Analysis Overview
Threat Level: Known bad
The file https://file.io/6sMcezuQw9Mp was found to be: Known bad.
Malicious Activity Summary
Discord RAT
Executes dropped EXE
Browser Information Discovery
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Modifies registry class
NTFS ADS
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-09-11 17:30
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-09-11 17:30
Reported
2024-09-11 17:35
Platform
win10v2004-20240802-en
Max time kernel
285s
Max time network
298s
Command Line
Signatures
Discord RAT
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\BootstrapperV1.18.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\BootstrapperV1.18.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\BootstrapperV1.18.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\BootstrapperV1.18.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 174908.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\BootstrapperV1.18.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\BootstrapperV1.18.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\BootstrapperV1.18.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\BootstrapperV1.18.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://file.io/6sMcezuQw9Mp
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbdffd46f8,0x7ffbdffd4708,0x7ffbdffd4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2844 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3188 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4948 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4948 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5568 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=8108 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8444 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8456 /prefetch:8
C:\Users\Admin\Downloads\BootstrapperV1.18.exe
"C:\Users\Admin\Downloads\BootstrapperV1.18.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1988 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\BootstrapperV1.18.exe
"C:\Users\Admin\Downloads\BootstrapperV1.18.exe"
C:\Users\Admin\Downloads\BootstrapperV1.18.exe
"C:\Users\Admin\Downloads\BootstrapperV1.18.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,2931027461570173477,1456206997487966459,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4836 /prefetch:2
C:\Users\Admin\Downloads\BootstrapperV1.18.exe
"C:\Users\Admin\Downloads\BootstrapperV1.18.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | file.io | udp |
| US | 45.55.107.24:443 | file.io | tcp |
| US | 45.55.107.24:443 | file.io | tcp |
| US | 8.8.8.8:53 | 24.107.55.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | www.file.io | udp |
| FR | 3.165.113.34:443 | www.file.io | tcp |
| US | 8.8.8.8:53 | 34.113.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.201.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | hb.vntsm.com | udp |
| GB | 79.127.237.132:443 | hb.vntsm.com | tcp |
| US | 8.8.8.8:53 | 132.237.127.79.in-addr.arpa | udp |
| GB | 79.127.237.132:443 | hb.vntsm.com | tcp |
| US | 8.8.8.8:53 | hb.vntsm.io | udp |
| US | 8.8.8.8:53 | hb-vntsm-com.global.ssl.fastly.net | udp |
| US | 151.101.65.194:443 | hb-vntsm-com.global.ssl.fastly.net | tcp |
| US | 172.67.36.131:443 | hb.vntsm.io | tcp |
| US | 8.8.8.8:53 | 232.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.36.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 45.55.107.24:443 | file.io | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 45.55.107.24:443 | file.io | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| GB | 216.58.201.99:443 | www.google.co.uk | tcp |
| BE | 74.125.71.155:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.71.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cdn.exelator.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 70.2.26.104.in-addr.arpa | udp |
| FR | 13.249.9.13:443 | cdn.exelator.com | tcp |
| FR | 18.245.194.122:443 | c.amazon-adsystem.com | tcp |
| GB | 142.250.187.226:443 | securepubads.g.doubleclick.net | tcp |
| FR | 18.245.194.122:443 | c.amazon-adsystem.com | tcp |
| FR | 13.249.9.13:443 | cdn.exelator.com | tcp |
| GB | 142.250.187.226:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| FR | 3.164.163.90:80 | crt.rootg2.amazontrust.com | tcp |
| GB | 142.250.187.226:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| FR | 52.84.174.75:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| NL | 23.218.48.210:443 | secure.cdn.fastclick.net | tcp |
| NL | 23.218.48.210:443 | secure.cdn.fastclick.net | tcp |
| US | 8.8.8.8:53 | mydmp.exelator.com | udp |
| US | 104.22.52.173:443 | cdn.hadronid.net | tcp |
| IE | 34.254.143.3:443 | mydmp.exelator.com | tcp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.194.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.9.249.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.163.164.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.174.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 104.22.4.69:443 | id.hadron.ad.gt | tcp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | onsite-tag-logs.apps.nielsen.com | udp |
| US | 8.8.8.8:53 | load77.exelator.com | udp |
| US | 18.204.36.31:443 | onsite-tag-logs.apps.nielsen.com | tcp |
| GB | 84.17.50.9:443 | load77.exelator.com | tcp |
| US | 8.8.8.8:53 | proc.ad.cpe.dotomi.com | udp |
| NL | 64.158.223.146:443 | proc.ad.cpe.dotomi.com | tcp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 172.67.23.234:443 | a.ad.gt | tcp |
| US | 8.8.8.8:53 | 210.48.218.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.4.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.143.254.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.50.17.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.36.204.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.223.158.64.in-addr.arpa | udp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.117:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| GB | 142.250.200.1:443 | lh3.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 234.23.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 104.18.22.145:443 | cadmus.script.ac | tcp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 34.95.69.49:443 | i.clean.gg | tcp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | track.venatusmedia.com | udp |
| US | 8.8.8.8:53 | cdn.edkt.io | udp |
| US | 34.120.111.33:443 | cdn.edkt.io | tcp |
| FR | 18.245.199.156:443 | aax.amazon-adsystem.com | tcp |
| IE | 34.249.103.252:443 | track.venatusmedia.com | tcp |
| US | 34.95.69.49:443 | i.clean.gg | udp |
| US | 8.8.8.8:53 | 1.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.69.95.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.22.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.199.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.111.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.103.249.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | api.edkt.io | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | elb.the-ozone-project.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | apex.go.sonobi.com | udp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| NL | 185.89.210.180:443 | ib.adnxs.com | tcp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| DE | 18.199.220.232:443 | btlr.sharethrough.com | tcp |
| DE | 18.199.220.232:443 | btlr.sharethrough.com | tcp |
| DE | 18.199.220.232:443 | btlr.sharethrough.com | tcp |
| DE | 18.199.220.232:443 | btlr.sharethrough.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| FR | 5.196.111.64:443 | prg.smartadserver.com | tcp |
| FR | 5.196.111.64:443 | prg.smartadserver.com | tcp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| US | 34.120.111.33:443 | api.edkt.io | tcp |
| FR | 18.155.129.39:443 | tags.crwdcntrl.net | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| FR | 163.5.194.31:443 | prebid.a-mo.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| US | 172.64.153.66:443 | elb.the-ozone-project.com | tcp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| US | 34.120.111.33:443 | api.edkt.io | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| IE | 34.255.251.67:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.35.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.8.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.111.196.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.129.155.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.153.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.220.199.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.168.78.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.251.255.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4d0e05ee03e3b27992712f97feec369a.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tg1.aniview.com | udp |
| GB | 142.250.178.1:443 | 4d0e05ee03e3b27992712f97feec369a.safeframe.googlesyndication.com | tcp |
| GB | 142.250.178.1:443 | 4d0e05ee03e3b27992712f97feec369a.safeframe.googlesyndication.com | tcp |
| NL | 23.51.73.55:443 | tg1.aniview.com | tcp |
| NL | 23.51.73.55:443 | tg1.aniview.com | tcp |
| US | 8.8.8.8:53 | cdn1.vntsm.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| FR | 185.93.2.246:443 | cdn1.vntsm.com | tcp |
| US | 8.8.8.8:53 | feed.avplayer.com | udp |
| US | 8.8.8.8:53 | player.avplayer.com | udp |
| US | 8.8.8.8:53 | track4.aniview.com | udp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 172.240.45.75:443 | track4.aniview.com | tcp |
| GB | 88.221.134.51:443 | player.avplayer.com | tcp |
| US | 34.120.111.33:443 | api.edkt.io | udp |
| GB | 95.101.143.233:443 | feed.avplayer.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.73.51.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.2.93.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 172.240.45.75:443 | track4.aniview.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| NL | 185.235.87.210:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.213:443 | gem.gbc.criteo.com | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| NL | 185.235.87.213:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.210:443 | gem.gbc.criteo.com | tcp |
| GB | 88.221.134.51:443 | player.avplayer.com | tcp |
| US | 8.8.8.8:53 | 4.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.87.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.87.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | play.aniview.com | udp |
| US | 8.8.8.8:53 | content1.avplayer.com | udp |
| NL | 23.51.73.55:443 | play.aniview.com | tcp |
| GB | 88.221.134.51:443 | content1.avplayer.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | tcp |
| DE | 162.19.138.117:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| DE | 91.228.74.166:443 | cms.quantserve.com | tcp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 151.101.65.108:443 | acdn.adnxs.com | tcp |
| US | 54.146.100.139:443 | sync.srv.stackadapt.com | tcp |
| US | 80.77.87.161:443 | cs.admanmedia.com | tcp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| US | 151.101.65.108:443 | acdn.adnxs.com | tcp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| US | 80.77.87.161:443 | cs.admanmedia.com | tcp |
| US | 54.146.100.139:443 | sync.srv.stackadapt.com | tcp |
| DE | 91.228.74.166:443 | cms.quantserve.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 216.200.232.249:443 | sync.mathtag.com | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| GB | 23.194.15.107:443 | secure-assets.rubiconproject.com | tcp |
| GB | 88.221.134.51:443 | content1.avplayer.com | udp |
| US | 35.172.11.223:443 | cs-server-s2s.yellowblue.io | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| FR | 149.202.238.100:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 104.17.43.93:443 | gum.aidemsrv.com | tcp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | a.sportradarserving.com | udp |
| US | 67.202.105.24:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 8.8.8.8:53 | sync.go.sonobi.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| NL | 35.214.174.141:443 | a.sportradarserving.com | tcp |
| DE | 18.184.119.72:443 | match.sharethrough.com | tcp |
| IE | 52.212.67.126:443 | match.prod.bidr.io | tcp |
| US | 69.166.1.35:443 | sync.go.sonobi.com | tcp |
| GB | 142.250.178.2:443 | cm.g.doubleclick.net | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 18.213.23.44:443 | api-2-0.spot.im | tcp |
| DE | 138.201.8.249:443 | sync.richaudience.com | tcp |
| US | 70.42.32.159:443 | b1sync.zemanta.com | tcp |
| US | 70.42.32.159:443 | b1sync.zemanta.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| DE | 138.201.8.249:443 | sync.richaudience.com | tcp |
| US | 18.213.23.44:443 | api-2-0.spot.im | tcp |
| US | 70.42.32.159:443 | b1sync.zemanta.com | tcp |
| US | 69.166.1.35:443 | sync.go.sonobi.com | tcp |
| US | 69.166.1.35:443 | sync.go.sonobi.com | tcp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 55.133.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.131.71.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.108.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.136.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.100.146.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.15.194.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.232.200.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.238.202.149.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.43.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.67.212.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.174.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.119.184.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 69.166.1.35:443 | sync.go.sonobi.com | tcp |
| GB | 142.250.178.2:443 | cm.g.doubleclick.net | udp |
| NL | 35.214.174.141:443 | a.sportradarserving.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 8.8.8.8:53 | tracker.open-adsyield.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 172.111.38.111:443 | tracker.open-adsyield.com | tcp |
| IE | 18.203.51.229:443 | jadserve.postrelease.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| FR | 178.32.197.56:443 | rtb-csync.smartadserver.com | tcp |
| US | 192.132.33.67:443 | bttrack.com | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 80.77.87.161:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| DE | 51.89.9.251:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| FR | 178.32.197.56:443 | rtb-csync.smartadserver.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| FR | 154.54.250.81:443 | ads.stickyadstv.com | tcp |
| NL | 89.149.193.85:443 | ssbsync-global.smartadserver.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| US | 8.8.8.8:53 | 251.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.32.42.70.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.23.213.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.51.203.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.38.111.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.197.32.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.250.54.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.193.149.89.in-addr.arpa | udp |
| FR | 178.32.197.56:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| IE | 52.214.193.39:443 | ap.lijit.com | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| IE | 52.214.193.39:443 | ap.lijit.com | tcp |
| US | 52.46.155.104:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.193.214.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.155.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | track1.avplayer.com | udp |
| US | 172.240.45.76:443 | track1.avplayer.com | tcp |
| US | 8.8.8.8:53 | 76.45.240.172.in-addr.arpa | udp |
| DE | 18.184.119.72:443 | match.sharethrough.com | tcp |
| DE | 18.184.119.72:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gateway.discord.gg | udp |
| US | 162.159.133.234:443 | gateway.discord.gg | tcp |
| US | 8.8.8.8:53 | 234.133.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| FR | 5.196.111.72:443 | rtb-csync.smartadserver.com | tcp |
| FR | 5.196.111.72:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 72.111.196.5.in-addr.arpa | udp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| FR | 5.196.111.64:443 | prg.smartadserver.com | tcp |
| NL | 185.89.210.180:443 | secure.adnxs.com | tcp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| FR | 5.196.111.64:443 | prg.smartadserver.com | tcp |
| NL | 185.89.210.180:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 52.94.223.167:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 142.250.187.226:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 167.223.94.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ib.3lift.com | udp |
| FR | 3.165.136.3:443 | ib.3lift.com | tcp |
| US | 8.8.8.8:53 | ads.eu.criteo.com | udp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | widget.nl3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | cat.nl3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | 17.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.136.165.3.in-addr.arpa | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.9:443 | widget.nl3.eu.criteo.com | tcp |
| NL | 178.250.1.6:443 | cat.nl3.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | csm.eu.criteo.net | udp |
| US | 8.8.8.8:53 | imageproxy.eu.criteo.net | udp |
| NL | 178.250.1.25:443 | csm.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | 15.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| US | 162.159.133.234:443 | gateway.discord.gg | tcp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.36.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gateway.discord.gg | udp |
| US | 162.159.134.234:443 | gateway.discord.gg | tcp |
| US | 8.8.8.8:53 | 234.134.159.162.in-addr.arpa | udp |
| US | 162.159.134.234:443 | gateway.discord.gg | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 983cbc1f706a155d63496ebc4d66515e |
| SHA1 | 223d0071718b80cad9239e58c5e8e64df6e2a2fe |
| SHA256 | cc34b8f8e3f4bfe4c9a227d88f56ea2dd276ca3ac81df622ff5e9a8ec46b951c |
| SHA512 | d9cf2ca46d9379902730c81e615a3eb694873ffd535c6bb3ded2dc97cdbbfb71051ab11a07754ed6f610f04285605b702b5a48a6cfda3ee3287230c41c9c45cd |
\??\pipe\LOCAL\crashpad_4144_LVMLVLFQOTPRFIMH
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 111c361619c017b5d09a13a56938bd54 |
| SHA1 | e02b363a8ceb95751623f25025a9299a2c931e07 |
| SHA256 | d7be4042a1e3511b0dbf0ab5c493245e4ac314440a4ae0732813db01a21ef8bc |
| SHA512 | fc16a4ad0b56899b82d05114d7b0ca8ee610cdba6ff0b6a67dea44faf17b3105109335359b78c0a59c9011a13152744a7f5d4f6a5b66ea519df750ef03f622b2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ea2fbca2089c57d88f13e753d4de702d |
| SHA1 | ad77d1129f0739e3d9fdbc59a84c70d439f729a2 |
| SHA256 | 143fda9c3bf3383d5ac9f57c1c4fe61ea1f7c4dd03e4ed4973d9307fd4478501 |
| SHA512 | 720a16bfbaef1d35ee1a82dce33ff8ec52d3758db9391c7128ffa715b5915ec79f98a5b2ae2661c10bd345883dbb9cce642c3e27b8824faccab9794970ccdb52 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | deede2d632369d5c0f95fded90906268 |
| SHA1 | 63512bb1de4bf199c94eb66bbb504f8621814d79 |
| SHA256 | 05b05077218b3fb6594f5b9de1b312ed8611620d20acc102e0e9b74c918f7c87 |
| SHA512 | 68ba89e0b8e7b043ca28f6cb8554042700e159f5013e4f4bb57eac743bde307cb4698e795f8dd7a9d8a9c9e51160e2b5afdf58754cf446fd7b28a70e4af8646e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6e2872c6d86d28bd31b716c58b5d1e75 |
| SHA1 | a032e602de88de920d80deeebd4a6a9ce6af12f7 |
| SHA256 | 287b9537d99a4950a0b61e6808029a6e93aa76634cc11d1c8a13c69b5ef998c4 |
| SHA512 | 801d0b9084def580feff838611a26ab7f584b96362a409f00e7b5b63e53d20267de2ebd21d8b64646c8e524efb2566ec7bb8b636fb3beacdde7be3d4ca9bc33a |
C:\Users\Admin\Downloads\Unconfirmed 174908.crdownload
| MD5 | f1f47d4cd19d07ac078ed5f9a51ff46e |
| SHA1 | 8594a3d64885e3544434abebb2a3c199130a332b |
| SHA256 | 0279834e3a8560616fa6078c8691b970c3f7fada6db8878b9d62a2570b723fd1 |
| SHA512 | 50580ee4dbb17141542c54baaf876e4c4a5648bef699a1bd170389589bf6542ab8c19b7a4168c710dbad72799783d2391bda39e702fb15debc5fde8fef84899f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 434ede79176d2f7fc89dfebc4ba2568d |
| SHA1 | ea10d98e8d7dcef39ec9d354591cd4d35b957e0e |
| SHA256 | 3172f14437c146fa750b6a671b8bf14c0bab032daf5e9c6025daf2b5fa7f58b0 |
| SHA512 | 128b13b0ea15f04a1943f87ba2885359967d3baab34984e77d5654958364129a1c28bff337c0b521b29fff5b9d70d0f546f4dd4b898400d796a57c6d20eae101 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57d4b5.TMP
| MD5 | da5a613dfd120307f27b073df4132fb1 |
| SHA1 | 95a830ddab5e66ec48093035431bd0bf4b9ef61f |
| SHA256 | d7f1199c201d7e76c52e27d5c771cd8d48dbcabcae70d9fc74921e0dee7cda4d |
| SHA512 | c55cbefa126b9fb2b739bae64979c65983889a34f3354b86110344639e5c30f7adbc71eaea8e39de70112dde616b636dcef96539cbe71a0fd1c9eb69bec08c85 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fc6c744fb8f6919f317833c43dae32e1 |
| SHA1 | 3b1393ecebdae2940f9a7a0aead4189b6804f560 |
| SHA256 | 24ac5865f8b390813f9faeb8ba1717a2e5fd959e6b8bd8b71a079a72469a5b7b |
| SHA512 | 271f64fd02ce67b76b47951aec47a5802bd6f1a611d2ef0d9af6b182613ef8d7fad6929dceed5893e68afecd2fb03926c6539c962a1f0dc804d015f53890ab21 |
memory/4864-274-0x00000286E88E0000-0x00000286E88F8000-memory.dmp
memory/4864-275-0x00000286EAF90000-0x00000286EB152000-memory.dmp
memory/4864-276-0x00000286EB870000-0x00000286EBD98000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\db8d6e49-9774-4e33-abd9-df6da65851dd.tmp
| MD5 | c9e1854bfa042efb02859056afb11eaa |
| SHA1 | 814883133864b3df5242f802d389007856696817 |
| SHA256 | 4ffa904b4bf3118fdfd9e6283b348b51de53ec9b933c917350f57dabbf51b045 |
| SHA512 | f1dca8f21edb8caf6f2a90e73b39a7daad3a78c82f59faf05dfeaf11ff56347ec33198b0f298786f180ff67f88be9e4d70739d5b835e93db1f553aa2a9b0b8b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 873c184150306bb823642e10ce2cc69f |
| SHA1 | 1edf229a8e1b5f89cda8b1fea730a039e99b8c82 |
| SHA256 | 4d2b7ff4afe33f91d9570896d9e0e8079955ff19ad7a36d30bde94378baeab04 |
| SHA512 | 04d56cff37239c10914d8755f60017bfc16eec21a48923544908d19c5d0fca59278005247b0bede93561fb28b2e7724d41ed03724aaf217ee9c62873be7fd3e4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3b2108d713d99763e17b5549ab7db2ed |
| SHA1 | 41bcf126932dc5f1597e0a1e58cbd039691435e0 |
| SHA256 | 76538a65b16fb040020f3d57a1f56b4928be35967d41f3dfc92ef77f49b8a2c5 |
| SHA512 | 9ca4619867a94a25fa19ab72831823f31e58a05fe9fa08d8f61a9f44e2e959aa291126706dd17476f9f35913fa058621d2740112ffd809a32778082e6fac68a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1de692c0829263edb82e479c5793f6c3 |
| SHA1 | f25bab2b366a37239bc4d9502a6d94a67b6d086b |
| SHA256 | 7e17d8187186af8e2152f6251f0400666494ae118bfbc6e2b2203f81c96b908c |
| SHA512 | eae02a7885271e3a172664ee4bd6be2f28c3bc549cea11b76a1f160817bb0895e90421516b2d5866d990b097a63238d078c7e8cf2ce35158597d564c0d8ab43d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 485ba57ff3002dd28a70081ba60f81ae |
| SHA1 | 022293ebde7165d9a28e41abb40635bea6622dd3 |
| SHA256 | 7717f9ff2062f0eb5fb30ae127fa8016d1175f567ee18d70b8c1a3ec4dcbf014 |
| SHA512 | b7b87f87de0b0a18cab98f5a3b35c1122e69d52b85d540fca4c67da2e48e23166b7168f458b1478337a0524a46c45b635df98343c9169b44366651f3ead3ade1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | cdaf8768444df47cecfdf8c0d364b47c |
| SHA1 | d06f01d83816f015b860beea785f0010a64c56d9 |
| SHA256 | c2da63c7c792c29a1574b633546945455c17d8959014bfbc321f4093e918b73e |
| SHA512 | cd5bb84900d305b9403a8821ee8023e18d1e633e34ccfc13345a6339f59e41fbe36e15a83d1029b24c42bc461e3c6f81e4e50da8a8786c0a795a6db5050c2e41 |