Analysis Overview
Threat Level: Known bad
The file http://fortnite hacks was found to be: Known bad.
Malicious Activity Summary
RedLine
RedLine payload
Credentials from Password Stores: Credentials from Web Browsers
Loads dropped DLL
Accesses cryptocurrency files/wallets, possible credential harvesting
Suspicious use of SetThreadContext
System Location Discovery: System Language Discovery
Browser Information Discovery
Suspicious use of FindShellTrayWindow
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies registry class
Opens file in notepad (likely ransom note)
Suspicious use of SendNotifyMessage
Suspicious use of AdjustPrivilegeToken
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-09-18 07:25
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-09-18 07:25
Reported
2024-09-18 07:29
Platform
win10v2004-20240802-en
Max time kernel
233s
Max time network
240s
Command Line
Signatures
RedLine
RedLine payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Credentials from Password Stores: Credentials from Web Browsers
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\AvalonAtomic\sloppyCatsV1.exe | N/A |
Accesses cryptocurrency files/wallets, possible credential harvesting
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 5932 set thread context of 2032 | N/A | C:\Users\Admin\Downloads\AvalonAtomic\sloppyCatsV1.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Browser Information Discovery
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\AvalonAtomic\sloppyCatsV1.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://fortnite hacks
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff91f3746f8,0x7ff91f374708,0x7ff91f374718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2088 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2404 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2852 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4028 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5348 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5348 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4860 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4144 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3372 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2f8 0x4fc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5712 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6176 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7964 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7744 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=7296 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7836 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6692 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2068,19203780435485552,13230500986260854095,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6428 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\PASS.txt
C:\Users\Admin\Downloads\AvalonAtomic\sloppyCatsV1.exe
"C:\Users\Admin\Downloads\AvalonAtomic\sloppyCatsV1.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
C:\Users\Admin\Downloads\AvalonAtomic\sloppyCatsV2.exe
"C:\Users\Admin\Downloads\AvalonAtomic\sloppyCatsV2.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| GB | 88.221.135.27:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 27.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.187.206:80 | www.youtube.com | tcp |
| GB | 142.250.187.206:80 | www.youtube.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.179.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| BE | 74.125.133.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| BE | 74.125.133.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.133.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 100.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| GB | 142.250.187.238:443 | consent.youtube.com | tcp |
| GB | 142.250.179.246:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | rr4---sn-q4fl6nsy.googlevideo.com | udp |
| US | 172.217.131.233:443 | rr4---sn-q4fl6nsy.googlevideo.com | tcp |
| US | 172.217.131.233:443 | rr4---sn-q4fl6nsy.googlevideo.com | tcp |
| US | 172.217.131.233:443 | rr4---sn-q4fl6nsy.googlevideo.com | tcp |
| US | 172.217.131.233:443 | rr4---sn-q4fl6nsy.googlevideo.com | tcp |
| US | 8.8.8.8:53 | 233.131.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| US | 172.217.131.233:443 | rr4---sn-q4fl6nsy.googlevideo.com | tcp |
| US | 172.217.131.233:443 | rr4---sn-q4fl6nsy.googlevideo.com | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.187.230:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 230.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | suggestqueries-clients6.youtube.com | udp |
| GB | 142.250.187.206:443 | suggestqueries-clients6.youtube.com | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.187.238:443 | youtube.com | tcp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| GB | 216.58.212.193:443 | lh3.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 193.212.58.216.in-addr.arpa | udp |
| GB | 216.58.212.193:443 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 216.58.204.65:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | 65.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| GB | 216.58.204.65:443 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | lh4.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| GB | 216.58.212.193:443 | lh4.googleusercontent.com | udp |
| US | 8.8.8.8:53 | rr4---sn-5hne6nz6.googlevideo.com | udp |
| NL | 74.125.100.201:443 | rr4---sn-5hne6nz6.googlevideo.com | tcp |
| NL | 74.125.100.201:443 | rr4---sn-5hne6nz6.googlevideo.com | udp |
| US | 8.8.8.8:53 | 201.100.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.17.150.117:443 | www.mediafire.com | tcp |
| US | 104.17.150.117:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | 117.150.17.104.in-addr.arpa | udp |
| GB | 18.154.84.84:443 | cdn.amplitude.com | tcp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| GB | 157.240.221.16:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| GB | 142.250.200.14:443 | translate.google.com | tcp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 52.88.38.117:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | 8.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.84.154.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.221.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| GB | 216.58.204.74:443 | translate.googleapis.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 142.250.179.227:443 | www.google.co.uk | tcp |
| BE | 74.125.71.157:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 117.38.88.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.71.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 35.221.240.157.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 216.58.204.74:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 172.67.199.186:443 | the.gatekeeperconsent.com | tcp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 104.21.63.106:443 | www.ezojs.com | tcp |
| GB | 142.250.200.14:443 | translate.google.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | 216.75.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.199.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.63.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 104.16.53.110:443 | cdn.otnolatrnup.com | tcp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| US | 8.8.8.8:53 | www.mediafiredls.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| US | 104.26.2.173:443 | www.mediafiredls.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| US | 172.67.142.121:443 | bshr.ezodn.com | tcp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| GB | 18.245.143.100:443 | tags.crwdcntrl.net | tcp |
| IE | 52.209.163.141:443 | ad.crwdcntrl.net | tcp |
| IE | 54.229.75.199:443 | ad.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| GB | 143.204.68.51:80 | crt.rootg2.amazontrust.com | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 143.204.68.51:80 | crt.rootg2.amazontrust.com | tcp |
| GB | 143.204.68.51:80 | crt.rootg2.amazontrust.com | tcp |
| US | 8.8.8.8:53 | 223.187.37.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.53.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.87.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.142.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.143.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.163.209.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 199.75.229.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.68.204.143.in-addr.arpa | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| DE | 141.95.98.65:443 | id5-sync.com | tcp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| DE | 3.71.149.231:443 | ups.analytics.yahoo.com | tcp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| GB | 18.245.252.28:443 | cdn.prod.uidapi.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | c3.a-mo.net | udp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| GB | 216.58.212.225:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| NL | 79.127.227.46:443 | c3.a-mo.net | tcp |
| US | 34.120.107.143:443 | oajs.openx.net | tcp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| GB | 216.58.212.225:443 | tpc.googlesyndication.com | udp |
| US | 34.120.107.143:443 | oajs.openx.net | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| GB | 108.138.217.61:443 | hb.yellowblue.io | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | 47.216.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.23.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.133.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.193.197.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.98.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.35.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.53.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.149.71.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.252.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.107.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.227.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.138.19.162.in-addr.arpa | udp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| IE | 54.170.214.71:443 | ap.lijit.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| DE | 18.153.93.230:443 | btlr.sharethrough.com | tcp |
| DE | 18.153.93.230:443 | btlr.sharethrough.com | tcp |
| DE | 18.153.93.230:443 | btlr.sharethrough.com | tcp |
| DE | 18.153.93.230:443 | btlr.sharethrough.com | tcp |
| DE | 18.153.93.230:443 | btlr.sharethrough.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| FR | 163.5.194.37:443 | prebid.a-mo.net | tcp |
| US | 8.8.8.8:53 | p4-abrpvgkc3d6uk-c7iwimyzhrc3agbo-if-v6exp3-v4.metric.gstatic.com | udp |
| DE | 51.38.120.206:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 35.244.159.8:443 | google-bidout-d.openx.net | tcp |
| US | 8.8.8.8:53 | 11847fa6e0bf008b2655ff67e98defd7.safeframe.googlesyndication.com | udp |
| GB | 216.58.201.97:443 | 11847fa6e0bf008b2655ff67e98defd7.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 61.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.120.38.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.214.170.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.168.78.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.93.153.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| FR | 185.235.86.159:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.171:443 | ag.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| GB | 216.58.212.198:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| US | 172.64.151.101:443 | dsum-sec.casalemedia.com | tcp |
| NL | 185.89.210.153:443 | ib.adnxs.com | tcp |
| GB | 142.250.200.34:443 | cm.g.doubleclick.net | tcp |
| GB | 142.250.200.34:443 | cm.g.doubleclick.net | tcp |
| GB | 216.58.212.198:443 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| GB | 142.250.200.34:443 | cm.g.doubleclick.net | udp |
| GB | 172.217.169.66:443 | googleads4.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 159.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.87.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.169.217.172.in-addr.arpa | udp |
| GB | 172.217.169.66:443 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | sync.teads.tv | udp |
| GB | 2.18.109.35:443 | sync.teads.tv | tcp |
| US | 34.98.64.218:443 | us-u.openx.net | udp |
| GB | 2.18.109.35:443 | sync.teads.tv | tcp |
| US | 8.8.8.8:53 | check.analytics.rlcdn.com | udp |
| GB | 18.164.68.60:443 | check.analytics.rlcdn.com | tcp |
| US | 8.8.8.8:53 | 35.109.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.68.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| GB | 142.250.187.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.225:443 | cdn.ampproject.org | tcp |
| US | 8.8.8.8:53 | download2267.mediafire.com | udp |
| US | 199.91.155.8:443 | download2267.mediafire.com | tcp |
| US | 199.91.155.8:443 | download2267.mediafire.com | tcp |
| US | 8.8.8.8:53 | 225.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.155.91.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sys.ctrackapp.com | udp |
| GB | 108.138.233.86:443 | sys.ctrackapp.com | tcp |
| GB | 108.138.233.86:443 | sys.ctrackapp.com | tcp |
| US | 8.8.8.8:53 | go.etoro.com | udp |
| NL | 104.109.249.151:443 | go.etoro.com | tcp |
| US | 8.8.8.8:53 | marketing.etorostatic.com | udp |
| US | 8.8.8.8:53 | etoro-cdn.etorostatic.com | udp |
| NL | 92.122.63.182:443 | etoro-cdn.etorostatic.com | tcp |
| NL | 92.122.63.182:443 | etoro-cdn.etorostatic.com | tcp |
| NL | 92.122.63.182:443 | etoro-cdn.etorostatic.com | tcp |
| NL | 92.122.63.182:443 | etoro-cdn.etorostatic.com | tcp |
| NL | 92.122.63.182:443 | etoro-cdn.etorostatic.com | tcp |
| NL | 92.122.63.182:443 | etoro-cdn.etorostatic.com | tcp |
| NL | 92.122.63.182:443 | etoro-cdn.etorostatic.com | tcp |
| NL | 92.122.63.182:443 | etoro-cdn.etorostatic.com | tcp |
| NL | 92.122.63.182:443 | etoro-cdn.etorostatic.com | tcp |
| NL | 92.122.63.182:443 | etoro-cdn.etorostatic.com | tcp |
| US | 8.8.8.8:53 | 151.249.109.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.233.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.63.122.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api-gw.etoro.com | udp |
| US | 8.8.8.8:53 | api.etoro.com | udp |
| NL | 52.233.200.252:443 | api.etoro.com | tcp |
| NL | 52.233.200.252:443 | api.etoro.com | tcp |
| NL | 52.233.200.252:443 | api.etoro.com | tcp |
| IE | 13.69.176.12:443 | api-gw.etoro.com | tcp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | 252.200.233.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.176.69.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | static.hotjar.com | udp |
| US | 8.8.8.8:53 | c0.adalyser.com | udp |
| US | 8.8.8.8:53 | cdn.taboola.com | udp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| US | 8.8.8.8:53 | amplify.outbrain.com | udp |
| US | 150.171.28.10:443 | bat.bing.com | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| GB | 2.18.109.60:443 | amplify.outbrain.com | tcp |
| IE | 34.243.20.101:443 | c0.adalyser.com | tcp |
| GB | 146.75.72.157:443 | static.ads-twitter.com | tcp |
| GB | 13.224.245.61:443 | static.hotjar.com | tcp |
| US | 151.101.193.44:443 | cdn.taboola.com | tcp |
| GB | 216.58.204.74:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | 60.109.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.87.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.72.75.146.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.245.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.20.243.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tr.outbrain.com | udp |
| US | 8.8.8.8:53 | wave.outbrain.com | udp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 8.8.8.8:53 | analytics.twitter.com | udp |
| US | 8.8.8.8:53 | trc.taboola.com | udp |
| US | 64.74.236.63:443 | tr.outbrain.com | tcp |
| US | 64.74.236.63:443 | tr.outbrain.com | tcp |
| US | 104.244.42.3:443 | analytics.twitter.com | tcp |
| US | 172.66.0.227:443 | t.co | tcp |
| GB | 2.18.109.60:443 | wave.outbrain.com | tcp |
| GB | 2.18.109.60:443 | wave.outbrain.com | tcp |
| GB | 2.18.109.60:443 | wave.outbrain.com | tcp |
| GB | 2.18.109.60:443 | wave.outbrain.com | tcp |
| GB | 2.18.109.60:443 | wave.outbrain.com | tcp |
| GB | 2.18.109.60:443 | wave.outbrain.com | tcp |
| US | 8.8.8.8:53 | script.hotjar.com | udp |
| GB | 18.245.253.22:443 | script.hotjar.com | tcp |
| US | 8.8.8.8:53 | dc.services.visualstudio.com | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.0.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.236.74.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.253.245.18.in-addr.arpa | udp |
| NL | 20.50.88.242:443 | dc.services.visualstudio.com | tcp |
| US | 8.8.8.8:53 | privacyportal-de.onetrust.com | udp |
| US | 104.18.32.137:443 | privacyportal-de.onetrust.com | tcp |
| US | 8.8.8.8:53 | 242.88.50.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p4-abrpvgkc3d6uk-c7iwimyzhrc3agbo-469645-i1-v6exp3.v4.metric.gstatic.com | udp |
| US | 8.8.8.8:53 | p4-abrpvgkc3d6uk-c7iwimyzhrc3agbo-469645-i2-v6exp3.ds.metric.gstatic.com | udp |
| GB | 216.58.201.114:443 | p4-abrpvgkc3d6uk-c7iwimyzhrc3agbo-469645-i1-v6exp3.v4.metric.gstatic.com | tcp |
| GB | 216.58.204.82:443 | p4-abrpvgkc3d6uk-c7iwimyzhrc3agbo-469645-i2-v6exp3.ds.metric.gstatic.com | tcp |
| US | 8.8.8.8:53 | 114.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| GB | 216.58.212.226:443 | ade.googlesyndication.com | tcp |
| GB | 216.58.212.226:443 | ade.googlesyndication.com | tcp |
| GB | 18.154.84.84:443 | cdn.amplitude.com | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| DE | 79.127.216.47:443 | c3.a-mo.net | tcp |
| DE | 141.95.98.65:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | 226.212.58.216.in-addr.arpa | udp |
| NL | 79.127.227.46:443 | c3.a-mo.net | tcp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| US | 8.8.8.8:53 | hb.minutemedia-prebid.com | udp |
| IE | 52.19.11.194:443 | hb.minutemedia-prebid.com | tcp |
| US | 8.8.8.8:53 | download2298.mediafire.com | udp |
| US | 199.91.155.39:443 | download2298.mediafire.com | tcp |
| US | 199.91.155.39:443 | download2298.mediafire.com | tcp |
| US | 8.8.8.8:53 | 194.11.19.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8f0aff5e6ab7967164df18ee292369cd.safeframe.googlesyndication.com | udp |
| US | 104.16.52.110:80 | otnolatrnup.com | tcp |
| US | 104.16.52.110:80 | otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | woreppercomming.com | udp |
| US | 8.8.8.8:53 | 39.155.91.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.52.16.104.in-addr.arpa | udp |
| GB | 18.165.227.106:443 | woreppercomming.com | tcp |
| US | 8.8.8.8:53 | www.chancial.com | udp |
| US | 172.67.141.135:443 | www.chancial.com | tcp |
| US | 8.8.8.8:53 | www.opera.com | udp |
| DE | 52.29.175.89:443 | www.opera.com | tcp |
| US | 8.8.8.8:53 | cdn-production-opera-website.operacdn.com | udp |
| US | 8.8.8.8:53 | www.googleoptimize.com | udp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 142.250.200.14:443 | www.googleoptimize.com | tcp |
| US | 8.8.8.8:53 | 106.227.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 135.141.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.175.29.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.63.122.92.in-addr.arpa | udp |
| NL | 92.122.63.46:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 216.58.212.226:443 | ade.googlesyndication.com | udp |
| DE | 18.153.93.230:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.34:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | sync.search.spotxchange.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| GB | 216.58.212.198:443 | s0.2mdn.net | udp |
| NL | 154.57.158.116:443 | ads.stickyadstv.com | tcp |
| NL | 154.57.158.116:443 | ads.stickyadstv.com | tcp |
| GB | 216.58.212.198:443 | s0.2mdn.net | udp |
| GB | 172.217.169.66:443 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 116.158.57.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p4-abrpvgkc3d6uk-c7iwimyzhrc3agbo-469645-s1-v6exp3-v4.metric.gstatic.com | udp |
| GB | 172.217.16.227:443 | p4-abrpvgkc3d6uk-c7iwimyzhrc3agbo-469645-s1-v6exp3-v4.metric.gstatic.com | tcp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | suggestqueries-clients6.youtube.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| DE | 18.199.220.232:443 | btlr.sharethrough.com | tcp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 142.250.179.227:443 | www.google.co.uk | udp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| GB | 142.250.200.34:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| FR | 164.132.25.184:443 | rtb-csync.smartadserver.com | tcp |
| FR | 164.132.25.184:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 232.220.199.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.25.132.164.in-addr.arpa | udp |
| GB | 216.58.212.198:443 | s0.2mdn.net | udp |
| GB | 172.217.169.66:443 | googleads4.g.doubleclick.net | udp |
| CH | 185.196.9.26:6302 | tcp | |
| US | 8.8.8.8:53 | 26.9.196.185.in-addr.arpa | udp |
| DE | 18.199.220.232:443 | btlr.sharethrough.com | tcp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.212.198:443 | s0.2mdn.net | udp |
| GB | 172.217.169.66:443 | googleads4.g.doubleclick.net | udp |
| GB | 216.58.201.100:443 | www.google.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 983cbc1f706a155d63496ebc4d66515e |
| SHA1 | 223d0071718b80cad9239e58c5e8e64df6e2a2fe |
| SHA256 | cc34b8f8e3f4bfe4c9a227d88f56ea2dd276ca3ac81df622ff5e9a8ec46b951c |
| SHA512 | d9cf2ca46d9379902730c81e615a3eb694873ffd535c6bb3ded2dc97cdbbfb71051ab11a07754ed6f610f04285605b702b5a48a6cfda3ee3287230c41c9c45cd |
\??\pipe\LOCAL\crashpad_4676_XOMVEXJDXCAEFPHF
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 111c361619c017b5d09a13a56938bd54 |
| SHA1 | e02b363a8ceb95751623f25025a9299a2c931e07 |
| SHA256 | d7be4042a1e3511b0dbf0ab5c493245e4ac314440a4ae0732813db01a21ef8bc |
| SHA512 | fc16a4ad0b56899b82d05114d7b0ca8ee610cdba6ff0b6a67dea44faf17b3105109335359b78c0a59c9011a13152744a7f5d4f6a5b66ea519df750ef03f622b2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6894153af6352f7a50e502e958897762 |
| SHA1 | cbaa5a29ffd8e433e82a88a618a603f9243f2a45 |
| SHA256 | 1505f2646bb0c917d7e13b7bc0296bde2e0eaa27b321c005ecf0acfb494b14ae |
| SHA512 | 7d29a3a2d1999b55c20b6477e0c9514596920f91e3626f64e0790b3e4db246da98f9005a5d47d5fd67055a9decbb254f695bb9a3fa2ce7ec8d6b02ba391203de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f99a662dc740b729c48e86ce149e9518 |
| SHA1 | 41a272c15f24629e9368552c2dfa957a5777fa54 |
| SHA256 | d61defa413caab55b92a955f49fa776302227c38066ace0b1cd72a6c2702f459 |
| SHA512 | 90609da2e1e4f64fa14f4d68bf669ccaa458726c9586e8bac0b0c2fb8f2c0e9d247a845c155aa6527cd31a22a51054d9eb4b4afb6710f27fd3432692023cca05 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 05bf892bae3115781e311fe3dda0c1aa |
| SHA1 | e885a7617ca84e58ffcc26e7f299bd9503df25ee |
| SHA256 | 717ab4388ddc87f4359a35c7e178a69ea114080089188b13c3dafd5e85ac866a |
| SHA512 | e54305cbc2acbb6b6d2eb40e27224c098e9cd0ed7e90100e3475507864ad344a09969e8e1617ca73b4a6d84232fe6c01dc3d3454798e14fd46c655825ab22836 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 6b441fdb03ad3cb440777b973f30e673 |
| SHA1 | 26953efd9ca0fe9e667063fe2b1a89675ce063f7 |
| SHA256 | 6d1b637307bf41228a809f38761b62302a9bdcf44887cb6ddac3db5cc2e65285 |
| SHA512 | 18ee17066e2830b8f6f212effb8ac9cc1caf77acd7375ab499078530bf03133e12760ddbd01cd0d917826aab00f94fcba354a4fececad855954c49a74538f1ea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 4ce50b8229b886bc56d689b127c449cb |
| SHA1 | e8f81ce681312039da2e2e81f123d32157c70194 |
| SHA256 | a3add2c5dd2af967ef43ef800e2b51136b9324bf07e08a83a95644e5f856c02b |
| SHA512 | 0d0a20a6e7e196c4cbcb0d73e94cc4dec2be82ed002d237d4e3d5a0e5cfe3d2752ce96f004fca2e20edb5f070ea183c383f34e52eb8bfeb22ac994a76cc57ca8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 1a6c1f0e0a1ad05708ef0742964409c6 |
| SHA1 | 1a5357b97cc793a3f1d16038dda56baf2e17bb32 |
| SHA256 | 849449944872e86428d913d23125eccc5ae076fa6d12cc052ee83eb91a733678 |
| SHA512 | 9390517bb165f098a681cd4d5d2f57773347060403bb1d903a0d4d1155e0f4f75a0198e65d36093045501be8398c87affd9b19b48356fdab8d21eb69254c15c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ceeff0d7-08b6-4f6a-a780-252527ae6f96\index-dir\the-real-index
| MD5 | 4ffce3c1a7a490b1ba613190c613ff39 |
| SHA1 | 7fec59698151ee695b0c10a4502da0e83b6b1141 |
| SHA256 | 8e7298cd432fa683e860f37526ca423c0baf09d5df516e91b0b35948488049d6 |
| SHA512 | f7ab1f3ae877e35223d524017ef753d0389827c80db2cfb45acf271b895bb60084667f81c9ff458d0670de055cb675a51b7de72793b1394b2aa20ac2ffcda016 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ceeff0d7-08b6-4f6a-a780-252527ae6f96\index-dir\the-real-index~RFe57efee.TMP
| MD5 | 8c77c3e411991fe5f727e3aebf5139ac |
| SHA1 | e8af2e5968abb56dbfb1682831dba69343467abf |
| SHA256 | 31c6afd5456fc9835ba6c634119b7501dd4f9a0761a36ccfcb151d0e45b99eba |
| SHA512 | f2c040d1d1fd1ef82c3b4a2902573e7739e0fe9ec32b3c537feb4ecaddfa1f280d95416c1fa3c68d245fc67df5fe58b40adc4ce2e735e5b466a0d146a4c69365 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | c4a0171bd422dc8ebed4787781e22e01 |
| SHA1 | adc9585ce48a1e9da201715afb38f71538b52f26 |
| SHA256 | c05ea9880e168a7ebe8a4616a336f43b126395cc195f8d1243dcc0776812d036 |
| SHA512 | d438844e4f34f60988a8b4e3047359e8ae9472a556e7b4d4cbad1a50a4a5a0004da2954f6124c2bc21c016d1a7eed346f647b57f87651bedc4c9674656928b32 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\19efaf5a-d853-4cd9-8401-16ea97a2bd58\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 58c3f0c14e5a52d7493fd394a070ee49 |
| SHA1 | d232394fb6ffed40efe05c0212af98d567263b27 |
| SHA256 | d49ea4a1cfc33f8940b69380c484cb491dedced6cc76678957d28a498aa827d7 |
| SHA512 | aa1e1fb67bce486fd07c06175aca273e44516cc18d632c2693c464626ae340982d29a6b107d391f1c22f399945f9478408b57de28c958859a376136dd6acd84a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | e9a2bf98fd5fc41f49c11dda0d1cb9e8 |
| SHA1 | 313eb243557d5d61c9257f474a323cfd41faec42 |
| SHA256 | 7d5fb83c4f2ded6d5bef71dbbd939ee746f21e87ba7632b1563f26af0d0674ce |
| SHA512 | 06587b22505637c134bd9fec9399a6278f12b6d5e83e754a1faa2e15bb3b955f6225faded1585623402af994c4e472268ff0ea86ea3d1e13bf043f1db1c382d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | 36c1bdf571c3eb45bd477df474131491 |
| SHA1 | 363c4d3abffc2b82ee02dbb38a4e06848a3212f2 |
| SHA256 | cc951ef9f66e26918524e86b7b0e7890ca7d8e93559b438d442288ae5a2e98a0 |
| SHA512 | d11e96f05495a0eea23e94366da8fd922c8617b040b6868a59bdeb4ceabe7dd9aba1b9fee3a6dd34add5e8fdc0498609bf302a47d1186193a097e72a822bb3a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | 48fa34b447583f4c47a11ce49cd9198b |
| SHA1 | fa37a3f84dbfa8d42d885f648284533bc9fa867a |
| SHA256 | f69a513b28020a7c90a6310f39c460e174c47b5142b9ddc7f30a39beee42fbad |
| SHA512 | 20ca7049ff8c3bd7c7801ab18d84b8e4a44271254aa60b7c03cf8f356d434c2b2e4bc5adc47c3cb6467d33f96b9024e63f161365a5e4e8b3e023aeae4b225810 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | cf4e779eef89d9c5fb496d22e0d7098c |
| SHA1 | 7018fbb9203c7ab378834761fec9c68fdf818367 |
| SHA256 | c5920310b9d34641d4295b62783c0aaa4e351860bdbe5b832d558621a78e9e62 |
| SHA512 | 97cda67c42b7e890388925d7fbcf375d42561fb70f2a4590fc8e4885363b8ee520d6a346d63309c2038b048abc37634962e925b1d4578fa8ebe9ab7ff72afedd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | 3b2e2b104f6eb1d0adc8eaa5c0d12105 |
| SHA1 | 5109d568665c8be449409045f8b0a5db8bbe02e4 |
| SHA256 | 1472242ad74518e1da7ef2972de48513720dc904c429ab02d6de868dfb5fb329 |
| SHA512 | ae77393a9c7379491959567ff1b1fbc864aa472c7dee621469d43ff9ff5756149362973c7eb6eb3f1f80b73025af143e54167e1010adefee6be420f851259285 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
| MD5 | 45c207496bf7b128c0363c82c8a28689 |
| SHA1 | da765f606e972847c7c700e1c099664acd9aab38 |
| SHA256 | 8e9b9b5bff06b338e19a87f5336f85132ff039b0ce06a30817116de3f61b0dbb |
| SHA512 | d11cead2b3998757725732ce2e425a5882b33d658916212f2a858af6df13f0db9749380f05b44c752ad24e1bf732563657ef6995d91c8149e6280a7d77de5261 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | 02cdf9505966d660ae430b9258726521 |
| SHA1 | 7a6e5afa2c4cbab3d2e24fb3fe15eb43cf01ca82 |
| SHA256 | e5483c5b5f4d089cab46aa7f7b540832ae0e727f5173432e012e9897a9e82207 |
| SHA512 | 7a9375eb4dbefbeb1bb0672fa07676fefdb21a7a9ddddf63949c87c251a0928649495215533e13f48510b28551da346c163266a8b3dc0dad16c1d8995a4c4ff3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5aa20db1fe3266936a6ae8209b676b31 |
| SHA1 | 42481456ef6a3a327ba82fc8939fcb735df0f135 |
| SHA256 | 8f5afe3b455b9b7006d0021089fca64b586ff91031855cfbe81847ef57e277f8 |
| SHA512 | ead8b325c551c9d2485ffc04322e41e9cf7c5b7b82b1dff9ed087faa015666e6484af3f4becf6e7891014c1df34581201bde6a470a9240581836dae1dc29df30 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe582f87.TMP
| MD5 | 94cf5479950081ffcc7c607cf33b846f |
| SHA1 | 723ddb9ef09c98366106e4fae31ee71f66a2a3ad |
| SHA256 | f671ee7f8b032bba78683daf5c57102cdbdca8634b730b7f65fa5d674301dd61 |
| SHA512 | 8d085a998387bdeaf6a520918706b52c9f58bbc44bd1f9cc195fa286d2bb6fcf1760363e23e6d373401aa263afa5ec91a29d41633e7a4c75daa96c1bbbbe4cfa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b1eed6ccc59088b8789cba5c32298519 |
| SHA1 | 2548f27b51cd804d3e9df3adea00e89fdd206aa7 |
| SHA256 | 66b46226de8d911d1f6ab96232c23f3a49abb1c3e8aa091af2bfff84e9892c79 |
| SHA512 | 6457577895d10ff945ffa52b548a2cce48bcf02c750b07a2014fc0ad55d0210f0c707197cac63717876992a26a8b84202f188388cc8993cb493c7536b79d3504 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe584292.TMP
| MD5 | 6c9e0f06a3d4371f35eafb9143b174dc |
| SHA1 | 4f88961d7412bbedcbbeae530497b98e5d4e6533 |
| SHA256 | 8d3887d33c26eb1300d237d08efbfafaf29e35a94a868c80909f40e11861ef15 |
| SHA512 | 57249b5bcd555ba77a249b828a5b44900ea206392e106371c868a0ad7345502e7d7bc986677e5dc1450d9d70f816cbe8ff5a292ef0765b9ecfec8f9ff5d71f5e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 29a0a504a3098ac1d0554ce50bddbe49 |
| SHA1 | 9dc5c60a93ecc7eb5065032cef840be2f57413a6 |
| SHA256 | ba0dc12472435481d468c38a301bb2c218259211772ff254e3aa1309404463f6 |
| SHA512 | 3df4b0d9724210ab94b757627af8f05d16f220a880962af31a57ecd39b83a1ad1ac1598f05cf1ccbdf54337b4b89917a22bb25389ee76103522a90d4d2a0c13b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a6011731b4b0750dcb732103b0cdf102 |
| SHA1 | 81d13e5b9e5162b470d274a6c9d008af37bb68dc |
| SHA256 | cbf26de30c250c3d614dcf8f7d53a7d1a47cdfadfdf077bac7d6f4702f5fe5ea |
| SHA512 | 9827b2a935857be1b397fa41074db1875ca8db66cbccda12053534e3bcbfc0f50b324e9da22f4f936a828efcdc9eb8b06f58a9efa52060527e554b7c16be930c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\bffbbcf7-6017-4ccc-b65d-0ba2d0569e79\index-dir\the-real-index~RFe584a52.TMP
| MD5 | c5c824c306b90fc18ff3e3a89f799071 |
| SHA1 | 3369430fbe11be08772e4389e342221f161a24e5 |
| SHA256 | f1da27966f49ebf9f8efd9fd181f00e85c636a6e8cb3eb738ac094903d520d98 |
| SHA512 | 28624590ba049f48d94a41cdc6aede3080d4d3b3621070cfaf9f62f47000ca3a3641ecab0717980abdef11243bdff072adcb265a84931acac9a02b5f5567ac6b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\bffbbcf7-6017-4ccc-b65d-0ba2d0569e79\index-dir\the-real-index
| MD5 | d4585aa8827de56c0c7939b7030378c1 |
| SHA1 | c114645021424ca76ddb3cb7bb82e454cffd64a0 |
| SHA256 | 346f3317eb8db853a206636e4e721e216f6a9a15e89cf829f6d0f55cdee03292 |
| SHA512 | d75dfc18d99636d3666eafb970d8a650e5f40f000ea88d799d43fd5d7254bdb13a80d143cf354f4eed1b66cc5bc05c831c3d6789e482a0f64ef7ce6221a8f9d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\bffbbcf7-6017-4ccc-b65d-0ba2d0569e79\15f1deb2fd3b6cba_0
| MD5 | c1ca02ad59e334bdf7301850b40be87f |
| SHA1 | a76f840d3c58d5d25bdcf67628a7b909ad07418c |
| SHA256 | 85afa3c2663195b6a08c35176a28d5aae1ab03f2226dc6458fb3b1afec703094 |
| SHA512 | 5d51d4e0809bcf9c45e001f58262afd73143100ca0e1a9da30b945d74ff1c2116f204e773b5c1da7bdb8cb41654df4be88321c55c2620cb9d32289f89598c72e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ceeff0d7-08b6-4f6a-a780-252527ae6f96\index-dir\the-real-index
| MD5 | fa6288b207e98b998a63bcd03e625a27 |
| SHA1 | 7af09c32b6b2f5c6b9ae8ee097bc7d1517a7a0df |
| SHA256 | c785291c66bfab337195aaedb79f8197e1b9f1e1e9cdccc2070787d11bbea138 |
| SHA512 | 5d29b5c8f2895ffccdbbd1918bb35e1fcc0529b83111e8d08939bbb1c83a8e0a6f0c7d9c036898b24499a34d95d9cafd031c6ca1d83c52c467b3a015d23fb60d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 61a343823d11de0b7a9a265cf5d2b7cd |
| SHA1 | de09aa0698ab53ae5539d3609d9267cbf80b3023 |
| SHA256 | d86e304aef04c5ab33497c914505dca9ebbaa7588ef9cd6b2ea966aa169189d4 |
| SHA512 | 5124b82c634afe959f4443ce7ae830c83a30e53364c6187a47e3abcbace118dd720f9ac69a9d02e1bdf63370ea8cf094e656c9eaeb3d46e36eacec7b6b1abf08 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e6b2fc19df334b6967f0aaf63c03651d |
| SHA1 | a98bb995409d7f77631c3e8470a503beeb3f37e3 |
| SHA256 | 8a815e1c0a54d6733120b78bb8bdf30c0d35190eed74ba822e7f37477fbc6d13 |
| SHA512 | e6930afeab9c3ebf8b075dae513439bd08994d9ad38a3d61818ec2d3903dbc777084d70fee84341b3cd1078332cd60dbf4750574e71228556c202c54f28eec6c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ceeff0d7-08b6-4f6a-a780-252527ae6f96\index-dir\the-real-index
| MD5 | 0880211774aedac1ad5051f1e390c6b1 |
| SHA1 | f96b0b585ec92b6fbf858debf3bd64743f505cb2 |
| SHA256 | c78ac163c7702950cb0b20267e0cd0ca854b443f6c0949382a6d2c7542a757b2 |
| SHA512 | 572adf5c7d3fd74d54e7c12a363dfff42646c261d5e52722d6661855065437218bbf48697ffa5df996fd400b8a0415112e9150ce7d32bb39b49da0d61de226fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 928d216af911fc8e34beb437e7452296 |
| SHA1 | 720b8fca19f3184d485cd7adc39b581a0f7d42fd |
| SHA256 | cea354bdd54692ebe779a51f997e11e9bc6edcefcf6752e4ad222e0256503e1c |
| SHA512 | 873ce1726ef969f7905562ab4dd16544ad86523e2c001a276414073394d5f307be8eb5ad31735176fc701d88678835973322caa9b9306a28b6533f86da1f42ad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3f48ed0d29b3413ec506fc0e2e08d877 |
| SHA1 | 1221e6ff1e1d88e850de12f51247713ef415a1d2 |
| SHA256 | b982be6338433cdedf2c38eb7e1caea031d5c1f3df66e2aa08172324354dd8e4 |
| SHA512 | af259796ecdb8d1b9f3edd81e01b1197d67c34093a55e8df701bdec9bec1bb7ae9f71c4cf1e6240010fa8c9eecf4586b8bf5b80378dae63c1fbccfda3ddaa7b3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4c2e28e12fbd6f030e4f97af84f16848 |
| SHA1 | 59bb2e4d65e5847831f2313ef92c86f3b1290c65 |
| SHA256 | 067cddfa7004605674dbc0d9256b413980e2df0c23dc2a9ffec57b453ddde187 |
| SHA512 | dc75d0777a89caae05d6358b4310e76804bf68d8577c1b2cdfd526e3d68f9467964ecf00c4a0108afe1ddc5f164c48d2d87c210d9b28012cc7cc67a9a2939acc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DABA17F5E36CBE65640DD2FE24F104E7
| MD5 | c3e000f1b515c327841a0a063a364383 |
| SHA1 | 43f6aba238ea771cf299eb1c76a0f3944b2a893d |
| SHA256 | 268e5bc3de347edd0d6ab8860b22a19e7ce7b41f0acc72c00a8a945d4e4a8e43 |
| SHA512 | 54206abdb1cf03a672d12d49560c5c6039d1956603e19e8a10502baa7bd8df82064778f7100f911dafb02a1105e38c175faedc92f1e0af028ab8552547e94f08 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DABA17F5E36CBE65640DD2FE24F104E7
| MD5 | c6150925cfea5941ddc7ff2a0a506692 |
| SHA1 | 9e99a48a9960b14926bb7f3b02e22da2b0ab7280 |
| SHA256 | 28689b30e4c306aab53b027b29e36ad6dd1dcf4b953994482ca84bdc1ecac996 |
| SHA512 | b3bd41385d72148e03f453e76a45fcd2111a22eff3c7f1e78e41f6744735444e058144ed68af88654ee62b0f117949f35739daad6ad765b8cde1cff92ed2d00c |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | e86762423a86d81b0746a714ccc4915b |
| SHA1 | 22546f63c5d720ab06519ddd14727a0917e10c20 |
| SHA256 | 15391b466bff22723ba579a154e019803aa0ae3f0b4bb6706dc51b167338785a |
| SHA512 | 111e15731a14105819003f70192e9c29bcb60d098d62142a18633b7552582847d95569890a2f8b27d89babff44f7c7d33b6217f721fae8cf10c3e3a3c6c61384 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ceeff0d7-08b6-4f6a-a780-252527ae6f96\index-dir\the-real-index
| MD5 | 85ee1463302217a18252e4718e71a07a |
| SHA1 | 119d0192adebce0896f555c229e3083b6e2326e9 |
| SHA256 | 98b5407049ecb2adeabed7a376008c49296b6dce0d8868178f48936a49e2f1e2 |
| SHA512 | ccddc348dca0ef4c55140cb08910fda66d49bd5ca923b6e5448fbd4503d414fb74644297045c9ce1a979a0c9f6e72c6f368a3008d390bb8aa01cb38601a02794 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | cc1eb47924fc730d238a537d5479e916 |
| SHA1 | 29ca57463437d2eda7934340a23ca6a5b1455d43 |
| SHA256 | 30bcb3babc690ddd7e5476f5bd712fbf862dcad6e31afd835f6d580887de9b4f |
| SHA512 | 209557454e08234e8d63d5a5aac93ed474a0e3a563d48d90363b7fd96aa2bd01a8128b645048d950e16e33dc83c893b43abd4c0756bf9a8d8ad36a6d68ee2d5d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044
| MD5 | 82d6a85f87bfd8d4d2db664dae26b0e8 |
| SHA1 | 0b157668ce87bd3d80eea75529f62869dd00d158 |
| SHA256 | af1ebdac7138371d72b1ac71d19651fdadeebef69ba1a830ca2d5aa1be442a79 |
| SHA512 | 89ccec03b3b458dd9ad17cf00523eb9c1658c080be6f0e18b98d9c32ec0a01566c01061c3a52d16e4d35513d392b72458b0ceb21ef1a9fdd49a0cebf64b6fa80 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 05f3e4a089a539dbc31d0873f47090bd |
| SHA1 | b14029f1ba9b365e91b88194ad40d3cae6130517 |
| SHA256 | a6feb75021a851b195c0069bc5646793c6116ed36fad68b91dc90e2f57e8455c |
| SHA512 | 2744ec9c47b352e5b83225543a1ccb14fa185dba0da3ec940cc71d9fb4d2f10122b3ac0a53f47baf7aa280a0d767668cd7f5c1a33fbbc69eeadcdf3d4816ddf7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fbd4cbdfa8f0382b6d32e81c2749ebec |
| SHA1 | 45e453f43f7245a6b763b39234100f267e8cfadb |
| SHA256 | aaf86e85164a307cc7d1d2d4cb3b9d3a8153713811cf675954186fb0f16771c6 |
| SHA512 | c22bfad3186bd614a5ef3cd78fd612f3aa1becefb44f36e7ee4e1cb75c5b08d82fa64fe113549febd7821917c6a1d8973fa8412b9e33d12d29a4fb9d2258f8c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000053
| MD5 | 3856de7c74fe6337d7ce813fc7bccee6 |
| SHA1 | cdcfa9794d003850048544a3c91e77da5ca1471d |
| SHA256 | 862f70d9b90d2587e8367b318e2e579f14b0e62428f6f0d2ff48d8a55dd94bed |
| SHA512 | 39ef7ed2d323c89582ff85bf0e0040729179aa4ea4f4e512eaae967a823375cb95b8ac914a9dc3c267ce75fb2a4a3860923011f42f4b9381308b9639f57b12d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006a
| MD5 | 08ec57068db9971e917b9046f90d0e49 |
| SHA1 | 28b80d73a861f88735d89e301fa98f2ae502e94b |
| SHA256 | 7a68efe41e5d8408eed6e9d91a7b7b965a3062e4e28eeffeefb8cdba6391f4d1 |
| SHA512 | b154142173145122bc49ddd7f9530149100f6f3c5fd2f2e7503b13f7b160147b8b876344f6faae5e8616208c51311633df4c578802ac5d34c005bb154e9057cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000072
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 41392a558e023e51a1bed0c2ee274e75 |
| SHA1 | e5b63ab794e29a763b1e84d08883fe5627d89db1 |
| SHA256 | 14dc4e9e5f58f38488bed53ecccbb537d36c7156d16f7c72bce8c4da6a5c69e6 |
| SHA512 | 063711a797fe5e6c3c0bd43e8d953799cc6a494b921ed4b47def7c073559be4966bb5c9e9063d090748809219c55a89260ab931ca1c872d2d12093505d921253 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003c
| MD5 | 660c3b546f2a131de50b69b91f26c636 |
| SHA1 | 70f80e7f10e1dd9180efe191ce92d28296ec9035 |
| SHA256 | fd91362b7111a0dcc85ef6bd9bc776881c7428f8631d5a32725711dce678bff9 |
| SHA512 | 6be1e881fbb4a112440883aecb232c1afc28d0f247276ef3285b17b925ea0a5d3bac8eac6db906fc6ac64a4192dd740f5743ba62ba36d8204ff3e8669b123db2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a
| MD5 | d2155aa26ba85d23cbdb242318f9da8d |
| SHA1 | d19b123d77bb65f6fd5912fd17e8bc71e3522db9 |
| SHA256 | ce67d212e81563a4ee7fb62aef4af4481a053b8fc369430fcf0c74d4cdfb85f7 |
| SHA512 | f0d4a8d0be7c89ca95bd54621c09aafeb86515c7e5e98a80c3d9ec288d1883887950fe8e7cdd257d376d152b0b3fec2d2eca7477fec4fd9ad0a623fab012bf48 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b
| MD5 | 5e3bcb85c3140b9e389c132f50d5b710 |
| SHA1 | b4cb74acc71d5cf828506f413d9141d9fd804d22 |
| SHA256 | de937b8ee5c03e7592c2b6c170279a4d3f516cc335adb63b7cb78294fd443c45 |
| SHA512 | 09bf3d4ae5422587042b601790f074976d82dd4e1e89cdd68e45e98d911f3111449e8a1044dcf72187a03450fb8a2fc880330f7648a229d2230b5d2f19ad63ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d
| MD5 | d14a6556da7a2e9704cd04eae28cdb46 |
| SHA1 | a80812c70f13b49597079e3561e68fa177535a9b |
| SHA256 | b5a9c272adc373ba2512fae681f3c14db8efaf0158d32890b0cae1df47784ecc |
| SHA512 | 73a3e0f274b6d107cbfa4e633f71c3df9de34872f63d9f1bbe2e6c347e27ed1336755a97fc35cdd5f5d9a35413fa2c6d225bdb8140ad16ae8b9a20ff2d6785c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000040
| MD5 | 7142d0b5d0c1b22b9722bdf6f3d66cd8 |
| SHA1 | 687b06c23bd54f044739e55499b0d848669b46df |
| SHA256 | c2b0d7e89e3cda69bfe7ac059cfc96955c84cb674adb745cc65004a5053c3eb2 |
| SHA512 | a4f9af93a3a055d1c70eb00735f80223257cef034c404ba4ce846c929aaeba3f050baec41e6c19404fadf983c609191adfb026f8a761bfa9d3032b03eb2d38eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004d
| MD5 | 7929c3dc6d6518974576b3e40dffb430 |
| SHA1 | 68f72a67f42702cc365c3e5f34b66829fdb6354f |
| SHA256 | 80f0556b4290215413423b2f1627358d9a56d008ca97da1a1f2ce5ae62128293 |
| SHA512 | 379e01be1db2c205a321c248a2367956cc9fd73384d6158d3fe901f3b28eaa48a24685b8ebbe1058bfa17a995c3b365b34b4d61c0aa5df041548c74b0bd6b686 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e710a2b484929ddc1fc83df6bc9eb594 |
| SHA1 | 37adfb398d422ce3c9a306fcbb94a6abe8c8df29 |
| SHA256 | 0538e04e1cf9cff523e86573e03e4184625193b4e6eaa619be8891b28fdd0266 |
| SHA512 | 0c4cf79ee3771da2b3e28506f5a13ac53bb12b026620743f63f28951b487b7aa0c5fcbb892459679da30c45764d7f4649d7495f810e5d2be899f8f6a6fb7f755 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000081
| MD5 | 5f747c64539885d991db99de756ce1cd |
| SHA1 | a767f8dcef5742cad81e949f0ea5eb91ef0dbb55 |
| SHA256 | 85ba8c5dfb41e7d6b7dbef0f0a180b487b7d600af5eec1d2c6017fe231b43abd |
| SHA512 | 1470b4b0272c7d5d3e8ed144ef1d2a2d9e3a89c99c9ad76a3eda2259ec5e84db693e447b555d9849b89fd507ae5050a461cf02ea70daf993aa74b4a1bd141bef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e51181ae6e333d98b8e96e375a8195b3 |
| SHA1 | cfa8366b1e03cedad7419f6a1ab4615d55746196 |
| SHA256 | 59eb5fdb2e151420a5faf689e8badfe7501d0055b2d76643c8ec51e0b38e510f |
| SHA512 | 3d57d64595199a8721d457ce88a6cc5b7537ce91475e98d2bd27b0820ff6e0bb01ba6fc9590cadb88bdbafdbfa471118fd8ce88379f705c9488bc20522108609 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 71652c35499e2efec728d1403eda5ba5 |
| SHA1 | dd101fb95210114782368c979c30225c50d692b9 |
| SHA256 | cecbb9f64bbe454b4c903dc95c20af75e0faf346393f81984635122596efa10b |
| SHA512 | be6e652c5eb7b6a34edd9d7fe9f23dafc8d077c49753dceaba27f40fe6d6297dbec91d81985bda84d8fa7783714c163c79563b14071d03dd540b9d8a3a9a64a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 895e6f8c7e3a82fdfd963c02daf362b7 |
| SHA1 | d139e35af3f331cc3d389bb70adea7d950e7f05f |
| SHA256 | 0f215a621f6cdbb52b820ef830e4afd298d758b4dee5fcd28fb7df5c36f2b515 |
| SHA512 | 50cca2b9778029a19edfa049b241269b4e056fffb2b2ce2123698066f0d2028a1232716104e7daa62bcb68ebb331d8ff21ac364c712a59e013d71e92106a8f15 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f8df18c2b3870689a24293b4b40b131a |
| SHA1 | 39e43f088c39c8995eadd635c080a338cab38cf4 |
| SHA256 | 41df1ff89258d229f3b2fcb9c90cdd976f5a32f9b4ea34710d57d32a9fe5a73e |
| SHA512 | adfd3e984bc2982556436e59c26e7e75eb57914fe17adde711b31d6fe1e401b5fca8b5ac2155dc962a40c6e645a3662c5b3ae38cc39994f4496fc9bd183ce43d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 66d0d26caa60feb7bdf98a9628e959ca |
| SHA1 | 610c6e527b697111af32397d5e7ff9f35f5481c9 |
| SHA256 | 8b775f52c04da396fbe6bb1bc57a30fde24ec1f55ceffb0dd261fa4ec2b2e672 |
| SHA512 | ce2cef1e957024401f0be70c26d6eccbc00cd07dc931f83bab0e156ffd5f0ac399025cabeb37b22b2ac002452ce34e45199bf25b4d8e21eb50365691cb50e528 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a11a9ae14c4ab31434dd38686783c504 |
| SHA1 | dbecda703bc92c0aa1373177221972fc223062be |
| SHA256 | 6c0afa2804eee1e54b8146f7829f3368ae79e3ce84329c0f7015ac095564df80 |
| SHA512 | 5a5175105d36a7b9e9b34d3d7ddec0228d31c1401e7fc5486c054a44bd13af6f737dbccea75d8d26669421c57d004bd166aecceb463cddc2722bd3881a350218 |
C:\Users\Admin\Downloads\AvalonAtomic.zip
| MD5 | bf4098bbdee4430ac6d12b03c484d4ab |
| SHA1 | 839ea1a5449ba5346389c939c1e5ef3bb9b31e95 |
| SHA256 | 25edeb29bc45aeab9a79413f6b8ebd44a6c8737355a29c59b4a26625f2cee174 |
| SHA512 | 0f63161f0b30beb8a576f08013a6abad6d11296fa03be83f2446456bbb7fcd6c8237a1e218ac9b07cdc4c2a65a5e2897536cfeeec222437fc1135801a226f56a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000057
| MD5 | 09e30ec0ae2a2effc2b6872b0af0aae9 |
| SHA1 | b0237ba13c5160a1bdca9c048c78132f1afffc27 |
| SHA256 | 4fc13a7ed321277251af657b0d604a5c39ded056cd19a14c214473c8a7f1901d |
| SHA512 | f7e7ecb843fdefe4e43e7a436ef0f433cdb82d4a0e1558eebb70c4281bd5fbc242bb3bd87d8c6e3ef09a01d9b54a0b7c5883691e316895e45c5bdb0232429012 |
C:\Users\Admin\Downloads\PASS.txt
| MD5 | 24a9c8a22071ab7d51b3b3967382b9b6 |
| SHA1 | 9f3ef3bd2946f5a6f01c4121e031effc32ad5b9a |
| SHA256 | cdbb0ab98b182a26c9b7243c13a146ec893bc2dbf609ee72b6121f4bd6c24b9d |
| SHA512 | f32cd0eefe472d638c74fb3124ef5d1ee7dada8f3ee56e9109da793183578ae025c3a9b5b2c77934f1833b1fae39aee1c6b8c9b82a9d3b09ae5e95e1f1ea3e52 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 18fdd63e1c77afdcf99ad676d710ee70 |
| SHA1 | fbac1e5f3c8084b406b89d546f28e8ba663796b1 |
| SHA256 | 9281064defa6a45b938d41fd1115421132623b705797ac5c63477a9435fa494c |
| SHA512 | 9737ce331f0aaf081226b5e0ea3b211da5851f761fc9d0c9312398a90e807812a132dfc66aae2bb70ea9f29da70fad277c0bec34a1e41df0874e739aa779708f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f291e2fd647e25f7ee0b3041ea0c47ee |
| SHA1 | 6c87321daf673d31cbdb407d8efc90061bf38e47 |
| SHA256 | c40674ad029d6256607d9284c9381e8aae141bdcd3f52d7d35a10870c4f7ac30 |
| SHA512 | ea53d0ab2edc5c7f4103a038960c8e2faafdb022e41aa543275ce15115950099eaf23ac4e9da86a145afe225249c7324a29456b7b42de7996265b92ed0aa3451 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3bca119feb23388480ba521869c7324e |
| SHA1 | 7712ce1278f9c56ba6f5e653b9c17d759b14ef96 |
| SHA256 | 8923abd1b0bff5e51df1e04de299093b0486215a4b9e6cd3caf74421fe19b0ec |
| SHA512 | 4e9afc6b6cbe9b1e1b806fc27b93ae9a29355d8b8f692f1d4b1a852cb189b6153fa3156b408c30ba0525b7409b598d79900d1205e2a0350a1f640025dd8bb448 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 4b5c5f4ece932f6300477156a0dec79b |
| SHA1 | 3aa64c9b8c37db47b4a53b9bb01a54fb7301ea7d |
| SHA256 | b6004945ca84c3eed7eeb75bb81f0ef6335203283222ec0bb2c3134f8ebbc0a2 |
| SHA512 | 6d093758b66c3f0061a8bbc9bbee6d08759a3efa2c83d40c94a2fafdf56654a68edeeadc70663392402a02cd5ba4e367290abc149f884c2fe8f1eff833f1cd71 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e26b9a6c5e928d1fc87c54c9cf243426 |
| SHA1 | 75e01f291e8b247a68d744ddb4e9e9848fd1204b |
| SHA256 | bf4972b0ec25776461b7cf89e473540f547477c771ff96963f7376fe4ee0a169 |
| SHA512 | 00f7798af5b024e59f3c0106ac81688a31d99763f9bdd5e837a50bfcac2c263cdf778d7c68677c39285810a04c120d68f8ca93392a1348d4c272b781bafa8687 |
memory/5932-1810-0x0000000000690000-0x00000000006FE000-memory.dmp
memory/5932-1811-0x0000000002970000-0x0000000002976000-memory.dmp
C:\Users\Admin\AppData\Roaming\msvcp110.dll
| MD5 | 46bdeb2cc910af30eb61315ab46310c0 |
| SHA1 | ddbcd3c44739219db97ddf6d86baeed77e6e5643 |
| SHA256 | 8f028d17578b9f9bceac10d4ab89903899c796d08ef921dfbb92297d29f457b9 |
| SHA512 | b7165e1d299a7153347530ee81c55a5cbf6d76e9a205ce0ce9b81ec54e2f819484a663fa52a41838464a618df06f66c327d41bc115cca3ba0fb8b2bffc02bebe |
memory/2032-1818-0x0000000000400000-0x0000000000452000-memory.dmp
memory/2032-1820-0x0000000005930000-0x0000000005ED4000-memory.dmp
memory/2032-1821-0x0000000005420000-0x00000000054B2000-memory.dmp
memory/2032-1822-0x0000000005390000-0x000000000539A000-memory.dmp
memory/2032-1823-0x0000000006500000-0x0000000006B18000-memory.dmp
memory/2032-1824-0x0000000005EE0000-0x0000000005FEA000-memory.dmp
memory/2032-1825-0x0000000005640000-0x0000000005652000-memory.dmp
memory/2032-1826-0x00000000057B0000-0x00000000057EC000-memory.dmp
memory/2032-1827-0x0000000005800000-0x000000000584C000-memory.dmp
memory/2032-1846-0x0000000006060000-0x00000000060C6000-memory.dmp
memory/2032-1855-0x0000000007250000-0x0000000007412000-memory.dmp
memory/2032-1856-0x0000000007950000-0x0000000007E7C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies
| MD5 | adff52d29188474c1d84f9501e719df7 |
| SHA1 | d8beb20fba814aee644e5a54d292ff0d5736249b |
| SHA256 | 45d3eae404f75df996d6da386dd946dc5e161362d38410ab6238e37547dd087d |
| SHA512 | d8578c17ffafb6155a39a47d5829101f8faf52d184838bbf3910aa48a274ebbe75a0e27a49d9843e6f549e1e6e1ce94e84ef7e1bacd448bead09511d5fbaa786 |
memory/2032-1859-0x0000000007620000-0x0000000007670000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
| MD5 | df7d103bbd49c15be5ac5805ecf86879 |
| SHA1 | 6363d13a0939aa7d4344c96c5b5bce51628ebee4 |
| SHA256 | f992572da4484587290ac621ac57c9c42a76791f415f0558f2bf83d94f261064 |
| SHA512 | 4c506ae155c976767e3d1d962cd19d667faadde5993997d34499e7bbd3209307e37818ed41a397771343c6920af762ea14a80f2d6283a4c4e0f761adad9a5878 |