Analysis Overview
SHA256
212e835d3cad3cf703e4e015ce31f80a950fa4a4d650b8891e4c49076f50cf4a
Threat Level: Known bad
The file index (1).html was found to be: Known bad.
Malicious Activity Summary
Contains code to disable Windows Defender
Detect Xworm Payload
Xworm
Command and Scripting Interpreter: PowerShell
Modifies Windows Firewall
Drops startup file
Executes dropped EXE
Obfuscated with Agile.Net obfuscator
Loads dropped DLL
Looks up external IP address via web service
Legitimate hosting services abused for malware hosting/C2
Enumerates connected drives
Adds Run key to start application
Browser Information Discovery
Event Triggered Execution: Netsh Helper DLL
Checks SCSI registry key(s)
Suspicious use of WriteProcessMemory
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Suspicious use of SetWindowsHookEx
Modifies registry class
Suspicious use of AdjustPrivilegeToken
Enumerates system info in registry
Uses Task Scheduler COM API
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Scheduled Task/Job: Scheduled Task
Suspicious use of FindShellTrayWindow
Modifies data under HKEY_USERS
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-09-19 21:57
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-09-19 21:57
Reported
2024-09-19 22:16
Platform
win10v2004-20240802-en
Max time kernel
1112s
Max time network
1123s
Command Line
Signatures
Contains code to disable Windows Defender
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Detect Xworm Payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Xworm
Command and Scripting Interpreter: PowerShell
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
Modifies Windows Firewall
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\netsh.exe | N/A |
Drops startup file
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\System User.lnk | C:\Users\Admin\Desktop\Xworm\XWormLoader V5.2.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\System User.lnk | C:\Users\Admin\Desktop\Xworm\XWormLoader V5.2.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\System User | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\System User | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\System User | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\System User | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Xworm\XWormLoader 5.2 x64.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\System User | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\System User | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\System User | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\System User | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Desktop\Xworm\XWorm V5.2.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Xworm\XWorm V5.2.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Xworm\XWormLoader 5.2 x64.exe | N/A |
Obfuscated with Agile.Net obfuscator
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\System User = "C:\\Users\\Admin\\AppData\\Roaming\\System User" | C:\Users\Admin\Desktop\Xworm\XWormLoader V5.2.exe | N/A |
Enumerates connected drives
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | ip-api.com | N/A | N/A |
Browser Information Discovery
Event Triggered Execution: Netsh Helper DLL
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\System32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\System32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\System32\netsh.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\Desktop\Xworm\XWorm V5.2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\Desktop\Xworm\XWorm V5.2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\Desktop\Xworm\XWorm V5.2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemVersion | C:\Users\Admin\Desktop\Xworm\XWorm V5.2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\Desktop\Xworm\XWormLoader 5.2 x64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemVersion | C:\Users\Admin\Desktop\XWorm-5.6-main\Xworm V5.6.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemVersion | C:\Users\Admin\Desktop\Xworm\XWorm V5.2.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemVersion | C:\Users\Admin\Desktop\Xworm\XWormLoader 5.2 x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\Desktop\XWorm-5.6-main\Xworm V5.6.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\Desktop\XWorm-5.6-main\Xworm V5.6.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\Desktop\Xworm\XWorm V5.2.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\Desktop\Xworm\XWormLoader 5.2 x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133712568763490660" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4182098368-2521458979-3782681353-1000\{1D8AC280-5614-4353-99F0-629D60A79A86} | C:\Users\Admin\Desktop\Xworm\XWormLoader V5.2.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Scheduled Task/Job: Scheduled Task
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\schtasks.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Desktop\XWorm-5.6-main\Xworm V5.6.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Xworm\XWormLoader V5.2.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Xworm\XWormLoader 5.2 x64.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Desktop\Xworm\XWormLoader V5.2.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\index (1).html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaa10646f8,0x7ffaa1064708,0x7ffaa1064718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2064 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2356 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2784 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5032 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3940 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5848 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5848 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5632 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4968 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6332 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffa8ebfcc40,0x7ffa8ebfcc4c,0x7ffa8ebfcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1896,i,14515540368532243289,6710152128131613403,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1884 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2032,i,14515540368532243289,6710152128131613403,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2104 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2236,i,14515540368532243289,6710152128131613403,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2432 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3168,i,14515540368532243289,6710152128131613403,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3188 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3424,i,14515540368532243289,6710152128131613403,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3440 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4564,i,14515540368532243289,6710152128131613403,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4576 /prefetch:8
C:\Users\Admin\Desktop\XWorm-5.6-main\Xworm V5.6.exe
"C:\Users\Admin\Desktop\XWorm-5.6-main\Xworm V5.6.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5548 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4476,i,14515540368532243289,6710152128131613403,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4456 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4472,i,14515540368532243289,6710152128131613403,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5132 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4780,i,14515540368532243289,6710152128131613403,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4728 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x418 0x4a0
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa8ebfcc40,0x7ffa8ebfcc4c,0x7ffa8ebfcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4884,i,14515540368532243289,6710152128131613403,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5088 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5096 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5936 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6752 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5936 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6084 /prefetch:8
C:\Users\Admin\Desktop\Xworm\XWorm V5.2.exe
"C:\Users\Admin\Desktop\Xworm\XWorm V5.2.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://t.me/XCoderTools
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffaa10646f8,0x7ffaa1064708,0x7ffaa1064718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://t.me/XCoderTools
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffaa10646f8,0x7ffaa1064708,0x7ffaa1064718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://t.me/XCoderTools
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffaa10646f8,0x7ffaa1064708,0x7ffaa1064718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,9344942360155347788,12577069450991824638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffaa10646f8,0x7ffaa1064708,0x7ffaa1064718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,2797159227314912046,7428339305924721664,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,2797159227314912046,7428339305924721664,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,2797159227314912046,7428339305924721664,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2692 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2797159227314912046,7428339305924721664,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2797159227314912046,7428339305924721664,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2797159227314912046,7428339305924721664,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2797159227314912046,7428339305924721664,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,2797159227314912046,7428339305924721664,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5240 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,2797159227314912046,7428339305924721664,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5240 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2797159227314912046,7428339305924721664,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2797159227314912046,7428339305924721664,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2797159227314912046,7428339305924721664,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5088 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://t.me/XCoderTools
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffaa10646f8,0x7ffaa1064708,0x7ffaa1064718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2797159227314912046,7428339305924721664,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2797159227314912046,7428339305924721664,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://t.me/XCoderTools
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffaa10646f8,0x7ffaa1064708,0x7ffaa1064718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2797159227314912046,7428339305924721664,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2797159227314912046,7428339305924721664,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://t.me/XCoderTools
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffaa10646f8,0x7ffaa1064708,0x7ffaa1064718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2797159227314912046,7428339305924721664,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2797159227314912046,7428339305924721664,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5952 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,2797159227314912046,7428339305924721664,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5432 /prefetch:2
C:\Users\Admin\Desktop\Xworm\XWormLoader V5.2.exe
"C:\Users\Admin\Desktop\Xworm\XWormLoader V5.2.exe"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\Desktop\Xworm\XWormLoader V5.2.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess 'XWormLoader V5.2.exe'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionPath 'C:\Users\Admin\AppData\Roaming\System User'
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass Add-MpPreference -ExclusionProcess 'System User'
C:\Windows\System32\schtasks.exe
"C:\Windows\System32\schtasks.exe" /create /f /RL HIGHEST /sc minute /mo 1 /tn "System User" /tr "C:\Users\Admin\AppData\Roaming\System User"
C:\Users\Admin\Desktop\Xworm\XWorm V5.2.exe
"C:\Users\Admin\Desktop\Xworm\XWorm V5.2.exe"
C:\Users\Admin\AppData\Roaming\System User
"C:\Users\Admin\AppData\Roaming\System User"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://t.me/XCoderTools
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaa10646f8,0x7ffaa1064708,0x7ffaa1064718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2797159227314912046,7428339305924721664,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2797159227314912046,7428339305924721664,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2797159227314912046,7428339305924721664,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4232 /prefetch:1
C:\Users\Admin\AppData\Roaming\System User
"C:\Users\Admin\AppData\Roaming\System User"
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x418 0x4a0
C:\Users\Admin\AppData\Roaming\System User
"C:\Users\Admin\AppData\Roaming\System User"
C:\Users\Admin\AppData\Roaming\System User
"C:\Users\Admin\AppData\Roaming\System User"
C:\Users\Admin\Desktop\Xworm\XWormLoader 5.2 x64.exe
"C:\Users\Admin\Desktop\Xworm\XWormLoader 5.2 x64.exe"
C:\Users\Admin\AppData\Roaming\System User
"C:\Users\Admin\AppData\Roaming\System User"
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Users\Admin\AppData\Roaming\System User
"C:\Users\Admin\AppData\Roaming\System User"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5340,i,14515540368532243289,6710152128131613403,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0x40,0x10c,0x7ffaa10646f8,0x7ffaa1064708,0x7ffaa1064718
C:\Users\Admin\AppData\Roaming\System User
"C:\Users\Admin\AppData\Roaming\System User"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,16454152090007841399,4559535078159867674,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,16454152090007841399,4559535078159867674,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2112,16454152090007841399,4559535078159867674,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2864 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16454152090007841399,4559535078159867674,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16454152090007841399,4559535078159867674,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16454152090007841399,4559535078159867674,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16454152090007841399,4559535078159867674,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16454152090007841399,4559535078159867674,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16454152090007841399,4559535078159867674,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4964 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16454152090007841399,4559535078159867674,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,16454152090007841399,4559535078159867674,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5212 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,16454152090007841399,4559535078159867674,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5212 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16454152090007841399,4559535078159867674,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16454152090007841399,4559535078159867674,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16454152090007841399,4559535078159867674,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16454152090007841399,4559535078159867674,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16454152090007841399,4559535078159867674,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16454152090007841399,4559535078159867674,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1
C:\Windows\System32\netsh.exe
"C:\Windows\System32\netsh.exe" advfirewall set allprofiles state off
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16454152090007841399,4559535078159867674,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2112,16454152090007841399,4559535078159867674,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5940 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2112,16454152090007841399,4559535078159867674,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6028 /prefetch:8
C:\Users\Admin\AppData\Roaming\System User
"C:\Users\Admin\AppData\Roaming\System User"
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /0
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.tailwindcss.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 172.67.41.16:443 | cdn.tailwindcss.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | oaidalleapiprodscus.blob.core.windows.net | udp |
| US | 20.150.70.100:443 | oaidalleapiprodscus.blob.core.windows.net | tcp |
| US | 20.150.70.100:443 | oaidalleapiprodscus.blob.core.windows.net | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.41.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.70.150.20.in-addr.arpa | udp |
| GB | 95.101.143.182:443 | www.bing.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 182.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 95.101.143.219:443 | th.bing.com | tcp |
| GB | 95.101.143.195:443 | r.bing.com | tcp |
| GB | 95.101.143.195:443 | r.bing.com | tcp |
| GB | 95.101.143.219:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 219.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.23:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 185.199.109.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | camo.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 71.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.110.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.113.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| GB | 20.26.156.216:443 | codeload.github.com | tcp |
| US | 8.8.8.8:53 | 216.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.169.4:443 | www.google.com | tcp |
| GB | 172.217.169.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 4.169.217.172.in-addr.arpa | udp |
| GB | 95.101.143.219:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 35.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | tcp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| GB | 172.217.169.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.200.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| GB | 95.101.143.177:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 177.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 95.101.143.202:443 | th.bing.com | tcp |
| GB | 95.101.143.202:443 | th.bing.com | tcp |
| GB | 95.101.143.202:443 | th.bing.com | tcp |
| GB | 95.101.143.202:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 202.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | playit.gg | udp |
| US | 104.26.5.160:443 | playit.gg | tcp |
| US | 104.26.5.160:443 | playit.gg | tcp |
| US | 8.8.8.8:53 | unpkg.com | udp |
| US | 104.17.247.203:443 | unpkg.com | tcp |
| US | 8.8.8.8:53 | 160.5.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.247.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 4.73.50.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 40.126.31.67:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 67.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 21.112.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gofile.io | udp |
| FR | 45.112.123.126:443 | gofile.io | tcp |
| FR | 45.112.123.126:443 | gofile.io | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 126.123.112.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.gofile.io | udp |
| FR | 51.38.43.18:443 | api.gofile.io | tcp |
| US | 8.8.8.8:53 | s.gofile.io | udp |
| US | 8.8.8.8:53 | 18.43.38.51.in-addr.arpa | udp |
| FR | 51.75.242.210:443 | s.gofile.io | tcp |
| FR | 51.75.242.210:443 | s.gofile.io | tcp |
| US | 8.8.8.8:53 | ad.a-ads.com | udp |
| DE | 148.251.53.118:443 | ad.a-ads.com | tcp |
| US | 8.8.8.8:53 | static.a-ads.com | udp |
| DE | 148.251.1.246:443 | static.a-ads.com | tcp |
| US | 8.8.8.8:53 | 210.242.75.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.53.251.148.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.1.251.148.in-addr.arpa | udp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | store9.gofile.io | udp |
| US | 206.168.190.239:443 | store9.gofile.io | tcp |
| US | 206.168.190.239:443 | store9.gofile.io | tcp |
| US | 8.8.8.8:53 | 239.190.168.206.in-addr.arpa | udp |
| US | 8.8.8.8:53 | t.me | udp |
| NL | 149.154.167.99:443 | t.me | tcp |
| NL | 149.154.167.99:443 | t.me | tcp |
| US | 8.8.8.8:53 | telegram.org | udp |
| US | 8.8.8.8:53 | cdn4.cdn-telegram.org | udp |
| US | 34.111.35.152:443 | cdn4.cdn-telegram.org | tcp |
| NL | 149.154.167.99:443 | telegram.org | tcp |
| NL | 149.154.167.99:443 | telegram.org | tcp |
| NL | 149.154.167.99:443 | telegram.org | tcp |
| NL | 149.154.167.99:443 | telegram.org | tcp |
| NL | 149.154.167.99:443 | telegram.org | tcp |
| US | 8.8.8.8:53 | 99.167.154.149.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.35.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | t.me | udp |
| NL | 149.154.167.99:443 | t.me | tcp |
| US | 8.8.8.8:53 | telegram.org | udp |
| NL | 149.154.167.99:443 | telegram.org | tcp |
| US | 8.8.8.8:53 | ip-api.com | udp |
| US | 208.95.112.1:80 | ip-api.com | tcp |
| US | 8.8.8.8:53 | 1.112.95.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | press-pairs.gl.at.ply.gg | udp |
| US | 147.185.221.22:50154 | press-pairs.gl.at.ply.gg | tcp |
| US | 8.8.8.8:53 | 22.221.185.147.in-addr.arpa | udp |
| US | 147.185.221.22:50154 | press-pairs.gl.at.ply.gg | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | udp |
| US | 147.185.221.22:50154 | press-pairs.gl.at.ply.gg | tcp |
| US | 147.185.221.22:50154 | press-pairs.gl.at.ply.gg | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.169.4:443 | www.google.com | udp |
| GB | 88.221.135.42:443 | www.bing.com | tcp |
| GB | 88.221.135.42:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | 42.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 95.101.143.201:443 | r.bing.com | tcp |
| GB | 88.221.135.42:443 | r.bing.com | tcp |
| GB | 88.221.135.42:443 | r.bing.com | tcp |
| GB | 95.101.143.201:443 | r.bing.com | tcp |
| GB | 88.221.135.42:443 | r.bing.com | udp |
| US | 8.8.8.8:53 | fpt.microsoft.com | udp |
| US | 52.167.30.171:443 | fpt.microsoft.com | tcp |
| US | 8.8.8.8:53 | fpt2.microsoft.com | udp |
| US | 8.8.8.8:53 | 171.30.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.133:443 | camo.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| GB | 20.26.156.216:443 | codeload.github.com | tcp |
| US | 147.185.221.22:50154 | press-pairs.gl.at.ply.gg | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 983cbc1f706a155d63496ebc4d66515e |
| SHA1 | 223d0071718b80cad9239e58c5e8e64df6e2a2fe |
| SHA256 | cc34b8f8e3f4bfe4c9a227d88f56ea2dd276ca3ac81df622ff5e9a8ec46b951c |
| SHA512 | d9cf2ca46d9379902730c81e615a3eb694873ffd535c6bb3ded2dc97cdbbfb71051ab11a07754ed6f610f04285605b702b5a48a6cfda3ee3287230c41c9c45cd |
\??\pipe\LOCAL\crashpad_3168_ZRHTFIGKHSTSZKPF
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 111c361619c017b5d09a13a56938bd54 |
| SHA1 | e02b363a8ceb95751623f25025a9299a2c931e07 |
| SHA256 | d7be4042a1e3511b0dbf0ab5c493245e4ac314440a4ae0732813db01a21ef8bc |
| SHA512 | fc16a4ad0b56899b82d05114d7b0ca8ee610cdba6ff0b6a67dea44faf17b3105109335359b78c0a59c9011a13152744a7f5d4f6a5b66ea519df750ef03f622b2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 727978063bc90020daffc1127f675f5f |
| SHA1 | a984f0fb486d70e0fd6deed9dba0bc77a0319bb9 |
| SHA256 | 0304d3b8371ef71404e81f57c8163bcd951ec1ddbda9c8345e76c2357160b65e |
| SHA512 | d410857d1853222d4fac4c4c0c74fbd8e3ffb63223be222daa3ec69fb0a10985d781da8aa227da93becf8fd42b109ff273275d9759087d173f64fc3dff4cbb5e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d7975bb6264c49eb0812ffe0cc7e5af9 |
| SHA1 | a1dbb70ed82f187721ca76481ebc1fe9cd9e08dc |
| SHA256 | 0f7ecbaab96cab6655725ba4720e3ee32447caffbcbe0f0bd1b63f8e97dc2ae4 |
| SHA512 | 0c33ca20d845fa9c1e347328f4a0353e6d0a3b37fd6c45afa047396cfb5c257058ab74cac5c0970ece38b044fc6c16d19b7f62cc97c819fcf3cbeb547bea3d97 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b9085f5f200ca835919496dd3241c45b |
| SHA1 | 53addfdb043e2530968dd0917349ff781f564764 |
| SHA256 | 2f87b1e0752385038c2ad13fff93367522478c1bf466fe10cf5786c487b948c3 |
| SHA512 | e79b643053292a367d87373fb257f37ef7a4fa9225fd6fb19cc18bb59a1d59891ccafdf0c1907ba5d3fcc3389c4441ea7d4b79471a3344ce7d428405ae9727ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\Downloads\XWorm-V5.2-main.zip
| MD5 | 06290bca26649b34c201fa1a6fabd232 |
| SHA1 | 5ee6f669a49d57fb3669e4c404187f97afdb0d35 |
| SHA256 | 338091b8fa272908857fee2d1ea3622a3147df78c1fd72f36328ccf16b51c87d |
| SHA512 | b90c2f0e922b891400e30605362ff2cf588c0d072ce9263cc3d55ccf141d678803b39688ca18c2b36e85cb9c8dbb16745a471aa94610c98ef37d0dd8e1a4911d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f74fa20294f3668f2f0fa40128013d42 |
| SHA1 | 825b2bb6efbea4504e9be613dcd1002539a9cae1 |
| SHA256 | dcc9ce07b7d4c97caae014c5df2ce5432a0ed7db922507610ecd22f6923602cd |
| SHA512 | 626bbeab008b45444e787434df4621297172549c03e6521b2a5511045517cf5c2772123180dadae9ef2c582e92f1896c702fab9f54e1fa48c9ec3aadd14c3937 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe585f22.TMP
| MD5 | cc5f934ba00169d3e6ebcbe69991d2df |
| SHA1 | a254a280e0017ba6072a765f7436a645b04d999b |
| SHA256 | ff4ac34fd469ac8bab6253f37e57240a17064cfe0b53ea7658483084bb09b420 |
| SHA512 | 5d88d489349221fa98708897582a7ed9e6fc92484570ef2dc0f93956d0ca3adddc94358965c878435494294e8d87076374655cfa0d30445b4cabfd40990a9fa9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7d26270a60b55d341dd78cd1f308be1d |
| SHA1 | 0dd9cef8eccd3b6f3ba36d6d37b5747113d9f4c1 |
| SHA256 | 77c84910539f7765f5bd3c85a53aeb612a756fe4239d10934cb4b16aee7d91ad |
| SHA512 | 75e58f297b3ad39b702dd13868651d82262faf6227aca5a6b881c032fcaca703a473df362ef0117b427b3fbd9a7da85abd15554655ca9fc29c4119aeec3fe445 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fde4e0536e63309d29d39b507e32ff38 |
| SHA1 | eb6be4cc63409da63272123e8e83aa79e4cf9051 |
| SHA256 | 1268543115d2c03d3adf411fa5558c79d4857a212f24843dded9878a0bb3bcfd |
| SHA512 | e601e72769ec9e5503e74b839dd26d2c83c5f77ee3a2edd6c095c810733ae5372e2985ffb1c93b34baccb903ad794fe20c94cc2a52234e4decb1ba83efee15a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 98c05d0f2668488754f317611aa0f46e |
| SHA1 | 46072bf47c2605103c37dd1f3fa0275e3ef54492 |
| SHA256 | 7c91983d74ae99327bdaf67deb706d118a9e925567b903d78e1a90fda5bb09c2 |
| SHA512 | af53ec806405e159a7dd0dfe349933a855e04f1a077d60b85bf7a207d03971ff240f07d8d3f5f92edd1c3b845b523022078b46be46166b5102b8e3415b5b260b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 89703a32ec5d1e649712d3a3568a6912 |
| SHA1 | 9ccb5bce0f0e8d50659d5713d829742128605827 |
| SHA256 | 5a690a68900ffe42a4851fd118e990a4210f131b1d61f08deebfeb97a35a336c |
| SHA512 | cf79dd8d3a197f1ef63de008b8c0ab39d75ebbf6cf4ba774ef426bb9c251d9e5639b3fd858cc2047ebb14cdc0be5427b01b1d9c5a23381517a66c2256e2f9854 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d117cd7af6283fb8c01680a1b3c91b97 |
| SHA1 | 8e7cce81bcc483fc7787006e177183ede3e80db8 |
| SHA256 | 5bf46b1e5662f15c387247870efc8659a26abc39169d582b88c914b139177180 |
| SHA512 | aeff4175e7e867afcafa7085c1eb8b7f4e19de80e40e5e8d99894448bdb76ab27d2da4cac688f9fbe7b57acd4ba1dcbe26f2571234e510451a590fe5d15efbd1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 34efe3f0acef3fdb825d4dd9a263b3ca |
| SHA1 | a9f9adebbd3f86ba033dfb15b9ebb6857ce300f0 |
| SHA256 | 61c5f9487af87c976204b1d98f091462c0b8c8fe546486eaeba99acde06e72ea |
| SHA512 | 87f892b3e10680b8c5f348e7be519cc6fd81ddd5fd223abcf87897416602e7f8b71c466560e04b8feeee5bedac1a92feb577cc2158ecdb8393ac665794de8cf7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0a40c49a1fda1a24590636464bd377b5 |
| SHA1 | 84c9b323c1637b61fcc73ae07cb06dfa16a7d8c6 |
| SHA256 | e68d9162d5caa4110f4d29dcd42b8aadea86e19226334bd34c7512d491c30da5 |
| SHA512 | 1d60355a37f0c12569aeed89b73090d219e9998e8d9e41ce3b0bf6f2e631c37573a38be13410227a5727256b26b5e137d0bf402bc4263b68c82195827d1d71e4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2509d896529d06e98ccf26a547dbcec7 |
| SHA1 | ab3e20426f52de3fc9921e58f85ae41a299eac25 |
| SHA256 | aa526c0bf03fa91441afd0d7c9c645c222476ac7568898be4d9e6015ccd1c308 |
| SHA512 | 1da22a7955f9c1e19cb6a8a125e70f5194eaaaa40ad9161eeadb4b2ec4baa605fd1c3d3eee9361639dd3bef3e093400ecde47df60d40200345f7b39995499e77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | 76a3f1e9a452564e0f8dce6c0ee111e8 |
| SHA1 | 11c3d925cbc1a52d53584fd8606f8f713aa59114 |
| SHA256 | 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c |
| SHA512 | a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | 710d7637cc7e21b62fd3efe6aba1fd27 |
| SHA1 | 8645d6b137064c7b38e10c736724e17787db6cf3 |
| SHA256 | c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b |
| SHA512 | 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | c3c0eb5e044497577bec91b5970f6d30 |
| SHA1 | d833f81cf21f68d43ba64a6c28892945adc317a6 |
| SHA256 | eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb |
| SHA512 | 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 4308671e9d218f479c8810d2c04ea6c6 |
| SHA1 | dd3686818bc62f93c6ab0190ed611031f97fdfcf |
| SHA256 | 5addbdd4fe74ff8afc4ca92f35eb60778af623e4f8b5911323ab58a9beed6a9a |
| SHA512 | 5936b6465140968acb7ad7f7486c50980081482766002c35d493f0bdd1cc648712eebf30225b6b7e29f6f3123458451d71e62d9328f7e0d9889028bff66e2ad2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 3fa3fda65e1e29312e0a0eb8a939d0e8 |
| SHA1 | 8d98d28790074ad68d2715d0c323e985b9f3240e |
| SHA256 | ee5d25df51e5903841b499f56845b2860e848f9551bb1e9499d71b2719312c1b |
| SHA512 | 4e63a0659d891b55952b427444c243cb2cb6339de91e60eb133ca783499261e333eaf3d04fb24886c718b1a15b79e52f50ef9e3920d6cfa0b9e6185693372cac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8f85aa14d6533b658ef196e081e3a143 |
| SHA1 | 650ee39ea7d3e849172e40130eb2280dc098783d |
| SHA256 | 5f0bdf2e7e24c897e6fac677ccd2400a90f2c0b4a3e5564adb0ce19b24d3e1de |
| SHA512 | 5faf74996f0a1abf79441ebbc0c7b87185552bf2400e0c4ae997d1bd7d22512531a654009e8716a0e49efa8872473cf176e9edc3c0f68d74c87c6563cf7d0649 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ee2216f010739d093a1191cbefd97e7a |
| SHA1 | 46e92bfa7fa51940a00cf400eef61e5e11a6e461 |
| SHA256 | 9e42335a24f328722704013a81900769ac7f7a689564863ad15d99ac1e70e20d |
| SHA512 | a54130b10be1434f94e64b4c0e1093c6c5e50376c7a80e38130470cd8d585a9eba37d94a3ed90960931bd946b9ae41ae135e2d808b4b614f2e9f048125cbda99 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7e76ac8d4035099bad93a7612b1e7e19 |
| SHA1 | 304cbcd25d58069eae3f0471fa8dbad063f9339e |
| SHA256 | 39aba7d2cf84e0bb4fcdcb21a24a9c820ba2362c961566969312ca9444cf8b19 |
| SHA512 | 776ef9d440dc180bbfc14f3f2c0570d0b3991fcb922901f0fe2842cf4a97da6e4d503bd7263dd74b5e8799513260c2f447fc5d26c97310535a8ebc3f8bcdf00c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4ecef3f57ebd6a979bac1fde5c504d35 |
| SHA1 | a2e471ab1ad8c6e6113bc799f1561a79b994aed8 |
| SHA256 | 4b7bfa3ca9de8a7623d26b22a9a5be2babed4681bbf5106855c07b460eedd290 |
| SHA512 | f9848aec49620b38b17476d9d84f912d24f166a3a5703d01b3ffd3ef86530270ae9d95a2ee87e5efc8a178369ad7feeaca9287276ec628179e98d55e8dd161eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9d69a459bf2859a43f8ed917876f9515 |
| SHA1 | b598bee2b2ffe716b97f9f71cf051424d0984cb1 |
| SHA256 | fb50d1b587e26d1c426756d9baf2a80432eceaa6ba4cca3a93a996a666824184 |
| SHA512 | 3ab3cf29f5579ee6a41a49ec25cd2a2474270a7c520ae7469692441aec52ad0df5f848cdcc519ba11d6355c469a0c99b5642b08ed8b9c32ba0dd0e112ea51a92 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 0aca3d3e715307f80235bfd965693ec3 |
| SHA1 | 51cfe58f711264952ca709e6edca32fafb7dccc4 |
| SHA256 | 46ddde0817c56aa4d135cd6a6c2a5fb42e25bbbaf072ae798dbab89578aee0f8 |
| SHA512 | eb9d4ed78bbac4e13881659ce195ea03ed517d979e4f8942d3fc5997c65ac5ca7f195c870e6a05e5538e9641dfcbff18466817f7e15e26ee330f22056be69403 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 18ef5e54bd633d5f82e03b753c4759c0 |
| SHA1 | e6ad854966b9266fa4c7ba9b181627a7c37013a7 |
| SHA256 | 4d1eb172bf58b705976cd21a97d4d1993ff07b4c977624add9c1f26c1a325807 |
| SHA512 | 2700f73526c7db09bb0f1666b7866dab1c2e5bcfb7463e5bcdf0560f0f33f2acde58470af2e7b7419ea3f165b20144c40039c12f4c3cf391ce549287fef7b91a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 54c16826574a0b7b9a0e415e34a123f3 |
| SHA1 | b8d360e2110ead06f238f9a0ee1d9a9b2e05185a |
| SHA256 | ee8e5c98b95722f6945c96704165df42f88e57a4e49f933781710e618ee1f3a8 |
| SHA512 | 4dd1eb038c4c98b288e32173ba9940d32b04663d2530085d6ba53faf8cbb5c35bef312ffe6a7c1c9e8d3c55d02ff43e742ad020496ceb3538d221b9f5d018748 |
C:\Users\Admin\Downloads\Unconfirmed 209424.crdownload
| MD5 | 95c1c4a3673071e05814af8b2a138be4 |
| SHA1 | 4c08b79195e0ff13b63cfb0e815a09dc426ac340 |
| SHA256 | 7c270da2506ba3354531e0934096315422ee719ad9ea16cb1ee86a7004a9ce27 |
| SHA512 | 339a47ecfc6d403beb55d51128164a520c4bea63733be3cfd47aec47953fbf2792aa4e150f4122994a7620122b0e0fc20c1eeb2f9697cf5578df08426820fecd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 93e318720de53293bb7ba45af7c76629 |
| SHA1 | ba1000c1e94b13f186d81e34257f8b611fbf3aa3 |
| SHA256 | 2b3a326d94e7bbb1440edbbb015ad3b567605d9748d63569a7c7231f7595966f |
| SHA512 | 5e9a6ddba62f88a1bd3fceb28b2eac4c9c272edbfd1fe7654faa190330e4463d7505aa371607315a78a1c58c718c2c9a3435f62023b2da7f0838fea61d81cc0b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 00bc4976c26e4f55484f24439e3fb0f8 |
| SHA1 | 5f9d94adc2d340ce155c76fc429a754ae8a3bb4d |
| SHA256 | 993eb324ffe9bb7d93c044b3484352e97b05a68bb71c79fcef822ef026022f73 |
| SHA512 | 60c41da60c34d3fd90ec2b88560ff431cf9e2c3a1875d7a63aab8512af5d79cb01d84192fbd922c672949663b50772ad5a0de675b536af91f857166a5d430be6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8768c57ff1902e080b022cf4f301fe32 |
| SHA1 | de5d8ba816bb51cad5469c575d265349a2b247c7 |
| SHA256 | f85d6b03f31d27d94d43fc868cec40d65aabc16913148215709c21b3626f3872 |
| SHA512 | 351e5dcb188a9814514f9cfa29c529ff3aba6c62bca885a7746cd233b44b45c568fe02b156340232a70844e3924fb9f4e036c1cf2d8e61f7d1e05f6bef45f102 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b113edf85f56b603aff2889bedbe4387 |
| SHA1 | f335ec67475d079e7d737954bd58c00842b34037 |
| SHA256 | 0775271dd5bdefbbb31aab359ea9970ba65eb9029808cd45fc0ac8298d50c6d2 |
| SHA512 | 760281ef58fb757a6d99d6b36376e786f21be6c145b1ff3b2e7b73aa3943e61e5602549577a2240361c0402f12ba3005f07a6218186719f3a08604d851819770 |
memory/4360-950-0x0000027DD2330000-0x0000027DD3218000-memory.dmp
memory/4360-952-0x0000027DEF9D0000-0x0000027DEFBC4000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 04fa02a54a0cea22fdf67cffca4e84b6 |
| SHA1 | 41c52876287a4132ef19a85201d018717c1863dc |
| SHA256 | 179b770bd5270644980d67e7fe827548dbb8b9135e4f1710d824895ec529bbc4 |
| SHA512 | 30c9cda51186ee906fa09b04a1ad728a310b945b9c3ba50d7273b1af050a366378e69a93d93f0446a3fc200b19c6704c8ddcc80c2395eb0a501064f89e8257e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | b21b1e75a71f0040ae54f916adaa55f7 |
| SHA1 | 55429022dec3b9dc4cb2146d91f7d640170dbb10 |
| SHA256 | d8f373779060b473d1f9d13955df0334f5a36389e369660ea9296d2e270278dd |
| SHA512 | 7555bb82bd4d2e0f0a3dea4a0cb948f3bc0a352c134ceaa33bb60f80f84ec896f1fd97ba52abb546d8e144b28c2de861830ad41c8b0576ca42a4295d7e5dc745 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 27137ff16a264af9c33f6e991a544527 |
| SHA1 | 85f5291360d8ced1d06ca56622504f77797dd73f |
| SHA256 | 8184c27d2d21bd7403486aad905e3e5250f20b2ba1a2093db17f94b605e1bc70 |
| SHA512 | b3cae04ce6f2bd21fcafac628805f161f57e9155f0de9dff4490eb865e4ede41e15da8fb51c762febbefb00bf09c5dc26253a83b69355d06cc2ae74d102de617 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 3a6fe98bc01c8de1b76afbc835b01d94 |
| SHA1 | 21b5b23c7d8471570b389e91393a8a7ee70cf22e |
| SHA256 | 7ee6b72b4afa03db9894afd08768b5ef5f777d00d9cb6eb904fd340b00ff789e |
| SHA512 | 9dd9dbca3b6b87757ceb18ece86f975bc8012c25d8493a94af34ae8f88aad74986964c5603c15408c0c679e62ed5d50bdacbb46498209092d1f2e976f4aac739 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 48f451c5181d3a7958cb2f5f7c2b489e |
| SHA1 | 469548639997e73a2178ca4a859269ac0794e474 |
| SHA256 | 08409393e245640d274049ea4616c69bc47350409210ea8ff132b86767730637 |
| SHA512 | 2dc463c0d05616073a2bc85fa0d98e227720e68a26b1aa812b7282994a13283a9822b532327ff7f32a7c8ea6479e8b7c87f9710e7236df3b17b2ed9c3802e699 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f58505e268cda20a858cd86f452db51f |
| SHA1 | 4e4a24abb7f109577f0cfaa09b31b2db8bf2e569 |
| SHA256 | 1df583d84800bffe80ba56c46c1e485c7268f69601662e9165507fb8ad31458e |
| SHA512 | 6e926a1332aa1fdb4074dca916994f3906e9c0d79edbfb6f6f9e2c5f3e02236850043269b79c3296fc5fdbd60c59042886f886bd0bb171a0933fb1023012c39f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f7e2757e43c6cd590c82569fc2de92fd |
| SHA1 | 02d201a3ec1dd2315ff01e50b42e9d558e432681 |
| SHA256 | 316409b8b044495b64f62094db00f4ba1d988fb15d2cb33ff5f2a24647920b94 |
| SHA512 | db3b3b8e0325ea163ee074d0361bf2607ae67b6eae279a03997b89cacfeb5d3321409584840c1bf03da4f0ddb0982f2bdacd86378c7233ce54ca885d1e97bd9e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\fee64789-bb19-4e07-9764-de7a8f68e215.tmp
| MD5 | 844968b6d1145688337000cc40530f7e |
| SHA1 | dd2e614f4990a8f151bef988c496ad0475d57a84 |
| SHA256 | 111bd51fee991f62ca19ad45a04afb054e40c0cdbcce0e7a89bd199fcf8abb66 |
| SHA512 | 9f33ebfbc1097c400dd2dfc0783791e1b302a64e74a81a95dbfb21557523309db5c64b39b7652887857e9a5fba10f31a8161c54d92cde6ac36dd807f88510024 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d27d9e6a5767a6baf7481a248789fa98 |
| SHA1 | d5b6a2291109169df0d889f81d43e3396634fb33 |
| SHA256 | 78355201cad16d8a3581683ec714352aa32b7ae9063c1ed1c2d7c7999fa05af2 |
| SHA512 | b73553e2f3358eb31aeb5cd3b2c518e4f0cebc4ca5647aecf830eb773aa5dd28e09e2574e8737476e83951734ef8ffaed4abd098289659648fb0ef351da47644 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dda2acb488cc563633568c40db593ccf |
| SHA1 | c4faebf49a2ff93045f4a88d547cd178402cca1c |
| SHA256 | bcfa9b60b5b9bec4ebb9ddf6324b6e6f9862da1d226a30ab2ca59f3d7ec6bca2 |
| SHA512 | 797512b8504f94faf1adb706591bc096e76db65fdfa4dee39675570098a38d0f634a8efb1a3aa841ff9deb3a725080b8bcc3b7d91d4f11203962260cab34be09 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 5eb0d2eaf5afb38af857020de6843698 |
| SHA1 | 0d3e62f71d33555dbcfc0fb9d74e444e3d68cc35 |
| SHA256 | 2d2a56323603b0b28a21dfc8bf44c068af581673d57d6fb7199081c1ed4b4b1c |
| SHA512 | 8bba8fce505b356fb4c4576e69c4ca44fb90ac4050bc74545c06ad3dee6c846c6192f5a1d085f65541bc3ab858934aaa48a41b8b7b886f4d0537f23a79085b47 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 71cc650eda7ccaab346890bc03598f17 |
| SHA1 | e6a4fd4050bc38524cc80755c41b2b9e4d56895e |
| SHA256 | 6794465c085476a1bad38bd2b3a807e5f6833efa48f0b3529f1e8001b2743407 |
| SHA512 | 46eaa8026c00ecbe90066b0f0eed036ad990ac57dbb60ad467dda54dc08e0717d2a3efecfa935dd09abe4dfd34b381837a3c82e2d7edb057824dde8240137c07 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7505b951a730093eaeaa695ee7b5649a |
| SHA1 | ce253a218f30da03458e06b5c14e3205687c3ecd |
| SHA256 | 01b3dacae4a2944d054f5536adcff1463eed79e25a43af20296f63663002ae5c |
| SHA512 | 2de698411617a8386aa6266c4249de2ce9bf51a18c824d77b3cee3fbc651c545fb3e2483c646fdc8b8fb4b2f7f901f1dc89826cfd2e6858b5b2c5e6570fbbe81 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c1dd296003228782e04cb15115beeba7 |
| SHA1 | 55489ffda9c42619458c97d0fd3f73c760eedcf6 |
| SHA256 | c4aeba00245bf170ce34fd5c49c4d25fe8f89143e3f253f8b99b5e339c8f77f2 |
| SHA512 | e5159bd12990e235a1018596731e87b030c14e206a31e38786771fcf03a999f02f43374c0e5caa97a2ce47c8ccc35d4bf79c8b85daab860998478984ec61c283 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 4d6bf3f0a30208a35e6c03785d12703a |
| SHA1 | d662eab67a94d411739c4fc2130113e704d9bdfd |
| SHA256 | 915e2355b5f32a35725550e9958d46e2ec061b3a0f827d19be6e376266cd2994 |
| SHA512 | 3a71fa5e8aae400cb12fca06d47ebac34efe30f496314f1eb9468b1c66124b08f7a7eb414a3eda671099c7267ef096475a14eae014e017581ef2594862b40661 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 81c72702a8ce13e73685c648b05edd39 |
| SHA1 | 0b6fa00634e04291300a5372b60e41a035cb6f5f |
| SHA256 | e5a6d9a2fa20595fd8728c2b7c4b3c6cebb5c3480aa9c7b84e174ccb9de63c4e |
| SHA512 | d1fa184cd466de87b5e940be10a252925b70f538a23ef09fd0035ab461b3122b8acbefe6fd7a7d4228a776c76f0f78dd4a496ad2ce906bd386151c96ca83f8d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 67fdf0a57aecd823554cbb18e16a39d8 |
| SHA1 | 7904403b20a4b10be33a4f31e2c1c8fda6004d64 |
| SHA256 | 4ba164e441bfc4975d9bdd7f7a7888491f0fb146bd46bf35d8d75f1249cd3dd2 |
| SHA512 | ac6b8933d1754e00b4f3c294ffcd72dde2617985afd1d8d4539a956154aaa5993ab085faa453a7a653b8f26155aec0645f80c4a1b037e95a8579bf55371ebb16 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 4cac357bf24f523841d64a4775f0aa54 |
| SHA1 | 78b550849a3899d802ec8798fac15a7401580ba9 |
| SHA256 | 04e85566882a2bc4e8d6d31ceefcd36b4c0a5b3cc3885321ea274abf780ce5c2 |
| SHA512 | f9b9107b26c3ac0ae71c1a24c5e240f984663322eea15ecf6ad4d2e30cb444b78bb3da3d3c9229c37ebba39061fa283f94f02376524abd7d09f02cdb632159d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 999a8e71948190106aa3e5add25befd6 |
| SHA1 | 3878362dfcd16d1334fd91839635ea6d4060ffdd |
| SHA256 | db0e90e64b89c9a5f4576142ca8b48011449fff534f81e6eabd50dbfc7fa0330 |
| SHA512 | c09d569ce5f6a23b5ddedc1aaaec7b9d83601d34d9507bdf2652f5f84988878c0586808694da7937482ef1df0e1d536aacb08542b7d597d8b1c43a2ec146ecbf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001
| MD5 | 08ec57068db9971e917b9046f90d0e49 |
| SHA1 | 28b80d73a861f88735d89e301fa98f2ae502e94b |
| SHA256 | 7a68efe41e5d8408eed6e9d91a7b7b965a3062e4e28eeffeefb8cdba6391f4d1 |
| SHA512 | b154142173145122bc49ddd7f9530149100f6f3c5fd2f2e7503b13f7b160147b8b876344f6faae5e8616208c51311633df4c578802ac5d34c005bb154e9057cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 80bd55bf5a01e3aafacbd15f48c92611 |
| SHA1 | f2fe7ee0b92a66f0ebc2cf2cc47387c51b2e5e7f |
| SHA256 | 6979aba041dbedbc48d46cd4090dbdb6d26443ecb026c144572db831957ac5d5 |
| SHA512 | f85cab53eb4094d606b1b62c77bcc0badb5b7328a7f69b15cc94081ac8bf37c8c78b75aa9c01764432d01b07c42cf50ec6ad9fec2ea60b3a14b96fd3a1fae5e3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5c57e1278c901f96a286e06fdc2adbc8 |
| SHA1 | df0635fc8b122b5eacf4b279a9df36dea2011e45 |
| SHA256 | 4d2458668716e01d9f86f68587f8c3b323130c9cfa6ad93d509ca28401ed89ee |
| SHA512 | 276fdfc0472099e9745a2de1b25bd413cef005196498b0ba2313a9ceae9957d7c7b68ddbea755845c5948fcea89eb594f9cd449fbf5a2033fca9d380ba5e689c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 60d3f51580b426cd3c0008643095cc45 |
| SHA1 | 77c8bf6aee52e8c1443a66b10147dbd7e09d5fe6 |
| SHA256 | 54d5273b8058d06dae4149bff856142588fbe03f736b511453b3488b33885f44 |
| SHA512 | fc09e33c7fec6ade5f65d50f950a1fb8a64fc46034a088dd427466484c0b51edc29015063ed3359f4014b2a13739d89545387aedfc6ceae2bf795a743dbeb6ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | 662a8eacbe2122448dac469755a70e37 |
| SHA1 | d921fb71699a405b09da754a733f672a54ab8bf2 |
| SHA256 | c8a9584f6a79694cf3f94984f89fc9c86ccbac676a563b821912b95b0ca578f8 |
| SHA512 | e53f54be9806e3b960e1697275b32c43679492fed694fcb6845f8bc301f5fc135e67473ebc2f6f49e7dd7509ec14a6485ddc6f538f8c76e7aaecafffcbb8776a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 66da03f4ab506ee4f9585c19c3ae96ad |
| SHA1 | c39e12bbe2dfaafa8ea02dd9fb42901344662be0 |
| SHA256 | 8b54a5d196fc34a8364d3b15797f76bd3199cb309f1bdd8e92069860eac788f1 |
| SHA512 | 2e54479840c75e3224f8bd21c912d7919dda5a0255cf6296ec9890f3689a861574407bb2112899534515ce65309ce153269c9a22ff2ba179a100bcaa91becd68 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ee9ca71b0905d3d1c195039d1df7bf09 |
| SHA1 | d2cdd398fa19bda5893e8241b47efec875899832 |
| SHA256 | dba629012e85aa6a05e41b0f38f4b6d71195508a8dca91ea767fc8134fd0c7a7 |
| SHA512 | 8ffd08b4be02c5ed3e3f5ef01a6eb9282f82e9f5f109fd855955abb87ca45d80991153d9f60d17dd969c8c3864e11e029c86b0b42bb0f25e9efe77cb6a7a15ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | 905137a20f2a4449b81db1f8f5555552 |
| SHA1 | 135f9a7610485d67c841f9d3baceeb39510408f3 |
| SHA256 | f849bf130cf4fc8053070b7c13eaeeca53dafa50bcb09e1156776675746343d2 |
| SHA512 | f3b9ce57565b40369b9f0725ffd104fe4a9bcdfb53226ca8335cc7b02822392b26dbb820ef256bbd9421a694f429bccc9405381398e7fc2b20162be02fd8aa21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 63506d85eb84a37827f86ecd2973ae2b |
| SHA1 | 72249d9e2a45b03b44d3319f0755b86108e4ae59 |
| SHA256 | a5fec3f6c9d95d9bb372c645e5b69c0db6e9199399f980b9383aba7d885d0b11 |
| SHA512 | 8e5f35da13e17ca3d1fbf2dbe6af2a48c58b54179a5948fcbc6d354652dbe66c18740a5b4cfad1f0c2fa0e8e5b79cc802501579b35a3de941723817c306026a5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | 33bdc9d333dc6b1e3dad3b166ea3a567 |
| SHA1 | 30a38602e99bdc5c6a795f2ad5d54fec0458ddb3 |
| SHA256 | 24cf7e133c705d3350bfe954c4e325b2de97fd4889de600f90cf06c8c3d02a4d |
| SHA512 | 5a7095db8e8733f71656871ef8109255049bfbff78c6beb030fb0c0a167a289dc29671f28a879b5e1ffd84418b29b15a59f5a264de6da8da08b02062fa3f1e92 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
| MD5 | 3ae7a1fc24a2fc360d0911d5074311c9 |
| SHA1 | b94f593d8789e38908e86e75bf5d4795fa14f4d7 |
| SHA256 | 3e687d87510e90e494e83e1f064cc388577ff85bbf9798044ccb2c274b0ee18c |
| SHA512 | c82aef8ad194a149f55549e7ac903bb18601ad765e63aae0550feabf6699bcaef604be165639979e65bc9bd1fc680d67a76ece63b4338148bb2ea6a5a731bbb1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010
| MD5 | a330dcd681ce3bab9d64645b28ee933b |
| SHA1 | dc5a304235f72dbd1cc22d4a68102aa40f99253b |
| SHA256 | 95a5918c4a1f830250bf554c9a1b848a4daad16c32153becc6db8c0497a9fe33 |
| SHA512 | d3b8a74ee23d179bed590dd5585d267a642108b3cb4e02008414db2c3a18c6f89585bb78e02e9c2f7d48f214e904d73065ab029f18375a586e70be17f7a973bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
| MD5 | 94a66764d0bd4c1d12019dcd9b7d2385 |
| SHA1 | 922ba4ccf5e626923c1821d2df022a11a12183aa |
| SHA256 | 341c78787e5c199fa3d7c423854c597fd51a0fc495b9fd8fed010e15c0442548 |
| SHA512 | f27ba03356072970452307d81632c906e4b62c56c76b56dfe5c7f0ea898ac1af6be50f91c29f394a2644040929548d186e0fbcea0106e80d9a6a74035f533412 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
| MD5 | 3190f31cce176613f19d0fc8cfb61788 |
| SHA1 | 15267d7f52d62cfc01328d7bb366965bdc0b3e47 |
| SHA256 | cc3438c2808585856cb1067668a4f028ab3dfc2456153cbe93160065bc9889dc |
| SHA512 | 6021a1aa40749d70d0f10843276bb3acefb919010764c1fde6d5a81519c2a2016464b238ca43c4ff55f8a7aa386145f5802f9f15711a9dec832117b0c0e580c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | c31b37a19c98b4c2000199176d8f68a0 |
| SHA1 | 3bd583d1ca2c5c5b5850e25fbc79d3d7fca1f81b |
| SHA256 | ba1cbc3a16b4b2eacda841d61274bba2f3797cebda3847ad9cf40eac5097d5d1 |
| SHA512 | ecea85d6a3860bfb698c386d96763df32988d291ffa15dcd854ad7d357586b38f9f358218db635ca26a8cc4837ef7577d29c9e6eb9ee1e98a98a6a1201236da1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | 9df56abe7d416c8a096f63ccb2bb357c |
| SHA1 | 340a9b8c408c1018d1e953bd944a1f33be5c108c |
| SHA256 | 2ee56d023f55d5e2d53f627f2f334b744554e832886e7f203844ed7e893f870a |
| SHA512 | 365077ab4bac6e31588ae2495186ac592f024a146c4a675314fd53085b6f86ea79195b34bae15f60e275b5c73632d04d152722a94b776bd1935a454c30dae8ea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | 6727cdbad4a47c2a0aae30df05908e84 |
| SHA1 | d241487ab173e707f0f6c1d82954653f2b5fa494 |
| SHA256 | 8ca5dbd37c00a64d7af04275f97da2a726d21c3b2d04eff6a6c64a439b454c9a |
| SHA512 | ff1e4d800e705fd302de93a0ad780152507970c6c0a11647f4bb1a9636dd0bd5538e039e55c8731ee4a6905c7073d9134ee3af29448578a37ca923495932b785 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016
| MD5 | cfff8fc00d16fc868cf319409948c243 |
| SHA1 | b7e2e2a6656c77a19d9819a7d782a981d9e16d44 |
| SHA256 | 51266cbe2741a46507d1bb758669d6de3c2246f650829774f7433bc734688a5a |
| SHA512 | 9d127abfdf3850998fd0d2fb6bd106b5a40506398eb9c5474933ff5309cdc18c07052592281dbe1f15ea9d6cb245d08ff09873b374777d71bbbc6e0594bde39b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
| MD5 | 57201247b11b865ce61ea7e4a8f4a441 |
| SHA1 | 05dd9e6775662068b1edc09e342b6de044b05ac1 |
| SHA256 | b8003743954ed11490edd4165ead722d6e5afd18e0146c3e2f963e1f87b757ab |
| SHA512 | 7de756be9a55f530ccf4b5fdcfa50e1eca6150b1d1600a8846a64b3d4f1e5ae5393bd3b5a98298f145f63a81390bb00bcf76287904c203eb8fa3311e19ad60d6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
| MD5 | 2e23d6e099f830cf0b14356b3c3443ce |
| SHA1 | 027db4ff48118566db039d6b5f574a8ac73002bc |
| SHA256 | 7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885 |
| SHA512 | 165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017
| MD5 | 50b68edf200c0a0b37a528ba89564630 |
| SHA1 | fd73311625fb39fd96e46b48bb90aeb89ed57bff |
| SHA256 | 3e23d560e49a0e10df26a9a7408f1161826c325f34c072a94a28f6c140d0889b |
| SHA512 | 6396f331f3b2dac451b08c6f25e9cf27a996fdd4d27cf51f0dce5ab54ea62e1d123832bdc3ab9d06cbbcb28eba671f2ff63cc79aba2f9e458dae8c1ab2a4e32c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 17688d93c51cdaf3b90c06ebd8648b90 |
| SHA1 | d3ff0b996ff6a99dc6d6bf61a6228a9e759a36e0 |
| SHA256 | 27d46b3850286457e9bb3b04dc404b7e79eccd6eabf02760caf922689dfde4e5 |
| SHA512 | a19149c0462abe7d7246ebcb454fe775075e0b97f7a11e19d2c7254155f913a1113ddfc0ff044be8d4a0b53d6e4b113f57c9ba15d18c23b11a483656aca434e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018
| MD5 | 07eaf1d273beb8d7d511f6c878c04685 |
| SHA1 | 8ef832af6db74539cae46ae56e8901c536064ce9 |
| SHA256 | 1d05cdb46b28941a0e9bc666cb1f5d54af9ee6d37fc7be813f540d76273f60a8 |
| SHA512 | 9d0f83f3a4c2d73bb5714351611979ee0bab1ed978daef8e53f1241c7f437d0a0ded2ab4e0f3d671bc9d7e5d882a1600ac5aadd2d30ff07e8390927d2bd27e6d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3bacb23469457ceeeb1b63ad29e72e5b |
| SHA1 | d738bd3b75f560b4f2918cbf38adefa3216384e5 |
| SHA256 | ce543f2369aaba06b75cd9444fa6b4002f4a8ef3a7097902f6a23103d46aff8c |
| SHA512 | dafafeb01f45dd1808e533fecb17fb97d3d583c3e9b8b893624cbe7a88116638725f9f6737b6db4497344af805d1042b0ef0c0ef082a7b41ec07086fd72d9e5a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5165fc68ddc0de0f800b3457bb639221 |
| SHA1 | 09d6a8a35a6f3c6222ae887b1acf52128b0d2e36 |
| SHA256 | 1afed18da71b840282895ac3c13428831c77b7fabe245759e06986bcd74c1fd9 |
| SHA512 | 6b2565ae3dc4144c6a8e3f1681e18e5aeaba4d247ade2123612c98ffb4d8b02cb10ff7a7edd693369f97fa34c5f22bb81585e219dd4ca1643212958325169895 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b84a87b61c15cc6b81e8064e5d426978 |
| SHA1 | fa989f61f3fec408adb166e3239c70a1aa28c27a |
| SHA256 | df95e0296a6c2a3ca8aa6e7e0981f5e0811b58f7bdab6c8714c7a1cd26aae8b2 |
| SHA512 | 7659453dba49ae750eebc3ce329f4e792b313403dd460e8111b0f3d0317ecbce436981693d18644c92d8fb232f587fbc4ca14725fdb2dfee5a961926a2e85c83 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1729a9a121e34342af5632ab20c2fec3 |
| SHA1 | 8c0ee3180659418cdad42178efe0068c972c8059 |
| SHA256 | 23bb9d7da0e97198720a479ec495b0b21134130727a7bfbe5acbe20b51c36a18 |
| SHA512 | fd38d752d1b64089cc9f6549a432091e3dceef57a16f634fe44a505da13005fdcb00ab27a3fca780163aeb829cc6702ce1f94c957d0bab59e97e80185f9049ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 322a582a5268ad4cdbdd8ae9a9c2531d |
| SHA1 | 66c7824dc3e8aba01b586dd0e2b9ec1e91cd0110 |
| SHA256 | 4997e39e6ccba12c45326c3b0c2dddd957238875f954b4782fd322486e9a08d1 |
| SHA512 | f3a2d880cce910f7388eeedcd90149569e612f477f46c7ee4e13f50d414f404c7a44324037e66d4165b2b11cb8db8f2cd97026fea05771f1efbf545ef6b661c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b98bf63cf7d843a5885318e27573f325 |
| SHA1 | 71648afcdf0e0f70a668ab62461dd8a38974548b |
| SHA256 | 113ba1c48f26cb15b233d800a47d3fc93922e61b3145d2a55accc909a0482f66 |
| SHA512 | 515ecba6fd649534bfbef267db9ec40b93921469f1c991ef997f98ad5063ddd1868ad1deafbbe8ecd35142f285646df0147f6ad40439f080fe3b58c4266068fc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9affd9f6b018cb12c8217c6524a21cdc |
| SHA1 | 22904f999cc57d54697c383acc04dff091799ccf |
| SHA256 | 5e64e4f3876b7985455b4befd05f2a73819a5744b9a61167b2f3bf6a840c8ea3 |
| SHA512 | e0950dbc1e5bd5553d2ca19f6f049d4324430162313190c5c7a12a9aac00a12ee300a1788f0eaaef48d820990890aed618edc5eb896d041db3991742eb0572da |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1683fbe50ba78fc9b41431c74e0a0746 |
| SHA1 | d432d333eb27168a33fe1adbd16343729c29782e |
| SHA256 | ab2dbbd94f5e60970705bc8389216a7d620c5d6b298236c561a7ebf83041a7f7 |
| SHA512 | ece7cccd29122febf2c108d08a7b32ae36b6e64ff8146528c96de45fc737fedc9d4a32003045a6cdd0c31f89bac42f26c311e74d20ff49bbcffd25d46743804c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | dc0093189c1503413ded77d4dfe86f4e |
| SHA1 | 97773bfe809b324e7831b1bea00fed5176744774 |
| SHA256 | e4b492598bf787c314f37aa506237cb32be95f6f08021e787423fe2a78914c23 |
| SHA512 | 791e8ef3a90b23079fd06fb8b0d5ede2f99ea0abee85f1cb5146825fface6f8d10914db701b0823d27da124741aadc8a37c7520e79b4c15806f921d015a4806a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 34a23364018cccaf7f6b21f8b8d06ef6 |
| SHA1 | e42aa042c62b7af82320e7d618ca06704d1ab16c |
| SHA256 | de6108c1827162da20c04bd101b5f1d465b0975ff29c0470b68e46196c839fb0 |
| SHA512 | b92b74f20740a86e7e2cbe82340d95e477c4d0b6db25883a73a3bdf1b0b8a2e1be019695f1cd71dc0cc1650f8393ca3c46e03530465d384abfcdb50231aaea5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6fdadff44d9ca61d9e77ef5f558e26e8 |
| SHA1 | 6eca961024935c6602a5344a22988f1d490f6723 |
| SHA256 | d6a52ef314da9f4c42c46d8ac8f4682b93ba6a08abdb83d28ed398b22549c495 |
| SHA512 | 9f681a0330b48385fb5b83a4648871f6735a45a2f79ec5916a03d06f344653bb5f566e792f77ebeee0510fb8ca6fc75d9c50da3773726b5a4ec0626f0045dc7e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4e02b9c44433d1afef162fc55fab494e |
| SHA1 | 021fee118a969c8b014f1785c45b85df6dc456f5 |
| SHA256 | d191d5cb4ae2084dee6e88e296b7921306158b58cba3ac549ec4b469f350aabd |
| SHA512 | 757d2c06fe21a6a9820de8cce5a8c15e2884c2176884338eca35813b5d96c31d2e616e15c3a7541b039ef9ab0a0d53d184a4d32b7dccbfa127b4b0abc6f7ac86 |
C:\Users\Admin\Downloads\Xworm.zip
| MD5 | 3c844ff8e05e6ed0fb56de023b4ced2e |
| SHA1 | a930a22e0cb37682120849cd08c3aa9c14572bd4 |
| SHA256 | 271b5f56f0e852919a2f3fa8446b4cbb5d80c133821eade61cb8d48511ed52b5 |
| SHA512 | 17feba86ce7025fd24801d3d57d132729206d9416d966f968b67eaabcb3758617a38f5350a2db97dcc4b6a546a62d93dbdc95d9ed9a770f7117ac8ae415ad1c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5d9899dabaab3d3323c659f0af779550 |
| SHA1 | 903ba6c7e5a3ab780999a084821414e3ff1cc04d |
| SHA256 | f5765b64296c4b70828ac0a09acf8a8cc9fbbbb105a7451b76cb2a25dc26ab83 |
| SHA512 | ec8fcc76116065357e15c88a954d99c1052986b177b6bc2e16ed9bd8be9f09ce5175f2942e6c6845bc75a361dbdbf79f0906614bf2aa69671c516f6ad7744a99 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | fae085c042254e19ca31438775432f90 |
| SHA1 | 0116a7c2125b28faeaa973895fdbc6611df838ae |
| SHA256 | 1f8f448c6ce6584de1f68ecc9c4b1036e314320a102475c99bb56401d6b8b8a5 |
| SHA512 | 02585ac013f0e607368f4163fa5b576f5c5723d8c389cdb877b5bdf21cafdd17460efe62f60461a22a6ab0121efd6ce820ee2299826358b6614394f11138044f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 15641ef2255befe802ece8cda27204fe |
| SHA1 | efdf9e48c502f5cb4d6188980d86ff46ef3b7cbb |
| SHA256 | df2de53edf2d9a94839d5b5be0fbc1c1543c15a0dd8a3d98c87780c6a41c7f49 |
| SHA512 | 5694540ecebacc79187b8871e25d7fd6a6f4972997a2c361474f2e78a879620ef6613bb4f2d2b6b2922f0dc4458e3f275de68813630496d17cd7f607537b2849 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f438c988fbc30de74f103c57fd9f6bc9 |
| SHA1 | a3db2d2e868e2526e4d5aec15ef1031af1daccc9 |
| SHA256 | 83673523f6af0ed6c1003e526bc938dc4955ffa2ab92ff381924ad2f4942d0bb |
| SHA512 | b17216b93b1962d5645937046c792c93a0d372858e9aab76994079ec2a10b5acf309b0dbf2f5459d691cb7168aaa8253d3354d855f7731f9d10dd270b9b6bb6d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2dc6ade568d772c8685a73e220997f41 |
| SHA1 | e60bcf305569b70398af86315e21fa34163156a5 |
| SHA256 | a28f9b9098605f7b24654c3c4b175668f14e595fec93ad4fa968f4f0c3f9d08a |
| SHA512 | 982dbc9f447416e3d8726313b519e16aa103a766b18947429205e1f0a6550429da22bf61b5512492e916de56f7365933b8e0375e5590d7ef8431b6c0250cb98e |
memory/3108-1899-0x0000011C25060000-0x0000011C25C98000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\TMzpx\TMzpx.dll
| MD5 | 2f1a50031dcf5c87d92e8b2491fdcea6 |
| SHA1 | 71e2aaa2d1bb7dbe32a00e1d01d744830ecce08f |
| SHA256 | 47578a37901c82f66e4dba47acd5c3cab6d09c9911d16f5ad0413275342147ed |
| SHA512 | 1c66dbe1320c1a84023bdf77686a2a7ab79a3e86ba5a4ea2cda9a37f8a916137d5cfec30b28ceae181355f6f279270465ef63ae90b7e8dcd4c1a8198a7fd36a8 |
memory/3108-1907-0x0000011C411B0000-0x0000011C41D9C000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bdc348de01ab7b198cc29d9e692f1724 |
| SHA1 | ab12c245547947c4d3148e755dc329a8604ea601 |
| SHA256 | 0b54dc23f6eae0cea7f6d8e4b9a9f979c9eca5c2246383109078195675e70f8d |
| SHA512 | 180a99e9d6fccdb2c850b31ee8a1ab490438b6e9fbae79b3e49f416bc83d40125991b9e8a79ed51e03f6d89de8edf505aeceba14283cf49ac2092387c038f26f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 544843fe72b67a7ddae8f87c54353310 |
| SHA1 | efd8404ddf051111d29c38dd98f8043b7e641a6e |
| SHA256 | d55adebc4dab502b44190ecc937adc1a13357c5b52b1bdeb5006bbb51ebfa0ad |
| SHA512 | acd7afcba2566bbedee27bb1d8aac0c4880fb56839d102b280ed56567db700d96468e5ff541d44e6e5d485840cbbcd6ae94dcff36edb36e6890578b4f0b8cc3c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dc99dbd21d8bf0f1be1a94f53dc6fd54 |
| SHA1 | 10395988ba98cb1c78cdc528b8e18c56bde250b5 |
| SHA256 | d6433727e6c1d90997314262fe324dbaabef232395250b077b9ae73b1eab943a |
| SHA512 | 3c36e21030b71ae7cb352535033147013b127b841c9940d89ddad0e9e91bbd9e038979ef2cb7b4ce7ead264439f3dd5597851f225dc2994625a6ef54da7ad484 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f993da59c5b29d73d4662792cac1aeec |
| SHA1 | 8bc9f1e91cbdaa8498478b4f0878bf2e0af7e2d9 |
| SHA256 | 78fe02bd125169d32c49fb1b7bea1e1af8db5a2cd88f9bc4d53d467e56f38a41 |
| SHA512 | 06ec0ccf01a6879aa37a78f474fb2cd6be22180ddfc20589f2d748a8b046c947e9fbcf1e04277a5e7850f46abf6e3b7186a09d087e708f52298e7912d744357f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 520422a395035364db102a7641940715 |
| SHA1 | f45110141491fb661a7c8842eeb734994eae1692 |
| SHA256 | d70b7f76aadb17c36174eeb90e55e91133fbfcb4d2bc692cdf8789aa18f2a0e6 |
| SHA512 | 7320140507c704f2c4704d7d6c3c06ea6558fdc0569f443b7f33a0d8f7c005f42ca4e536917c7f986010c76dad977436bd25662c0ff0dc6658cd9d71d12a8784 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b424c5cc9b633e87ac664f0b56a30419 |
| SHA1 | 1090e6c095402808204942df3a93f9e5490cea90 |
| SHA256 | cacbe29f6906fa70879ce8458bdd583a2d915fd39f6c6f87e9682755105b2002 |
| SHA512 | 8b5706129a7b6922c8c9491f47f0e7e372fa208246b7a38ad22b6008ce0aea1d0117e785b78cdd2ff488f9b0eb7d87a98b394b6eb37a3cee0afc4c37c1dc0fb1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9941f521b52efc3d4c0048e72cff7d1f |
| SHA1 | 7c6a77013f5ced5e2d57e2715afd9a985d8c2f91 |
| SHA256 | 05ee6dd40b6b8a6e9037ac8a47ef1e194129603ba475e8c275da0d0adf0803b4 |
| SHA512 | 690698100a310848733467dfb4f6bbc9363c47384a21e26943af93a8a2628612bea6516f09400dacc1cf5a0a2efd8f3325e8eefef9d50dc198e40e124231c036 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000043
| MD5 | 1c987fe93c9ccce63912f78f15b73ce2 |
| SHA1 | e07dd9e0742d8d0e6b615e52d47b754a35aa229b |
| SHA256 | 5b6d25b85fe1a4e6ad598e0c5a1d228df511492b0b6ff7a4840f37b33aa930cf |
| SHA512 | e4bfb4a123ef7d18714c06b7218a4c317859e26025ea4847183dcba94b8cae8a419eb46fadac6b1d13e761280a963786794039c307be5894009d5f7d3492da54 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044
| MD5 | 14e39be019da848a73da7658165674cb |
| SHA1 | e016473c4189a8cc3dbff754a48b3e42d68af25a |
| SHA256 | 39595a1806156cfcadf3cc4e20c5c3f3eec721386a0551790a15f025ba9402bd |
| SHA512 | 828a383de549871aa80ec960a7e371ef47da96d01ebb9628d1484ceed9eb698aec5109b3de0b24ff8000610a2c2d633616c9fd28d380656fecbaa930cffed029 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ce8be82307aadc77b65839520ab45281 |
| SHA1 | 9313cddc91ff5ef418825d9cc086a402140efb45 |
| SHA256 | c72936a369be35ad61d03e22ab30c8da732050b4037e6c9a9823582c4657bc81 |
| SHA512 | 74dbc90dc085f9f8118b53c23baf158a6628a0bb3b2066e8da65b73b350478aeb25d408d718bb212aeba825fe546c75ad8d7a1ab058e290fa195844c9e038513 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 07665fccab4e0f53ce25e69a30c30695 |
| SHA1 | f2cbeac30a2c0dba4e5d7c35ce3c2b9e807451a1 |
| SHA256 | ab4904be491da2184d0eec9ca08f9c1a7bc96a7a96a8eee483db62d203be1229 |
| SHA512 | 4eb99cb2b86c48b81b3648b3200977123378537fe6261029abf5c595d12b472f01bb24615ba162377ed164b98735cd8ae8185ab0c5b3ac05d19c2f60e3f13923 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 992d22dafbea0038e62a5cca2ebea786 |
| SHA1 | 8200e26522a52e32ab40e6555bd841be8446ed50 |
| SHA256 | 5e2b30fa4a5d6f237b950996f77f335a9c6739818d9c5bdf9b3477a0a4941f77 |
| SHA512 | 9eb1ea18b1877bf365743a8b29ae1e868ec45a2bd7899f5c6191204b1335f419286dfd770cfff68604578c26aa8b0e95541b34182470c10bd9e8d3c65ef1296b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 6cc29449480a822e61d7a0c3b029447b |
| SHA1 | 322857059a857e2962b465d45ee18386f698ed19 |
| SHA256 | 770b3ba0808abf7ece593163c99bb15b77a5ff485019a0c15b3632167d5a4e12 |
| SHA512 | 70b25da925b6dc318301ca33efd53c2869b8174d2cdb5b006e47db755619dd58f13dfcb4ced61c698163f3a327d72bb8b983b668428fad6ad31aca9fa502ea97 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 945031806c1c477f979c27106782b8bd |
| SHA1 | aca6ff2ffa389045ab1a0976478b2c617f77e5fa |
| SHA256 | 0bc056944859634ef7a40bc92c91eb4ea2bb2226588d96890622edb019e09e89 |
| SHA512 | 37d5a900424fe12cadaec8679685f123fc4317c68b03084f74562dea051fe4a6a68f576905d763ae4a820afc4eeacb7959ff5fb0985fe2c09422e0168eac2603 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7239cf29f0489e9ba2a004c08a99611c |
| SHA1 | 99629e22dae5ac6724b27dc47bfb9569a95c7073 |
| SHA256 | 7b8421f9f0209b1abd22dcff86562d73ab665d0279f8be45574bf73b8b64d82a |
| SHA512 | c2fd29c72b41acfa35e69eac49e68bc593a09fa8d29c192ec9f92e85de05545b54191b113bdef07e90fe51f5f23c7c5d83bd807879031b605eee00098f27a124 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 3275b79e8797a6cfe50c388b3db6faf1 |
| SHA1 | dcb04fed985c02893d5f19cfdd6ad4eee58f84e0 |
| SHA256 | 337f1ea425c4f124eaef20cb9bf3d04657b0153ce1f6719557fdf60926e53135 |
| SHA512 | 26489a45a909cd1791053a922e2212b9d475c22635d118bba47a8e42b824bbb4b693306a6436f63fe8b6ec85f143f15eaa0a2427ee9534b49e1e00f0c0b702e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\074701b5-2297-44cd-a316-5bbf57a313a3.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 31d9f16f84dab4cbc0db6b2c3339028c |
| SHA1 | c06f136434affe4becf173ae187cd031ef42e307 |
| SHA256 | f84ef10c06c0d9545bf8b3616d9ea09f69f191174a2df99d13403701cd96f5af |
| SHA512 | 09552c68d3e9b6d6074375b3360e48634be3c88af737f375d420db2c09b1c760777e37166ed0ee4fa21252297dc4ee8e8cbbb56a87ec16dc91e9d1774fa2bbf5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 57dc7fd649143296477de590cbbfd74d |
| SHA1 | 5a6e84a94c7bcced3120594e8d477329e5f5868d |
| SHA256 | e7f4282b3d64f0bea24cfc2519da69784562763c222992fe8c25f92dfb870c16 |
| SHA512 | d0fce1dd1f98827044a21c5eaff1275ca55a5a5bcef7e162167dc8aa44acd1db19d03663674881fcec13b3f49bcf28ffdbc3b6679c8ece84f213ca4dd0d9d4a2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | b4c4fd4936a8679402bfd03c9fa04675 |
| SHA1 | e1c460f5821cf451c75bf27db467641b8b0d2179 |
| SHA256 | 39f17ae3cf3b2097de94e56a82a6ac61240741744f2b602a5774b22a2ddbb4d1 |
| SHA512 | 7c292aa8e4084a20c0f6a35e375bdc37a765999a066eaccb4f4af48de073265ebeb63885a09b863f81a8e7016d39349aa9afe7286151e9b9b36aa2d8b0d677a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b989366da2596f758822f68d37408e64 |
| SHA1 | d4ef7d1ea967b365b9dda82840a53b1a3c49d4ad |
| SHA256 | cf212ade750aeb3d5c0fbcefd223fcc58f6f47b3b60d6cb5568baa65a8568f5e |
| SHA512 | 79dc80327e78cf47ed32e674de901560805f74e398b5b076666caf9358c045b7e891f932d97824b289750377d8cd2540e6b7a8d0d94ab70a1f7d11722d8cbf22 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 132f55d3297198ae9dfa1e0818130a35 |
| SHA1 | 66783ea14e472a6e3d6a8167f19375b9cd093c1e |
| SHA256 | aa2c63b190556925ec1cee5ecc90183f7bd6376fbb2f2ed33a7fa66910da0995 |
| SHA512 | 4a7d67f0c9a6e0a71fd2155f41d7759d204ad69ca5b47e7955bceaa67113ddcbd93b15fb07ceb93473e46bbe481bba5e4013ddc008be21d9afdf9c9dc7b0553f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | def61f38c457c3747f520058860ba70a |
| SHA1 | a00891362fae4f1a5a569530a5b9981e33d4966f |
| SHA256 | 1c22e0889033e10da932f851cc3c6cbd30f0e8e13cfb5bb89bcd0cfe884905ba |
| SHA512 | e16dac8bd36930174cd44b4130cb06d9889906224df73de268c17e7fdafca83be1f3fb2404b97f88d586ad2c258555066d4a8577dbcd0cb1fe061fcf9cfd650c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e93f4d8ec998d0cb0b39c5693fb4fe13 |
| SHA1 | 8dcea82cd7453e1351515576a0c95275ad57f4db |
| SHA256 | db7a705a971bceac6f36ba5788cc36a1641b8313b776a804b0a57e376473e98e |
| SHA512 | 2d1f0be4703992dca918396c95b13126fc58d9854e2d66ad80e77a97ad158d60a6852d7c82a272c5d341d9d9fe7bcfac386abc6b31a44bc9bc85587697c10b86 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c50280ebdf5616b23d2a2f44c70773da |
| SHA1 | 560611454482b64f53cfc205f6fadac0669e4fec |
| SHA256 | 9294305e7ee3752b7ade45f7819fbfbf1506977e2f8c4b2d75517af1d27a2d53 |
| SHA512 | 57a0b0a8c316536711ecb245d65b72dc65ee6d8751dff91dc2a8ffc5d6ab0468e8126bc02c5e9a2f1db49dd9c13b9d6352eb594d0ade145b2ec7a1708771d9c0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | eadcf2dc07377fc260618b24d359dcc5 |
| SHA1 | cd15c3fe25456078dd0adaa4bd4f1ec18a8ffd1a |
| SHA256 | 6f9a636dcd32f1f88174231dc413485a95520f3d1e6a6d85aa37afa8bbb11a15 |
| SHA512 | adeb9eb0bcdd7e969d83a6f8efe72e9a297110b51c82bae27f866e27d0b7a083192b4c10befaf7bc97361a38442f63ab005e273fc7a9383e3bfde03df079411e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0519d0daea26bc7e454dc40bddefc339 |
| SHA1 | 4f64697914d80c07ed82cd12fbb9e1afa040d232 |
| SHA256 | 4e9cda1ac4a42c38d208ef185a015bc7bdfb463d8b3407b4116cb92f058f2715 |
| SHA512 | 0b046ffe4efd60d8fff9ebc1ec88a3d261ff3ca877e3822c3d9d5037c68387ec8d46677878fc176c39c2071076e6bd2894ca23f2a41a5ad3e692b353f0124fd2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | da234235e65d0e0319921691c787e032 |
| SHA1 | d24a870477867ca508bc4c4109cfd5cc8b5210b5 |
| SHA256 | 5ccd9032e1c810d96bf2d850c1119a14285f2aa7ea12d35635b198cb5a224acc |
| SHA512 | 4369b1507cc906ad90b6200a1899fc0a992f3564bbb276cd25f7bbdb6445983ca9ff58ae87d8b97bd8e2b773167512df5dcee91e7b559012c1b419e14ad7576c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f001a04bcaaadf6c29b48dcba7ea6775 |
| SHA1 | cf70cec41032caef2c6a16f13f29ad985ae76010 |
| SHA256 | 2c6ac74d614169c6b66d79bceace0dd958114b7bcda3beb5cb23ad566a6175ab |
| SHA512 | cb60f71360a26d66ed3a3b8d6cba32db1733a99accb84787409b0e32974cdd8bde5b59d1d1996def7b9177fcc2424993b1b5d6f00d93de711a092105024e24a2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2683dcef4ada98ea5c93bb7bf2d06b58 |
| SHA1 | b12d6e1ab766a95b107dd2929bca157e879f88f9 |
| SHA256 | 5f75ef2747bf7ab6a63f9e5c6bd71679dc0c9f3d9b3f892913326d870f1ccaa3 |
| SHA512 | 15252ff9285518fdceae18d683316c4ffacae470b88e968211066e99d9638d0cf488fa9f413e33cf096ba45ae5c9ae66a5910346ca155a0764c4d7b94f583707 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2d1d84eed1b6edda5f2c1af26d0f10e7 |
| SHA1 | 798f25391a4569e301f8d2ed6af024e8606b8fed |
| SHA256 | 30444e343dafd05a218b4ad95ab8aefb99108c853edb9d2bdfc6166662cbaae8 |
| SHA512 | 41860fca5445b6e95709224be0669d65f5a28249c60c04c4de04be414b40dfa38874d36e8fe26bcf1ce0463cd92845436c029292e72f657fadc04868b0ff15c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cf569748eeadfbf7a7e92333bc1d7f7d |
| SHA1 | d08fa6770b450ffa5e57ef5e08a061d9c92a5711 |
| SHA256 | 0a95a1869ac2d16ba8fdc29aa272ddd5b4c9522ee0606f846e8f5746b4ba6868 |
| SHA512 | 3b48ea0e831369eda3fc902fdba866762d3c01f48f7ccabd2ec61a3fe77d5c8d5919a10c9ce8f386a76aa3f28f40d0584af1510292c1a100bb89c0e523ad19ac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e1e71b92a8ca7dafb3202ca7c43a5fe4 |
| SHA1 | 8d133db4d4883eff116509d192f72d65d4dc0643 |
| SHA256 | 013eff144e2f09da382c622002c1593627c907a0d6a7eb4b07152a0c6253f565 |
| SHA512 | 4c48af5c82164edd878c3fa10a00ed9d7e6045030844f256d450a019df4b3fa71e98ea64d633e0930e1734c706b72ccc98ead9386c245d31435bcec850e8f0d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7f646b26c2f242c93ee55dd35d372277 |
| SHA1 | eaf0b0e6b4d51e03e7eada45f255ef2ce1f20870 |
| SHA256 | c9003486c42cc97cb5d590fd3be4651a6afbd535d4d4009b95f063672fc92021 |
| SHA512 | 4f55056d981ad75173a001f554a11b8ebbda3187e7377123d2eb012758bdefe282bd458e6b0ad2de48a62374a7d05d3225419797a77fcac5245ba25723936be4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d49333b064cb36fc10684d1e914ec3a4 |
| SHA1 | c92e86036d6a6578ae8667b8395ad6bfb8922e3b |
| SHA256 | dfae110d146fc7f50815c5567b93afa5dc3e94fe1ab93408c5d29040dd64a8fd |
| SHA512 | d8e12f278724af7bcd68f178bf000f90334bb3c100196a6f2ed83ce166d6894f1cec2a465a03647ce602b75cfd1395f54acd529c6590abc0fe3136d7c5837f3a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8134233980528f23e22b5a6e522fce2a |
| SHA1 | 714d5e52ce5a9f0e8502cc5f33783f1397c59e3d |
| SHA256 | 842f26b7cc47ca966c09462ef45691ed4eb8cb3bb0da6550dff02f6304fff7e6 |
| SHA512 | f0a2b7ad2995c2d402f9085b21fc29259856bd232f136e4e19b22123c091a7dbd038af5402732217dbd5e4371019b8cd7d3010de1b560d6c8042c6890fe781b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c54a125a43baea91ff12f16b29064575 |
| SHA1 | 9404d3d4c1e96e5d28d3c0d0f3df40ed5ae0d21a |
| SHA256 | 010f8d7fbb58a871ad786298e0e808fae43f6f2ba0cc24b07fa7d6411c3bc432 |
| SHA512 | 6f0f07f36f847912c0d27d504f30fc64bdd67b9b09f3271fd0d2c36bcb779c71ee097b85f084fb8a2779f61d09e70b9b9bc865c88d6e0cc715991f13280a2687 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 52f239091bc9b8c629f2245ad85773af |
| SHA1 | d72058a205f146148acbe6f006894e411a960eba |
| SHA256 | eaa2d33f0e2bb09969a38c053e44a7003c3370e9b93e31b1617c7d0452bbba9d |
| SHA512 | be3b0fddbcca444e630356c7affd6229390af97fa6ca45f6c87a9eb54c387a58233c42b147e47b618168aefa879cb3d0150c92d1815286dd161a0d3166adfeb3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 54338eeb6bb09ca02076c894c20ae960 |
| SHA1 | 529338b6f27ed19eae3dba0ab9a59af8f191e5c5 |
| SHA256 | 44d438ffc7295e163c2884dac7bcb2475cec622a0500bd2232093d5942fca6bd |
| SHA512 | 26f0922592b615f63c1c24478321e82fc6ee58426f41a62890eeccbb33880b45a3ea2bba85b166c45874e21efa19d3181eee36d13493cba2c5c8a15468a35f99 |
memory/3396-2480-0x0000000000EE0000-0x0000000000F1A000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 25aec78dd17abbdf04a206ba23888bb9 |
| SHA1 | b65defb3182c2b58db8f0172578992a8f6d7acfd |
| SHA256 | e69a9612ee64889647d6ccf7ae3416819fac8bdfa79489e51e7b46ace678a399 |
| SHA512 | 57652ee4d761154fa32cc2db90d1f99cdffa8b693e97da67ec3f51a4d39f26b52207a34cebddbc500213f6d623d84dfc1f9b9740a339ac11bd75a095e8bccad4 |
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_chgh3dte.yrk.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/5792-2490-0x000002ED8A0C0000-0x000002ED8A0E2000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 173770424a3dbce8593598588d93351f |
| SHA1 | d7fcefc88c2bf86606a97fe9a1551bae8718b232 |
| SHA256 | 4cb553061cae756093743694cfe412742e9309726d814db042b2da9a297a484f |
| SHA512 | fdad0f783096c6b4e690e1a755e163647d4a18c5d9fe539124644192642297444d4ee1918db11d51af50e0535be37e0ea2a7dc01d8e3793c0ef9e281126e1561 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 473cbfa983778367d1bb0d627fd58964 |
| SHA1 | 1bb78b6e4ed318cb869a846fa7c7ba538099e62c |
| SHA256 | 0a8b242635c74ac18593ba81a7fe07a250f5027067d150248b34ef95e0578237 |
| SHA512 | 4ae6526145c832b09b6d22502be168e434bd59d344bf0f363b7e8fccdd870d655c9105c0033670f863010862b88c15718f14d580c9601b4945643987c88b1bae |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4fedcc2141719bb3f129f2ad30e93301 |
| SHA1 | ec65e98177dc0f7835b300839cae649ff1bfe5e7 |
| SHA256 | 58c41a42e0aa0dec74b80f461506898601c410b8d26ccefe1835386950c15347 |
| SHA512 | 719b85d6271fc704ad8076be8b1c3d5b68fec4520220a22324473398b292df1028d89e49c2c46be6ed4286298684d222d5e0a2312b51ec537a1b84636df7f441 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | db4963e7c1554507d2daa1903f666114 |
| SHA1 | 93f49a24f3b7bed09b98d7bbd83979c432b57d02 |
| SHA256 | 93dba70dc584ba17e3c5d67fc819d2109046b834fc8027e9764ac65eb50fbbdc |
| SHA512 | 701df791d385863694de0fb6b04f45ca9f8c6454e2c66ecff77cfb67b34b74fde39b43d987dcb75cbf1a5ac1606f7837218423aa71381762dea48031c1e993c9 |
memory/3396-2647-0x00000000017E0000-0x00000000017EC000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 6b2f629c1e2cd58d5bf96450a5993066 |
| SHA1 | 7c2d67c01690fb4dd57cc161889760bb70e02ebd |
| SHA256 | 86db4b9edbc5980d1c3fb037a99d71b4087551dfebd7ab6826470b4c47f4ef56 |
| SHA512 | 348ff9a0cc5c205b658a3e280ed948a7a53486878b5a3cf2920e0a1af2af194224df31f398bcc9ffa7d1ba3432d4d99908495763c340be8d1bb3afaf781596a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3d2362f3e3e0224a4455f8c24ccb5429 |
| SHA1 | 47b1ed7a2ea86112dc7c5400a76a72567f51c91d |
| SHA256 | a33cd30db40bddab4de6e65ba0f8b018569dd45cdad264bf096a167c81fe313a |
| SHA512 | 4ec4a4ef7b6ec5f4bfbab7fd0b2e60bafbbf458dd3c422c06e5fe15e718472624af6d1e3df66f8995d6094dacb305086abd5c2511500d1ac83c0152290012c46 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 7fd2ded5abf2c0d49ad18d038f4caceb |
| SHA1 | d86ae68d3de9fb5b2da7d16da6354bf8e7392c26 |
| SHA256 | b35a1022f4b40b8b0ab9890ed93989a146301760b6a6a16c0c61d196f87aa5fa |
| SHA512 | 0fd77fa686eb7e32926ab6d0b37e20e01b8b0397ea1c30d305ac4f75bad7c8cdf43886ccb93d26941515cfcd1105275550cea59e31b7975d29e75d3912b5ba09 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | 6f181abb2569adbe1161ae1d32733af8 |
| SHA1 | 24d9777118d1c9479dc6e19ec73abc4e18152245 |
| SHA256 | c1271aecfbb64e2e7bc5173ce7bd28957feec3c5b4b523fc3611d274e67b9541 |
| SHA512 | 2c50f737239a6fe8fb3d5bd8837214e69c0b65fa0822d338e7883abb79be2cc4439d85a4b60b11ff4130fb20e1cb46bdb343bd2bc9f30d24a5eed99e0fadc9c7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d4768da5719bc9a1c8dd37b55507d2a6 |
| SHA1 | 29daddbe7bd369cea80e33e2743c7877bf117815 |
| SHA256 | af6592dae3792a6738465e0d03ba3358e8886e57a3d650f469acbe10b8ecf83f |
| SHA512 | 418d313642bad3fd4e57e2b0d3438c167cf01c5369f66728e7ce1e091b72bcfac198ee631e4b893083f180b3076548a9fbc2253ab5db2bed04ae952a786a8c8c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8cd7f08ee2602d56177366c2a30cba03 |
| SHA1 | d598a22f65c196579703132b9737145f10cdbddb |
| SHA256 | fb408c7bc278eb2964c304d17b846f0d2bfe3d783a202caba1e9a16c3f1145bb |
| SHA512 | 0355f658ff55de9f187a0b3b01f0e99b43f4401dfbbd14fb89033a0c4b4aa431a769e30236fdc404ca664dd21c39e90b1e29942ca528bceeb400e3f8c0807fd7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\b1461022-2224-4c62-afff-3459e8f026e1.tmp
| MD5 | bc8a0563ab53b423f638cb9cf041dced |
| SHA1 | 645a99ddb1609ca4d23f63bd1dfa2bd34457602f |
| SHA256 | 3d04ff712763929338da98a29fd4f454ab918d73a10652f8852baa1d6042d9ef |
| SHA512 | 523f739d7601f7a7c2adcd3d4fcf910748762f85eea2ab730e39fa17274799ca1471d9f3f6c6082658cbad751f2e6f4677b8be78dc1ae501200afc1d11daafce |
memory/3396-2786-0x000000001C870000-0x000000001C920000-memory.dmp
memory/3396-2787-0x000000001F1C0000-0x000000001F6E8000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 69cb7bc3689e2b30d4f18d0e8d25beb1 |
| SHA1 | 20ff81cb3eb525141475982f66ffc12c9e02726a |
| SHA256 | 09ef2522b9d7c175bc47c9f6c1456defd190eb40a6bf0e5d1cff752118dbaca9 |
| SHA512 | 82bab7a1b161db771708c51b5ebe9f4a7391bd099cb455997d77d135ddce9cecd5c9250a99a51384247af33e44e3cccdaead097dd2d218f79ea1346cdd692e99 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dcee93ab2fc1dec9db1bbd0c5b723e80 |
| SHA1 | acd056dfcbfc6552bdb8f109d5600d8bcb0657a1 |
| SHA256 | e03ba4df1a6a2ef5aa3ee46cf21249c3167a42ce74630f2f02cba2760ca9d720 |
| SHA512 | a0bdecc15e6bd0af2ec03ea5c302ec4bc48532249ac12e27e038bc98ddd5ef0b72e533dcbc2d00b8f43603f020f51180e1833aba99cea75b00bc9c9ea2ecb200 |
C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML
| MD5 | 7050d5ae8acfbe560fa11073fef8185d |
| SHA1 | 5bc38e77ff06785fe0aec5a345c4ccd15752560e |
| SHA256 | cb87767c4a384c24e4a0f88455f59101b1ae7b4fb8de8a5adb4136c5f7ee545b |
| SHA512 | a7a295ac8921bb3dde58d4bcde9372ed59def61d4b7699057274960fa8c1d1a1daff834a93f7a0698e9e5c16db43af05e9fd2d6d7c9232f7d26ffcff5fc5900b |
C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb
| MD5 | 987a07b978cfe12e4ce45e513ef86619 |
| SHA1 | 22eec9a9b2e83ad33bedc59e3205f86590b7d40c |
| SHA256 | f1a4a978ce1c4731df1594043135cf58d084fdf129dd1c8e4507c9e06eac5ea8 |
| SHA512 | 39b86540e4d35c84609ef66537b5aa02058e3d4293f902127c7d4eac8ffc65920cb5c69a77552fc085687eed66e38367f83c177046d0ecb8e6d135463cc142aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 527b4837b28f88a07373bcd9da0bd8fb |
| SHA1 | 62a4cef88c754e45ff8b7e88c518981015f9f7a5 |
| SHA256 | 6a3ada841a2ef42f425a7965a2ce32a62d2a421fc49407a003b681c34b32d563 |
| SHA512 | 00e05ea44bb932238ac12739e5e627b7708f3752e2ce882e6de0d5bce5d6b3b921dea65f9a6f04305cbfcd4e3b1e4a23f5b6b05ed4f695342200814ed32ec610 |
C:\Users\Admin\Downloads\videoplayback_3.mp4
| MD5 | d7148a7a92b44065ec8ee5b1a7b3f352 |
| SHA1 | 564ce3eb3ec1d862fc328d621af3d1cf02bf17f7 |
| SHA256 | 529091933e2eea23caf15edf1e7a1d235d775762ad4da31bccc680f51ec80bb4 |
| SHA512 | 33a4b6cf2bad8df5a4c09d08c720af44f1c42896a54dfef9768f6d101e4112215402d1753f24810ad93f951363ef356e4d7725f65723adb2a7ca8fd96e8f11b3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 13f3e16b32a1991f0261e19c0d1e0f61 |
| SHA1 | 46405c7f4631fc7efe23d29c9bd19c8bdf4d5b2c |
| SHA256 | 4217b679b4a407a90f24f532fc4da0347413a97950c505c84ebaf1d0de0be7b5 |
| SHA512 | 17078c16cfa866d8d52bbb5d16eeef9256ce48587b5f82ba2cb803960d83e7505881bca98b2f512db02352cda7b28cc0f99d65fd921173ad75f81f144e456bda |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0f9012e0267c0ff843c4c9d582d3d6eb |
| SHA1 | 0e8e72797925446153e679fbfe8c284cfd69a2cc |
| SHA256 | 45f9e4e90d8615dc53ad9d6f6928550c5a069871a1e9e97892a7d309c31a6bd2 |
| SHA512 | 52352fb115e0496f0dd16b1ab9f4175d77ae55e27f2313cbe41926b2135a320b52d7d807ec885446642241a4fbfadfe3f3fd5e8748ba7f7b5b1bbd217db7b264 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 0b055b117538123a5d244b6131598516 |
| SHA1 | 3da5f6e7bcc41d9b0bbfa504532e88ee4db1b8d6 |
| SHA256 | 7ac495e81938602ac5b82281da50f72f51451eec3fa90e1e1633ae070c4324b4 |
| SHA512 | 854074acbcd1f1aa2bc5da09cf17935edcdd66bfa4a85fa58b5c9dcbf6d1e085109a706bbc3e73a5d681b3214b0dd9a38b89639a51944ba954e50ceef12804b5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0292ff6f2724b688b7911fd017f17166 |
| SHA1 | 6a201166e7bf892d53bd806955f149a2a46014b6 |
| SHA256 | 246b912b3b98d7e73fd1fd0c70ae625e9aeaa31d4651000eee06b8786d59ef5f |
| SHA512 | 5be9c96ae279c04479dafd6cdeb37d94b65af1ae6b4c6164a618e3809c066d0e3597258c8ddcdbefe71bd70a442ad452ae08d3c8c50526188dd06154ae1b26d8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2a1a8e6a507926cf76d8028e6eeb9869 |
| SHA1 | a734a53003506cb12e5e28cb9819dbf5e47113da |
| SHA256 | 8d252b1cfd8115a1b7db075f521ffb1b8955701007e364cf1723576854d70d47 |
| SHA512 | f9297ea25ec0d418685f01da40f8452cb515b32c5b23d1fb10d40d16e1913a115393a0638ba6250cfcc182c4e1cb9a6c6a8aabbc873a0616753db90c282f4a14 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f7eb830726c65dbf9200c5c82fe545e9 |
| SHA1 | 0c0cf342adda67eef483f48773c4cdce93dff485 |
| SHA256 | cd15c1a9dbed512d3a436094a593e0500bae6711a0db0f3643e69b05ff6fcaab |
| SHA512 | 42c3177faf3dab5049e2c3ac0e92410e66883bc3591cf07dbb3b36decfae3fc9faea1bcee42ba75175a768436dd9be838d6f6d757e1304c32fdbadd0349ac535 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7dbd6da7ba227067585c178cc05f98ac |
| SHA1 | 54e2b4c469b0ff4e53eb5dae8d5ebf262d003a32 |
| SHA256 | 5d53bbda1c1cea86402235e6e6e98ecc2b9ed8477c90221bb30598e1d4621045 |
| SHA512 | 9e5d6af2b962044713792db63ee3e546947233fa003ecb24e2f4c779812b8a5f3b2b8977d11d6cc7af21ed640dbe6a99e49778ad9ac3707bf1f55d24b6a53504 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2427ff246bbcc42067afac6ae86ab3e5 |
| SHA1 | b6bcfd5c055a4776bd2f9aaf9f281811d9643956 |
| SHA256 | 0bbe211488ea4c772038968a7917273f436ebfb08f8393e4ac4ea2bc84bd7234 |
| SHA512 | 658d9aee44885a5936f803f92f8fc7c86b4ec1d5d52708724098956353a66a290d2d77982c4267e02186ca1b6d4f8a8e6c37547cc62ee7fff7ea842a8f88d1d5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fad1c7dc5018e22c9858e405eef77f73 |
| SHA1 | 90b8b2d3c885c9bab0aba012eb6ff83047f52e95 |
| SHA256 | c6afc57726e8442d8c62b190a5384dc51286258efaea8fb1dc02f6c1a6bf6184 |
| SHA512 | f8d344e4f971ae70eb747e5aacdc0172276fa4b86921ad62325f3119683121997aa397f3334b535540ed2f063ea86af4ecbee75632d66f04180028eb9f234ed0 |
memory/4740-2928-0x0000000001000000-0x0000000001020000-memory.dmp
memory/4740-2929-0x0000023B6B000000-0x0000023B6B042000-memory.dmp
memory/4740-2931-0x0000023B6B060000-0x0000023B6B066000-memory.dmp
memory/4740-2930-0x0000023B6B080000-0x0000023B6B0A8000-memory.dmp
memory/4740-2932-0x0000023B6D100000-0x0000023B6D15E000-memory.dmp
memory/4740-2933-0x0000023B6D160000-0x0000023B6D1B6000-memory.dmp
memory/4740-2934-0x0000023B6AF80000-0x0000023B6AF86000-memory.dmp
memory/4740-2935-0x0000023B6AFE0000-0x0000023B6AFE6000-memory.dmp
memory/4740-2936-0x0000023B6C9C0000-0x0000023B6C9FC000-memory.dmp
memory/4740-2937-0x0000023B6C9A0000-0x0000023B6C9BA000-memory.dmp
memory/4740-2938-0x0000023B6DFC0000-0x0000023B6EBF8000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7e455cd8bc5747dacc5cc47a324816ca |
| SHA1 | 83084b2bd4ef40e01eb14934f1f286b1138fc07f |
| SHA256 | 2d22cc6f6f99c689f85f809fc48973d50dd412334782d5305949dc5fbba0e116 |
| SHA512 | 84cdf186e813d9f704a9774c23515403927e524632df70334ca28d6f0f41676de0cbfaae5fdef9be121804e9be39649175bc60a3d0c85bdd6d4d1ae5daf29b53 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 569adee53a6417576c3e25f91119d6e2 |
| SHA1 | c99fb8db84fb2b5bee350ddb5321d73e8663e026 |
| SHA256 | ce8bb09068018dfa07a4c17ff3c5b3d873486dbdd6bad5302f411a5927f947d6 |
| SHA512 | a7817d4617f10a3a80740cd05b3c2d6feae16e770bbe69d2a6f53bf38783035ba555489589a66e479092c99e78fbffb4669dfd35d69c22024c2183be7c7a7fa1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8c66b7e3b0563d85fc0b629ffcc3e9fa |
| SHA1 | 8a445d24442773a45e58bac654ba072bb42b7587 |
| SHA256 | 2bb7af5b967a628241bf0e3a64405b73f15ff1dce8206a5cab84858c4e393d24 |
| SHA512 | dbe52c4f2dfcd0db3e079c4c3f9ed4aab847a55a43c37acca82868012a3c1cacefee0fe7c1f8cb4ad5e1bc33412e5ec27c9bac8d16a0bc6bef39761df997a02e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6146e968dc4c21902cd1d8b89da6ca01 |
| SHA1 | 8a51f685b734b4171b72e8fba5109434fe68b2f3 |
| SHA256 | 58e6a4a42a590b859449d3eab21b44cff98f4c8515d5f226bf5ec5a4d799f8b2 |
| SHA512 | c3f31442aa416c9cae94687e08bfa26ff10f00c2c6b9598d44868602ba550e17d2a0d0076eb6cb057cc82d0393fd901cef348c6a737a129755bb77d7229ed640 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8a4e559cf59a4208310e11a8080fc15e |
| SHA1 | 8a733defda9950afb1c6d6b4446c255b1990d7c5 |
| SHA256 | 1b781f95281db16d35066e51534e357e391627c36eba7e96aae3ed0a77017361 |
| SHA512 | d6d0cfd92bfd855ae0dcfdaba752f98ed79dca0afb7c7cdc584e0730e921281420b5695aba7ce960c8627da364542bd2e2e1a04e1c057b68df44ffd829618122 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e1db7e6a25d94560653d2e7b3f8d8bf6 |
| SHA1 | 80190659bfdb92ee030a60569840b57a50dd6de3 |
| SHA256 | 8d284e600a24ed959da441df37f1ba6f3d9958efec619b7d1c4a89e7c408616a |
| SHA512 | 21dfb82c460eff0e058a53b6587d11bb20a96f91d162cfff40dc906bc8ae2b253336d68702c1fb3e960981bfbfa516922e8f22ed22ae59c70a56b7cd51679ac0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b15eab45e493da627a1d11670be32bc6 |
| SHA1 | 0d31c90f1cd2dfb5b8736d449e6f14c86f9a3e8e |
| SHA256 | e9b9b30410f80b6518e416f38c2c739c68efd3390371c6fa48026b54bf14ba60 |
| SHA512 | 2f92a70f26ae3db41d5c292c6ecfee54e080fce94ce18cfd6a850333cc8a28305396e4a961a3ccb836b09ffbca02a1579be5da8856c6fdeb67c7eced55df7626 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b140716e271aa53f2ac1dfa34df1d036 |
| SHA1 | c5d6c362d7c839fc3668e9b01b8fc3a0f4e8f58d |
| SHA256 | a880bae1a675964101ffb01c9ff6412c72e08f87423ff0c154bda1fb13c8f067 |
| SHA512 | 57a3ec52949094584f7aa0870b8eba37d4e8c40ed768cc9f024ab7fb0ee7b1249c50fdc3ea75d9a73a0d4cd846ec7c03dc4ae7324a53d87bffd9ef9862be0ca6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002
| MD5 | c594a826934b9505d591d0f7a7df80b7 |
| SHA1 | c04b8637e686f71f3fc46a29a86346ba9b04ae18 |
| SHA256 | e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610 |
| SHA512 | 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d166d3e7c21c6aeb722bd69b66afd54c |
| SHA1 | de6d1a4283cf0a824a9a7c057c6bacb7fa04e812 |
| SHA256 | 5ee858ab19a7315c35c7338cae8aea87dfbe3359eba20d5d8edcef7bc3f31bca |
| SHA512 | ab723b62ccaa7a8c066f6477650d0a995e85085d38aa7d5822bd58c280e9e0f985a384bdd9f05c321c6c96b8f5c8bd939a3c526fa9682090c19facac7f90c846 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2e94186098d3feea89afc79dcd8e7d22 |
| SHA1 | 3e509c37171e22ad75b0d988e5c151090297bbc5 |
| SHA256 | 6c4957d68e381f54aa36e577ef3e0c9ff40009133eb51dad2b6874f336f16995 |
| SHA512 | f1315f1e22330179826799b03fe257199283ef476f226992c1d1306f756d8d87d84421c8f9f3b0084964f7d705316b566a0a9dc7f6c4f4f937f3cb5e8f283c6c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d6e4f58f9bfe46227a95ae343a252198 |
| SHA1 | a9658e7c31cc2faf0cc3cca1627900f8e2e78ada |
| SHA256 | c3e16ffea47e6b9cc9b042479c078a471c26da9a8e4cdda3f76eb9b2fc37fa5a |
| SHA512 | 50148bb4ba53550fbc6209af6b9bac9dd4b49cd0aca3deb7aae07b14ad8715c60d9786d7a6793e06291e008844a5d9d0a68a6dc0c860260f6d946817a7780e2c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 553cc0c4ccdc62417590b0f04b1b5599 |
| SHA1 | 9da0dd7c42e581e3761867582eacee24fd53ea5a |
| SHA256 | cc9495921682d32b42f3a76fa47b12ace6b726e4164822b8ae3356f50909e8f0 |
| SHA512 | d7c171a0b806b4717b51aa248d05fa6c51c025b738b2fb3b7a7575872517110a5b4e01521c9a8447671c7a48a4584e461d2bd07044067c0779c4bedc2ff352ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a98c43f173605e9538bfdfd1d2456823 |
| SHA1 | cfa2ea8f90ca53e03c071820a474080eac530efd |
| SHA256 | c4dd5493e6b2e8b7808729255fabe3de8f83064c163857a44c2c2687e9018810 |
| SHA512 | 9dc1e6d854b63f602fc784c0eac5aab72726ccc9200d9a114efa9d1dae6e42037ca07438fc7fe08f8978907f7d32bad091bddcb9bf23af99fa1777d11c12c9f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c145eda456b3b9a7ba1d6340faa01a74 |
| SHA1 | 9860d2dfe30cfffdf761cd36f2cfcbef14613739 |
| SHA256 | 36287a0cd949ed5da4bf31d0cf04e9aa601eda47f4a8a61a42829b304aaa0490 |
| SHA512 | 2c4df365a920116f37b3e777c0cba03cca738e5ef994607ab77fb9c31d06c8f8221b387f9eabad71c90460641417069f238a6d75b8eb7fe1217de3cdd0329c77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cfe9873b78aa6635be3cd3f87031d858 |
| SHA1 | 4bd4008e692c27f8413040c4585e6610ae16263b |
| SHA256 | ad1a64fb00567b0cc4b75540e5ca1dd511fb598aa47e0080ecdadfbabf37e3cd |
| SHA512 | 0fd6872daa15b91aa7a4e08cdcbb1e410a9ebbdd3a2653faf86293a23d2ca58633e15b5d43829da6020816ee747dfad1e5b668dbd6a097ac4fafbe59cef55a04 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 589c49f8a8e18ec6998a7a30b4958ebc |
| SHA1 | cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e |
| SHA256 | 26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8 |
| SHA512 | e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2 |
memory/3396-3369-0x000000001BFD0000-0x000000001BFDE000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 52c2a4e035ceaeb1e038afdd7bdb7dc9 |
| SHA1 | 5d73edaae30124dbda0de11ad5823a957b4596a1 |
| SHA256 | 577a7d4e16132ca47eed65718e508c632e3d8fc914749f7766f1347f63791e78 |
| SHA512 | ab67003bf0d324853f88bfe54a50cfd25ee8237b35a2375647c4f76724fcfbb31d7004edb9e067b12423010467bfebabed95a1b02402f5dca60853344b20e50f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8c928324f908eb551bbd7cc5733ec71b |
| SHA1 | ca517f93648ed205f9b11ecf87e4c7a15e71d482 |
| SHA256 | 2adeffdc987af8af421b084e24366b9b90f17aab5d0a4110eff8291e313aa1ca |
| SHA512 | 4a760cf7098fe75feb64dcd0a676169236742549f29e08dd0634a532366db5ecd363d9201c4e097b60c0bfe5dc103d3bd4de8c9e9bf482c820a137ed139d271d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d215a67d7ef0d153f8bac2597aeeab1a |
| SHA1 | f06ea374e29c562775d1e9112e3f47bc35bcae65 |
| SHA256 | 83d9d10e68f30bcfb7583cf35c43ede04e1bd9b9ecb930a679dbc461b5e2832e |
| SHA512 | c6cc6a71dd259bf5943e0bc1090daa0536b88eef8c733ef8ab11e4947a3b1e6705ae8466cddf4489afbaacadeb4a323efec427b657c76a685a4a64dbd928b005 |
C:\Users\Admin\Downloads\MEMZ-virus-main.zip
| MD5 | a043dc5c624d091f7c2600dd18b300b7 |
| SHA1 | 4682f79dabfc6da05441e2b6d820382ff02b4c58 |
| SHA256 | 0acffde0f952b44d500cf2689d6c9ab87e66ac7fa29a51f3c3e36a43ea5e694a |
| SHA512 | ee4f691a6c7b6c047bca49723b65e5980a8f83cbbc129ddfd578b855430b78acf3d0e461238739cd64c8a5c9071fe132c10da3ac28085fc978b6a19ee1ca3313 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 38d12c2d0f1d8f0ad3bba05b88990a2d |
| SHA1 | 83751294fcd2874faef2117ae851248cf4d68017 |
| SHA256 | 97d3b7621b492a3fedc52c924fc0ff404f5d670726e5eabd4ce3b3f29697d16a |
| SHA512 | 02e447586f053eac93fb11b573cb2ef705d55c17e9fa3ffc0f2c09c4d4137dea3f31fc8c2154e6cdd6e5f43c8289ddb8b36a2f92bd0f2d01cc6bab18b483ded9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a7875e81d2fd77af87558b4305983435 |
| SHA1 | 1610427e62694a19f327332d567ea10827f85255 |
| SHA256 | e8218f2d52caa82510249d0884d7755c062a9330b0fa4f357084afd302db5859 |
| SHA512 | ee652990dceeab9b99bcc08848055db6aa70a7a184563bb42022a30411b8cd5dd5feb36f80d8c6cde0ed3663c7f3510b33acfd5e2f5a89b157619c6fae9e8284 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 47f70e5201ef34c9a2fd3a2f5c143aa9 |
| SHA1 | 447afe3ddfdb2456781dfd7c6f0930f7672e3a5d |
| SHA256 | 7380846ab0e2640c58136bcfb7fa4f1c318126cec623ded9f2b6c323407f54dd |
| SHA512 | 8c7bc66d2f2d06a6296de5b9ed05ce087857c0af737ed4e2d6ff641259bf80ed215e62927fc38e531d2214d2abdb481dfb6ef0773b06f543cf1a1fa8d6ce1f93 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 44514a37cda48f91e592135528421970 |
| SHA1 | d9c0fddbd103c2b437d981178bb7e4e69272391c |
| SHA256 | 00c1849d9d6b67a061495e18f116a401b61272f9cb2119aed5663f8302126a2d |
| SHA512 | 109dcc09fa747b5ac479d1db1c6f1379b3ed40d4b530eb8e0bca23eecbad2837ae669402faf6316d2b005da06449af272f20bd390d455e49f952f61b4d4a89a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4eb10910ade277c71a98457dc4a513ce |
| SHA1 | 605430ee7a45adbe811160d90e385fe2f127119c |
| SHA256 | 1842114132318f8dac4b503dc18b5bbdec8e6af916272c1836a0717e1f4eeb4c |
| SHA512 | d0cbd0005154afe0598dbd4281c53be808e717220ec1edf7e321603a102f6e409fd9b7a400370814177452ee772ce17e6173097ef168625b4a4a0ae465c7ccb8 |
memory/3396-3509-0x000000001C180000-0x000000001C18C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 77cf82aa65c96907db37175dc732b10f |
| SHA1 | 9a3fa685e91f818205b3a5fa13e2f31289761c34 |
| SHA256 | 44a6e45e4ef7636d0c2cf4e096b24c02dcd35d642f1365c338562fbfee9dcf4a |
| SHA512 | ef7386a3687737617cbeec4a7dcee72c96c12b0a0db57893deb2ae50e18b29b36a9031a62fa854ad33e283db69350b0951aaea634864bbc0eadb2138a495e3e9 |
memory/4572-3544-0x000002748AC40000-0x000002748AC41000-memory.dmp
memory/4572-3543-0x000002748AC40000-0x000002748AC41000-memory.dmp
memory/4572-3542-0x000002748AC40000-0x000002748AC41000-memory.dmp
memory/4572-3552-0x000002748AC40000-0x000002748AC41000-memory.dmp
memory/4572-3550-0x000002748AC40000-0x000002748AC41000-memory.dmp
memory/4572-3554-0x000002748AC40000-0x000002748AC41000-memory.dmp
memory/4572-3553-0x000002748AC40000-0x000002748AC41000-memory.dmp
memory/4572-3551-0x000002748AC40000-0x000002748AC41000-memory.dmp
memory/4572-3549-0x000002748AC40000-0x000002748AC41000-memory.dmp
memory/4572-3548-0x000002748AC40000-0x000002748AC41000-memory.dmp