsrvr.org tcp
US 3.92.35.19:443 onsite-tag-logs.apps.nielsen.com tcp
US 104.244.42.195:443 analytics.twitter.com tcp
FR 142.250.179.66:443 cm.g.doubleclick.net tcp
FR 142.250.179.66:443 cm.g.doubleclick.net udp
US 34.102.146.192:443 oa.openxcdn.net tcp
NL 178.250.1.3:443 static.criteo.net tcp
US 34.96.70.87:443 invstatic101.creativecdn.com tcp
US 172.64.152.89:443 cdn-ima.33across.com tcp
AT 3.161.119.128:443 tags.crwdcntrl.net tcp
IE 52.49.227.192:443 p.cpx.to tcp
US 104.18.167.224:443 pub.doubleverify.com tcp
DE 91.228.74.159:443 pixel.quantserve.com tcp
US 104.18.22.145:443 cadmus.script.ac tcp
DE 37.252.171.85:443 ib.adnxs.com tcp
US 104.18.167.224:443 pub.doubleverify.com udp
US 34.95.69.49:443 i.clean.gg tcp
IE 52.19.190.163:443 bcp.crwdcntrl.net tcp
AT 3.165.206.17:443 rules.quantcount.com tcp
AT 18.66.16.134:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 apex.go.sonobi.com udp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 prg.smartadserver.com udp
US 8.8.8.8:53 elb.the-ozone-project.com udp
US 8.8.8.8:53 btlr.sharethrough.com udp
US 8.8.8.8:53 track.venatusmedia.com udp
US 34.120.111.33:443 cdn.edkt.io tcp
US 172.67.75.241:443 script.4dex.io tcp
US 69.166.1.9:443 apex.go.sonobi.com tcp
DE 3.124.64.248:443 tlx.3lift.com tcp
US 172.64.153.66:443 elb.the-ozone-project.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
FR 163.5.194.34:443 prebid.a-mo.net tcp
DE 18.199.220.232:443 btlr.sharethrough.com tcp
DE 18.199.220.232:443 btlr.sharethrough.com tcp
DE 18.199.220.232:443 btlr.sharethrough.com tcp
DE 18.199.220.232:443 btlr.sharethrough.com tcp
NL 81.17.55.161:443 prg.smartadserver.com tcp
NL 81.17.55.161:443 prg.smartadserver.com tcp
IE 54.78.16.191:443 track.venatusmedia.com tcp
US 34.95.69.49:443 i.clean.gg udp
US 172.67.75.241:443 script.4dex.io tcp
US 8.8.8.8:53 192.227.49.52.in-addr.arpa udp
US 8.8.8.8:53 159.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 85.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 17.206.165.3.in-addr.arpa udp
US 8.8.8.8:53 49.69.95.34.in-addr.arpa udp
US 8.8.8.8:53 134.16.66.18.in-addr.arpa udp
US 8.8.8.8:53 241.75.67.172.in-addr.arpa udp
US 8.8.8.8:53 33.111.120.34.in-addr.arpa udp
US 8.8.8.8:53 66.153.64.172.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 34.194.5.163.in-addr.arpa udp
US 8.8.8.8:53 161.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 232.220.199.18.in-addr.arpa udp
US 8.8.8.8:53 151.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 191.16.78.54.in-addr.arpa udp
US 8.8.8.8:53 9.1.166.69.in-addr.arpa udp
IE 52.49.227.192:443 s.cpx.to tcp
US 34.120.111.33:443 cdn.edkt.io tcp
IE 67.220.228.203:443 aax-eu.amazon-adsystem.com tcp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
NL 185.89.210.122:443 secure.adnxs.com tcp
NL 198.47.127.205:443 image2.pubmatic.com tcp
US 34.120.111.33:443 cdn.edkt.io udp
NL 178.250.1.11:443 dnacdn.net tcp
NL 198.47.127.205:443 image2.pubmatic.com tcp
FR 172.217.20.193:443 e5461c84e8416de31c488883ad0cb2ac.safeframe.googlesyndication.com tcp
US 34.120.111.33:443 cdn.edkt.io tcp
GB 2.22.132.37:443 tg1.aniview.com tcp
US 34.120.111.33:443 cdn.edkt.io udp
US 172.240.45.75:443 track4.aniview.com tcp
GB 2.16.170.112:443 player.avplayer.com tcp
GB 2.17.43.115:443 feed.avplayer.com tcp
NL 178.250.1.7:443 ssp-sync.criteo.com tcp
GB 2.21.80.228:443 ads.pubmatic.com tcp
US 64.202.112.223:443 b1sync.zemanta.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
IE 52.208.201.55:443 rtb.gumgum.com tcp
DE 18.195.234.25:443 match.sharethrough.com tcp
IE 18.202.53.138:443 ms-cookie-sync.presage.io tcp
GB 2.16.233.56:443 eus.rubiconproject.com tcp
FR 143.244.56.49:443 cdn1.vntsm.com tcp
US 8.8.8.8:53 122.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 37.132.22.2.in-addr.arpa udp
US 8.8.8.8:53 112.170.16.2.in-addr.arpa udp
US 8.8.8.8:53 115.43.17.2.in-addr.arpa udp
US 8.8.8.8:53 75.45.240.172.in-addr.arpa udp
US 8.8.8.8:53 7.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 55.201.208.52.in-addr.arpa udp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 8.8.8.8:53 cs-tam.yellowblue.io udp
FR 91.134.110.132:443 ssbsync.smartadserver.com tcp
FR 142.250.179.66:443 cm.g.doubleclick.net tcp
IE 52.17.121.205:443 cs-tam.yellowblue.io tcp
FR 142.250.179.65:443 lh3.googleusercontent.com tcp
FR 172.217.20.196:443 www.google.com tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
GB 2.16.170.112:443 player.aniview.com tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
DE 18.195.234.25:443 match.sharethrough.com tcp
NL 185.89.210.122:443 secure.adnxs.com tcp
DE 51.89.9.254:443 onetag-sys.com tcp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
AT 3.165.206.69:443 s.ad.smaato.net tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 8.8.8.8:53 cs.yellowblue.io udp
GB 2.22.101.110:443 secure-assets.rubiconproject.com tcp
DK 37.157.4.29:443 cm.adform.net tcp
US 34.98.64.218:443 us-u.openx.net tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
IE 54.217.134.119:443 ap.lijit.com tcp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
GB 2.16.232.23:443 contextual.media.net tcp
NL 185.89.210.122:443 secure.adnxs.com tcp
US 34.98.64.218:443 us-u.openx.net tcp
US 64.202.112.223:443 b1sync.zemanta.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 169.197.150.8:443 match.deepintent.com tcp
NL 35.214.136.108:443 x.bidswitch.net udp
FR 142.250.179.66:443 cm.g.doubleclick.net tcp
IE 54.216.2.106:443 pr-bh.ybp.yahoo.com tcp
US 15.197.193.217:443 match.adsrvr.org tcp
GB 2.22.132.37:443 play.aniview.com tcp
US 52.54.8.132:443 sync.ipredictive.com tcp
FR 142.250.179.66:443 cm.g.doubleclick.net tcp
IE 67.220.228.203:443 aax-eu.amazon-adsystem.com tcp
DE 91.228.74.200:443 cms.quantserve.com tcp
GB 2.16.170.112:443 player.aniview.com tcp
US 34.98.64.218:443 us-u.openx.net udp
IE 67.220.228.203:443 aax-eu.amazon-adsystem.com tcp
NL 35.214.248.67:443 csync.loopme.me tcp
IE 67.220.228.203:443 aax-eu.amazon-adsystem.com tcp
US 15.197.193.217:443 match.adsrvr.org tcp
DK 37.157.2.230:443 c1.adform.net tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
US 76.223.111.18:443 eb2.3lift.com tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
IE 67.220.228.203:443 aax-eu.amazon-adsystem.com tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
JP 211.120.53.203:443 tg.socdm.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
US 47.253.61.56:443 gw-iad-bid.ymmobi.com tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
FR 142.250.179.65:443 lh3.googleusercontent.com udp
FR 142.250.179.66:443 cm.g.doubleclick.net udp
GB 185.64.190.78:443 image6.pubmatic.com tcp
US 172.240.45.75:443 track4.aniview.com udp
JP 211.120.53.203:443 tg.socdm.com tcp
NL 198.47.127.205:443 image2.pubmatic.com tcp
US 172.240.45.81:443 go1.aniview.com tcp
US 8.8.8.8:53 138.53.202.18.in-addr.arpa udp
US 8.8.8.8:53 132.110.134.91.in-addr.arpa udp
US 8.8.8.8:53 205.121.17.52.in-addr.arpa udp
US 8.8.8.8:53 153.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 218.64.98.34.in-addr.arpa udp
US 8.8.8.8:53 23.232.16.2.in-addr.arpa udp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
US 8.8.8.8:53 116.158.57.154.in-addr.arpa udp
US 8.8.8.8:53 69.206.165.3.in-addr.arpa udp
US 8.8.8.8:53 119.134.217.54.in-addr.arpa udp
US 8.8.8.8:53 29.4.157.37.in-addr.arpa udp
US 8.8.8.8:53 106.2.216.54.in-addr.arpa udp
US 8.8.8.8:53 8.150.197.169.in-addr.arpa udp
US 8.8.8.8:53 132.8.54.52.in-addr.arpa udp
US 8.8.8.8:53 200.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 198.233.247.34.in-addr.arpa udp
US 8.8.8.8:53 230.2.157.37.in-addr.arpa udp
US 8.8.8.8:53 18.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
US 8.8.8.8:53 56.61.253.47.in-addr.arpa udp
US 8.8.8.8:53 78.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 203.53.120.211.in-addr.arpa udp
NL 178.250.1.9:443 dis.criteo.com tcp
NL 198.47.127.205:443 image2.pubmatic.com tcp
DE 37.252.171.85:443 ib.adnxs.com tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
DE 51.89.9.254:443 onetag-sys.com udp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
US 74.121.140.211:443 sync.mathtag.com tcp
US 80.77.87.163:443 cs.admanmedia.com tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
NL 69.173.156.148:443 pixel-eu.rubiconproject.com tcp
NL 81.17.55.123:443 ssbsync-global.smartadserver.com tcp
US 52.46.130.91:443 s.amazon-adsystem.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
US 8.8.8.8:53 cr.frontend.weborama.fr udp
US 8.8.8.8:53 mwzeom.zeotap.com udp
US 8.8.8.8:53 um.simpli.fi udp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
IE 34.248.222.184:443 sync.crwdcntrl.net tcp
US 104.22.50.98:443 mwzeom.zeotap.com tcp
US 34.111.129.221:443 cr.frontend.weborama.fr tcp
NL 35.204.158.49:443 um.simpli.fi tcp
US 80.77.87.163:443 cs.admanmedia.com tcp
DE 3.71.149.231:443 ups.analytics.yahoo.com tcp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
GB 185.64.190.81:443 image4.pubmatic.com tcp
US 8.8.8.8:53 123.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 98.50.22.104.in-addr.arpa udp
US 8.8.8.8:53 221.129.111.34.in-addr.arpa udp
US 8.8.8.8:53 49.158.204.35.in-addr.arpa udp
US 8.8.8.8:53 231.149.71.3.in-addr.arpa udp
US 8.8.8.8:53 210.191.64.185.in-addr.arpa udp
US 34.111.129.221:443 cr.frontend.weborama.fr udp
US 34.111.131.239:443 idsync.frontend.weborama.fr tcp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
GB 2.16.170.112:443 player.aniview.com udp
NL 35.214.136.108:443 x.bidswitch.net tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
US 80.77.87.163:443 cs.admanmedia.com tcp
US 8.8.8.8:53 sync.adotmob.com udp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 172.240.45.70:443 s2s.aniview.com tcp
US 3.233.60.12:443 ssp.disqus.com tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com udp
US 8.2.110.134:443 cs.krushmedia.com tcp
US 80.77.87.163:443 cs.admanmedia.com tcp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
DE 162.19.138.119:443 lb.eu-1-id5-sync.com tcp
FR 45.137.176.88:443 sync.adotmob.com tcp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
FR 163.5.194.34:443 prebid.a-mo.net tcp
NL 35.214.136.108:443 x.bidswitch.net udp
US 172.64.153.66:443 elb.the-ozone-project.com tcp
NL 69.173.156.148:443 pixel-eu.rubiconproject.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
NL 193.0.160.131:443 p.rfihub.com tcp
US 192.132.33.67:443 bttrack.com tcp
US 151.101.65.108:443 acdn.adnxs.com tcp
US 54.161.201.61:443 sync.srv.stackadapt.com tcp
US 34.120.133.55:443 api.rlcdn.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
DE 18.195.234.25:443 match.sharethrough.com tcp
DE 18.195.234.25:443 match.sharethrough.com tcp
DK 37.157.2.230:443 c1.adform.net tcp
NL 178.250.1.11:443 dnacdn.net tcp
US 74.121.140.211:443 sync.mathtag.com tcp
DE 3.69.181.164:443 1f2e7.v.fwmrm.net tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 8.8.8.8:53 id.rlcdn.com udp
US 8.8.8.8:53 gum.aidemsrv.com udp
US 8.8.8.8:53 ssc-cms.33across.com udp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 172.240.45.78:443 sync.aniview.com tcp
US 8.8.8.8:53 sync.adkernel.com udp
US 54.161.201.61:443 sync.srv.stackadapt.com tcp
US 192.132.33.67:443 bttrack.com tcp
US 8.8.8.8:53 static.cloudflareinsights.com udp
GB 2.16.170.112:443 player.aniview.com tcp
DE 138.201.8.249:443 sync.richaudience.com tcp
US 18.205.124.121:443 api-2-0.spot.im tcp
US 104.17.44.93:443 gum.aidemsrv.com tcp
US 172.111.38.54:443 tracker.open-adsyield.com tcp
US 35.244.174.68:443 id.rlcdn.com tcp
IE 52.49.216.251:443 match.prod.bidr.io tcp
IE 63.34.44.142:443 jadserve.postrelease.com tcp
US 3.90.19.95:443 cs-server-s2s.yellowblue.io tcp
US 67.202.105.21:443 ssc-cms.33across.com tcp
NL 77.245.57.72:443 sync.adkernel.com tcp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 34.111.113.62:443 pixel.tapad.com tcp
NL 193.0.160.131:443 p.rfihub.com tcp
US 69.166.1.67:443 sync.go.sonobi.com tcp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
US 69.166.1.67:443 sync.go.sonobi.com tcp
US 8.8.8.8:53 12.60.233.3.in-addr.arpa udp
US 8.8.8.8:53 px.ads.linkedin.com udp
US 54.161.201.61:443 sync.srv.stackadapt.com tcp
US 54.161.201.61:443 sync.srv.stackadapt.com tcp
US 54.161.201.61:443 sync.srv.stackadapt.com tcp
US 151.101.130.49:443 sync-tm.everesttech.net tcp
AT 3.165.206.42:443 hb.yellowblue.io tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
US 69.166.1.67:443 sync.go.sonobi.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
US 8.8.8.8:53 61.201.161.54.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 93.44.17.104.in-addr.arpa udp
US 8.8.8.8:53 164.181.69.3.in-addr.arpa udp
US 8.8.8.8:53 251.216.49.52.in-addr.arpa udp
US 8.8.8.8:53 142.44.34.63.in-addr.arpa udp
US 8.8.8.8:53 73.80.16.104.in-addr.arpa udp
US 8.8.8.8:53 62.113.111.34.in-addr.arpa udp
US 13.107.42.14:443 px.ads.linkedin.com tcp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
US 69.166.1.67:443 sync.go.sonobi.com tcp
DE 138.201.8.249:443 sync.richaudience.com tcp
US 69.166.1.67:443 sync.go.sonobi.com tcp
NL 35.214.174.141:443 a.sportradarserving.com tcp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
IE 52.49.216.251:443 match.prod.bidr.io tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
US 52.46.130.91:443 s.amazon-adsystem.com tcp
US 69.173.151.100:443 pixel-us-east.rubiconproject.com tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
NL 35.214.248.67:443 csync.loopme.me tcp
US 35.153.243.198:443 i.liadm.com tcp
US 52.46.130.91:443 s.amazon-adsystem.com tcp
NL 35.214.174.141:443 a.sportradarserving.com udp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
US 172.240.45.78:443 sync.aniview.com udp
FR 142.250.178.138:443 imasdk.googleapis.com tcp
US 34.111.113.62:443 pixel.tapad.com tcp
US 69.173.151.100:443 pixel-us-east.rubiconproject.com tcp
IE 34.251.150.8:443 ce.lijit.com tcp
AT 3.165.206.4:443 live.primis.tech tcp
NL 64.158.223.137:443 pubmatic-match.dotomi.com tcp
US 64.202.112.223:443 b1sync.zemanta.com tcp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
US 34.96.71.22:443 s.company-target.com tcp
FR 172.217.20.162:443 securepubads.g.doubleclick.net udp
FR 142.250.178.138:443 imasdk.googleapis.com tcp
DE 80.82.210.217:443 dsp-cookie.adfarm1.adition.com tcp
DE 80.82.210.217:443 dsp-cookie.adfarm1.adition.com tcp
FR 54.38.113.2:443 pixel.onaudience.com tcp
FR 142.250.179.70:443 s0.2mdn.net tcp
DK 77.243.51.122:443 uipglob.semasio.net tcp
NL 46.228.164.11:443 ad.turn.com tcp
US 151.101.130.49:443 sync-tm.everesttech.net tcp
NL 35.214.248.67:443 csync.loopme.me tcp
NL 46.228.164.11:443 ad.turn.com tcp
US 8.8.8.8:53 54.38.111.172.in-addr.arpa udp
US 8.8.8.8:53 95.19.90.3.in-addr.arpa udp
US 8.8.8.8:53 21.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 49.130.101.151.in-addr.arpa udp
US 8.8.8.8:53 115.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 42.206.165.3.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 141.174.214.35.in-addr.arpa udp
US 8.8.8.8:53 100.151.173.69.in-addr.arpa udp
US 8.8.8.8:53 198.243.153.35.in-addr.arpa udp
US 8.8.8.8:53 138.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 8.150.251.34.in-addr.arpa udp
US 8.8.8.8:53 4.206.165.3.in-addr.arpa udp
US 8.8.8.8:53 137.223.158.64.in-addr.arpa udp
IE 52.17.210.255:443 pm.w55c.net tcp
DE 52.58.164.181:443 sonata-notifications.taptapnetworks.com tcp
US 35.186.193.173:443 ipac.ctnsnet.com tcp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
SE 13.50.192.155:443 d5p.de17a.com tcp
NL 188.42.63.48:443 dsp-ap.eskimi.com tcp
US 34.102.163.6:443 ad.mrtnsvr.com tcp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
NL 64.227.64.62:443 match.adsby.bidtheatre.com tcp
US 8.8.8.8:53 155.192.50.13.in-addr.arpa udp
US 8.8.8.8:53 48.63.42.188.in-addr.arpa udp
US 8.8.8.8:53 pubads.g.doubleclick.net udp
FR 142.250.201.162:443 pubads.g.doubleclick.net tcp
FR 142.250.201.162:443 pubads.g.doubleclick.net tcp
FR 142.250.201.162:443 pubads.g.doubleclick.net tcp
FR 142.250.201.162:443 pubads.g.doubleclick.net tcp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
US 45.55.107.24:443 file.io tcp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
US 172.240.45.76:443 track1.avplayer.com tcp
US 76.223.111.18:443 eb2.3lift.com tcp
US 142.250.31.120:443 csi.gstatic.com tcp
US 142.250.31.120:443 csi.gstatic.com tcp
US 142.250.31.120:443 csi.gstatic.com tcp
US 142.250.31.120:443 csi.gstatic.com tcp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
US 13.107.42.14:443 px.ads.linkedin.com tcp
AT 18.66.16.134:443 aax.amazon-adsystem.com tcp
US 142.250.31.120:443 csi.gstatic.com udp
DE 3.124.64.248:443 tlx.3lift.com tcp
US 172.64.153.66:443 elb.the-ozone-project.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
FR 163.5.194.34:443 prebid.a-mo.net tcp
DE 37.252.171.85:443 ib.adnxs.com tcp
US 69.166.1.9:443 apex.go.sonobi.com tcp
IE 54.78.16.191:443 track.venatusmedia.com tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
FR 142.250.201.162:443 pubads.g.doubleclick.net udp
GB 185.64.190.78:443 image6.pubmatic.com tcp
GB 185.64.190.81:443 simage4.pubmatic.com tcp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
FR 216.58.215.42:443 content-autofill.googleapis.com tcp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
SI 195.5.165.20:443 core.iprom.net tcp
IE 52.215.155.11:443 cm.adgrx.com tcp
FR 141.94.242.226:443 green.erne.co tcp
US 104.18.37.193:443 s.tribalfusion.com tcp
NL 35.204.158.49:443 um.simpli.fi tcp
DE 162.55.120.196:443 matching.truffle.bid tcp
SG 35.186.154.107:443 cm-supply-web.gammaplatform.com tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
FR 54.38.113.5:443 pixel-eu.onaudience.com tcp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
NL 46.228.164.11:443 ad.turn.com tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
DE 52.57.150.20:443 ps.eyeota.net tcp
NL 46.228.174.117:443 sync.targeting.unrulymedia.com tcp
NL 198.47.127.205:443 image2.pubmatic.com tcp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
US 172.240.45.75:443 track4.aniview.com tcp
US 172.64.153.66:443 elb.the-ozone-project.com tcp
US 172.240.45.76:443 track1.avplayer.com udp
US 34.120.111.33:443 cdn.edkt.io udp
US 80.77.87.163:443 cs.admanmedia.com tcp
DE 51.89.9.254:443 onetag-sys.com tcp
US 172.240.45.76:443 track1.avplayer.com tcp
US 216.239.32.36:443 region1.analytics.google.com udp
FR 216.58.215.42:443 content-autofill.googleapis.com tcp
US 172.240.45.76:443 track1.avplayer.com tcp
US 80.77.87.163:443 cs.admanmedia.com tcp
IE 67.220.228.203:443 aax-eu.amazon-adsystem.com tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
US 216.239.32.36:443 region1.analytics.google.com udp
FR 142.250.179.99:443 www.google.co.uk udp
GB 92.123.143.120:443 www.bing.com tcp
US 3.132.89.144:443 pbjs-stream.bydata.com tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
GB 173.194.76.154:443 stats.g.doubleclick.net tcp
FR 142.250.179.99:443 www.google.co.uk tcp
FR 142.250.201.174:443 play.google.com udp
FR 172.217.20.196:443 www.google.com udp
FR 172.217.20.196:443 www.google.com tcp
FR 172.217.20.174:443 fundingchoicesmessages.google.com tcp
US 45.55.107.24:443 file.io tcp
AT 3.161.119.14:443 www.file.io tcp
GB 79.127.237.132:443 hb.vntsm.com tcp
FR 142.250.178.142:443 clients2.google.com udp
US 104.17.151.117:443 mediafire.com tcp
US 104.17.151.117:443 mediafire.com tcp
FR 172.217.20.196:443 www.google.com tcp
US 104.17.150.117:443 mediafire.com udp
US 104.17.151.117:443 mediafire.com udp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
AT 13.32.110.15:443 cdn.amplitude.com tcp
FR 172.217.20.196:443 www.google.com tcp
US 54.187.8.191:443 api.amplitude.com tcp
AT 3.165.206.7:443 static.hotjar.com tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
GB 173.194.76.154:443 stats.g.doubleclick.net tcp
FR 142.250.179.99:443 www.google.co.uk tcp
FR 142.250.178.138:443 imasdk.googleapis.com tcp
AT 3.165.206.67:443 script.hotjar.com tcp
FR 172.217.20.196:443 www.google.com udp
US 162.159.134.22:443 device.maxmind.com tcp
US 172.64.153.78:443 d-ipv6.mmapiws.com tcp
US 216.239.32.36:443 region1.analytics.google.com udp
GB 173.194.76.154:443 stats.g.doubleclick.net udp
FR 142.250.179.99:443 www.google.co.uk udp
US 104.17.150.117:443 mediafire.com udp
US 35.190.88.7:443 sessions.bugsnag.com tcp
US 35.190.88.7:443 sessions.bugsnag.com udp
US 104.17.150.117:443 mediafire.com tcp
FR 216.58.215.35:443 beacons.gcp.gvt2.com tcp
FR 216.58.215.35:443 beacons.gcp.gvt2.com tcp
FR 216.58.215.35:443 beacons.gcp.gvt2.com tcp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
US 104.17.150.117:443 mediafire.com udp
US 104.17.137.4:443 www.mediafireuserupload.com tcp
US 104.17.137.4:443 www.mediafireuserupload.com udp
US 8.8.8.8:53 4.137.17.104.in-addr.arpa udp
US 8.8.8.8:53 www.google.co.uk udp
US 216.239.34.36:443 region1.analytics.google.com udp
FR 142.250.179.99:443 www.google.co.uk udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com tcp
GB 2.17.209.42:443 www.bing.com tcp
GB 2.17.209.42:443 www.bing.com tcp
US 8.8.8.8:53 72.32.126.40.in-addr.arpa udp
GB 2.17.209.42:443 www.bing.com tcp
GB 2.17.209.42:443 www.bing.com tcp
US 8.8.8.8:53 42.209.17.2.in-addr.arpa udp
US 104.17.150.117:443 mediafire.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
FR 142.250.179.99:443 www.google.co.uk udp
FR 172.217.20.196:443 www.google.com udp
FR 172.217.20.196:443 www.google.com udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
FR 172.217.20.174:443 chrome.google.com tcp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
FR 172.217.20.195:443 beacons3.gvt2.com tcp
FR 172.217.20.195:443 beacons3.gvt2.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 rarlab.com udp
DE 51.195.68.162:443 www.rarlab.com tcp
DE 51.195.68.162:443 www.rarlab.com tcp
DE 51.195.68.162:443 www.rarlab.com tcp
DE 51.195.68.162:443 www.rarlab.com tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
FR 172.217.20.196:443 www.google.com udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
FR 142.250.179.110:443 lens.google.com tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
FR 172.217.20.174:443 chrome.google.com tcp
N/A 127.0.0.1:9229 tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
GB 92.123.143.128:443 www.bing.com tcp
GB 92.123.143.128:443 www.bing.com tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 file.io udp
US 45.55.107.24:80 file.io tcp
US 45.55.107.24:80 file.io tcp
US 45.55.107.24:443 file.io tcp
AT 3.161.119.91:443 www.file.io tcp
GB 143.244.38.136:443 hb.vntsm.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
N/A 127.0.0.1:9229 tcp
GB 143.244.38.136:443 hb.vntsm.com tcp
US 8.8.8.8:53 hb.vntsm.io udp
US 8.8.8.8:53 hb-vntsm-com.global.ssl.fastly.net udp
US 151.101.65.194:443 hb-vntsm-com.global.ssl.fastly.net tcp
US 172.67.36.131:443 hb.vntsm.io tcp
GB 173.194.76.156:443 stats.g.doubleclick.net tcp
FR 142.250.179.99:443 www.google.co.uk tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
GB 173.194.76.156:443 stats.g.doubleclick.net tcp
US 104.26.2.70:443 ad-delivery.net tcp
US 8.8.8.8:53 156.76.194.173.in-addr.arpa udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
FR 172.217.20.162:443 securepubads.g.doubleclick.net udp
AT 13.32.110.112:443 cdn.exelator.com tcp
NL 18.239.70.203:443 c.amazon-adsystem.com tcp
FR 172.217.20.162:443 securepubads.g.doubleclick.net tcp
IE 34.254.143.3:443 mydmp.exelator.com tcp
US 8.8.8.8:53 cdn.id5-sync.com udp
NL 18.238.243.114:443 config.aps.amazon-adsystem.com tcp
US 104.22.52.173:443 cdn.hadronid.net tcp
GB 23.49.161.153:443 secure.cdn.fastclick.net tcp
US 104.22.52.86:443 cdn.id5-sync.com tcp
FR 172.217.20.174:443 fundingchoicesmessages.google.com udp
US 44.196.69.167:443 onsite-tag-logs.apps.nielsen.com tcp
FR 172.217.20.174:443 fundingchoicesmessages.google.com tcp
GB 89.187.167.38:443 load77.exelator.com tcp
US 172.67.23.234:443 id.hadron.ad.gt tcp
NL 63.215.202.146:443 proc.ad.cpe.dotomi.com tcp
US 8.8.8.8:53 167.69.196.44.in-addr.arpa udp
US 8.8.8.8:53 38.167.187.89.in-addr.arpa udp
US 104.22.5.69:443 a.ad.gt tcp
FR 142.250.179.65:443 lh3.googleusercontent.com tcp
DE 162.19.138.118:443 lb.eu-1-id5-sync.com tcp
DE 141.95.33.120:443 lb.eu-1-id5-sync.com tcp
US 34.102.146.192:443 oa.openxcdn.net udp
NL 178.250.1.3:443 static.criteo.net tcp
US 8.8.8.8:53 pub.doubleverify.com udp
US 8.8.8.8:53 cadmus.script.ac udp
US 8.8.8.8:53 secure.quantserve.com udp
US 104.18.35.167:443 cdn-ima.33across.com tcp
US 34.96.70.87:443 invstatic101.creativecdn.com udp
US 104.18.167.224:443 pub.doubleverify.com tcp
US 104.18.22.145:443 cadmus.script.ac tcp
IE 34.255.52.148:443 s.cpx.to tcp
NL 18.239.18.12:443 tags.crwdcntrl.net tcp
DE 91.228.74.159:443 secure.quantserve.com tcp
N/A 127.0.0.1:9229 tcp
US 15.197.193.217:443 match.adsrvr.org tcp
US 104.18.167.224:443 pub.doubleverify.com tcp
NL 185.89.210.180:443 ib.adnxs.com tcp
US 34.120.111.33:443 cdn.edkt.io tcp
US 34.95.69.49:443 i.clean.gg tcp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 8.8.8.8:53 apex.go.sonobi.com udp
US 8.8.8.8:53 elb.the-ozone-project.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 8.8.8.8:53 prg.smartadserver.com udp
IE 34.248.222.184:443 bcp.crwdcntrl.net tcp
AT 18.66.16.134:443 aax.amazon-adsystem.com tcp
US 172.67.75.241:443 script.4dex.io tcp
AT 3.165.206.45:443 rules.quantcount.com tcp
US 69.166.1.9:443 apex.go.sonobi.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
DE 18.157.230.4:443 tlx.3lift.com tcp
US 172.64.153.66:443 elb.the-ozone-project.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
DE 18.199.220.232:443 btlr.sharethrough.com tcp
FR 163.5.194.34:443 prebid.a-mo.net tcp
FR 51.178.195.208:443 prg.smartadserver.com tcp
FR 51.178.195.208:443 prg.smartadserver.com tcp
IE 54.78.16.191:443 track.venatusmedia.com tcp
US 34.95.69.49:443 i.clean.gg udp
IE 52.49.227.192:443 s.cpx.to tcp
US 172.67.75.241:443 script.4dex.io tcp
US 34.120.111.33:443 cdn.edkt.io tcp
DE 37.252.171.52:443 secure.adnxs.com tcp
GB 185.64.191.210:443 image2.pubmatic.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
IE 67.220.226.232:443 aax-eu.amazon-adsystem.com tcp
US 34.120.111.33:443 cdn.edkt.io udp
FR 172.217.20.193:443 a82199dde6a247542dc571530d93c6b4.safeframe.googlesyndication.com tcp
FR 216.58.213.66:443 ep1.adtrafficquality.google udp
GB 2.22.132.37:443 tg1.aniview.com tcp
US 173.194.215.120:443 csi.gstatic.com tcp
US 34.120.111.33:443 cdn.edkt.io udp
US 172.240.45.75:443 track4.aniview.com tcp
GB 2.16.170.112:443 player.aniview.com tcp
GB 2.17.43.50:443 feed.avplayer.com tcp
FR 216.58.215.33:443 ep2.adtrafficquality.google udp
US 8.8.8.8:53 cdn1.vntsm.com udp
FR 142.250.201.162:443 googleads.g.doubleclick.net udp
FR 185.93.2.246:443 cdn1.vntsm.com tcp
FR 172.217.20.196:443 www.google.com udp
FR 142.250.179.65:443 tpc.googlesyndication.com udp
FR 172.217.20.196:443 www.google.com tcp
GB 2.16.170.112:443 player.aniview.com tcp
GB 2.16.170.59:443 player.aniview.com tcp
GB 2.22.132.37:443 tg1.aniview.com tcp
US 172.240.45.81:443 go1.aniview.com tcp
US 8.2.110.134:443 cs.krushmedia.com tcp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 u.openx.net udp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 8.8.8.8:53 sync.1rx.io udp
IE 34.246.12.184:443 ap.lijit.com tcp
GB 2.16.170.59:443 player.aniview.com udp
GB 2.22.101.110:443 secure-assets.rubiconproject.com tcp
GB 2.16.232.228:443 ads.pubmatic.com tcp
DE 3.75.62.37:443 ups.analytics.yahoo.com tcp
FR 154.54.250.80:443 ads.stickyadstv.com tcp
FR 154.54.250.80:443 ads.stickyadstv.com tcp
FR 91.134.110.133:443 ssbsync.smartadserver.com tcp
US 34.98.64.218:443 u.openx.net udp
US 54.172.20.69:443 ssp.disqus.com tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
DE 51.89.9.251:443 onetag-sys.com udp
NL 46.228.174.117:443 sync.1rx.io tcp
DE 51.89.9.251:443 onetag-sys.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 172.240.45.70:443 s2s.aniview.com tcp
US 8.8.8.8:53 sync.1rx.io udp
GB 2.16.233.56:443 eus.rubiconproject.com tcp
GB 2.16.233.56:443 eus.rubiconproject.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
NL 35.214.136.108:443 x.bidswitch.net udp
US 34.120.133.55:443 api.rlcdn.com tcp
NL 77.245.57.72:443 sync.adkernel.com tcp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 8.8.8.8:53 image8.pubmatic.com udp
NL 77.245.57.72:443 sync.adkernel.com tcp
GB 185.64.191.214:443 image8.pubmatic.com tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
US 80.77.87.163:443 cs.admanmedia.com tcp
US 13.248.245.213:443 eb2.3lift.com tcp
US 151.101.193.108:443 acdn.adnxs.com tcp
US 151.101.193.108:443 acdn.adnxs.com tcp
US 13.248.245.213:443 eb2.3lift.com tcp
US 8.8.8.8:53 targeting.unrulymedia.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
NL 185.184.8.90:443 creativecdn.com tcp
IE 54.155.106.59:443 ad.360yield.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
NL 193.0.160.131:443 p.rfihub.com tcp
US 216.200.232.253:443 sync.mathtag.com tcp
US 54.165.19.58:443 sync.srv.stackadapt.com tcp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
IE 99.80.59.44:443 pr-bh.ybp.yahoo.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
AT 3.165.206.70:443 hb.yellowblue.io tcp
IE 99.80.59.44:443 pr-bh.ybp.yahoo.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
US 69.166.1.67:443 sync.go.sonobi.com tcp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
DE 18.184.119.72:443 match.sharethrough.com tcp
NL 89.207.16.201:443 equativ-match.dotomi.com tcp
IE 34.249.64.182:443 match.prod.bidr.io tcp
FR 91.134.110.136:443 rtb-csync.smartadserver.com tcp
NL 18.239.94.61:443 s.ad.smaato.net tcp
DE 18.184.119.72:443 match.sharethrough.com tcp
FR 142.250.201.170:443 imasdk.googleapis.com tcp
DE 80.82.210.217:443 dsp-cookie.adfarm1.adition.com tcp
FR 91.134.110.136:443 rtb-csync.smartadserver.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 151.101.130.49:443 sync-tm.everesttech.net tcp
IE 52.30.181.184:443 ms-cookie-sync.presage.io tcp
FR 142.250.201.170:443 imasdk.googleapis.com udp
FR 91.134.110.136:443 rtb-csync.smartadserver.com tcp
FR 91.134.110.136:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 184.181.30.52.in-addr.arpa udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 52.46.143.56:443 s.amazon-adsystem.com tcp
FR 142.250.179.70:443 s0.2mdn.net udp
FR 142.250.179.70:443 s0.2mdn.net tcp
FR 142.250.201.162:443 pubads.g.doubleclick.net tcp
FR 142.250.201.162:443 pubads.g.doubleclick.net tcp
FR 142.250.201.162:443 pubads.g.doubleclick.net tcp
FR 142.250.201.162:443 pubads.g.doubleclick.net tcp
US 173.194.215.120:443 csi.gstatic.com udp
US 104.17.44.93:443 gum.aidemsrv.com tcp
DE 18.184.119.72:443 match.sharethrough.com tcp
US 67.202.105.21:443 ssc-cms.33across.com tcp
US 69.166.1.9:443 apex.go.sonobi.com tcp
US 172.240.45.76:443 track1.avplayer.com tcp
DE 18.184.119.72:443 match.sharethrough.com tcp
US 3.90.19.95:443 cs-server-s2s.yellowblue.io tcp
NL 178.250.1.9:443 dis.criteo.com tcp
DE 168.119.72.236:443 sync.richaudience.com tcp
IE 54.217.222.79:443 jadserve.postrelease.com tcp
US 35.244.174.68:443 id.rlcdn.com tcp
US 192.132.33.67:443 bttrack.com tcp
US 18.213.23.44:443 api-2-0.spot.im tcp
US 172.111.38.86:443 tracker.open-adsyield.com tcp
US 64.202.112.127:443 b1sync.zemanta.com tcp
US 64.202.112.127:443 b1sync.zemanta.com tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com udp
DE 168.119.72.236:443 sync.richaudience.com tcp
N/A 127.0.0.1:9229 tcp
US 45.55.107.24:443 file.io tcp
US 216.239.32.36:443 region1.analytics.google.com udp
FR 51.178.195.208:443 prg.smartadserver.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
N/A 127.0.0.1:9229 tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
NL 185.89.210.180:443 ib.adnxs.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
US 69.166.1.9:443 apex.go.sonobi.com tcp
DE 18.199.220.232:443 btlr.sharethrough.com tcp
DE 18.157.230.4:443 tlx.3lift.com tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
US 69.166.1.9:443 apex.go.sonobi.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
FR 51.178.195.208:443 prg.smartadserver.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
US 69.166.1.9:443 apex.go.sonobi.com tcp
N/A 127.0.0.1:9229 tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 ea667b2dedf919487c556b97119cf88a
SHA1 0ee7b1da90be47cc31406f4dba755fd083a29762
SHA256 9e7e47ebf490ba409eab3be0314fa695bf28f4764f4875c7568a54337f2df70f
SHA512 832391afcac34fc6c949dee8120f2a5f83ca68c159ff707751d844b085c7496930f0c8fd8313fd8f10a5f5725138be651953934aa79b087ba3c6dd22eaa49c72

\??\pipe\LOCAL\crashpad_1072_QDMRNTLARQJKJBTX

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 2ee16858e751901224340cabb25e5704
SHA1 24e0d2d301f282fb8e492e9df0b36603b28477b2
SHA256 e9784fcff01f83f4925f23e3a24bce63314ea503c2091f7309c014895fead33c
SHA512 bd9994c2fb4bf097ce7ffea412a2bed97e3af386108ab6aab0df9472a92d4bd94489bb9c36750a92f9818fa3ea6d1756497f5364611e6ebd36de4cd14e9a0fba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 af0f74cdf18de18f406d1640c06a31cf
SHA1 6db6fecc6f67bb9f0c36888b5a659e130e299861
SHA256 b6d5f2a88f48ffc82b296a9ce5f0b0980056561d206260533100ba1cc38b49a3
SHA512 e84d37ba95dfd42ae570f51b93468e71fec69bd3d252551c41b9f9717d925f1178bf1bb3d43bd43e535a27ad0be467d8550d8e396a9f747764f5afdacbda8ac3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6dc2e05d99646bfb683416c2ec16e17c
SHA1 0a4227d3a3b4448303decd8cc71341ce0675c4b2
SHA256 810d6b9085a4203bc4448b9390f8a558e3d9a2c910e4ee9cadfddc6972a87ac2
SHA512 c04655d716b4c38ef4c77eff8a71243f08fb7642f2e36a301ade94a7efd232325fe88b12765f94ac20e383293c8afd3b2c77a6ea51a2e30e5bafb860271e894b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0b7487c0ed4e1911c54d6efbd094132a
SHA1 46a3fbeafdb397da549aa8cf49f7d8764805c981
SHA256 2659268bdec78843a8d6ccd7f086b33d2a3f11bf1149a2524d7f7f9bae587103
SHA512 49a14ccc4174cf61cf4631069730df11f9dda65976193a9c8b0127b8436d4299ddacb7b943332a8ea3ddc0a7720b4a0125415aa035ad63e32c2d8cf0d43b88f4

C:\Users\Admin\Downloads\Unconfirmed 176648.crdownload

MD5 8b855e56e41a6e10d28522a20c1e0341
SHA1 17ea75272cfe3749c6727388fd444d2c970f9d01
SHA256 f2665f89ba53abd3deb81988c0d5194992214053e77fc89b98b64a31a7504d77
SHA512 eefab442b9c1be379e00c6a7de9d6d7d327ad8fd52d62a5744e104f6caa44f7147a8e74f340870f9c017980a3d8a5a86a05f76434539c01270c442a66b2af908

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fcbb984df75a762a23f0494e40fda69c
SHA1 1e3a221b62f6f4e85c7ae0eceea02830581f338c
SHA256 607d5d7b0ef488e8d887b3ba8b9605596c93187ac1831f843dc572bf19993347
SHA512 9128ec1913072bd599433ec8bafadd5c1e9300f8627f988981d47702fdd34b3f022b08dce9321b9ef2797c3285643cda8efec83217875638738d3118d6963264

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e5ad.TMP

MD5 edb6ea67cfa6f004f2963e0ae27c3855
SHA1 ed38bdec75173d7ef66545058c8214064c286f6a
SHA256 2ac99870440123625f225c4a4323cd9327c9fbaaf273e9b8b050aeff29dfb97f
SHA512 cba3e2081b677ea08f0e4d6824c2be6f05dde8a9229078f17399d014cff58c6d08da6cd13e9f7ef30a6bd82be04f8254aee96d9b88beeabd18d47165a5916fbe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e1da9acee26a30bf44d35ed4a56cad1a
SHA1 bfa563f1187652ce194adf9ae0a355bc96fd3080
SHA256 09f8d0da904ef2c66df20d808e5714f00a3936a490e30566fcb9f74218f2ba4a
SHA512 7cf773c4ed888947d949da2b2b59c10d41f40c856722ee5c06d6fc7e333f5cbbda66f27f5942671d2e96257c28f1a0af34280e7a9b654cccb8aca31bd8363cff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 ed5f4213c17629776cd75510648fc019
SHA1 ebfa685dca9b7c920cd5ad521c03e4ad0ce435b9
SHA256 e969795f0e63ec8a35cdf34d5bc43867ca0825bebfed9734943e69b34ed2ad87
SHA512 71bcc166ae5a48f7a79aa5de7ecc7e10dce22c39240ca9ffe9d0f9340f40fc2a2429529cfee8b2b5d7082efe94921fa7df3454852d5313ff4093bfdffc189627

C:\Users\Admin\Downloads\Chaos Ransomware Builder v4.exe:Zone.Identifier

MD5 0f98a5550abe0fb880568b1480c96a1c
SHA1 d2ce9f7057b201d31f79f3aee2225d89f36be07d
SHA256 2dfb5f4b33e4cf8237b732c02b1f2b1192ffe4b83114bcf821f489bbf48c6aa1
SHA512 dbc1150d831950684ab37407defac0177b7583da0fe13ee8f8eeb65e8b05d23b357722246888189b4681b97507a4262ece96a1c458c4427a9a41d8ea8d11a2f6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 db6bca1cd62ad40246c9451299190ad8
SHA1 f112b3d2e2c9c85f62a1f09b6ecdf94e4b3cf0d8
SHA256 5912ba9a28edc9478441cac86193716bcca5278e3195354710b12d491dbfa21b
SHA512 4a947bbcca8f3d9d03c3a732a034526251bf0bbeaadbe712f4cd1946f28a3bbea46029f24599a759e8d0d79a490fd5237c4ff3733d97885628258f71317e9496

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 510fba25c322546504a0c421e3fca461
SHA1 ee5157ad3d021738a0a4dd81baa6266185dbb994
SHA256 0be843d34b3c7b7cc58bfa24466f3036b6e158f3ae2e6fae99892b0302974b5a
SHA512 a7e67a3092984c0e24ad6061776dfc23ea1143d11cfbb956ff327c397f495dda86d0576e336cb7711fae5ed75d2fec25a5bcbab7b923a49930c678eafae56422

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

MD5 4058c842c36317dcd384b6c2deaa8b95
SHA1 1085ddb12b29b79ffe51937ba9cd1957e5e229b4
SHA256 0e562969cad63d217848a5080273d1745dc4277d210b68a769c822f2fbfd75f6
SHA512 435a67024811360b12339e3916945b0639e2d9319e9d540b73e093848a467b030e91e01917b7fb804eb756dabce2fe53c2d7ea586554ee6cfee70e652a85924a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 76a3f1e9a452564e0f8dce6c0ee111e8
SHA1 11c3d925cbc1a52d53584fd8606f8f713aa59114
SHA256 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c
SHA512 a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

MD5 edf3b94d12feda9fec733db26bcfee48
SHA1 b8a381a326bbdcff3e6cfca8c4e2951bc75e3084
SHA256 1402cb49197f078fc86b8522c42006091fb0c091922f420f78c6e1728e005adb
SHA512 7f8fb7d5de19adf67a504d81fe504430aa8a9da1909e12ae15b0f02aedd0ec732e6225742cd1afb054e29a3f6819605b1ddc0835729e176fdd4975fc71feb17a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 710d7637cc7e21b62fd3efe6aba1fd27
SHA1 8645d6b137064c7b38e10c736724e17787db6cf3
SHA256 c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b
SHA512 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

MD5 d6b36c7d4b06f140f860ddc91a4c659c
SHA1 ccf16571637b8d3e4c9423688c5bd06167bfb9e9
SHA256 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92
SHA512 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 74e33b4b54f4d1f3da06ab47c5936a13
SHA1 6e5976d593b6ee3dca3c4dbbb90071b76e1cd85c
SHA256 535fc48679c38decd459ad656bdd6914e539754265244d0cc7b1da6bddf3e287
SHA512 79218e8ee50484af968480ff9b211815c97c3f3035414e685aa5d15d9b4152682d87b66202339f212bf3b463a074bf7a4431107b50303f28e2eb4b17843991c2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 d717dc20ddf09d562cc7d4bddc69ea5e
SHA1 3c0a07ff93171250557ff41c1621eebd8f121577
SHA256 5b92638f93b754c48a8050863fe38abcb2ac7397979bf3b9dbfa2ffecce2383c
SHA512 07b48be4727a55e34ff097e8974ba14251436417edd64b3876b09cdfc31220551ab12f6f080af697e23b6cd9afda50ddbbbd00df53fbd538893b62fa43173e04

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ad28fe16a47e3ca27ce4d920aca6ba0c
SHA1 f2bdcf0fbf5c94c4c00768eedefc756ae98b235f
SHA256 12e835978398c03a0c8a9991696730bec030997d41143ea731d436dc8224c2d7
SHA512 5e0b099f6306e909fcac2abcd7e62c930366e48a6a6f0b499c0cc5845604a11f0aced591b67e7aa4f76946e24de1d4255d02e7c906bda629dac2c8fede7a7e26

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7e9f2265bfd2ff91a55761bbbcfd2c30
SHA1 3704b3b78e6b3e989ef2b79d79871fdb581bd684
SHA256 3092ecc55867126fdcc56a02d856445026c64d8b021e112d7399e210b8d90ef6
SHA512 05be9370b7c65b7272907a905429f7fd8e832b4a798ce2fb807926b708d9768a1442fa65ff19edf4adbb49968e4677da9165db2228e6c2fcd95725793f154e08

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 04d867ef90f406f94faa965b658cc532
SHA1 d770b134aa01d4c56b62c2773a5d553839c154d2
SHA256 1297c2a0a637862be6ae7b10ca3ec2b10455b50333f6142498961b1d8fec38f7
SHA512 e808d6ed77d3085148525d83122aac808f1a2b0e67fd4824d45829c97f62d8234c29813cafefceacff0b86f1d30574ed322c60fd6a6aab1c806d6dcc8ea9cdea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 474a4f768ec2fdd5f4f8527e152f2fea
SHA1 e78e5c9f3a6f04bea2b414668b62991a5d119fb9
SHA256 fa7ec69e8159b730d1415358601419ddd6dc51fc2eab7887d446a22951284f9c
SHA512 272670395c43c4ff93e9ab46a7afb5f216e84ba592e0aa9651fb20d6573bbcc087f466c7a145a2edd87c700d6f0d12354d76b41885f62e52931ca057688fcfa4

memory/1120-808-0x00000000009E0000-0x0000000000A6E000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 242be26d4b1b44222ee9421762ac5e3e
SHA1 4ccb9057fe9d011128447513692251bc2913ff29
SHA256 616d9f8a96c65ac167b9481b9fc1530f28dc981cf7db1930b2e3bda9379cd5ee
SHA512 4f94679f2dd657595a098bb9f2b8a5ac40f03bd358c9ba5dc62c1b089f85fc62342a0ba38ed199dda81b8746469020546a6b3d98de4bd66e0cabda5db7acd4ce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 356bb7dd802c3cd45d1c990943ccda55
SHA1 54e1149f9969e1e19b8bcb3413a6eb0ec943d034
SHA256 7e5c4e8d8bf0f99bb6fb168ee1b6c52967ee7ab76f7bd6143d83bced8c3505d1
SHA512 0869dbf9aa7503f182cf14bb743f50048fc6d40cb4748c7eb4e5932f1af940324b1a13eea28352628b5b55918871fab260a97ffe110d8b8c1228da2352deed46

memory/1120-827-0x000000001B900000-0x000000001BAB3000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 af0b598a3cb9c470bc22a84e686b4e9f
SHA1 47a3c6d979cbc3a88abfcafbb8eebe4b1137f282
SHA256 f7d6d61f2b0fdf9b8fa8f73f384702bfd99df5f094157c457226cd3b0bb691a4
SHA512 7e5475f3369bbb1e9fe41cf10305b81f5b45f5a35b093633ba1c55749d7d975b228f80fedebc4f03766e05a3ee13dc709e2d727d0e66394af7643464c32cda3e

memory/1120-847-0x000000001B900000-0x000000001BAB3000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

MD5 b07f576446fc2d6b9923828d656cadff
SHA1 35b2a39b66c3de60e7ec273bdf5e71a7c1f4b103
SHA256 d261915939a3b9c6e9b877d3a71a3783ed5504d3492ef3f64e0cb508fee59496
SHA512 7358cbb9ddd472a97240bd43e9cc4f659ff0f24bf7c2b39c608f8d4832da001a95e21764160c8c66efd107c55ff1666a48ecc1ad4a0d72f995c0301325e1b1df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

MD5 d9b427d32109a7367b92e57dae471874
SHA1 ce04c8aeb6d89d0961f65b28a6f4a03381fc9c39
SHA256 9b02f8fe6810cacb76fbbcefdb708f590e22b1014dcae2732b43896a7ac060f3
SHA512 dcabc4223745b69039ea6a634b2c5922f0a603e5eeb339f42160adc41c33b74911bb5a3daa169cd01c197aeaca09c5e4a34e759b64f552d15f7a45816105fb07

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 2a01b3c63f6fcaecce1ed514df818442
SHA1 2257cd44bfa4c24c0577ca1167826c33efa2213c
SHA256 1f1c65fde3a9ac4905da667e61784d98dde07a53222c4567dce2eaa826cb7506
SHA512 96c1e7435805812dfaa2b6aae8c44332f2db8e4ef1ae6cdad53a00311a9723b38083dc6736c3b0c3c922649bc5ec830d6a484bc23678171232053692cf9a8dfd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

MD5 ac4c4890fa7b92d5f076e94b226f42af
SHA1 15af973f75d3440b01f9b849d8a2ab7de4dd7bc4
SHA256 a2f3c4f186f667d67c725d82bf27ccdcb0f760447fb3ec2abed61f2107105051
SHA512 cd38b78aab26318c948e583ed3db13c21c76c9d83141f3ce5c45a3c74733e6e9e1329ca5afd4fd8910bc9f9536143ef491e74c04e10a5a38734d4c56d26e5c9b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a4c0d7769d9ac87600fb9d3d9dfa2be9
SHA1 4df3120e4ac7a6a7271905eb59812e0060fdd924
SHA256 de82f439acb241ffe4cde7c442c6339893967eaeeefbe487099e76ef96bf574c
SHA512 94479b2f27d5bb9acc51b4ec0b3f13e9c62b73f18eb8d7ed1af13fc608012311dcd7b806f3bddf4108177c1d442e58f598b871028b06c42e21de185f5c1047b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

MD5 68f0a51fa86985999964ee43de12cdd5
SHA1 bbfc7666be00c560b7394fa0b82b864237a99d8c
SHA256 f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f
SHA512 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

MD5 3051c1e179d84292d3f84a1a0a112c80
SHA1 c11a63236373abfe574f2935a0e7024688b71ccb
SHA256 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3
SHA512 df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 10537c6f3a49328d64d7ffed373be9bd
SHA1 55a4a531d5dee19cbd0a6965b42daf191690f539
SHA256 4d67c643bfc10ab1a3e6ddf1c95186c8094ffbc0a16b2363a8c1eaeb3857be2c
SHA512 f1841da2a0d0a8fcddb0b2fb5c081e2d50a34363e48f22fb5ff243e8f78252c4c5498cafdd7b58e27edf9b01a5eda12b450ea9a43dbf11463a215aa5d3dc94ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 2f4bc9993ef8905d0431f5e5ad64ded7
SHA1 95c309b024ae03ccb4a1af80d0bf6809270c5d9b
SHA256 27985b818399a6b14034585258a5c194b24279b9b69c1b4eb4c44eb4d69eebf1
SHA512 f3ba3d6203cc2946882967c3eff1d1e3e8449658ca872026059a4af5315ae1b638534e367220beb746a00c2985a35d8a03a2b629e9c48d442efc4994d6236422

memory/1120-1032-0x000000001B900000-0x000000001BAB3000-memory.dmp

memory/1120-1042-0x000000001B900000-0x000000001BAB3000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 b3a40ce85aba1aec838ce96d322df762
SHA1 91b87325b887667529be17fd3f19451596297646
SHA256 d9bcd544ccda056d8b0d415b2b503a6cfdfe966f8e85e2068f3fbbf323fdf957
SHA512 728103bae47858199b00704f27d6a07f437e970c91b8599bc0b51bda680c51cf98531689fd2e9332f571c65d89a1026ff6634829173aa8d1e6d51d909241d9f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9412c8b664751f90_0

MD5 388b23258a5f03c9fd39049785ac03b9
SHA1 bfd6b50d7dfd7ab0050d5913ad80fbe679ad2cf2
SHA256 58e9ba32e22eb794dabd88841913968fa9df0ab827a874ca0700122882df14c4
SHA512 a844dfa13bb4bb46463f93b28eab4dadcc586f52cc57c48d35b5af1457044d69d71a5e3cc4fa8a95556f73c20f44687fc46bb7fccd5ecc52be08cc86dd3d8599

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f89251fac2b69325_0

MD5 00a763ad95de50963d3c68ab689e9452
SHA1 d071d9f7eedf67b7830ec39e798d98ea4aeb35c5
SHA256 6c756499fb4a0ee621383ce5986863733db5a1ab6c4463e50cf6d09f6c735c6a
SHA512 14343d1519366913a12bee6e0aef7617ef355ab82bc0ddd7b07aac7104481add12eed4ad815cf232f3d147ab009106a0237b756a3e5da18ef9b7b4e19fa2b6ba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 82da94c99bda2f43d64e41915a7f452f
SHA1 78fb1ee8b62297989b841949361e796cea0693e2
SHA256 cd02461a1df142f8e26b33b0030ffd5006b7503e74d58bad63ce377d7b7af54b
SHA512 954c679572a5f5cca36714d743d9fe6152b012b7343bfd86950f9762a99b06c4e2dea28878ebf47d24cf58c8d5b6ea779403abac42aaac50c0131b3e2c452905

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 feed6b46a62e35a6b62c045ca4dbb11a
SHA1 2af2b0402f1a0a17f6fedfa1948b81febf36c57d
SHA256 0c73b2bd60a16d2215bc1c7336486176c0d6b3c6ecfc706700ca7d3b5e30552d
SHA512 47304e511e893f2943b31627911d9b47852c54a77745ca1dca0396d45464382d6f19b0405ce05965bb0dff555caf5db1b09f58cd26e3ab68d1b782cb0fd31d0b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3ca8aea2e993703a_0

MD5 6e78d27e98c2b32ab709d8b38104b47a
SHA1 0a865a6f98992cd671f4577f5b575d0bf008a4c2
SHA256 bee42b854b62277931d0bf73effbac9974285bc675443fbfdf154c530cba1274
SHA512 365124def6c5df499fc17de4c2a711eba763c8d9b557ed26371b01ded3f081e1e5d8a9d2155bed4a462912b537c0a5233a611250b77d78d89dfb07b219844eb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 eca7188bf2ab6e0118292204019e6476
SHA1 e811c2a312fd9e72d5afeadf099983ad8f6b3c3f
SHA256 cc90b85cdfec29d510aad5185789f1a50369d819e29fb8c04fb55d7980ae9ad0
SHA512 f570f55d8eae805fd68ebfad8b577368b331b1beeae722ab1a73603c322ad7e0807a6f31d093536b5b6b1bb2dbe467e4dd20341b1865615934753493bb67cc0a

C:\Users\Admin\Downloads\hqdefault.ico:Zone.Identifier

MD5 27abeb3e38e4a454628dd56ccbecd5ac
SHA1 8ce3047c1891aefe108f4e451fa4009413545971
SHA256 9141c801f6811fd8b11fe1c25361f53ac00c53631760d29a54611fb98fab07d1
SHA512 465311c995b7b1760cd3983d2babf098991deea1f5c9b42920bba64c051bb2c9ce416cc32048205a0d6f0b96fd153289d4dc3b6037763b876adaad1453e5042a

C:\Users\Admin\Downloads\hqdefault.ico

MD5 cfea7856d80cf218ad4ab703ceec94b6
SHA1 81eee4a7b6ecaba9549a76acc2d05bd32f1cfd5b
SHA256 b22bfdbadfbbbd37c006e84c1fc43ede2150c6598431abc5570a162de61b332e
SHA512 202ef2f2f91979435ae9f2040b6c361af03333802b0596fe84de2d79d67ed8f993526df54eccd6d5fd2edf7cc01fc849bb1131bfcedb1221610d058f19ba7115

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f49443e8a652efe452b63bff86bf2407
SHA1 cb2ccbb7feede56780c7e4e1b77d3c5cf4b771c3
SHA256 dbe69c2cf58c564c13ad83bba0b5b8f3ad9376141abb19122cccaef5370fc490
SHA512 4b040b2ac4f9b9ff18a2bfa3942ad7e934ce232c2c2a0433fbdda46b1191f44ddfd4c20b39dc5f3d1f96f357d707ffb9c8f26ac996cba1c8011c1599556e03f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 73bf4ab94153dae2cbfc6b3cb0d3cf92
SHA1 66df4084ded86ba6fce2956cd3b98f5194860835
SHA256 565ca69e1bc10bcbcf4928c3a4253daf9f298546a38be2b3ae6044fffe6c0007
SHA512 5bd71cc8b82ba2eb0fce30f84b48111eb277b79cc15a0d37f239db0178287a08ccfb07d9b7d194f8d60d9d1e35a1a14352d8bed2a67f242e3476769a1bea6d2d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dfe07f2c15075c28_0

MD5 1cc9262155cfa9287ece4e88bc2eebe2
SHA1 6180aed1d8e835b5e530102a30b10c79c477c5a9
SHA256 410477b3580eb796dea57a131f4999537a6ae59c60c1fd7e555ab9f469318d46
SHA512 dd4e6ddc929395aac1df6864e7951d03f2b9f3118ec290c688ba21c210321357b9200a2c7824db8f99d9222451d74ddd670de0bd60624a0800c4edc950ee19b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7e23bcf4dbf5c221_0

MD5 4ddead3277fd6a4ccebd63309a8e131f
SHA1 b869e395c0ae538933b96c7647509edc4994a5cb
SHA256 b89035058baa57fa3fb997a25cf77e3ec7ba15f45c875e455b14ecaf1230ceb2
SHA512 8e7a480e494fa7a390ab27b1ff2e6e6ad9a3a418cb2bc00b88e1a1b8769f5bfd8f16828c1fa44403e16368fc1b8ba04469df9aa9a5144c24645b233d0ddff03d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5a994fe24b451732_0

MD5 1b91fa2dc19cb6b3b405edde6a24fe11
SHA1 3f16ab552395b4b2f5d67b8851e1bdd32e564b9a
SHA256 3ccde8a7069869a6bf6ac19b46bf2306949f9eb76a5769a10ed671099bf0799a
SHA512 da194fc30f59d6fe3e415856abc41652c23b5dc2beb8fc36b57e94c4f01a16be9ff16758e4fecb41a20380faa8bdf310fc1ebbfee15da77c551aec5c0c49c8f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0bbe00d9bf7b798e_0

MD5 d1f9aa12eba462274e49d1e17b516d41
SHA1 a48e051f69e975da8aaeafe453b32307d119cdf8
SHA256 c4143930f4e90d515ad73241e72084587b25f96a5f824849e43501fd8d55a203
SHA512 5b0e33c9bb4aecb642e96381c9326b5fb520b37d814c8f082fe06b63d6bba15fc824971e68cb21be011043dd96f8766fa49b43276c846248c76ae5719f73d440

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3f02c4494b1a18ff_0

MD5 b05e86047ec37f9befbdebab2add156b
SHA1 d92dfec7a815ca08f90682030d00d7d5adc7efbc
SHA256 c21e82acca87a9f517a2aabe05f9e2115ad9bdd2ff32f01cb562fe3e734c409c
SHA512 0fa868ea92f9fc6acf205021d92f54ad9323fd69342d4f272576a81dc8be49ba2a420635560667019b4ff4b6639bba6421fcee279e97d09de22cf6e870ffc341

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ee73a31bd0cce7d_0

MD5 8c0cddfe2d67c0efe28442161afe3557
SHA1 a17429986afcf6dbb397d35ca07c4fe560cd3b5b
SHA256 8d2f7272ea272beacd56d2854bbbbe3bfcd1dc5be62ca590e566059c45e0ac45
SHA512 e3fe227f1ee43c66963e4613d952439c5bbc24936db8eb56ecafa156e74fd2faaa3458de204553d127eb5c51debd2ea27b68c9b536d259b5cc92854edeeca6b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2052189619e864a2_0

MD5 8750bfa4ff1487659248b551df6ac9b0
SHA1 0121c6e48f6ca0a4a858212677d8b43d9e6fea5d
SHA256 a6625c3f3c024ced899ac54ff9c1ea967cac0ef0adff4c7da29afb1a876cdf9b
SHA512 ea054d02dd12b2d18b393cab7418bd71736a95a19acd9833383b03af19265db7e7f08ac6082a35ca7edd6a1c426d9005049542281d6226adf3a06e4fab973256

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d7a29efad91a1117_0

MD5 19aade4c213d10a07253aca7610cd173
SHA1 ba6169ae4ff65016d74a0117be1f846e50d9fe6a
SHA256 44a83eaf61274f121da57941723e07163f2278552ed83827ac76d9515511efa9
SHA512 8c4d3690ec144b18050ae484c93e91b1ce65c08cbe68b3cd337a106250383b81eb06b469b340068bceef2276047d13a2a6801ff5c5c202ea86ee3b554f4d12e6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2dbc1c31fceae27c_0

MD5 3fbbcf6a67294d42367d79215556e2f8
SHA1 af6ed2a89a5f702dafb96ce91c773d6e3fe9c034
SHA256 5a219dbbe32f4b8c0352d032ec5d643f8b7173f369909acd379c81b25ef98534
SHA512 628df0dab39f788448e88e2ac36dc22631fe1660909131e79a4bc3c4b34d7a4ccaf75278554cacd02471d22c1d748e7b2f6468acbfff31dbf04ce33d85d20da4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e504183595893c5c_0

MD5 88ae2e761a906e96c5ddfeb9bfc3c007
SHA1 cd1bf3dce087360975c42ad4f8bd98f42c5c8087
SHA256 dac2cffbb8f76a53a537690f5dfb7918cfeb3f8107a9e0000438ba5e86fcd29f
SHA512 b24978805f4a5341e83a9fe3a567506a0ec62d60b9ad1bccd7e85b6af1080da35646089473307cdae55c1040cb14174e37b2c6fc846f450358235a290da78088

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0

MD5 84e187467c7c3b7d2d51e9860a152a4e
SHA1 b3cfac2f588904b5593896216fef8617f31f272b
SHA256 92b7cf2f2ddf8dc438a14d9c8024e48cbf94faf61bceefeb8b4b94e6699ef19b
SHA512 408d1ef2e84403818da92f1a8f523b9697e2c0b1e0a303eb9eb0cb5615133fbdece26428c1b5da00491e6ed048295a5ef95efbe28c79887751236445685214e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0

MD5 2fd3e1cb0723fb5335cb696201a749ac
SHA1 72ba74ee3314429af71da151f12f80c467f20bdb
SHA256 89eba17f48dab09897dbf80563d8025a43a279292a9214249ca3d89002e5856b
SHA512 67a26568ee0f95a7e7057e20a75a98f1427bad7e8a8898549753425902833c6e54c553405fdf766cab9569a7b5d83d160bd15882f0e713ac0388b1c63629b26d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b8a70aee2ace6c44_0

MD5 06e82a935d638ed796c16e4f308d0a53
SHA1 f11d3c2d4d822250933d55eff8ae67e40505e6a8
SHA256 607302c8336f955d0fc74cb97fe885860594c9235d520e5abfed6106f275e502
SHA512 921d762e09e56a8709b69eee329eb3bcc8f8604af3134677970be5c80a2dd8ce0220656cfd59e5eab99727db0c3331ad278c3156265d06e2ee59ee00c60dbd51

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bfd9b5c29c5c8524_0

MD5 182aca558fe39bc0289bdc54126331b5
SHA1 65a2da80093966acccef7911104a3f8d0f4e4ff0
SHA256 0c535098f4147c318e284ed953462d5fdcdd52a32a8576ac8544451d8c60db03
SHA512 cf941a4426e6f3b888917b124303279abb928b9846a0eb4d6e2cf5dc9b777d85065f439d3c149b9a6d6bbe946cda4ded2c28043fcc52f41f261ec36585bce546

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0

MD5 8122cecafda43837afe247377b2aa0c9
SHA1 0fab42db95ec7237f8e82fbcb2015b9de9bb3eef
SHA256 328e73c45a2f676432bc2e4e77935c199ab7ac2943b073d3f7f53aeae6fce689
SHA512 b9497ba4a3257af39c1d6b6284524dc0c6b92d8d63a9e5459e63def4ddf8d303179df202b8610bdfe2170a1cfb1f0c37975c1879519cf4beb20550c152a2f44f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0

MD5 f7b3d6273b35362a68f334b519e1273a
SHA1 88b88aeeaa977b74c683f23034b07af0932a5ce6
SHA256 b163d8ca7bc3603247decfd25a0e81c504320c4afb292aeb3ebdab9c17d663eb
SHA512 5b9a6c511ebe205635052e9c488a166cb3ccd7cd23781842da0b6c0c4ecbd3abbc02f57eda1d32c633141860612b35f80b5932b519d9c2d3d37a1bee46fd5f4a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d0c04f9998369cd_0

MD5 01456ce80104dd266c4ae574deba8a25
SHA1 ff5d58c72de87e0b50c7fcbdfe42172832a202b4
SHA256 e269fd707f0f27780b6b2943081fe40f38b3e0f8d70dbc18183787eb2b53f0be
SHA512 42aca9202f03ce617a91d27b65f7c729f1b38814571e8df82bce1388c8aed981fa5bf232aa6c246edefd090a8f2ea8256f9977552e617e3f87d808f506fdf637

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\83d6d3a772bbc707_0

MD5 4bce54a80059b97d9331b7392bc6b916
SHA1 3812ffded41bf0ca2817b8f4cc0d77cfc2e78dd9
SHA256 569191f23ec10f20a4e4c775cf87c2fecaf675cb3328b6e03c23388cf638eca8
SHA512 6fc5c1eb38e6176e0acad0b685d9df56fa31e5d199213863a192b526df2f4574de978f081cbd4a59d0213da90154a2dd74add1341c6f0b692aafba83120cc277

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\06450eb6a7b09545_0

MD5 2c0831fef02eebe5040b969dad610829
SHA1 1a45c4db54016a95985135f685878c164e78537a
SHA256 396e972271137a2ccebdd422536762cddb2ff4d1db00a74b495889446cfe25c3
SHA512 28c770e1db98b303aad76e774285f49a5ded704fbfb87c0da607b1d86a4fe3c0d0223b8a6ad23ed1d69301b0d97d05fc099180ddcc9e6a6b2e378687604052d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e55f0a6d1b533c66_0

MD5 2fdcd6724c220b56c8604354d2182d4d
SHA1 e1ad644791a6debbe13e41f6b44d53fad94f9ead
SHA256 8581b3649ef707430eaad8aca294a4167a52c9377196ef1dd535f164760a6d29
SHA512 bacfacdc7e58fb612972d937e8bb872b8039031c5529fc1e0906435d57785fe8177fc052b44818db8bea81696310a93562d115e0b68be1ab9e6e189f83eed608

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0

MD5 7f02653a984187ddb5f68d3f10bf00fe
SHA1 cf4758d672c3bfc4ab3d8c9356abc7052e19e431
SHA256 a504ee3678d6c4fc1720a8bb963cbe60c2ed3ea719fd791c2fed0a8c39617fcd
SHA512 250acd12f4d1c9b9f0c67f209006b652c41352e2bfe9d6809cb94d119dcb741cf369daeea3c5508bad50a3e66c312a05a90eb95be930657ebbe85832ee7cc3a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a267b7c21d8b8c9c_0

MD5 deea439b9237d7d7c8922144f1c306ad
SHA1 3fa30d7a2c1c8b6c73ac0d801e056f573bf92ff4
SHA256 dba6ab843ffd4a0b12d25ab6659601523090bd868addc4beea15ef4a8f5cb52b
SHA512 86167b654977caae2dff20e0185b9f43fe57f298b540a3ff96765227be737a90daf1c645437d333304d801dab598d2b4e0f2d1911254f738dd54fbe3d3b28ffe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6426929baf54bab3_0

MD5 c7679e4330d8f11938ae7a9952eaddca
SHA1 18ead833b234808f9a836130f317cb1114be0992
SHA256 1654af09722a2b22617e28fcc4596c6212be7243d593774fcbd6a2cf5ddc69f3
SHA512 c30d7e0bb0f8abe6b83b1756b65572cca274ae9645351e2832a0b1970f70fa89cbfcf813e40c04a5991cfa66d83264bf6f2daa220ace2fc7bbdd77cf576f6457

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d3dbb3008455b523_0

MD5 15a5659612b26fb2f35c76ec19b1e4c4
SHA1 72d645ea18dd8c50d6af06904d5c5e10ee276eff
SHA256 3ae3923956d646cfae37de1a5834cb5ddf76035eb83ae8c5dbccfa4420c13932
SHA512 8dccc3a4105de10eef0866b103c90c67f83c18f708b5ff6dabd54904a5fadf9e2ce0e81a73711de054bfc77e1a226694ac6b8ee1174198dee1a0e422b2c6cbfc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a09f6271ad0c4092_0

MD5 d2c320cd255bd127303d229567eb4ab0
SHA1 2b18651cf843ecb3a73748946a87f82cf7aff769
SHA256 83005b27c4af48e353a8960cb3d6fe9bb8d418139e830c5799e3481db7e4ff61
SHA512 c35e42ad4b39a342271fd3a2e1c7379d425077b8406344215fd5a73815bb91e7b7cd2ca53426d7646f4af4d863a5723d8747af8071fe174ce19214f919fa81ea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\feadcc6fa014c0d1_0

MD5 06ddc207a09b307a5003ec94fe61b330
SHA1 f4362509317fc44191bf865c60f99bed9ca83fe3
SHA256 6a1284411b45fe2df2a4386cf0bba1d086a2a195fd8e9f22eed9a1f8ee4867db
SHA512 78357e24156bfb707baf28ab444195cc3d95fe49da49e52f75211c984a86b3d80eaf2a8e28b9f00ec7a0581d67d037a68ba636372f47ce749ac1abaeead16da2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ac9b40a0411376f7_0

MD5 f29ae73e6d463136a374a83b6c965538
SHA1 19efab7e03cef4db3bfce8af621434b30aaca692
SHA256 b5b9a640b592b6cc319f1eefd8ee0db8f07278f4b4e6a11624c41fa65780cb24
SHA512 501f029950500e1292664c9080b45ffc6f99a90d93c931ad7151e7edfb7f904b8c8a7bc669fb17a350d495b19386b779f3db85609ff89c8cb6b91749d725c366

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c4545010b9c4b344_0

MD5 3ad9ec18982855da1ed92a04d3a7685b
SHA1 9d6268ad791102ddf3dedad1dfe77607be2c9265
SHA256 b2cc529a7d7b50d7ef6b48182acc3922c368a9318ad6813dadc3a1610823eb53
SHA512 9c5a13bb3486d65c9f562a2a913e01985b9bce24e227cb5170dac252a1be521f33cb4bb372a1b3ea7bccb9f4949039a96023a5b0702ed51ef9e74039c78c1f67

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daca09b4eb185a45_0

MD5 70be2dce38b7e0b2769e61660226e24a
SHA1 0eab0a06a8c71e36d1291ca18c0883f37315ca7b
SHA256 9e4640031c6bf9b4ca038dcb86d1f9f875b2cd2edf29415d2971252ebffd8b64
SHA512 5601f84a881df239d4eaafe53240e203e8b9544b73d919aa189f6565ad8b70119aeca0aab9efef52b1ad4d1780cf1233b98a135238cd3047880a2b2c941b9a16

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\096d7c84ae188ed1_0

MD5 e43868e2e498c3edc110c1260d88a963
SHA1 eb6421751e70ff2c87dc42c80b2e33719e9cd79a
SHA256 2e2a4ca0ef5912882cee5717c386605f3e79f48ec0db3cd434b8f27fde0ff57a
SHA512 475de4c24f10a8c97b345faeb9d9ca44868b318984f20b5630bf8415f82794b368a08a2647b5160447208d0abf278e83f1909a0baca197cb7f5521c7a165fd8d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1a9627efc6417083_0

MD5 b3b61ec5fc7b7621347aa8c07e028ded
SHA1 846d1463363d99cc27d9047055134ab4228a500a
SHA256 32af96de8a649f269f15a30a2515be8574e0fe158a25e63dfb87b373df7e8fcc
SHA512 029ad87860796a3d27ed4a6f7f563545bfb41194534c5d9797dceed8c974ed42e1efecc0efc6af700fd9a8eef3fd1edf7a357ee9ca6300ee3d427d4d4f0709e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d88fe29afbe1c0b5_0

MD5 8a01531427d43dec4f633f644a580eca
SHA1 f8136869d08e54f1a3c813aeffa75b89c77d3a54
SHA256 8abd7dec0540dcaa914a648b842a33946ddabe9099a5c90587047ede52edf749
SHA512 8740ea3dffa307b17603630d009ca15b3683aa5c11c31bd14015c4ed3f8247d01ac11859fe5ce1a81248cb48d9184feac1089c36bb38abf00ac1b751e05b2488

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\47d4e623e47f5bdd_0

MD5 0e453270a43b42c39f0c2f66c60218e7
SHA1 304ba26891264bd9ce0dd07876945f566ec98711
SHA256 3d4e127bb763da3677bce8fbd590c19f062bfd3ba10d242be652e14a5806da6c
SHA512 8a6634e8e0343eb8a9722e4ebcb481f6d5c4368a22b75c7b914bf9434eda3bd996b9ff4ab86a9bd5ec355964478424563c88d87bac84fb2f28a8d7fb0ca29e7b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1ba208775fb5fe09_0

MD5 e2718f57ce037c5ddccb85cbb91aaf41
SHA1 78480a73123d40b38f7c3d5d8d8a9cbf24858cc4
SHA256 df5ec74dbb3ea266f87389f33dfd1744d7be2cdb0e823fcbafbdef45071a9f3c
SHA512 cf16958bbf31def477bb6b981848d5eafc6d5ef3e423e50c1b1554c3eeb21e4318b848ad4da9e58862f4a5c51f54dfaf9eb893baf1abc401424122f65eb4950b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa20c296787a3f88_0

MD5 cbb07cc5a47aac4e97e84ac5cb15778e
SHA1 f82bf41f9ab9a401cffe70ed4ff01f5c5ed7ffcb
SHA256 e9fcabca008484d7e4129e457b5f514ad2a9b317698b00f8710b722370f8be52
SHA512 59fb80e4daf87f82bcb3b0564f03a1307522539036ffbb986c95acded1222b8af1858ea1ebd711784217545669a6a271c19696f29672cf4fdc9cfc761ccaaae1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c0fcf737c76a8f1d_0

MD5 d78a08da7da92d2176011eb458c04a19
SHA1 e4b65f3997d94e2934ac3c3279c515f74a7985f6
SHA256 5e2c73ffdae337c95311f89e3ada06ac3136df18f8953ec8e5df8709af43cf64
SHA512 d344269c12e3816c6eee4085d421ec9c94f387cfccec1aa597b6cdf5499da028d03d5e349dcef7ecaa34e0be10e8241e5c7df902f61d0c500e95e7b0b5da0a23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ae8d0b05a4b538df_0

MD5 e0b28a55ad1362b476a8e72551d315fa
SHA1 f886ad06ac5c860c0749a59575246c453a8a97a2
SHA256 24af767f39966a6c2b8cdf36d3ea9998b9c3d0d5158755f2ff3b64190d934759
SHA512 ed29ffadfa65636a1d6234cff2b9eacc0f8d1900f1ee8bb25cdcb89428a3f33b7f9ff57dc54447184bc2ef39782c5f09dd1ab93f07cf77e97d5d2762f46bbf05

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5f88ebcecbd11556_0

MD5 24056c02bcf9d962a818ddecc34817de
SHA1 06844a1f88e5c19bd71e7e4bec5abbdb79b139b9
SHA256 fa67895f282cc6edc26728e8a1e4044ca2e723d10c2c124dedbc597751b42f60
SHA512 8716bc908df324465a7641f49fb6831a501ae86c26024fe1aa620e7cdb6fb7466224e8474ab976b2a2b80a82738221f96be54858c4c55466d921fba14bf674ec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9c0109f54c03223c_0

MD5 940648c56565f50939877f4bfa20c5ee
SHA1 3b468864ec1411705e480bf8814df8be49ef9c1e
SHA256 28459aa2ce3aea1431c94345e7b349c997b52c4b9b6ac87c7aaf79981c66b88d
SHA512 64fd38a7a5d680510c4b56f43a019eda100b2b6faa6a8efe5332a52ae4f8337ae21c2b7384e2a0a324170db123b5add113ed017484d1d57c53a5b14156100933

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b1d7d09e2437e8ee_0

MD5 5ab43b2a0a7fbfca4338efe302fd3083
SHA1 ba5539b0c17179d98b86deac9966821ad69b4c19
SHA256 e943829c213a7ff872a212c338647296a83c5120caa587dd81c922e25832e7fc
SHA512 8994790f1db2882b0abc2c59d0bfeb401ba71c28e0acd7204ee2af7c52cf84c98fb527713231d73f3cba6adcc16319a8bcf32ece26f8c417f4873a048492a00f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5b2f11f3f15a5775_0

MD5 1c43d0e402d5589d05dc0cff5dfa708d
SHA1 bc5cf7bb7920207e8e7bd857066eb9a269239e58
SHA256 a9c7d8f196b828c73413caff8e0940562429798fa356d8e6ddb3d450f9a9c961
SHA512 21581c46c0c02b3f51f6d17bbcc2f83578731d76a47bcbfeeda45f59ab3b38bc965672e9c1ca8aa895c6119024be2950341cf4509edfb9b39bf34b22c4f3dff4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3557d97bacb52931_0

MD5 f60eb5f286640c7c9eec2a6d63d482f8
SHA1 82481c36a99d43069fc1df599dfe6689043a74ad
SHA256 9425e7be6f3f3659554352ff11039a9da26023297eb43534c2e12a994821585f
SHA512 c5506a47611ab0a49749c054e9fb165bd378fb7e5c179ee6026e310f134a20d743c9b191470beb2ef870b1996e5012e4ffae8ba5e6a7d2ad0bac525563746451

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e239929a95f56ab5_0

MD5 ad5d2794dd05b44e06e60027de454b2c
SHA1 e01fdd1b0dcf4a1e71a8456aab89fec358bb09b9
SHA256 c700dbdae4938d2ed5b38a7be77ccc744eb7545a6b127d929e9e1e48da1a351b
SHA512 58c11d281314833db24bf8d9effddbc3700bc89b42870af1713dc06925b7a9c8b6400d5cafac6b71e0362f3b2da091020aa109179915b0d1d280cdd4b597aece

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\edb3b6840a8ddc0a_0

MD5 b2816aed89d4fc3136940caa5cafa675
SHA1 681e048eecd98c44d83ecad2f9ea2bd4006c3018
SHA256 a8e1c55078e169b093cea4d5068fea82e6295e6bd353043a21da85c4d3322743
SHA512 ba6a00254eeddcd3888d36d7d38528daa430f4aeb0148b5c01429d28c0e1f110c843a55176fa41b72f6c4445132d208f7ab724fc8835f72f6bfc3964fdb60031

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\14ff8116b518ca2d_0

MD5 46d6572e928ec5c7b459468bf88aad3a
SHA1 2fee295601fbfab688ee4c0d674a146e04e1ce1c
SHA256 fc456a926c8096ed4200f4d9244dcb147ea13dff21000f992d42c2db2c70e6ad
SHA512 4680613ef221d15b044da0327e05969652501e5b099478e70d64e709f14d1331591728d6f4cfea43cab4939ca2c48aefa125d8ca31864b8748f6c396b8ca2b19

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c28ca9baabbadb00_0

MD5 beec2638c2e88fe13596e66be7075933
SHA1 a004ed2d2ac56ee7e18fe4afaad62daafec5556c
SHA256 4ce5d5cb5617442b4a2328e72b4892ffe44ddc941bd3a38f66d57f5e1a1788d1
SHA512 ea51cb93bbf791aceab1ef25dcb3785fc0c09fc085bca1455e06612c04e3ed5bf3c0b9838a47444acab3eec65763a10772412aee207fcfe823a645753f736bc7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9dbb949d27873cbc_0

MD5 31a32cdf466f44e1232054ee4a5c98c6
SHA1 9e3742e63fe7d97f000f8e9748ed93d28794068f
SHA256 2f94b3d32e8effb381d42ef62078239adb5854c6e274ea25e31a0d91d89132d2
SHA512 e6b8085a458c8025753f4534ee0d4b022e63d774875c97379b79b47b6852c9d0532c5e81f89ca04b82c4780581f3c21efe58d6e512f67bee2e003417650cfc7e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7a66a1246c4f29f4_0

MD5 400212de8b25b1f1dd922d31a6b0d36b
SHA1 5865576a56a4d315462803efd18dcba2c4dcd0a9
SHA256 c777bb010b523356b496485777cdc05fc21e80f59330783546fed0b8298385d5
SHA512 f98a397f71875aae8c08207e00d4e1c701cf7c15097f9c3f3fa491b3ea4a27b213acdd2aa8bcf8fd6273e04596e974e6eaf342d90099d9d9111cd08cd571d36a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa5fe3b36e22e31b_0

MD5 7ede006a4b8aa90489b0a75e686ebd54
SHA1 ed4a78a5146cb1db68d662f4376853cac689c089
SHA256 26d2c1e5eebe681021ed37062830332ab646399231554ace71452d30a1a95f7e
SHA512 03a475a25ae6e428449be8dc689e76da5a0f949177d9fb34a231e61bb70567a2b57808b2c3a7593facd90fb71e95e1ce4cf655f2bc3a6058d53bd9223d3f1597

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ac0d1673b2c5d73d_0

MD5 31d70204c467c9fb00e755ce4deead80
SHA1 d6d9c7bfca66eaaa34f6a6d4cdae18363767b939
SHA256 bfd04d45e2ff7332dfbad5142d9a49f03609dd78230ef13dfcbd7021675bef70
SHA512 47f05c0ae08a544b49951c9f81250d2abaf14fabc44f20c31f0da9147c7fda26a0d0d1596388f0de36cffe75d48801b7a5df65763ee41d5ddea395f3731ded8a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a6537dab24e365f9_0

MD5 ba9b70e4ed7b12e82138d8aeae7a72c4
SHA1 50c39d29a400d3ff4e1071e1f3b2c9a6488515cd
SHA256 6134f5c73684dae70365c264c537b5042812c9a5d9da2da42932c2ebe93ab6e8
SHA512 b73a3dc5f097c37329235edfc198b2a98b1a95554362ac647a26826c76ff2d7def1926f9eae48ad3a1c09b6e1e1cf23a08be88b0880a09c8c1ee724ed5e88156

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1927a26afb9a8b4a_0

MD5 abec6dd3741138c34e9365510eb27312
SHA1 5922ea824fef594d5ac4d1c0f531200c97e7e2f3
SHA256 849013ecba91ed8530cc73b9490ea39de143276eddc8a72c6d7e8235dc282c02
SHA512 1ed89cd94f4bd791458fe6f464ce70b2803a744e66ba9fdafa01fe647553905177b255524681c116c0775c4bf6c4a34c9b929190e341b2040da5dfc6ed298c58

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6d3b0ad57bdf7db9_0

MD5 59ead22748bc17629078b6c13c3bf9be
SHA1 4b1f7fb74d94b0b549168e77ca7670ee5fd4f8fe
SHA256 0be67a90e164ed8549ee8043af663d4d76ae3c85c48bb4f43a4820381f123f7e
SHA512 574d952b49237728996c3928e79420290cb409159d5064da280cf5b53c9493c0807db18bfc14759b505294c45c96717ad2e164a6ed7224eda93e3e3b09196a2a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daea348421cbc209_0

MD5 8cd628261906acdfeb89acfaa3e2430a
SHA1 f292308acf601c41b3ad2b5698d64e73c82794b1
SHA256 34703c257561bfa8707a20e96263392548c13d993a8b1fd9f7fe0d528430852c
SHA512 e54cdbf62361bd6f38bddcd1f5c6bb7850016fd23226a02f3273cd14f28d0298cbf3bfeb127cd1912b81329d5f24d4b6eff7e268891c23e921b97186572f25e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ffc17e0e17128e78_0

MD5 04f01b3742fa5b4b302c435349af7117
SHA1 45a2205f25cc5144480247db547fed928b6b0471
SHA256 b8fd28d09a9061764271cb0f30ef4a108a0c68a9e985e0c6cee35fcba78b9f3f
SHA512 1502c59f21737599fd9dc5357bc1ca78d2b07b0e037b61b6326999b5109e7f207a36ffa640ae3ee6ba492341efc5debc882d75da1ad739cb61a7647cca822430

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2bdaac433bd638d1_0

MD5 972c5be032f1dd8ccfad84215a5bd030
SHA1 967b99ccb24e267b8655e03713edfc935dd464ae
SHA256 d0baf07ded033d3b3ee6eda0dcaa09c4eeb5ee1db36fc376912e8ca65797a138
SHA512 3583026697ff09d13f559887dfe01f79bb75bce60e5f0c36ea3a1a7ace9e0ebc7b4db34885a1458848eb68adb7c529eb8af7b0eb8fc67d668dea97b081d828a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\270f11d2d6d0eeec_0

MD5 dbb2ce29ad9124e70963019972d89628
SHA1 aa95430d68198c170acff031e63491fbad4c148f
SHA256 6c4a47ee43dd96d620a183077a13151a7386334fa1379afb63e0e79acf156bd3
SHA512 273cbc6bcf467804770a75c0f09fda75095d42f320e8c7aac5b910a1dfc7cd44778bb549c1eda89f1654c31d4f9d91d460d3719eb4b0f348208a3424d9970c88

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005a

MD5 deaa3683269f7ef2e6d04fc56c9c733d
SHA1 0f9dbca72bc8d50d37f3c93995ce863b0e3b3229
SHA256 a6675676eb147d2d08a30ecf624b33c42139431b25134edbea5c90451a6ff7d3
SHA512 14c5605c7d367ea5f104e6f14cb86823ee35348ee9bd0185210a79c4ce115182f45e0ff603d5833010bf88de26716a468b2de9b89f1f3cf45cb90bfb9c4bedd8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 312ccada1d92e8a2cd26b1c9c974e591
SHA1 c22c28ee89d4030e2038133a2592e11210db899a
SHA256 a0a9bb9aa98a2cfbf90290197d19940c7c2212191cc167bea4581dd9676e465d
SHA512 af50849558350df62a9ae46b82000b1038b8870820ac14ef21c8e32fbd880a2f805a9374dc6e7b982dca9c31a63a9d285d7c03c9737e42e5744d932350fb73a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 754e9f308914149ae502c29424aa69fb
SHA1 925e22e846e64ababbef4b9cbaf8f563b7ed6cf5
SHA256 3202ba14b556f655405b4aeb51661dff0213f69deb05fc83218963bec6f18783
SHA512 e04e4b863fb64d68f759aca8fe5e3953b4a3e569dde5fec8fe14bc449ff05ee5fa93e82f3fea25307d721d0dc04c9ed756fc8d52675e5065b41f0d0fb4ac46c6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 56c7015bf40d1e589c5ec3df8463304a
SHA1 1182e5685598a712e9d639d41ab66a21efcdef1b
SHA256 8b0513e0b05e6185a48efca979b59622fef4cbbe308962dc13ad3fe707908c06
SHA512 5ea92922bc4f799158e967d9ae344a037e4e2cc8e2b0d4fab56917a8d104247576dad0617ec48915d19504bb4c96b66f03ea4788ce4f45139b2838ea6d6a9122

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 79f7b26c077ae3e643dc21d8828454d9
SHA1 46f5fece864581f6e4ee38859412cc7a4e63c9b6
SHA256 c247b48fa85ffd032c0cf68315dc986e17e4a0e08787c2836c2e988588b126bf
SHA512 466097f17716acda82ade588091d74c29ae4351fb967e74a997dc884806046b7f260cbbb260a59187baaa9d5a86dd32a238a6a0c38de301773a9ae6c210233cb

C:\Users\Admin\Downloads\hqdefault (1).ico

MD5 7852e1f69b02a3ef7307e2b87618d237
SHA1 25e4ea911266b3fe27ce93dd069a7e5bafd4b5c1
SHA256 338a413ed7f4045f83d82119b3fe75c9d7481665c14eef28efac5838a54b4fab
SHA512 44286c2418f0056938b5786a2a6a755b474fc556de29304ebe4d254bf48d89def62eaeb40369e928998bc07e7801480e3626b1a7680989f28f77d34f3ee383b4

C:\Users\Admin\Downloads\hqdefault (1).ico:Zone.Identifier

MD5 aeabdf153ca0ec153f756759037af5d6
SHA1 391c59c21bbf661282faa0600f624c986d7a3e5e
SHA256 6140802b53a22a411dac95c1533962db7ca8bd60fbed2bee348d12d39e26ed40
SHA512 bcae6ff8bbaeee012621689c8f87017aef07ba0ad58578589fa986cc88b780efb11a2b60f798a42a398f14f1973da10b4ebf149d842c5372badb8228b2906551

memory/1120-1933-0x000000001B900000-0x000000001BAB3000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f4fc1fe3347d6a117d953f9f15484b89
SHA1 486dde941ed2c3e429af611da71828e8bec2e03f
SHA256 59a5be0fecd46b12c2b923fa0948567e236259bdad97ddfb5e6ff3d90a4c1337
SHA512 043d98961405edfb6c15c9057e5566b69cef859994a03677c70dfe3b042dc087827bc9958d0380b848619603f51cbaf3f61434bc315b5992f1503a517dc27ae1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 32845e83d6d18c8d498f68ff231ad6b7
SHA1 4d44f883d2909d8649e3987a99ba2b5ed3d0c610
SHA256 f9793080f8b35950c0ddd32eead8a7d7e13b8cd9c4ea9b825a5a096269d44575
SHA512 14935351091d4953a3ac65cf3175a58471eecdd92b8b7846ecf18c79d93320d73ff22501f4a10f077f5dd05850022602b8c86f3a10de1067ac77b6ae1ed9d413

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 4fac09a4d03377d26f11dacbd5eae98f
SHA1 36d6a46276b00170b77851b112f95f5528dc9c5a
SHA256 d8283458d622ad341b1915af45e5a303940ccb0edc87b75a62bdbaece64bbe73
SHA512 7adf7ba4450db7f32c1ef8bea948c991f5896b07b9671c8e8488157415a51b154047e93b86683588f69531573b07340777a63f2ae97a31d9f825a12d00c9e37a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 08455362590e35637565b867f5ae2bb8
SHA1 4f4bcf1d9c9293bc2ac53f175ee40e0fbd449b41
SHA256 52feec8ea28650125b03458014ad923ba32faccc3465f0076dc4a979d82baccc
SHA512 0691117f981cdad39ee9ab6712e2ce0ed586c0e1c99a439457dff44b3ea8e84b1c09514fc47cf018b97455f86dea8faee258b199d9f1496307bcf29c3a700b8a

memory/1120-1979-0x000000001B900000-0x000000001BAB3000-memory.dmp

memory/1120-1989-0x000000001B900000-0x000000001BAB3000-memory.dmp

memory/1120-1994-0x000000001B900000-0x000000001BAB3000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\48b1105b4c2874b5_0

MD5 5411019e35bb9491810a1b3c74c25cc3
SHA1 4ec5a518e2120f1caaae50dfe2ad7c9af0a56102
SHA256 ed16587bc16bd193d9f8cdcaf850d16b88ebe285f01ff7bde59b8edf7dce12a2
SHA512 7bec3f015c6fda5fef033af28d8bca821efc26a944c1a05bc67df091bb0db8c9069c7a818d23412692c13c695895ea72771e23b439301497be85460672db4246

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8e5987d08f7b6e11_0

MD5 a3b34ef82461b8f2ccbf3a76d742b1ff
SHA1 e9629f2d20372a31ee265a5d697f396b6bff7168
SHA256 f01117fed27248d3ed0a6cd452f73185968d5cd19f56631f71d671712a93ce20
SHA512 9372f1fc35c724d6f2b7c24611e0b39db85ef876e92a95cfff746b88109a664c27b314d47d1b9d54a919486676642f281885e8228d7ec6ad0cadba5a119c1c39

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\81764cdb356c9506_0

MD5 c27dedd3a9bd6fd82415f5a726890f7b
SHA1 df5c23e3e846d1946be462bb80353ca5ff2a0c60
SHA256 72a3c1f527de28d48478386b68bb27f791e2e300c58af34e6d2a8aa586316773
SHA512 7a445f470097605a113896cccbd59a9dbb342379c26b3d3b089c56dce1a0bc8a493b3e5a5cf716a6b0f404c6b4b360fa030aaf1d35e06d551b8761a122c41abf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\02735674612cbc52_0

MD5 a144d289fed2b611082f95db45b59060
SHA1 5cb183178d44c855197b1d6e01e1810aca20c744
SHA256 e95f96b4724668c294d56bb82a530b1d43fdee66ef801a587ca6deb0b207ac1b
SHA512 2294e2a8754265bef6a8d729b65772e3aaf3e211b26b171e5650a933b573b9c0621d0ceac1867f67226e4e9bf2e8e37f196a77e68ee5ba26885920dcf17f3c9c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\63bab61298dfac24_0

MD5 d566e6f9db75ba707c519d5b863a183c
SHA1 75e59b9cb52b8098c163a202c7f0a1832fa1c92a
SHA256 cd5efc3bf9d32393f6146761bfdb6075aad144dc59c6369377db12932c516ee9
SHA512 511db38eac928766b2640b42fc67e6a47fb6055836e2ac919601bd29d558598a814df964a951480cd0f0f69d0865ed60da5d3313bb5650c6c558d1fd8bf8b7cd

memory/1120-2130-0x000000001B900000-0x000000001BAB3000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000075

MD5 59b6b69a426e8232fbbbed410badc879
SHA1 7206c5fe08d62c3e17620c55e9064023e994e449
SHA256 827ae434531bf0ada59ed353b7d5305a7b982c34da1ad59d4b9ccce971489b32
SHA512 84ebc913172252e71301ab3ec4f9d1dd74a831dfcc60692ed60d80a1b0c72c7dbacdf2848fda337df70e5b918798d5e28c29040dddc36288e26fcae526c6b545

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.photopea.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ffae12a86212e262ecc08e2aed31660b
SHA1 1688e9ce7fef09468f1ab897f9827f3226105044
SHA256 4c810200768fa0a880c2b01c437fa6af5cef886fc148e73a2fe40208907b8aa1
SHA512 27c0dd3f74580d59d3c05cc4e43826bf8755e4fbb548cdd349a156feddebaaea65f28a749255d6fd56047d17a68d9dd2602317f562c79c8e40cc19531b7bc509

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 117ce4ffdb2c6784f9b573fefa28d2ad
SHA1 91fe4a997da4f19b5f6d3e2d252db9bf2b8b7633
SHA256 ce54d8854156495ee51d1ca512c6633b0db524aa87adae29548a275da6e28178
SHA512 f19a63480af0e69706f4caeef8942740077031b010a134cdb124c9c3078c103d3115651a67e5227729fa79ecded1fceddc32ffba84305b77dd36ff83260c5c39

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 538b91cbabcef59f424c06e187c2feb3
SHA1 f8fa86f1468c062a99abe0989522ab16f4895fe7
SHA256 cbe756f7d6751d95c81908c52344432dcf15ba6640a7516bff629048c7099f06
SHA512 eae909c8a4a3e5b32136827ea2f3e6601bd6d3fd969f3b3958c4a70246bfa83b46a39f2fa4beab8de36d13baecdadce268243030a2038deecee2a2a9fe60121d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 958f9e2faa47a5545a47ec3b1ddb251e
SHA1 726e8e2722758ee774d64eaab2c95f93f0b797a4
SHA256 815fb03eeb70adf82c5a8b54b58bb8994f40ae1b5b020d9fefb62443b723a681
SHA512 50827d4bd4f063d094d8a439a34427c5bae071c7667c12c990d98ac241868e135a1a351c9c0d22a7b6b8415205c68beb8ab2807759b5231096aa50a351278cc9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 46623ff6632b18dace6f2b1a3c5ac82f
SHA1 080da82dafc7af3a3330e73470ad856e0a9c4180
SHA256 eaaff2a83ceecdbd721c2729e81360f1086ebd9a4bf8783a1858fff335d9bf11
SHA512 0ad294f6d81c22a049e7e40a58baf7cf35c7977d19579dba069b812a92f433fafc010ad4cd8bd243a9d33db157593c16a04a54d0ef71251dd961fd53d9a9b20a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000096

MD5 8108e5126bb1b9aaa660a7e5257e914a
SHA1 bb5749f62f3005fb718f7c1105a747343a47b78f
SHA256 e4c1b8044c9ac5c2de3c108408d50e218a4a7a649e1f28ab172fc70953fe8108
SHA512 c8ff92765d692ebe176676fb4a7dcecd29963d4770096270b7fd6820b91bd5b8b5e61a643c7fcb045b80b036b2e1d69d9929876a42e2d9b1669a7376384613be

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 93323f89632d48de131d549a4d3f5b0e
SHA1 57ce5f480712208c811aa121edeb85273985b3f1
SHA256 aa5c03ea24e1827d5a19bceaf0c5e2e4ad8cddce3fd58a5d6bad96d511325b4a
SHA512 1c4b429db7b65eec2eed59b294fea83b173fcbaa771a3204581cf12503ac2017768ee7b69c3ef7275860cc782f49b6d7a20fdca08ecbde52a81306fc915fa046

memory/1120-2502-0x000000001B900000-0x000000001BAB3000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a7

MD5 a2b03561cabc0d346e9a6be3f5b11b5e
SHA1 ba0aea2acc1c20700c4c09c5b2b8d0bfbd33ce6b
SHA256 09588f4db755d8d88d9e521f5189d97c2ac781ee7ad782bb0c644eb9f69feef1
SHA512 3602c58bf569bbf22d2a559f0a62c4ac8d6c9868dd956cf0d75d694d104eaf2f82d22c9427636a46ec82cc24e758ad1eaad75fab771ce843308c1b2fe57c6ddb

memory/1120-2549-0x000000001B900000-0x000000001BAB3000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cdbc96c173c8305371d094a0abcb2bae
SHA1 7738f341b0e749a6d30edb3a15d5e2f969f6afb5
SHA256 b8ed00c4b683641e15e869738d485771dd137c1b9ab7cac70712c29753e3dde2
SHA512 01de45e2fdd1b7c8d13d4a7118c6ff357296a92b8f1c5c1ee91c89f4682cc83d5eaa0ad41c5a9e0f617c50b3aa2fbe120e43fe73d2db8add0d77b01e40647c3d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 b859d6382a3f75e4fc0075f23a706f6e
SHA1 2c7838b1c5a0e3b160231b81eed8e545b6c30f39
SHA256 26a31b8d89b171a2224f9e815ae7d8b0e31efbc666b63803f6b7d4dc3e10c60a
SHA512 25462eb4a1379ddd030ad670c34c8b38f6400764cb6818a533567cdc78f7ef4f4a32bc13972425ea53792a5766a4ef47fa62df8a795527dfb6c2c1c5879a5c26

memory/1120-2595-0x000000001B900000-0x000000001BAB3000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ca5c68801876a37b07ea82c24f859edd
SHA1 811a870bf74a637897db7dbf5bc86a96cf888643
SHA256 4b7b97e6fb8a79357cd0aa0ba727afdff6076ca8df579e25bea2086e99317702
SHA512 bc580a7e7c515a4e85d18c315ee76fd4bf13c2e82a54eb9f03cfc7ce9284c7d24da2a218b0b23d9dd7e88e76fc39eec567b472dad9f97632e2981864604a215f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 970839de6a8a78281a1f1bd3c7df7086
SHA1 f6a8b65db6db3e22a2e68fe49b392b84ad15ba46
SHA256 d5cfa09d46ae2a8f2a937c8236350c13fdbc65fad43646e3571f6853a4308fba
SHA512 8cad19836291f285cebfccb12b605891407ce7720af22f75600eabc3fcd6126eda91df7ec7ca487b6acce69d805c7f76bcd50d369640dd11cea0558ef956ef11

memory/1120-2651-0x000000001B900000-0x000000001BAB3000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e7fe0b0ba15760a9_0

MD5 16549785ad2f019ba79919426344ac5d
SHA1 e48f0d717bfcae605025d733a4787756cd19cda1
SHA256 6f542fe2b66cfbfafe6453808dadedc69efaa2799128180b425070967daf0c41
SHA512 d3e99ce2f33f643101dd70aa88a8291c6e58c6ff5df3e42feb26d564858b84d48a3f44766413a521f93564132f231c4b54d5bcb9b3c95b00d9de78c9b6421288

memory/1120-2685-0x000000001B900000-0x000000001BAB3000-memory.dmp

C:\Users\Admin\Downloads\hqdefault (2).jpg:Zone.Identifier

MD5 ac666b38eda87d058bd471232275c477
SHA1 594ced0c28fb129b4de0ad712878734034054668
SHA256 bf983eef180302f5ad9a8949b7f0e3148f8b53ae8db21e52aebc2f8bafee66d3
SHA512 8fbd82ae40fc51b05ddf2d482ba09abf7dcb20126235b643d0345ec7c2d0e0dd5acf4694da8e22165943d111c4c97fd5cb4a2e4a10fa1af2fcb96b11dfe49726

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9664590b652931796c6b431b5ce971af
SHA1 b1d2301cdc925705df6241fbe81817f2d8f844df
SHA256 5e6d63080adc32748a700e9c66eb25859637c0f73a0ca17253ba932c5b45f2b2
SHA512 7003fa3741f67e316535ed88d956772ce5da8b0606d8cb5596a6d3dc484eb1176e406d9fcb0d357fd382269c70ca10600e145e602e92e7cd3293b70ed9f77301

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 7c1d0569b4d4946c3aa20a594d9f0617
SHA1 a9e3dcd73d9f8c0f98ac3cd2c0b00a294e6ff65d
SHA256 d9a844e08208018c4fea65819e9b4b0ea8eaf10db5788f15172fdac515feaeb8
SHA512 62bc60994acce23ac256c17854d9f6f718ea225de4fba0ab31b801becb5f40f4ee3112ee9ea75494688bab856b7b0b7cd44d592b1d36a5f1bb7caf292cf68b5c

memory/1120-2720-0x000000001B900000-0x000000001BAB3000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ca333fce156f68c1b0bcc7eb55be6a91
SHA1 6e5d79ad586888541ca6431e95c62bab93f046de
SHA256 88277e4546e7318ce5cdff5d6fe976c1203a4a29f5d497f77492bba7d8b3ede8
SHA512 cc72cc4376f74158ffea21b043ed61459d6e55ab8b988a0c652f60b572c11b9e73d6eb400378ad54d425a4874f294432423a2105ce447ffd414c201f3342749f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2bfde39962961371_0

MD5 70ea47e4ec6cf4c57e2bc7e14f6cbb7d
SHA1 3561480c50f24c1e5b0c70597f6139efd0f46f26
SHA256 ddc3567c956a8dfb0c38824704bde9066fcd69c497c73f0cf73afd10f7601258
SHA512 187601d206d250de6cefff8c802ca25cd64a9b0b6a3316b074a6c0e35f5e876f6fb33dafd0ac45c8669ae6214cc8395060a1d9118ae6e652713007afb6f54d2f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e58a55421d82bea2_0

MD5 f2fc443a702f7129f768115f0b41d1fe
SHA1 a3ba75cfbd132b43ab58c55169d001d613e6a31f
SHA256 f55dc866b5166b933a4ab4fbbfa6ba2d851507ab86d4c87841ec4c0f18eab007
SHA512 d4104b69707f4df9f34371d8883f6e3597eabb2b27bc4f9b34d875645faa7460086350671e5240df94c5d98009132100f1e98bd6dde2bf3b6c6ac2ae879ae99a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5636b6677132a8f1_0

MD5 2f539be6579bc61ec27a2f454a6ccb7d
SHA1 809e9de098ac28c3edc5ecfb8cacdbb8078fd99a
SHA256 4fac488280579ba6f3679608108f967822c9818a45c7d44ae383115ac1a65b6d
SHA512 38e12e3cf6654b299f4cffbb997b042c3e645c4ec496fd8f85ff2319467b258d729864418166ec8ea3d401121d4c2b763b0b7384c0a32efcde8c3bd7f5c236b4

memory/1120-2787-0x000000001B900000-0x000000001BAB3000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 025e209688295163f38b40d0cb49c710
SHA1 812684c81cb1e83a6b02b4b3bf0a34effe5653dd
SHA256 8c8fe72c53b615dc8097b8305a9b9a1d2dab9c5839b07a5e9f16c31b1c592cfa
SHA512 374afb02a1847709c52fd439fa2aeb31c14b347d77a0600b8036e482d800888a57ef854b19eb5cd1ca790c6684be95983d44a701a954fb9427b37629ab193004

memory/1120-2856-0x000000001B900000-0x000000001BAB3000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 528b7133019060ae342e76f73218da63
SHA1 983c9f1acc9f533253afa5c7f43680c20dcf5489
SHA256 13505c1a30339061b40cacf26490921bbc763ccbf7a8a11431e9a71b1842674c
SHA512 f08daabbd6f2c0a0289dd54444bad8953798a36d159d0ce5a4771b7935fb57a8591b95bef3c77c74ef935181f0c471013375f0b8454312d5bd320408cb8f5537

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 754469c6c9d358ac713d6fade72856d5
SHA1 aed705819c3aaa92e02e9a31fe020a5b7b7715b7
SHA256 469ec9f984c2b6ec65d3400c32762d3f3f2fd31df4e2e8ef1f27dc8ac6609e29
SHA512 e9039770ea016c99838435b9f536939c8cb3836f7fae17e1d22b04695a4735f05d33ed6abab78a7cc4a57dfceabb50e00eb37d871ce45d9417a6e23ec5915c98

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7b70e020dfccda87_0

MD5 2e04ec773c6c478dde82c889feadf6a6
SHA1 3670e7b2abde53eb2b4ca23711eae37783eb0ea9
SHA256 9ff6f72d76b5f285940027cbefdad05eafc6c783fc0ea1e9cb96c0c904adaf89
SHA512 98915f0a14a7452bd3cdff693265ef003e6d00c35c98d3d01b7b58dc7a2f51225bcc0515909ed8e4b02d4338ef508b5581ee9baf3c43e0b15d0427dbe1018baf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000095

MD5 93a86a993daaa561f27068abe2d9053b
SHA1 623c0550c16e9486116e5300d856d99c18f93af9
SHA256 170273ec6106cb11d452eca23bfb05f9d15d7cbacbd77d03823af71f8881d9e1
SHA512 7f2ae235fc7ed44436458a9c96b655df820a474dea1c19e2bd963fb4c15b1a07b622758ec8bf1ebdc74156cf72ed47c78382b3e38a70c6f126911b2d7bfb6c2d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ac6f5feed09172b3482ab101b92552ac
SHA1 ba0c1c5c6e7d3c99ecafc1e5d6f4f763ebbbbd47
SHA256 59238d2228cd508f9a945a33f6bf61492d63f51721a27e5ecba7347cc3492e39
SHA512 2dc0692f724eda82aafedaa9af924fc7f5ddacec85fbf6fd964e4263f24f69f9b28e92a8b0b2425a3c897eedef6c20c5e842c8af285df2e2ec03b6e5079c59dd

memory/1120-2968-0x000000001B900000-0x000000001BAB3000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 2aa48d0fc22a46495253cbf4420f198b
SHA1 a40b4af5b441ad41316bb64631aac0a7dd71818d
SHA256 cbf94e076f91b0adcef5a7df19aa3293beb4ebccb352a7554b8d32534aa27822
SHA512 c6244173b0c9fb7b665a61e4367f047534c57fe36ed6bb6a0351ed9ae002612758db5d97305e59e22cebec056abd4ff29f51208631cbd15b0cb0c5e08c729f59

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 bf0e6bf78b6edb10c1c42ec5d5c7a631
SHA1 f91ac4666549a4ba0311ca63a38ea785b84a4aea
SHA256 26a47cc11e240e21492bad69d219e6c659c407b2cacf2fa0a02afd107ddda29e
SHA512 1b08c3513a663a6f1a20a744cef5bcca3f6f840ee5faa3b705cd9bdaf017d6a0358ada1e58ecebd8a4c93ffe1d7928cb8c1d03d718467b47aa16e6f669beb7ee

memory/1120-3002-0x000000001B900000-0x000000001BAB3000-memory.dmp

memory/1120-3003-0x000000001B900000-0x000000001BAB3000-memory.dmp

memory/1120-3010-0x000000001B900000-0x000000001BAB3000-memory.dmp

memory/1120-3017-0x000000001B900000-0x000000001BAB3000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6d53914dff8e3cba8badc5c14a9c783e
SHA1 909f8000365aeb1a888ea72207798daf1ce2bf43
SHA256 75a38799e9d372be24de9bb4bcc95160b90e7212e695a03e37cba038e8bd5deb
SHA512 0dfe3f2736b9844cc2a388be9134ed411fd60994f07068e00886e10dacff1aa3fea1908aa4cd588b24fdc032bda2a82a15422504c7500952ad0ca3ad48dc682a

memory/1120-3050-0x000000001B900000-0x000000001BAB3000-memory.dmp

memory/1120-3068-0x000000001B900000-0x000000001BAB3000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006c

MD5 719a57af36211d1dc6eaa9bbe6ecc172
SHA1 cba83ff9a97b30bd9d2b0698d668fbf07f592663
SHA256 14211839dfd5040b6050b0d59f36962c65a58d82194af8fe43310d984e8cdb7b
SHA512 435dede56842af7ce92b90991c53f2f3a8bdc2dc89405485799292d48cf03d48777ac77a050ea113ddb7334c06d1a10daa67483abf25b1c0e91a4058fa44290b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 59c126634e751472f77bc7d937098a29
SHA1 ebd089707e775431860040efed9d72bc284fe805
SHA256 b40f079b18fb75aaba986b7095c7af8cc3e958d40d40bf152285bf60424634ea
SHA512 2fde38780d51f153b640c33bf8bd1606af7e09e9df6756bdebec504b7c58359a653d4bf77fb4ae1471cd3b6a929aa7af931c4a4b7bb30384e564f8ea3bc0c82b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 90f55e045a64ad56d62e0ede8199392b
SHA1 6da8ce234ef640d70dd8ebd37fe025738ff1f847
SHA256 9e4c3a4318f56968e6d2fea2ce6c8bc208b7a433efb33c4f32be418f1637aa9f
SHA512 4e158d9b23ca668d86d0973c2a625f49b2b551136a3e865007950253288e84b095296bf3815288b51acc7d86fdb620f14d67e80b759b7f07ba463fa0bc5d46c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ab6819498a8fc0c7701f2790e96c4aae
SHA1 915785dd97fe94ecd48d03661250b5c2c5dbe067
SHA256 1a7759ef592d20f73a9e6a85abb05ffb24528c216bb06d01fddd08dd1903a66a
SHA512 da466406b72d2db29c7b267b8e555dbfd8ee1d9a293a59450e6e15d8bc7b86216fb49de487e6d6e4007ca62cd441da557b3aef29d02590d9c9144688b7b5c070

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 cc7dffdb07d493620fb7ebbb0bf9de79
SHA1 1c5315f0fdae9d3ecf218faa85c56caef3bda7e2
SHA256 4e1961a052d0e1eeb0b0a900c00d4e05723778b199607f30933213b25131bb82
SHA512 016ff95bbff6452b24ed1484ea270bcd108e53f42fe5951e91a1b145d4f5503b59ce65d9c141a638e8c0aab339988740785c18970bbd7a93d64d1139accccef8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ea16c477d04439558f0b82ab9899b746
SHA1 b6c2530faa98134801d43c4a9a89f791e691f79a
SHA256 f8a533bec318cc586c0858d0dcab9c24755ba637cee4d4b80ae59bd6bc4b2994
SHA512 03169ae987dce0dfede58ae42d5bf0f5f68656e986f3a98498e1dde03ac691d38851529139c4f9b0d93dd0df8b9e1d9b4f7bbbf44fd2e41b2685f9ca52d85172

memory/1120-3431-0x000000001B900000-0x000000001BAB3000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5433490ba6c495f310820493bee57943
SHA1 b07f4ef4dd3dc39068079ee4f4f407f6c53dcc6d
SHA256 b3e0d32790e2a7af7328e2646113ba79f70c332fa1c62ab70976c7e983565320
SHA512 c150ea7d91468e1c66438dc92372280742a41a33649e29f55fe07d2ea1c7fae58aa4829c680bf793e9debca2c2ce49a1be23336c5342045af0a1d62d7dd0f41a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0b167f88eabd4af5fbf1ce88c9128a0a
SHA1 e0a5affcdd1daa47e3636c28e24897419aa4f8df
SHA256 4edb0d6e6d00e4489d4b05aad9abddc38d9cd851e2b332ed878cd76d8a798d5e
SHA512 c237e7ad9c5ac69d6912c1fea03e9ef1c76be6589664b9876754418296f0b8346b51e2705e4d8bb6415ceccc624ef27a6667759bdc139da289ca6bf9f9df886a

C:\Users\Admin\AppData\Local\Temp\pe0xrgto\pe0xrgto.0.cs

MD5 efe81e1a9a71fab8ca77121a89bb78a1
SHA1 67c8a6674812f398d42a71a5c4f73db36ee9a117
SHA256 c8133574b020c5c05c5ee2b592c8dba20c463fccb31d38ce0c800a798c940168
SHA512 961727e60c263c9bdf6886d554e04d55dabe84379f9c0985099920e5d51ea633aeaab46faa535e36a63601b4df1dac3c8e92a6c7f78e6e8c340e489152e30dcf

memory/1120-3465-0x000000001B900000-0x000000001BAB3000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e6169ec06ab730caebd0cc964d2f0c9b
SHA1 91a54c8531870c6894ccd5b38eb836a9b461e576
SHA256 d7ae68823fedc8f4230000e8ba284d6a7c189eab29ef751a65082142d0803e84
SHA512 cf265a26afd33d97450b51e97d3f6405bf37902ca1a2439189c2b7ecbfd846f54fee7f8cc076302d7245a7715623e2416a2c3a82471bb7a1c219361295119660

memory/1120-3475-0x000000001B900000-0x000000001BAB3000-memory.dmp

memory/1120-3496-0x000000001B900000-0x000000001BAB3000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f9f297a3625b731b_0

MD5 5f225666a68aa168c2386e30fa3519f4
SHA1 1eac1015787492d537afdc8d6b7f7f39f2e14d31
SHA256 0d62c9c5d0dc33bb9544993c658fe6cc2ca4029980cb6af98dde0efba24c0423
SHA512 57730e2a983564b78ecf03b32ab662414964ae4eb289f4c19997f52bde67c5a23f06dc456a706074a9632381461adc1344ef7567c8ef863bd0385158af77c287

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1ce91c7d3c2c2734_0

MD5 fb979bc1cd61a072af080d9e60e0603e
SHA1 65f89e6b89a2acb4bd2dd7a509e2f7c729f0b18e
SHA256 1c08058846e9b6a2a82eca0e7c51de2171cadcc3501282af37a3cf5456bc6d9e
SHA512 af2f873448832c4fb89bf805ba8953a8415849bfa14e597cd24963977c7796373fde0bf5a33041be6e978489cfe1775784661455ad789e81501ae32255004de7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009e

MD5 230ab95d87a717be265134072eb17c25
SHA1 71a3d3dd6f952057ba0c6025d39c9792ff606828
SHA256 3fdfeaa675697f08f1c7c0fd6b77512f4bf9465e670637e8e332e65ebb9db068
SHA512 9b0636421ad14161f211e846521149ab0a7c866e77db309dba79718487835204cee3821c9f4678e48e134614be6a02421c155a34b7c9bc424012137705960b11

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7cf9843337c39c04_0

MD5 a228cd49850a3b596cd99cd314e2875b
SHA1 630820fd4f5f40948e60cff0a70f663d55e79689
SHA256 7dd16105a058c6e39baad4001921d2ce831fb0c588e984a547be4f3ea3e2dd6c
SHA512 3823df1f45d13aeb5b1ba702a5d9e42e3655c36369acc5977ec776e24b877135f8c8062d81f09ef293b52818379a163ec0e15288c4d9f6fc6b9896e1f1331eff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\03eef0e77feb64d4_0

MD5 ed7bb37b379072bae605f5e89ddd8332
SHA1 e066be52dcbdb37a4ca0025ee0c8a7ed7b128d1f
SHA256 da856638f46d8143f001264ce01ac44836620de57a3fc8dffea20b83d3eb6acc
SHA512 587b9bd25a0bc0a759185fc8f1f2da55f302b3b19122c8a716358d8cfb54e0b5f296f18ec7837da5a7c688745986aa6f02ffd08c940174ce3cd6844d3212ec61

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ca5bb3c84b908d6e_0

MD5 a4f0526078fe928b66ccb7cd622f688c
SHA1 190b8f666b075432ec099a32195ee8195e52c317
SHA256 8025a791f192709815ae492cf6d06a205bd20d53e559a596c943c2be21d6686a
SHA512 ba8dc10ae4e49e3c98b5a766cd9b248cce415ade6a9c88c74783801d5e7f30fb30940950f101284008931e18c3feb42a5b1e362602f48f81a0800fffca99bf56

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\635e64b37935c888_0

MD5 ce1b8141232ce5f1d5b4f307526566bc
SHA1 a55911c2738dca318e904fd9f9f5fcc70e878eac
SHA256 02a0ca25f3191b75724d83366a8d4182a0ed73bab7b27a60f86d2c34b07be57a
SHA512 b00016cfc75170c0d9f1df245b04fddee73332a9790b37a2e810a54d8d5849578600d8bf266af8d0b90d5afcf6f93f2f213295a501ea32c1da28b1dc372c82c9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8908012b8e4a5af1_0

MD5 fcef28e3c36b256d13054e4449ed03cb
SHA1 a96e72bc426c78624a7fda38d42a773b324cff2f
SHA256 77ca6814ddcad20e82d98b0314c5614d4507e5bc62a7817e59c4a21872f77052
SHA512 35176d6494a6cddeb27a1842f24421de0abc8c271b0c2625dcb2e69cd8d2e4b39132037b90ac26b0c5ff35cf51673c7f0cdd786fddc60d159e27ef6dfa53b5c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\718aba49c9504085_0

MD5 760fe90c8e3af11ce204cbf2749d354b
SHA1 ba1ce0e086424dd07b1f387b838a9c4d298b16e6
SHA256 7e3879fb630d4bceefde47b95e593ae84e887860b60de68baf8500869b4fbfb9
SHA512 03e2116da32a1b83dc2a063ea321436703aeab3a18014904b83ddba8a84ec695d9e16c2ad747cb9ff16953babd3d1c645cdf1c9809df23f4e95919ddf45f0bc3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ec4b11de0b23393_0

MD5 169cf59c4841040a632094aea0ad5f95
SHA1 76be2281d9f2852c999bfd6ab11ab1d21438fdb5
SHA256 65dc9a52cc8a8c420eebdba1e264398e2365270707a849ee7ee3d604c64602e2
SHA512 9310c1469ea7fa1f96210d89a5fc7ec8dc3fcca8a08bb1ebf01f9a91a0ecbdd63f626e490c501979ad6d94db52bb46b7a6562d6e1510b718514eb6c50dfa1891

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5801d3329fb36c59_0

MD5 2b6d4f5d28bca1a2959aa7cf7580be03
SHA1 329ac14292ffa7027e8bb22b124b68394804e90e
SHA256 1ad8ac9b9c4711a209c06fdfc5f7c97b91edf45cfdb3d4c8da2a90768b1d6c95
SHA512 c2d17fdce8eaa39cad3f3d2ed9a5aaf2961e515337c27a066701af0e2328b0534bc79a6aac9ef9c9424e2b0ddb86bc97df2f04d398e8a735ddfb3a581e2e6455

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\94f93ada55bda7c3_0

MD5 baa370c2fc9c2d808b85169db7d3e50d
SHA1 7f03136abd2119ab208be2975bef858acc6f8d76
SHA256 9f79a4fd6c80f026e905629f97fb521c76b8a099daf8b3d004d8e3ef5e5bcb4e
SHA512 6ba52e416bbd1c0d9de675a31f8e762366d50e77594c633af4e548bf404603450de561db26d0c518196f1d4e1e502b7a145030632db05149e12fd9146182e774

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e3d18be5d494e38e_0

MD5 2356d116ca77d6f6cb78f46539c76b9b
SHA1 5935ee7b7c94a94402037025b2383d46b358fe31
SHA256 8bfed96625731d78dc3db617f1701d6f66373676ca96faf0c66fe876e1cf7472
SHA512 af1a1e00a78f4a28ec052fa35e0405af71f921df604849cdbe7ce2ca98c3c23f8e0e283defaf4d2fe15213b10c17f1beca4e693ad693d4a1fa26870c8a35b2d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\476831ba582729ec_0

MD5 80b0a6451b25abee3597cf6aa5daf852
SHA1 2176d79e1aee95b285a30fc6c2902d728498edfe
SHA256 e0425022b3c5df1a0da79ed72143bc7f651ea939e21935739c65c1f597c223a8
SHA512 b42ca2af63a01af9c50855bdab173c8a86949e0aba0c7355fe1ff65b282685bde02618502fe05b93441268087734960036a187b33e4bc53d90dad354326ca653

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\87bfea9426cb2ef3_0

MD5 849c81beefc1ae70cfca556c8f161e1f
SHA1 fba61a20adbe77e6877d9a06408affbc72a46e24
SHA256 48641636bce9f1e9b1c3085d2d8bf53e2b9f4a68407d41a1980fa8dfaca0e148
SHA512 0a1ec6f45921a4ac6b84a1fdc4ed7b2c00c91ce3d56f3a5761b5956d3a748b62bc0c1d07bcca7d73e48c1aabb1acb8a9dd7846dca745ff154899d8bd15a6acf6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\534ab76442c26020_0

MD5 9c525cb6270e607945fa3efb21c2f967
SHA1 0da7208458fd7688f88708e151e70c2c49a0e31a
SHA256 036ff084a39d1a506befa0592901b42732853b9dfb8d9433621ceba6b13ae66d
SHA512 8a4f895c5283dcf31c872332942f6014cb0a4986999e7dd12ec80818d51cac43c0d6adf9027dd5b3f05addcbdf3c9ec0809999567484af7f22197a7f05ea6270

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fbbc3b076556d40d_0

MD5 d1342e9cc917d0736b038b0607c22767
SHA1 2933005be10cc5c32f6cafdf1e991a9fc9e2ed8b
SHA256 4431b84c8f7e848867cd95875b4d993e44f0948232080f5d064f690edf8146af
SHA512 bf148920ae9959e58f7995c3b7edb100bc1e84fca7a22640aeada6d9f7751162ef435b440fe9737fa7a1732ff8ae14a67e5a3acebbe37ffd7f8a920c6ca91392

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000048

MD5 ba970966e10a8e87ca855b95cee05ab0
SHA1 e3a5e78a16392fd5da108f9821e00f48a7e44b5d
SHA256 463fde9c3ee7e0bd18f5ed0d239cdc1565481df623433fab4142869430ab00e1
SHA512 e8a47925d959e5ab41e3b81a9461ef436c4fe81af5b0bbd350856175ad8e0dd0ac181e509c93799350b86c4815d94219752c0e780a37935eb76d633cc7a852f0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000047

MD5 5d0e354e98734f75eee79829eb7b9039
SHA1 86ffc126d8b7473568a4bb04d49021959a892b3a
SHA256 1cf8ae1c13406a2b4fc81dae6e30f6ea6a8a72566222d2ffe9e85b7e3676b97e
SHA512 4475f576a2cdaac1ebdec9e0a94f3098e2bc84b9a2a1da004c67e73597dd61acfbb88c94d0d39a655732c77565b7cc06880c78a97307cb3aac5abf16dd14ec79

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049

MD5 c2ae29737faea12b5899b7a5e34838f0
SHA1 3aef62cc58435c8802387c8b316c8ed7792d4a46
SHA256 6888cd256ba5c78d88e7633bbf3c8e13869ec139daeae7c451211498ee0f1130
SHA512 5c6ea49c1b515e9b21ed9ae54b8e6d56373a4e1a664cc765970456dc61aeaf06eabd5539cf8a624376bf7976159125405fa76c6e77cc45e8ffc0e9509e1102b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d023d158e479cf2b69025683d0729d0b
SHA1 c38a550aee7fff15a40983516902c75fd92da9cb
SHA256 88a7473a3417af546e19f4556c3be9688155a8311020ca2e3898244ab7d91a04
SHA512 7270dfe4373993cc8e95a335b2179f35689ede96ed8e23cc384be4a3b5bbebd50f68b901d7406a2c1969611f844bc52501d3dc813d4676a51aa6b9e350edcfea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8907dbe8e6dc166ac804d5cf38c2d9f2
SHA1 5c4a5ee102339c01f182438315d4827635c0e8f2
SHA256 7a28d03e017fdece96ab2db03e738525e51a787f914960c0235f1025108c8439
SHA512 53f68d920f09d76d1e238d92f7d3df1d9996963de47b474342bb615627b6760e2954672e11e29ce99adeda2e2aac1c51c61c1ec4f78b414e30fbe05d73db1643

memory/1120-3861-0x000000001B900000-0x000000001BAB3000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 70b1e9881cec51f3b3553f600a4abc32
SHA1 6d7bdc615c957f59f46cc2978d82ba640f231ad2
SHA256 7bcd5f5a2e60c85358d01227b193215a15033f8bbd6bdc159c4d865d9b9d74a7
SHA512 68e94cb25ab71c0cf47f104fa075c08f91ccf89ebfb60c57f91c2bc76cc9dccb5a6033bb3b49adedeb48f985e1df3261ce4533d695f66ba9560f40303202566e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5a57e34e7181df37214535048724ce3c
SHA1 6feba3d8eb493f5f38d1b3b408214f15cf6dc4c8
SHA256 63d7dcbf352a05978f1e8e686f4e0f5f62bde5ccdecb7be61c4e1957d567ef04
SHA512 b2534b9d41f0d539052ff9c086e0f6d60e668f910227dd5e08c968da833041dacd0f196c298a11c3ea333264f8af42b3ebfd54d02b50d0eaf5be7d5494a7494e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 45c7bbb16ea8429590504801401f38a6
SHA1 bfc6465fb768a7dfe1bb5da9e44224db8eead233
SHA256 2a8a6a6c636836e2e3570a4bb881bb935c68249e7a728e131faa3b265143203f
SHA512 dce6efdc4a587b9f40038ed5136b4bed7fda51a985e1b96474f9ededeb3d510f798d54c0e69407304f335b4dd2ca0489deef1b219a4a4ca1525b000f87f2cb77

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 9d97e6062b9dfb369e366375e0b2782f
SHA1 16b1035c361150a759646901d44ef80ba3eb992d
SHA256 64faf0138a8b82cb6cc9a27a24b69b4a80e5bdb5418f1fb54e27e8aca781435a
SHA512 008850d5a8f1beeb3d078cd83c57ac03007ed00d01fa0e8ad8a90e8dba99478f505d3bd64f966e567039a396aadb6bb0f0806cbe3229b7d501a9766d7e25bf52

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d5666b24e92933f3_0

MD5 b0609ef10d105954d4cba37183626314
SHA1 7f69216f42e2306832d0dc062b8b43e84a556de6
SHA256 ad7242553414a247078110c6905ca2a7dcfbab68950b2a626838c242a4683bf3
SHA512 1d7e75b9ac6381822a44c1d5ffe85ff6c1b21539d2dbff26b30cbe0500cb0106c96becd1f50a325e1e28f49ef83fb991ea739b1852c84c8a1faee1dea3c8ee51

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 439cde53ea6c563e1e89f6e83419d513
SHA1 41e09f817d7609d9d022f6abc037d07cd60fdd3a
SHA256 3a6472639384cc0495c2a3cb63ee0e3f747d20d533125c6d328725e412ec7c67
SHA512 1ba214e418aad040d58624587466a8b51f184f8a8c684fd67ec5489a86c401fd18e05d4f100ab30b1116faeff17699ee23484ccdf201f6f02211b5fe6ef355cc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e6

MD5 756f8bc8a5d59ea559ccf27565af3534
SHA1 7af180f07296d75766e90c281365c772ffa134b6
SHA256 9bb78ae87b8f617b0fdddd531ec8b8051d3a372e5874c18fdb9207b5d8b37352
SHA512 36bde7c374b5c01031f4c4dd85e5e4dbc28140caf3cd6dc5653f9d3ebcb9edcb94507ec04341d9e2f89e59d5c1564650192c938a0ee45cb2bb8523ab12d2765a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0c695d61b022f6dbcf7b1d633fc007e2
SHA1 dcc42929169c13517a092735158d26fddb9c7bdf
SHA256 8f6f160b2c9ea2ed4b33d936b0f40ef6fd198902510080925184bd917d1bd22c
SHA512 0f797ca5ad0789177f6367c937acc75e9da73f90639b64965b56f9b77d75b080df7c80868cf89d318dcd41166cd167f3bcc1872441f9db23406a0fb4050c7c4c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ec697965e1f2b6b7fde747a7ff8b2d65
SHA1 de8ff3138e40b7d2bcf2fe710c4cf49da16c8469
SHA256 e453f97ac59e4b8667abb0be14afb47125bef2df0d50e8a8a50d3c0c66f382b4
SHA512 394004c879ba015f1640321c1650ed59f4ed9cb36ae05f83d9feb50452d9df713c2f0d837878a3230f68735e475d47eb29e602b056bfb7e8d061502c652995ae

memory/4460-4218-0x000000001BC30000-0x000000001BDE3000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 cedec3e2c2f5461fe33fdf6c2603630b
SHA1 470be8344c9d7fd07595f77f530e78eab44dd8f5
SHA256 95f401a1be0aea8a34e2154a1699e78b490183e09354f5f970bda925d04cb1ed
SHA512 d5c001c04299cf71754b2726536d1574b7aeb5fd9a37e51714d4dfc6b3607278079c9f936d34580f8bb3d13c6aa38107a5f61944924d63379d6afeeb696404d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2929b5bd8d8373c5f70b0d04a1e48e0c
SHA1 58957a12f3249d1444d3dd46847deb6d7f184587
SHA256 d163b7da08fa947e756a0301e0b315d6522486108949330b02fe454c82b68588
SHA512 e92dbf3e30ea5ecf056b877237fca9dc0154aab0c3cc0e89f67199471c5f680a07fac8675e93a12b4d1600eee9e8b4783bbe93c9e1a7e3f9b0f4e64b22cadf8d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000079

MD5 2081ef49d093d72d71bedd5a383a0c47
SHA1 d1519e1845fdcab2fb868a94b246cd3751292379
SHA256 a84b2fb2b21073f107edfa12c6e3374765c71181ab43e4ca6283652d603ae9e4
SHA512 d6c005c97559d0dfcccca22777b44c50c8f7cf3f76dac5e5fce54e17eee150711e3ef94dc115a8b2b6559681aed7772b0238193c683d9c4c8e732e3b473aef2e

memory/6116-4282-0x000000001B6B0000-0x000000001B863000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5dfad53d48fcbb495b88ca9e57454932
SHA1 e6d7c230f7fed4ad0fe516af1a6f1b5013b84cda
SHA256 017d4ee4b690ccee0a83b199e76e0dce04cb4f1ed7034d63955295774f562b61
SHA512 6216318ee83c1d9906ab731b7825fede05bb7a67dcf4b3a76933d257d50a0271764a231397d4b2676e3f5462c72aa7aeff6f5567b5cafa0d19d72f5340d5cfcd

memory/6116-4308-0x000000001B6B0000-0x000000001B863000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 5f70247d58d2a56a7813ff3844eb6371
SHA1 793d67fb1098ece8ad5f682b42e4458d19006ea3
SHA256 d8d82f8718e8752ef626867b4f827abac69d1313537c1512b64215a230233616
SHA512 d8fe66d24f6a75f8e66e62f36561f733991ca75560cc6a0279686c4b5475a993eccb3cc3d09c0d9f7d1fab25323990572096ef59776413e2c7b39b9e421a0853

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 19bbf4004845b3c8a5525490503f7c20
SHA1 cc94919c635d552fac903d08053f7c2a846f3d20
SHA256 b113f76659c2e3858275d3ce8d052451065e42898df15d7d5a67ea50d4b93bbd
SHA512 8d7da785664aba4a0999cc295e7fc09c5a0526befe1b8e9f1ffef64e7e46bdbccfaf45100e84a0c6c8017a9422e17196a7232077cf83f9f48b01e4f4618826e3

memory/6116-4347-0x000000001B6B0000-0x000000001B863000-memory.dmp

memory/6116-4352-0x000000001B6B0000-0x000000001B863000-memory.dmp

memory/6116-4353-0x000000001B6B0000-0x000000001B863000-memory.dmp

memory/6116-4354-0x000000001B6B0000-0x000000001B863000-memory.dmp

memory/3664-4362-0x0000015CEE340000-0x0000015CEEE02000-memory.dmp

memory/6116-4364-0x000000001B6B0000-0x000000001B863000-memory.dmp

memory/6116-4365-0x000000001B6B0000-0x000000001B863000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 5c699a832459aaa299478ab8408faf40
SHA1 78847483692ab51f2c2f854fe30ca88773025725
SHA256 57a57f89b4bfa5110f0369455566452fbf0889ac04b762caeb0e6f93ea8a6b54
SHA512 a2ad2b7661ba2b683fea54e13242e74aa2f342d001380224d5a35d90ab955937760b0b55b461cf82e3c0709f60b6b732f5b4a668e68c90e57065eb88a1d6e6bb

memory/4836-4384-0x0000000000D70000-0x0000000000D84000-memory.dmp

C:\Users\Admin\AppData\Roaming\svchost.exe

MD5 93fc906e8318df21ce5069c0f5b1e2e7
SHA1 2cdad311be360245ee694278ab90722f9f7a344e
SHA256 44860014a0607a88155015a474ad8029cb0c123da251eac3aff4417b5f1808f4
SHA512 4b0fcbc26d530c4b63ef161d8353683a88d2225348f530a18f97c36111b2770df32ccb3c18a647ecf9c9323f75b10124addcd74cfa83b61cceab273b98b7cbf0

C:\Users\Admin\Documents\read_it.txt

MD5 24cb561c0c75be34341ef75731cd5b2b
SHA1 b6570ea1ad0ee0e1847b845f231546ffe2c7674d
SHA256 4aec149877e8322d95464dbdb3717c6a225a092cd261d536d16fd34520c72e38
SHA512 6206409b2514c30a502ad07aa74b277dae9392d57aefc4ea6cda6aa1cd6a1d0f252752fb67d672648d9afe9045ee5309b48cdb2ee8b6d061a16666fa19b78353

memory/312-4845-0x0000000000BC0000-0x0000000000BFC000-memory.dmp

C:\Users\Admin\Downloads\hqdefault (1).jpg

MD5 0f047f5138a4b2b70fe9f73be1974a8b
SHA1 8200b4aafd8c3e038a1dcece4ba6619f0d6fdef2
SHA256 9512e11e346cfa738cfc44832277580b40ea55b6312404b4a37f55a46e390e4b
SHA512 f8330594dea8542c0cb840fa3e4f9473dc405c434ee342e817737d9e0ac740ccecbb59da014a7fb2bdbae02a3f55d720c510c00fe123843d0c35973b6ba54a9f

C:\Users\Admin\Downloads\hqdefault (2).jpg.gzmh

MD5 0033df369b33501fda7740e68e3a9564
SHA1 ff92972d3a13e4fbe25d5ff8b88b96bdeb000044
SHA256 8ce3a229668bf81c695b65a143708f9805bb9bc2656ec76e3a3e6cde067aeb68
SHA512 fcfe5f55b43cd43a31c1836535974dc524eb69e40ba93e51247653183656ae6f91a30782a1e9ae2df174ddbbe8751dd9c5c7ab09628555f0908e32887cfa003c

C:\Users\Admin\Downloads\hqdefault.png

MD5 601c8fb83abcda0a39df348df2ea2983
SHA1 0917857c798e63473d50644507f7b5c22a8b7fad
SHA256 a04288ce22eb850d1d3a426f054b5a7a47695b6dc277ef6680623bb5610847a7
SHA512 bdba86d2a7e3c400b00718f01dfe30dd40c2a4169980eab90ef2c171ca79e5ca809ddbb2d30d5294e8f88c55c50fbfd708c7b806835f72bbc391057e9ebcd3c0

C:\Users\Admin\AppData\Roaming\sdf.txt

MD5 ab8e16153c9b6cdc965aa98d2b7879b8
SHA1 47c77bdd272508e3c8b905e4238eb64f812b52f7
SHA256 c07ea33249d2a92373528a711e73b721163cb464a4da9817e8563304aec7ac3b
SHA512 14ffdbe3bce6dfb5b26e69bf14d02ba605552f356496f34261c1b5d5cfd8c3865f43ca6b5f01466fe072f40d77f51d5bacdacfa41a064b7174d8266cd19485fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 b8b1b8be88e6b0418119e9201e69a7b9
SHA1 9a21d2109db0ce6e01571b37cbe519d4d8a69dde
SHA256 f359e154e0ca7633bd50e3e994fb40e1b9fbc54ce6037ada999de2a2e6e526e9
SHA512 589820d4b53353c7f16c755c5c58457b233f37860a7490c73e102bac6bb7f5e86f2573d3d0e7d2d57fd48fd7f956b3a9c45c5a4a76053679fed5a2c9b3662381

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a86749124060ff2d38c8cb4125a16375
SHA1 6295250f706f6390d9d7b5bfa4ee7f88135ce464
SHA256 d0b45aae724d344783f75f1283c663a88278acef4317317fa3da00e7c1a37362
SHA512 514c5def2ef040f7878b64dde0f6f4b5641dd6dfd3d3603c1fd8df75327dcaf4bb7c2ea4becf9668f1b3cd81af74293d45b00b6680de5275172abb5ecbfe7611

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 88d1df9dcf108f8a0c2ea642d83a9086
SHA1 45502d3e509ce7e40fec9dbb22cc8eb96d6ab35a
SHA256 ad2aa0f8fe3fc13818bbc5565015a87b11ac493c89625fae21a5eade8d09fc2f
SHA512 e65ac1abeac765ccd4cb51d764da84a62b56c596894cbda477c953675695155fc79a09189dbaaeb969426f113ba5ec08f4a6bd3e4dc63ba97e3350449ac09ea9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ae03c81787df2ce8255806bd71f138d4
SHA1 d6f03681f53687b405e50d9e2171237741d470cc
SHA256 5305c2b04c1548f6c31ee62f3d26afffb724a8f69eaee722c14c72cedf391cad
SHA512 3e5538c2849a99a90437fe7e8ded96fd160ee21cb70639fd19776d801cef251a3cc36ecd846b40991c972e99710365318dc0fc1620df24d5afac8358ea1ca8c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 bac66ddb8b3f755313c204cf5142e4d7
SHA1 7dbf7c40a907e513d4164564dd721e850eabe372
SHA256 cd8c71d48c6139629597cb89eab91b98f808052e924c471285188fe034d3de7e
SHA512 1c10a42a41e5b373d0d95fdbfa3f86632ca9b32c0397a9fd938ec9b60bcb0f5ad91a59a6cb0ef5c95a7858926b98e9bf6404dd67c121ab52036f39b82d52c4bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

MD5 c613e416c48ba7a462ad168871c7fa0c
SHA1 d32fb63a594fcf7d62ca555a33ed0f6df1326514
SHA256 1a5d17e389a95b21f18d78e07b4d9cacf64c0bb39ecd3bf4166095a9e4c2fc86
SHA512 f253b7ed83b67eb54e16a5ac8d01a887b997bc144e8b2ded24b613e3e05f3ffdad38168610e2b32391755abd12c2bb1aaa273728606343f3a100ae44ad72fb53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002f

MD5 7a4c6579e85e7687b7caeff56326b359
SHA1 b39f533c843aaefbac0058eafc4e6b6b05d09aa2
SHA256 4ae263098c462e6e6b2243f5a3a69df9de80d09c341c137dac3b7318b2038b50
SHA512 686c78f37b70b6eb8ce3728208cfd280d784511882487284d53da9a34e6ed6e5ac366d0200629c9f77c84899166feeb976b95e8a095a13bd0191665a06b6d17f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1ea4e6ef313a4c1f64bbc589f57c3f93
SHA1 7c7dfa866a313583c6920364e8cfc4c1d49a1b37
SHA256 2ba794affa9e5d4aa2e51e5af88d93e8ef786b6b86cce43d2280f0256fe08c9f
SHA512 3aa341276885494e1809a47ed8339da4107447ea0c0c8eaac998af0e5fc551ca590fc64ebfd24c1d8c4dd98286465ae589da656dde7310589e598a380c35d49e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f3ee3d3ffa359f5ee7a6cb7605c543fb
SHA1 79fd8f41117e70f42d01a33bf00acd157bea3e29
SHA256 78a0126255b7a5cfe7ea381c2b1aff7e2957a7e328440a88d4bd3ce44368eaa2
SHA512 45ccd05900551da4730adc14efa3785fc88461e1765ad302880c3428bd8dac2508399b439911c696b7a92b0b156de1fa224329b7210ac8b6fa3f93c91f68b74c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030

MD5 08ec57068db9971e917b9046f90d0e49
SHA1 28b80d73a861f88735d89e301fa98f2ae502e94b
SHA256 7a68efe41e5d8408eed6e9d91a7b7b965a3062e4e28eeffeefb8cdba6391f4d1
SHA512 b154142173145122bc49ddd7f9530149100f6f3c5fd2f2e7503b13f7b160147b8b876344f6faae5e8616208c51311633df4c578802ac5d34c005bb154e9057cf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4eb5c3d3505f4668cc9fb58024a3c6ff
SHA1 00a752ee50c469a4a6b872c371650e7559ea2b7d
SHA256 2135faf77e8053093f428e3faa6bc00acd7e55d32118b99fbdffbf6e5170c383
SHA512 17a0172f339c250f9faf0426f9252edc12983837a17fa13d6def3c77db4c2e427546f3fe52d8d645ce7519469474a881870db30ca77cd49c0236c59c3b4c7b42

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 06dc20af640bb73bc283164112b7a7cb
SHA1 f55181febb3ef451ffa6898118ba4f59e4f89c69
SHA256 8f2b3f954dbf67d4a9effe523201c42d91b6580de054bdd418e9154f0451ca2f
SHA512 e3e6a673f535b83d88d863f840ca4605e6c1f044c661adcf21f5b40e6435fc2f66503b206916922162a3a852ea303a5c238d808587a4a6ee9cb7a14be5243fec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e6983f09ab5ed5b7056c6b7eaf1e88e7
SHA1 faa881e9f068b9edb627c4b71e43800fe4de4dcb
SHA256 3f2dfa6cac3894809891efc93ef5d1126ba762c209fecc2ae5a71e9422c61992
SHA512 b91d1a219959e051201fbbcf3f8638e7c40023d890fec1222e3bd6ba22180c87119f95815677843afa08f52b6f0690237026815f8b9dc8290f35af11830403b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4e75c053489b39fa7b66e18cf3043172
SHA1 ddefcfa3ef83d7f7571810c9111c89bdd8fd4f23
SHA256 cd1b9cefa41f5d5033a24d8938b3a3dec58d9b4853b729c531e88972c882087c
SHA512 6cb7a5ec93aa364e0cae0ffffc6420cfb6d081a6f083eb5cb13ada5e8a493a10c4a29385a0824c011f424ad6fb525d89ecdc751fc30ef6cd0c0df1a6534cf713

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8f1125f0723e516f5c6a03a85212a837
SHA1 31f6e12e6c610f516182da4fb6da1146337492c2
SHA256 2300e20fb87b5c737ada04543d1354fc739f13fa1e05a615d62da109e2e5f81c
SHA512 973fceef9046f216389e744708deb52037dfe94271a91d9068194b9d63931fa439e177fd447f1fc0b793fb2ea80469e2112fbbba92529b61c3562b08ef9bb963

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a8cd3ea069d7dffa31e56204b3af644c
SHA1 194a7943d7e51d281f9a189da23bb40b41d7613a
SHA256 aefe09d11151dfa7dde4b3142ea68c42c134bc460e8db8387b7d23ed6f2d3344
SHA512 23a3cb66636e31126e4a9702145c08fc2f9a4efdab124b3e4f840ce513ba0ad912786e0a5e68df09768c7a4b749cc26af766ec7e04c4adb64d56da3576a84c6a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 99fc313fc620760cbec2a638718df128
SHA1 07410653059bf4b9dbbda20decb55b4d7828868a
SHA256 872734578fb03f5ea2b42e01298caf102692cc0956de1e080d01b7841f4853dd
SHA512 a49d62bc36f91f8479afdab6a1a0572973ac8091ad89d71eea8f5cbe6eff40ef3fc7fe5254bc6ac805d7aed98bda4fa772a42239081e250cf657c63a9e8a8c41

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 cfc1f0827cd50009c4a530d232d1c1d3
SHA1 1911dd9088565a079235f18050766a9d502427ce
SHA256 3431ce9245d5c0bcaa5533a13aa64c4feb697215a8142a16ab359bff70a46872
SHA512 24ce5121930aec87b03c1f3d5631d753fc5d9de7ecf8cac8a0021d92598e5ab2550b7710694bddf74ffa071215a36b8c8561340b5e5d1bbc7b349c989908c3d8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

MD5 7f24295044c8b4e1850c0234de3dab1d
SHA1 160d7d54cd0d2fa97ba89c4198447f568495bfc7
SHA256 5b3eae368ea26f833957a42ff3458b043d49665eb48af7e1c985b8d16501c957
SHA512 bee01800fee1621e5bb50d678853ab864b35e08b3ceb292c462e1eef96efb6813c895db1ea7fbc4d87665a95ed5fc7007b27b01676e5f6c8935d03da01923542

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 247c3f2ba0af486f80f56d7e4ec40d45
SHA1 06c4a0475acd82012d4518c54ebb1a50b6daef69
SHA256 14e86e46c1859c6b0f9d0f948e58e299f043da1717f659fd1850d76610383821
SHA512 d6a27faba44df920e76c84186275f61abe4c6a2f8b26258b2968e09b25241ab94fe2a1c7e6f9cf5b4535395eb40c26df9095db585be1cd14bdb64d632ddb3cbb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 45c561868206762e758abe465487af92
SHA1 dadc5701c520b6f2a97d2ea61d70ca12ab93a51d
SHA256 7711ea574461452d7f2e4ff6cd7d597e653ecde954c23a23d0b2860e5b68af96
SHA512 d1684f15d22fb3cece111d345089024a27e714c5f146f53969d9125744c6de22907e3efb05c38e6359bb0b110daa57dd5eeb76ddc8ec115b440eafa399d20a54

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 719b5a19c4d86a1f1c8a69b0c3ca1a86
SHA1 8d10a71dd51e5982dad6ead4c44d8e9de2bbab9a
SHA256 9d760ffb787d9e03cc6528d9d501ee0eb380cadbb1483215c9f9336739ee841d
SHA512 30a2bf66eefcf8843aac4d0647d4acae8c530671798d1c88737d91be40b9fd8667c335cb3a105f7135b5ff016da435e7aaf27c7843acfb7689f328cf2afcd5db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\619ba02b-e137-4f84-a6cb-a141433f4edd.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000037

MD5 015c126a3520c9a8f6a27979d0266e96
SHA1 2acf956561d44434a6d84204670cf849d3215d5f
SHA256 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
SHA512 02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003d

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000040

MD5 c594a826934b9505d591d0f7a7df80b7
SHA1 c04b8637e686f71f3fc46a29a86346ba9b04ae18
SHA256 e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610
SHA512 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 30d6e783b67dc5a0d156776776d87b3f
SHA1 288f91295b9568cf34cd7b7f37cb4908483fdf56
SHA256 7d0a9c1c7cce93122e941c3d72ccaeba9921ba7cca9d887366ab4d57c71d78cc
SHA512 ff2802f1daadbb227d65f53027ec9f680287b20baf8bd2d836a03c2b3ece49d859150859f5ed63966de62feb4a189e53a7d5934c758f7f94a8c3459dba8025b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b5f4d965566831a8b5a83cf785558893
SHA1 20106bdb2418dc6e9e237374531167912bee200e
SHA256 d4d0f28a7e116e804ec5c5d077079465867eea6498a50e9af0392f1a1b0db57e
SHA512 04405fb517b142c73445ad54e48fc5436a75a15adf526ea4a198bb5ba04190aa1981e4c0dd38defa2b78768fee82d698f7a279b109bfe85d3f69137c4a2e3ee0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.mediafire.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a22b09173a1f03bb9576425261a4a5fb
SHA1 02ca5f677a56117a6d72cc04ee8269c128d4eb24
SHA256 328904a533a685a89d0713da849ab0e5d29faa4c58275e7a54da867aeaa86516
SHA512 3ebe7339318df062e36e37e10787ad2f3335b151d2eff274c661f939768f8345b7dd5303509f1045b4089f5e01b46bc25b7c87b362891774ea7a1d496c3d693b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5b7be034f2c19d5316bf69f065dd9b3c
SHA1 197b6bb98ebd6c338726731d80bdf92c6d6f1230
SHA256 e6c764181c27cd8647a9e7395782ad79c7353bdce5d43cdf8d87d675b0ed26b4
SHA512 b3b2dcd652312857004fcd0a5c2fa81f7e7fb7206082fd995e1c7eaf6c38cdc57d001db40d006ffff99b4670eab92188ff73a470b4a10d17682e455f76e9407b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c20271f3398afb29f65592a236f1b420
SHA1 ba98c2f493d50169c20eb8f1b2b6efc3fa38af19
SHA256 c437e1f7fbc0fd2da861705d8d22cca7f05315a2535e27bf29fe7a281b593f62
SHA512 d2a2e02b9994c49b76aa06585c513937ca5be7cf4cc4d87a188059a842906dd674ee6ca84afb57384775200abfb16bb09396d950e1ebd88a748fa450748366db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 9198d412bfdb5fef21ea36226176683a
SHA1 0c711c0237e0b777e7ae0c506b5697b206c9f054
SHA256 8f8f040901b3d8b2145e53848a843c4409e2b3e9eab9afd297e4fb8ab0eb1dfc
SHA512 eb1b85881da4345c92a2b73bae5bf81fecab706a3474dfb26f58e1a10cb68b8141b543c39ad2fd05fa410e0d12e1c46ac6911f138353458677d3f2f025267799

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 84703c06b8cf87c4df0f095d64e0c402
SHA1 a7171b2b320eb7797103e98437cea70eb5c21a40
SHA256 f1853ec02fa2b39e314c6636102938ff848416c0965ba0197d6b601098fc1143
SHA512 8da1e2d4f20969a401825b649f3242f757bd09eeeeaa802f3ee7f7ece9e5d624c2ec334055860207a02e4cc4f3fb3646f79dc270c8835cc89422775dd20056f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f50113a4abcd608b710491a991b7dcc4
SHA1 0d285670cc6a432ad869144f1a382c6bfbcf2832
SHA256 79410d72cf9aa83d42fec8c1f0232093ad65d7d2c0ec5c40e73f29aebf1e2042
SHA512 9bf240903c7400b8856ad487f7e98754fd0bd52587f59c2414cbfbe96079d4d1f1fc1f1934cfc7b9bd9fc13023f12c415665a55dd714f5c35e718efe95422fbc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 78affa42165e7aa266abfc1c0e8e0da7
SHA1 fbc7fb8f23904bd1b57c17bc85479e67da50512b
SHA256 c818037ac4411d453568bfe29272219477b19f59cb0ff12d5329516fd41f2d44
SHA512 30ebcaff149f62768aa9eeb827264f439317cd083f72503ccb821d9664184afdf63d3f7f9f4371c70bf6aefa27c3f616538d774999067197e83b48f2bbd840ac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6212171e17b973d5bc2172981d4372b6
SHA1 f67ab9f2a2e8734cfd22a03d195d17e5e8d50af7
SHA256 fc7a4e3a6b878914def54a79ef6c35e0ae14fa57eef3e3122583828a4a57e13a
SHA512 05bcdff96b54603ca6276488bfa70f8a2f7deab46e0b4f75f8fcd0d920dd2e0a05e29790acf975d610b8b6ccdf3c08695991564f38658f5fc6ab5dbc3c8be6b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 464bacc2f7c905fd538475b9bd805b76
SHA1 7a5922ca090ccd24b2c24ee4d65e84df13694031
SHA256 c6d1aa858b0a5b739677d5f09081e880ed90e6fa459e3c2240d4d72f4a89378d
SHA512 9b3648751e393345330009d20c6dfd88aba59b3cdb2bb3b610d23a767b831349261b0779d94847107a99f1c0b0cb6a0f81ebabac23793bf9bb2bebf2a82fc556

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 0a1273a9b11ea6277f9853d733b56db1
SHA1 f3c7e073f3036348ff3cc93d32215b067f74e122
SHA256 c32ccfcadaeb38f8d71a99087718928c3ab61b88fe97616ad96162dc788062c6
SHA512 be6b158ea641c2cdeb932867321dc63ab259e07cc48c9b115f0662eade0962242da3af6fae7ab212eda105b92d946e17c84310bf745c4f3b41c047239a82bf0b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 236d62f4e52eb39940ce8c3a5ee65b22
SHA1 ee63ae38fdcb23ffeb33dcfb08ce5be8fe0500b7
SHA256 4e181e76f3196bb8884d8e2b7f7df1b8e2f3f2966fc252bd57c1c88616ba8964
SHA512 560d0cac06e98f6dc392888b62c4b1b12cb3b3ddc33430c170cf7d8afb335d29a640fed6df0730c13362e390355f8f69b2cd96f1ef76dd4ca8f54d5ef930684c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5ba03911315d11ec1ed7b66f6c72b7d5
SHA1 1f7fd15256a23e8381bd1048cff87804bc440c9b
SHA256 f6b5f8e262c5599ba055a549dda4f0f53be582fb30da0cf3cb666bed3a832762
SHA512 f12fd045dc88c888f1425d8dd20ca3bf3680eca9297002da634bd2c5c78074be4a20eb18cee2e526904ae612cac0b3506a32887fd9036f87267c511fea3f4217

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f84aa69b1c9c14a5d4ef1628edaa0bd5
SHA1 732bdc11ba76346285ada44912b1041d974162da
SHA256 bf13d5d625c1ce20c64cd0cb19019d34138fb9bd384c0af291d637800c578a06
SHA512 de23f1c7f8215f26e8238648bbeb162421447e008db247e5d4eea7dfc916892e9331fce3c1f164155835c99df9eef385ab494ad66310e24ae58dddd3dd377bc8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 03fd3751dd3f9e695a30289c88e1f937
SHA1 466c560828626c5c205a73dbffd4f4b8723fb804
SHA256 645118d7a9e724766a65a19f8790e8fd27ba7547240d0b9b60ffecce6ca52144
SHA512 97557499cc609a6b91ebae810abcea01f8944f11e2e4aef447b492e12324a51eb8d2cdfc18beb4cb054896c0a98de1401b114889f39ac604a83917df09e4ebc2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 061311e325723f13f684a0343bc31643
SHA1 84bef3153951ff71c41244cce81d420a94469c1d
SHA256 6a9e2a85e26b00a836ab1d163cf0229d06f0fd6567918567fa0327fc73b6119c
SHA512 2fbf6624eaeada364c13074471fc31e6e395bb11e7ca0366b3d4cff51ee007d62f8ae7f1f8af7751f45693e1317568be14f9d7fd32425a83fc6b9aab80297209

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ed204efed08d22cbf736bc9045e0cde4
SHA1 a91cb91bb3a054c54207518ba2b7a82d6a81eb5e
SHA256 1a1db2ad24a4d0126d1b4cb292bacf6792676637a2b934d36abcaca3ce25f3a3
SHA512 ceb2f12adcf05a1bbdb2718bb01b926a3a012d2561f177c9782db3c8732dc7648a5742068f703f0ad801032fce73c9f1d19d29105e2f91036c1f1635ca5f0759

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133700257115219088.txt

MD5 0e06d5819a681c539c50f7225643e940
SHA1 4323883e5a7558ed391f1b7b8bfc34f8759cd7d3
SHA256 ed303a75f94df268fca0ff75c3c618558d4f96d0fd80e73c008741dd82b12e3b
SHA512 ad7e676b60e9ec31a7b477cff0e57770d777ce0252b02b1c9408995fd51a1f9540eaa8fe714498dd6501d651bbd0eba324549b3a5b244895956fbff1f8f0febd

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\39UEEH1N\www.bing[1].xml

MD5 779582600b76f71eb8ec33f27ce322eb
SHA1 023d7bec4a2320e92caf0f3b41e0784dbb6492c4
SHA256 8174a5d0c9ba3b4c2ada9fbcee011745360472fe5b811b4365b3c62d5423e03e
SHA512 aa6f77f3de86bbe9999fd23b55b80580fe894e9d0f3617526960f1ef707989850c72394bb6686229ed2883f24f0b9d8e41c1fe9c275f34d51ba057e237b69129

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\39UEEH1N\www.bing[1].xml

MD5 c9a656ceeec21f118064dc67d2b34e9b
SHA1 143f468a5d9644c1908f7352440194437138e706
SHA256 e5f0fd338d5cdf42621991f04542b3c37df6d30d7f480d1a7494a672eef8cff5
SHA512 22e8361b6954365dec08d38633518206127d9e3478dd142857f2fb01ae46ac9fc1ee7042dc0030bec7096e11c243228b83ab3401750a1ce1dd8abeebb2f90c48

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\39UEEH1N\www.bing[1].xml

MD5 100fd92c217506b6ced00f56c54ada92
SHA1 4f169fb8e8750d697a2bcb51d0742a484a257631
SHA256 3f0bfa36f540cce7189014f6f14ee91ac8b7fe950449c7148c797bc1340746e2
SHA512 87d829e1479e8d39aa1235f71a8fb1540a9535230dfa8aca8dbea1d53bf1ac91af9c070f889b0e8d4e5e001d222763fd36ec5535842cde9b43a99f04a2d93695

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a2242130d7fb92eb258ebf5c4319bdd9
SHA1 c96aa404cf5d2c61527fe18d7d94eb99a9efc57c
SHA256 ae37a468accbbb69e26cb01e60830fea2b471382fa1c07920002a420545d5135
SHA512 4019f9f219cb69f44687a25cc71eb1bdef4c52593f9b7b3374ad29e35d61659f92b318e119105083611e826d68b60977e4a34e270b55ca4d010b4e2437e556f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 05208f694df582165deac1a0cd7bab97
SHA1 2ec8d9fd52f96db40c8e8d9532f66f63dc88a41e
SHA256 2a1f62981fc80b4cbb575044155b62980fad789c8f6085e07365fc1c9df4fd8b
SHA512 ac9880883465629c3b504bf4bd3211b9dcf45629915ee38b475b8a0978ee9c7c1483ed2fca01d28394f88a1f7afdd8bbc1e02e99595997191f5a3d5b853f4fb6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 99e6aa1a94e569251a7b621a0c6b6021
SHA1 faa9569eee4f58ba0e976b8cdb669695a7be67e0
SHA256 e3492121ce23b916e2019c2e8ce0b286912349e29beaa7ebc7a17a29853567d9
SHA512 d98ad93acbf0163b569cf41a5be48e23ba6e278c317845aa58012559c0194c70c3197136bff102b8bdb22d4347529d5d2dd0e4a25851fcfbf9a505b05ecf514c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e9f4ec6d137bd7e35b2ef4b1e92a75ea
SHA1 7c570bd98b4b11bba2b73c6bc3596e0a7626e21b
SHA256 92a0887c21f206a2ee4f4a1bb712e8bb8062baedbe79ee7cdf5cac787a4bb236
SHA512 8e9cd10c14b161872e1842a85260b825d92815923b7c3d975cd4b217f994cfd5b9b0a868df35d3dc930fca345307ef522dd6f040036568d819916446d41a6de3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7de243691e2895185f4863db7beb1a13
SHA1 4d3802d428e56d0d5c16da2c667c1c952e82ec8e
SHA256 fe9b25844f97956185884cbb5454beb11921ecd0321fe68d697a50599f6f206f
SHA512 76d493dd9dc2fdd5ee3a33e5804166e10dd073d478e7a5ee08d0c303e0389b40f97eafb9e98841d5b68cebd5ff038fcf367e66b969a3c3abbb3c3b171c2f5ec4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e20e00ba2d776895f9c8e88891e70997
SHA1 a8b65b852e5ab2253f10be3be1cc5a0d17b62505
SHA256 81773d5c5287b91fc3c466a1e3adb5bace5ffe5c2255071d46068f0cd3738a7e
SHA512 6721523b9add596c58e613b1334f248fc8af027458724c41ff9da93df5dd85bc271aca6e2821f86f39fdb5c682dd5f3acd45ef2ba377e23d90c1994c6a780160

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4fa49a123419ddf81d5ca180c3e87d58
SHA1 ede9f67d4bcb8f14a22278c818a66a37a23f8ccc
SHA256 a748e420723c8e4369d05ccb41dac5aa59fe67f0a85030fbcf43853f6624e9de
SHA512 1ff41d909de89bc3badafda313f5e72a2349cb2a80a2d459a18af7b3e0c85a19c39422cf4038069ee97b385b83e26e6784e1bacf5c177d650a99094c4a494b2a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 186a6a382ca55fd8656b1af35e728842
SHA1 85676b9ccda32c18422f1df663321b24b0b2e5bb
SHA256 ea59405e4d6e72a20f7ef5fa2ec1935b3558cd4f89cd37324d90c1b07cc70b02
SHA512 1e2d41754118bb79306cbe3b430d4a8a5e0d3807a1fea455fd690b7ce8422227f8be2e77dd69560dd57369589be1b2731d9b2d7686cc2c02b7ddd51a5c6ffaac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 662316cc660bb724a5dcf825b63cd69d
SHA1 a523e27e97f474eff2c22bf9d5b43a6b662faf85
SHA256 5f1a59bb77e866cc7c4dd9130303deae21fc5095b338a77fb3dacd67f7f7f909
SHA512 3f9a167436194360accf26ab878b65a72339cac9ccdb0d55ca32c3555a88df1fee4bb27e9132cd7c6b24591e09eb79b9fcd76e3688a6f9b045043a5fba239821

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d4f2ca39c1038e2e7f909da30ddff4f7
SHA1 445dc5c8534b7cba8ac74b12e19066d8daaa23d0
SHA256 b04f8d3efe275308678663d5e22c96823a384939a7db8719ded188fe3d23bc1a
SHA512 3caa13bc248d43049f3a3408cdfc1e47cab5e802cff480130696d14490a982c07d949b5279c7d2873bda97d3bebc6448e2d1fdc2101695a759d05dcc820816aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dd74df4b31f54fa0fe243ef74c9d468f
SHA1 f7f44a445e291b9a6b9325192bba98f4d85e8438
SHA256 db1baabcc54d54d0fd69026f3534151369b0c0bf9768363444da7d8e162a8823
SHA512 726e0f7690b50bfd187c85ea0d2042452c40cc5e2d0c49077f1ea90455e49da2ed4f8be98ea06ab2431b9fe99e93491160db137754091bea1c3123f7af3c3e25

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0e0f746cb0715ba4c693bf1531795609
SHA1 3840ba00f9dad0e32460d898cc3bc9eb19850b63
SHA256 ec3686df956b688b60a4b415c0464aeb486923cb3d72dce376b2200d17839fc0
SHA512 f8a04f522aeb769de1044408177ade16812b5ca314712481f99dafb1dfec3d1669e07951df6482fa0d3b01a93b5df9dfa0362ba20b08be00fc63c1dc435e73f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 54494a403a4a0fd02d3155cd2a165121
SHA1 9896b89eb3e4d3b2ee7de440068a6f0a9ca54b91
SHA256 1e4a9143ec86a2ef99e26c00802e0250f4aae97ba99e6f5a79a749b9733034e6
SHA512 455bb19003f076e7556f5fa922eef10eaf016eb013fd8ce4f086a5c4540695828897413fdb5853b701c48e2c251fee250d92212bcba34e8320c43eaa9305c220

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 04963d56268d2e4d8b18794feaf4e166
SHA1 09ef6c03e28c3dc7e2101ea8dce474810462e638
SHA256 2d31cc9670bd754017492b92bd0ecf36090e9462b747fd450c4812d953057135
SHA512 4f631cb4f12d0c8b8a1304b4558d5f3345cd23082c2809e8fdd5b5927b4c746de3d7b350ecc347149a76c4bc9910905f359693902fad05786a6b57393a595c0e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d0f6ff666379d8df22f62212a3f52e70
SHA1 f7dff95dc7f35c21b62abce25a4cd90894dbfbfa
SHA256 f86ccfc41bc3c6460b9735cc44d37f57f036216693d1da18d7982895efee04ee
SHA512 9cd063a189b7fae84af99d72cd4451f11d0cc9d98fe6241307669bcf0f5b92fa5d04f73db8c75ace5aa6f561335371d3e1c0321c64aa2ae19e09f3b27fa0c0f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 874b3c8af95fddbb19a21a854cdc52c9
SHA1 f26215d652e5ecf59d2b4469c0f0a8e2fe464db9
SHA256 531a19a146280ed4a2b37653b94b55275c40298e1f7870d0309f7eedcf646bb0
SHA512 010a3c9a3fa6881638e0565c3d9d0e66303c4b40e843c5e952161f5c01b429aebc88eab96fa75b6e89dc67083680f7919c84e83ba65d0ef99c7ec375e64e9251

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\671072bb14f42884_0

MD5 2080fde016654494f1559a7feebf3763
SHA1 e075194624b4e9b5a38330fd57eea0211918c77a
SHA256 ad57f015523c11c6ee0445baa3c441b4684486cc9f288ac9ee22c2c5edccdf16
SHA512 39db061c7218b81dea65d5554ffc3f5a9eec209934d9c2e60e2b832f1e3a0b8c6ab27f4f0c8c6113ad94dcbc7bce6354b4e4e74a7e31d19a5c8fd72e4d5a74a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cf9d5101e93bbbea_0

MD5 730755b8e84f4904b1ffa1ddb710d4f5
SHA1 91ba489e590227f8baf4d9f314a88b99c421c1e0
SHA256 611ba4d72eccbb4a5a01e4a2c397930a3cab79840636a22c0022cf53fe9948e8
SHA512 d13768799c9e36982511c64dcc2b5fd3d1bcf30eba8f192eb8db6feddf686b0850f7ebec4f241cab274864fddc93b9373b1bdc51fecedc2cb467ddc0cf634b9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d90a110bf0a9d60c81b9c3b3cee1c4a7
SHA1 911bfa654ec6df5649ff547a6caed5f7f9352a3e
SHA256 387cf5d1ae7e80ed77f9a9fb22a3680a0180edf289691838d9db1a76cadc1f7a
SHA512 2d4418ff89b97d3a0aebda3e962676216180779a3b224bd91c03086f2c67de0c6a6db4ef35d94d0581a4bd10f1fc02a76b36e735509da8c733f0abc072f67dac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c4973632233267d4df798d948082329b
SHA1 0df2d306a535e617a852b46dca5d9c7b1e1e0193
SHA256 b8459b514bb82792a364ffb10a8456adf0e9dd9ba0097ac28c40398dc893a4b7
SHA512 e167a28904994e7bf357df7cd11f8ab4ef6a900e9afcda97b250b8f5d17621d1cf55b3cacd854e324cceb1fa0d72798de5ec397ee7a7c37ad18a69cf39750944

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5ce13aa52331b244ff7e96c128ac7304
SHA1 d22a5227d79ae25cc63b264e2fcf76ff19b1347b
SHA256 4816e0b855422e4fbdd60cfa56dabc123f448a6c8d0937d5f74ceb3ee3bb6020
SHA512 7e5bb87117409d4755bc513d8f95b8515ce72d0bce18d629faeaff65e74c01a8a29eba04bca0f3fc991addde02833c12eacdf7df87812af3cb1e7fa25c882d0b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 d7f4aa4051d228cf8b60525081c91685
SHA1 2b7169bf59c6e19d7b726c8c061399cdadbcc899
SHA256 33b5f15ff18b6dc7cf361112d14403f6c2441d5d91222981275f88997d05b01a
SHA512 c8c636e95dbb9adeb89cbf4eb39d49d52910ed60f5d4a586ff3a0096be965f6ae7c2de5e9063b7685305c9c3698517457fb5b6ab0571892570334df26974c71d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e5c26926a4823e1d4e36d391d08911b2
SHA1 87f4675bd599484c47b0a725dd7c38bdfc10f88c
SHA256 610bb32eec469e249c6852785b353f2a4c61d44b6652b6bee08bb6644470989b
SHA512 6e9b3711460dd11ecc5b72e80f0c5ce773e28a82482cca446e4e408a3a62c7cc079f09e40737ba9cd571dfec757de5e2d84982753af297fad9c70000e689f301

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 eabf916abbaf5373bca47391c71b245f
SHA1 fb1950bb8c394e61abcf86b84e3edb1e32e918d1
SHA256 9cbce400d454772a53244742417a4e6b0bd766558a47887bc70009c1a42f7a5b
SHA512 d642e233aa4b742747f28577018e62e5d2653984372484cb6243487364dc4970b868a759fc25e8de8664cf1b3078ff7804c8a253084d89c7e3a28300ebe0da85

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f2f899522794e15fcd2efda79eb7324d
SHA1 1075ebcc75e9b2f6b914fe7fb66748c33af5110b
SHA256 b8dc2c9994d9e05aa9ac5c2726fb1eed0a66e7c552ed2dde4f046bf6dcb25ba7
SHA512 2028d54c5ee7d6e02c90f9f564b55649a4e3c93caee88420a0d27db5ecd0654da214ab1a03f99585e7ca7499bff0c3f0334a5d63376fc70595bb4c61fdbaf77f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000fd

MD5 89a574ff00e6b0ec61d995d059ce6e65
SHA1 aea09e96808ab77165ffa712eaa58b8f056d0bb6
SHA256 e5c29c139842fd487473d0824f2c01b374680fb35d22fa929686d17896602a44
SHA512 30d0d40bd680e61968273155b740901cdfa66670fc2af6f23e44c6b998b67cc1fcd0b51bd5f9470f209f188e75d071355e592b2a7c97f4bfd15d07d455e0909d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000117

MD5 9c6b5ce6b3452e98573e6409c34dd73c
SHA1 de607fadef62e36945a409a838eb8fc36d819b42
SHA256 cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
SHA512 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000fb

MD5 a2eaf012b39e663d78796aabdc2746c1
SHA1 05dd766bd1f4f0d94be217131735301b4a138d9b
SHA256 0d070a9b85b46309f2686e6a0882c4dac07fb6848a22bb7985b2d3fad2ee0c64
SHA512 eaa0cffd4ce4b9213d31a883b821da3d2ab1cba62ef280ff843e20e11e6e36bc9713d783b5c39a9d5a79b28289674037b6bf3e196a611122255893052ca7c532

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a4f73d1efe47154d9012c74d8cde0328
SHA1 1b97648b64e81e20add5b857ec3d380060ab8fcc
SHA256 7e80dd1a03495c750468da81d7818f6d41d1f06c3e1610b52300b20894043874
SHA512 d92afdd5b4c41608374744f2a18a24e7c7325f92fff9f5f7206dee9826f9f62c88e6dc2e11c6cce055b3c341800df1484a469916afd52e1e42138e729c0057df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 13a8f05a821db794756e758ac329ab60
SHA1 38cdb3d1252dbba0278bebe1d36ad94db48b0136
SHA256 97371acdb0b7f8d2e6b2cb2917489d77b749eb73ce72e80d2dbe78f19028201d
SHA512 e0f2bac01da285baae3c1b4fd7e99743476d79a9b2a00202eb6c33cfde7a04dd8c9e0541e09663d202c5057d46f9b3ce06482a63025c192dca132a14b0483e3a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 877aa0edc772c9fc08cd82e2e1b431ef
SHA1 ec0a4ead0418528e5f72b4cfac09eb64118c0d2a
SHA256 81aacf2da8c730f531d514ac0b23d8573065b1ccb89113d01b935dfc0fe9743f
SHA512 29e6ec140ddadfbf10a11a9f03b1734d00c6e064a708fd9e693c970fa5a32c4a3525d00b75426685d59e042470de16b65b469b4248396bf1b59ce7fbc3e893f6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f9

MD5 1b7a1106928de8845e505b29bfe1aaa7
SHA1 aa00bab9f753bb9f4d39c61e531b020e42c4362c
SHA256 2a491a7dc7f16c0371e3df60d39758e4eeebe26e1b250c5b9ba393207d61f9e9
SHA512 6d25ace23d2ad63f8e9933ca632471045b76f58e674f224a4a0f0848e3b5585008375a4f8c93aee6c3822fd004e32e5d5085c7bc31c4ea847553440370f59277

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f7520019489f7e6e337a8fd859cb5d76
SHA1 c63518ffba54e1f7de3a5d68a012f2ace2577b4e
SHA256 45c1019b6e6bafc1e6729039fdb16677dde641cec1d64eb1dc9f42a028bc46ee
SHA512 b1cfd904065b2a003f501f16986afab58bfa8a8a29120aa8cb74aa7bb7f5d76a4f1f86b68dfd1551cb53002effdd6c91a30947e65f43308811164cba4711be11