Malware Analysis Report

2024-10-19 10:16

Sample ID 241012-fs2p5svfjd
Target https://wearedevs.net/dInfo/JJSploit
Tags
crimsonrat discovery evasion persistence privilege_escalation rat themida trojan upx
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://wearedevs.net/dInfo/JJSploit was found to be: Known bad.

Malicious Activity Summary

crimsonrat discovery evasion persistence privilege_escalation rat themida trojan upx

CrimsonRAT main payload

CrimsonRat

Identifies VirtualBox via ACPI registry values (likely anti-VM)

Downloads MZ/PE file

Event Triggered Execution: Image File Execution Options Injection

Checks BIOS information in registry

Checks computer location settings

Unexpected DNS network traffic destination

Executes dropped EXE

Themida packer

Loads dropped DLL

Event Triggered Execution: Component Object Model Hijacking

Adds Run key to start application

Blocklisted process makes network request

Checks whether UAC is enabled

Enumerates connected drives

Legitimate hosting services abused for malware hosting/C2

Drops file in System32 directory

UPX packed file

Suspicious use of NtSetInformationThreadHideFromDebugger

Checks system information in the registry

Drops file in Program Files directory

Drops file in Windows directory

System Network Configuration Discovery: Internet Connection Discovery

System Location Discovery: System Language Discovery

Browser Information Discovery

Enumerates physical storage devices

NTFS ADS

Suspicious use of FindShellTrayWindow

Suspicious behavior: EnumeratesProcesses

Opens file in notepad (likely ransom note)

Modifies Internet Explorer settings

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies registry class

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

cURL User-Agent

Modifies data under HKEY_USERS

Enumerates system info in registry

Suspicious behavior: LoadsDriver

Suspicious use of SendNotifyMessage

Gathers network information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-10-12 05:08

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-12 05:08

Reported

2024-10-12 05:26

Platform

win10v2004-20241007-en

Max time kernel

1027s

Max time network

1028s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://wearedevs.net/dInfo/JJSploit

Signatures

CrimsonRAT main payload

Description Indicator Process Target
N/A N/A N/A N/A

CrimsonRat

rat crimsonrat

Identifies VirtualBox via ACPI registry values (likely anti-VM)

evasion
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ C:\ProgramData\Solara\Solara.exe N/A

Downloads MZ/PE file

Event Triggered Execution: Image File Execution Options Injection

persistence
Description Indicator Process Target
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUD3E1.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUD3E1.tmp\MicrosoftEdgeUpdate.exe N/A

Checks BIOS information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion C:\ProgramData\Solara\Solara.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion C:\ProgramData\Solara\Solara.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-493223053-2004649691-1575712786-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\CrimsonRAT.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-493223053-2004649691-1575712786-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-493223053-2004649691-1575712786-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-493223053-2004649691-1575712786-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-493223053-2004649691-1575712786-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\Bootstrapper.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-493223053-2004649691-1575712786-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\CrimsonRAT.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-493223053-2004649691-1575712786-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\CrimsonRAT.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-493223053-2004649691-1575712786-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\CrimsonRAT.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-493223053-2004649691-1575712786-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\Temp\EUD3E1.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-493223053-2004649691-1575712786-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\BootstrapperV1.22.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-493223053-2004649691-1575712786-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\BootstrapperV1.22.exe N/A

Event Triggered Execution: Component Object Model Hijacking

persistence privilege_escalation

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Mantas.exe N/A
N/A N/A C:\Users\Admin\Downloads\Mantas.exe N/A
N/A N/A C:\Users\Admin\Downloads\SpySheriff.exe N/A
N/A N/A C:\Users\Admin\Downloads\CrimsonRAT.exe N/A
N/A N/A C:\ProgramData\Hdlharas\dlrarhsiva.exe N/A
N/A N/A C:\Users\Admin\Downloads\CrimsonRAT.exe N/A
N/A N/A C:\ProgramData\Hdlharas\dlrarhsiva.exe N/A
N/A N/A C:\Users\Admin\Downloads\CrimsonRAT.exe N/A
N/A N/A C:\Users\Admin\Downloads\CrimsonRAT.exe N/A
N/A N/A C:\ProgramData\Hdlharas\dlrarhsiva.exe N/A
N/A N/A C:\ProgramData\Hdlharas\dlrarhsiva.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bootstrapper.exe N/A
N/A N/A C:\Users\Admin\Downloads\BootstrapperV1.22.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\Users\Admin\Downloads\BootstrapperV1.22.exe N/A
N/A N/A C:\Program Files\nodejs\node.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\Program Files\nodejs\node.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUD3E1.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
N/A N/A C:\Windows\System32\MsiExec.exe N/A
N/A N/A C:\Windows\System32\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\System32\MsiExec.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUD3E1.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Themida packer

themida
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Unexpected DNS network traffic destination

Description Indicator Process Target
Destination IP 1.0.0.1 N/A N/A
Destination IP 1.0.0.1 N/A N/A
Destination IP 1.0.0.1 N/A N/A
Destination IP 1.0.0.1 N/A N/A
Destination IP 1.0.0.1 N/A N/A
Destination IP 1.0.0.1 N/A N/A
Destination IP 1.0.0.1 N/A N/A
Destination IP 1.0.0.1 N/A N/A
Destination IP 1.0.0.1 N/A N/A
Destination IP 1.0.0.1 N/A N/A
Destination IP 1.0.0.1 N/A N/A
Destination IP 1.0.0.1 N/A N/A
Destination IP 1.0.0.1 N/A N/A
Destination IP 1.0.0.1 N/A N/A
Destination IP 1.0.0.1 N/A N/A
Destination IP 1.0.0.1 N/A N/A
Destination IP 1.0.0.1 N/A N/A
Destination IP 1.0.0.1 N/A N/A
Destination IP 1.0.0.1 N/A N/A
Destination IP 1.0.0.1 N/A N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\Windows Manager = "C:\\Windows\\system32\\winmants.exe" C:\Users\Admin\Downloads\Mantas.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\Windows Manager = "C:\\Windows\\system32\\winmants.exe" C:\Users\Admin\Downloads\Mantas.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-493223053-2004649691-1575712786-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Noxic™ Mod Menu = "C:\\Users\\Admin\\AppData\\Roaming\\Noxic™ Mod Menu\\Noxic™.exe" C:\Users\Admin\AppData\Local\Temp\Temp1_Noxic.Mod.Menu.zip\Noxic™.exe N/A

Blocklisted process makes network request

Description Indicator Process Target
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\ProgramData\Solara\Solara.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\T: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\U: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\A: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\B: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\L: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Q: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\S: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\V: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\W: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\H: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\K: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\N: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\O: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\G: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\J: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\E: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\X: C:\Windows\system32\msiexec.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A pastebin.com N/A N/A
N/A pastebin.com N/A N/A
N/A pastebin.com N/A N/A
N/A pastebin.com N/A N/A
N/A pastebin.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUD3E1.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUD3E1.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\SysWOW64\winmants.exe C:\Users\Admin\Downloads\Mantas.exe N/A
File opened for modification C:\Windows\SysWOW64\winmants.exe C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Windows\SysWOW64\winmants.exe:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Windows\SysWOW64\winmants.exe C:\Users\Admin\Downloads\Mantas.exe N/A
File opened for modification C:\Windows\SysWOW64\winmants.exe C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Windows\SysWOW64\winmants.exe:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\ProgramData\Solara\Solara.exe N/A

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files\KazaaLite\My shared folders\DVD Ripper.exe C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\write-file-atomic\package.json C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\docs\output\using-npm\registry.html C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\content\textures\particles\explosion01_smoke_color_new.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\content\textures\ui\Chat\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\docs\output\commands\npm-explore.html C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\spdx-expression-parse\parse.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\content\textures\CompositorDebugger\play.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\ExtraContent\textures\ui\Gamepad\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\KazaaLite\My shared folders\Network Cable e ADSL Speed .exe C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Program Files\gnucleus\downloads\PerAntivirus Crack.exe C:\Users\Admin\Downloads\Mantas.exe N/A
File opened for modification C:\Program Files\morpheus\my shared folder\0m1a2n3t4a7s8.jpg C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\content\textures\GlueCursor.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\icq\shared files\FruityLoops Setup.exe C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\man\man1\npm-version.1 C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\lib\process-release.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\edonkey2000\incoming\Winrar.exe C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Program Files\Kazaa\My shared folder\ftp.exe C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\move-file\LICENSE.md C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\minipass-pipeline\package.json C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\ExtraContent\LuaPackages\Packages\_Index\FoundationImages\FoundationImages\SpriteSheets\img_set_2x_11.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\KazaaLite\My shared folders\Ad-aware .exe C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\content\textures\localizationUIScrapingOff.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\limewire\shared\Christina Aguilera.scr C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\docs\output\using-npm\removal.html C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\util\oidc.d.ts C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\qrcode-terminal\lib\main.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\content\textures\DeveloperInspector\Bin.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\content\textures\ui\VoiceChat\SpeakerNew\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\ExtraContent\textures\ui\LuaChatV2\navigation_pushBack.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\KazaaLite\My shared folders\epsxe.exe C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Program Files\morpheus\my shared folder\diablo2.exe C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\gyp\pylib\gyp\MSVSNew.py C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\color-support\browser.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\content\textures\ui\Backpack\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\walk-up-path\package.json C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\disparity-colors\lib\index.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\readable-stream\lib\ours\util.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\content\fonts\Roboto-Bold.ttf C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\icq\shared files\Mcafee Serial.exe C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Program Files\morpheus\my shared folder\roms C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\cli-table3\src\table.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\content\avatar\unification\CollisionHead.rbxm C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\content\textures\particles\forcefield_alpha.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\content\textures\ui\TopBar\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\ExtraContent\textures\ui\LuaApp\graphic\gr-profile-150x150px.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files\KazaaLite\My shared folder\lesbian.jpg C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\client\error.d.ts C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\socks\build\common\constants.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\content\textures\AnimationEditor\addEvent_border.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\content\textures\ui\ErrorPrompt\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\ExtraContent\textures\ui\LuaChat\graphic\gr-indicator-online.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\ExtraContent\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\KazaaLite\My shared folders\Kazaa 2.05 beta .exe C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Program Files\edonkey2000\incoming\Legend of Zelda.exe C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Program Files\limewire\shared\winamp.exe C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Program Files\limewire\shared\Mp3finder.exe C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Program Files\gnucleus\downloads\Registry Mechanic.exe C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\clone\clone.iml C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\content\textures\advancedMoveResize.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\grokster\my grokster\DVD Ripper.exe C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Program Files\Kazaa\My shared folder\Winzip.exe C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\readable-stream\lib\_stream_passthrough.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\cacache\node_modules\minimatch\LICENSE C:\Windows\system32\msiexec.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\Installer\MSI6AF7.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI843D.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}\NodeIcon C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI6AE6.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}\NodeIcon C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\e645e0f.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI610C.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\ C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI6670.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI64D8.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI6650.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI83CF.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\e645e13.msi C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\e645e0f.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI61AA.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI61F9.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\inprogressinstallinfo.ipi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI8847.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\SourceHash{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC} C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI85A6.tmp C:\Windows\system32\msiexec.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\SpySheriff.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\syswow64\MsiExec.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\syswow64\MsiExec.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\Mantas.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\Temp\EUD3E1.tmp\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\Temp1_Noxic.Mod.Menu.zip\Noxic™.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\Mantas.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\wevtutil.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

System Network Configuration Discovery: Internet Connection Discovery

discovery
Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Gathers network information

Description Indicator Process Target
N/A N/A C:\Windows\system32\ipconfig.exe N/A
N/A N/A C:\Windows\system32\ipconfig.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key deleted \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27 C:\Windows\system32\msiexec.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\shell\open\command C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A6B716CB-028B-404D-B72C-50E153DD68DA}\ = "Microsoft Edge Update Legacy On Demand" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\AppID = "{A6B716CB-028B-404D-B72C-50E153DD68DA}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\VERSIONINDEPENDENTPROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachineFallback\CurVer\ = "MicrosoftEdgeUpdate.Update3WebMachineFallback.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods\ = "16" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachine\CurVer\ = "MicrosoftEdgeUpdate.Update3WebMachine.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\PROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\NumMethods\ = "41" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA}\InprocHandler32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\LocalizedString = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\msedgeupdate.dll,-3000" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\ = "PSFactoryBuffer" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A6B716CB-028B-404D-B72C-50E153DD68DA}\PROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\NumMethods\ = "41" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\NumMethods\ = "43" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\Elevation\Enabled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.CoreMachineClass" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\shell C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8F09CD6C-5964-4573-82E3-EBFF7702865B}\ = "Microsoft Edge Update Core Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods\ = "24" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods\ = "24" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\NumMethods\ = "43" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED}\ = "Microsoft Edge Update CredentialDialog" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8F09CD6C-5964-4573-82E3-EBFF7702865B} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods\ = "5" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA}\InprocHandler32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\ = "IAppWeb" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\Version = "303038464" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\shell\open\command\ = "\"C:\\Program Files (x86)\\Roblox\\Versions\\RobloxStudioInstaller.exe\" %1" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

NTFS ADS

Description Indicator Process Target
File created C:\Users\Admin\Documents\Gamecube Emulator.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\StarCraft No CD Crack.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\mantas.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\help.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\AudioCatalyst.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Trillian .exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Gamecube.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Doom-Install.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\command.com\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Download Accelerator Plus.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\FlashFXP Crack.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\GCN Emulator.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\AOL Instant Messenger (AIM).exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\hotfix.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Wolfenstein.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\zsnes.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\ICQ Pro 2003a beta .exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Morpheus .exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Pop-Up Stopper .exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\PS2 emulator\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\password.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Visual Studio Net Serial.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Nero Burning ROM.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\nocd crack.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\1000 Games.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Kazaa Media Desktop .exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\DVD2AVI.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Microsoft Windows 2003 Serial.txt .exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Emulator.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\FlashFXP Crack.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\winxp service pack.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Download Accelerator Plus.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\diablo2.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\SnagIt .exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\epsxe.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\ftp.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Registry Mechanic.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\serial.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\patch.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\aimbot.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\XBOX Emulator.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Gamecube.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Wolfenstein.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Winzip.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Direct DVD Copier.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\zsnes.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Doom-Install.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Microsoft Patch.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\keygen.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Alcohol120-Install.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\lesbian.scr\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Legend of Zelda.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\DoomII-Install.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Visual Boy Advance .exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\cdcrack.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\secret.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\ICQ Lite .exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Emulator.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\KazaaUpdate.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\winxp service pack.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\setup.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\FruityLoops Setup.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File created C:\Users\Admin\Documents\Legend of Zelda.exe\:SmartScreen:$DATA C:\Users\Admin\Downloads\Mantas.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 589493.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Opens file in notepad (likely ransom note)

ransomware
Description Indicator Process Target
N/A N/A C:\Windows\system32\NOTEPAD.EXE N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Downloads\BootstrapperV1.22.exe N/A
N/A N/A C:\Users\Admin\Downloads\BootstrapperV1.22.exe N/A
N/A N/A C:\Users\Admin\Downloads\BootstrapperV1.22.exe N/A
N/A N/A C:\Users\Admin\Downloads\BootstrapperV1.22.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\Users\Admin\Downloads\BootstrapperV1.22.exe N/A
N/A N/A C:\Users\Admin\Downloads\BootstrapperV1.22.exe N/A
N/A N/A C:\Users\Admin\Downloads\BootstrapperV1.22.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A
N/A N/A C:\ProgramData\Solara\Solara.exe N/A

Suspicious behavior: LoadsDriver

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\Bootstrapper.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 33 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 34 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 35 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 36 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\nodejs\node.exe N/A
N/A N/A C:\Program Files\nodejs\node.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2304 wrote to memory of 3580 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3580 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 2328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 2328 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 2164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 2164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 2164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 2164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 2164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 2164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 2164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 2164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 2164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 2164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 2164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 2164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 2164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 2164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 2164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 2164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 2164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 2164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 2164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2304 wrote to memory of 2164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

cURL User-Agent

Description Indicator Process Target
HTTP User-Agent header curl/8.9.1-DEV N/A N/A
HTTP User-Agent header curl/8.9.1-DEV N/A N/A
HTTP User-Agent header curl/8.9.1-DEV N/A N/A
HTTP User-Agent header curl/8.9.1-DEV N/A N/A
HTTP User-Agent header curl/8.9.1-DEV N/A N/A
HTTP User-Agent header curl/8.9.1-DEV N/A N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://wearedevs.net/dInfo/JJSploit

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbf11646f8,0x7ffbf1164708,0x7ffbf1164718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2416 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2864 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3356 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5488 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5864 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5864 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6124 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4800 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3520 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3892 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4948 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3628 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6396 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6408 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5708 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6096 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6952 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6760 /prefetch:8

C:\Users\Admin\Downloads\Mantas.exe

"C:\Users\Admin\Downloads\Mantas.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5252 /prefetch:2

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Downloads\Mantas.exe

"C:\Users\Admin\Downloads\Mantas.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3196 /prefetch:8

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\BabylonToolbar.txt

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5024 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1856 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6272 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7140 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4856 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3560 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6264 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6096 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7436 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1792 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4116 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=7452 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6916 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x3f4 0x408

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6780 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7532 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5080 /prefetch:8

C:\Users\Admin\Downloads\SpySheriff.exe

"C:\Users\Admin\Downloads\SpySheriff.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6060 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6496 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5572 /prefetch:8

C:\Users\Admin\Downloads\CrimsonRAT.exe

"C:\Users\Admin\Downloads\CrimsonRAT.exe"

C:\ProgramData\Hdlharas\dlrarhsiva.exe

"C:\ProgramData\Hdlharas\dlrarhsiva.exe"

C:\Users\Admin\Downloads\CrimsonRAT.exe

"C:\Users\Admin\Downloads\CrimsonRAT.exe"

C:\ProgramData\Hdlharas\dlrarhsiva.exe

"C:\ProgramData\Hdlharas\dlrarhsiva.exe"

C:\Users\Admin\Downloads\CrimsonRAT.exe

"C:\Users\Admin\Downloads\CrimsonRAT.exe"

C:\Users\Admin\Downloads\CrimsonRAT.exe

"C:\Users\Admin\Downloads\CrimsonRAT.exe"

C:\ProgramData\Hdlharas\dlrarhsiva.exe

"C:\ProgramData\Hdlharas\dlrarhsiva.exe"

C:\ProgramData\Hdlharas\dlrarhsiva.exe

"C:\ProgramData\Hdlharas\dlrarhsiva.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3980 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7720 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7008 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7596 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6264 /prefetch:8

C:\Users\Admin\AppData\Local\Temp\Temp1_Noxic.Mod.Menu.zip\Noxic™.exe

"C:\Users\Admin\AppData\Local\Temp\Temp1_Noxic.Mod.Menu.zip\Noxic™.exe"

C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe

"C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe"

C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe

"C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\noxic™-nativefier-41fdc3" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1552 --field-trial-handle=1684,i,5124233004080248847,8983320903417373361,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2

C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe

"C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\noxic™-nativefier-41fdc3" --mojo-platform-channel-handle=2024 --field-trial-handle=1684,i,5124233004080248847,8983320903417373361,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8

C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe

"C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\noxic™-nativefier-41fdc3" --app-user-model-id=noxic™-nativefier-41fdc3 --app-path="C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\resources\app" --no-sandbox --no-zygote --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2376 --field-trial-handle=1684,i,5124233004080248847,8983320903417373361,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1

C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe

"C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\Noxic™.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\noxic™-nativefier-41fdc3" --app-user-model-id=noxic™-nativefier-41fdc3 --app-path="C:\Users\Admin\AppData\Roaming\Noxic™ Mod Menu\resources\app" --enable-sandbox --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2568 --field-trial-handle=1684,i,5124233004080248847,8983320903417373361,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5668 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7720 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7884 /prefetch:8

C:\Users\Admin\Downloads\KiwiXExternal\Kiwi_X_External\Kiwi X External\Kiwi X External.exe

"C:\Users\Admin\Downloads\KiwiXExternal\Kiwi_X_External\Kiwi X External\Kiwi X External.exe"

C:\Users\Admin\Downloads\KiwiXExternal\Kiwi_X_External\Kiwi X External\Kiwi X External.exe

"C:\Users\Admin\Downloads\KiwiXExternal\Kiwi_X_External\Kiwi X External\Kiwi X External.exe"

C:\Users\Admin\Downloads\KiwiXExternal\Kiwi_X_External\Kiwi X External\Kiwi X External.exe

"C:\Users\Admin\Downloads\KiwiXExternal\Kiwi_X_External\Kiwi X External\Kiwi X External.exe"

C:\Users\Admin\Downloads\KiwiXExternal\Kiwi_X_External\Kiwi X External\Kiwi X External.exe

"C:\Users\Admin\Downloads\KiwiXExternal\Kiwi_X_External\Kiwi X External\Kiwi X External.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8176 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7164 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7864 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2600 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7116 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7980 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7532 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7968 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7904 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4856 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3700 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6368 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6920 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8244 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8388 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8692 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8700 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8940 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9084 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9092 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9540 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9656 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7952 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5780 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10448 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10692 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10724 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11008 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11024 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11480 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11508 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11752 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7396 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12408 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10560 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11420 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8060 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7228 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12132 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12508 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8628 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11808 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11824 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11732 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9432 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10160 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12152 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9284 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9344 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6964 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6940 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10368 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8264 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=149 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=150 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=151 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5716 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=152 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7332 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9120 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=154 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5708 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=155 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8464 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=156 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8436 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=157 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=158 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6292 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=160 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7632 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9488 /prefetch:8

C:\Users\Admin\Downloads\Bootstrapper.exe

"C:\Users\Admin\Downloads\Bootstrapper.exe"

C:\Users\Admin\Downloads\BootstrapperV1.22.exe

"C:\Users\Admin\Downloads\BootstrapperV1.22.exe" --oldBootstrapper "C:\Users\Admin\Downloads\Bootstrapper.exe" --isUpdate true

C:\Windows\SYSTEM32\cmd.exe

"cmd" /c ipconfig /all

C:\Windows\system32\ipconfig.exe

ipconfig /all

C:\Windows\SYSTEM32\cmd.exe

"cmd" /c wmic nicconfig where (IPEnabled=TRUE) call SetDNSServerSearchOrder ("1.1.1.1", "1.0.0.1")

C:\Windows\System32\Wbem\WMIC.exe

wmic nicconfig where (IPEnabled=TRUE) call SetDNSServerSearchOrder ("1.1.1.1", "1.0.0.1")

C:\Windows\System32\msiexec.exe

"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\AppData\Local\Temp\node-v18.16.0-x64.msi" /qn

C:\Windows\system32\msiexec.exe

C:\Windows\system32\msiexec.exe /V

C:\Windows\System32\MsiExec.exe

C:\Windows\System32\MsiExec.exe -Embedding B7EAA6B7898A00E2CC49EE31985EFB94

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding D3694CA7F58FFE0C02AFE64FACFAF02E

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding B17C39B52F46674C8FDB476EB434746F E Global\MSI0000

C:\Windows\SysWOW64\wevtutil.exe

"wevtutil.exe" im "C:\Program Files\nodejs\node_etw_provider.man"

C:\Windows\System32\wevtutil.exe

"wevtutil.exe" im "C:\Program Files\nodejs\node_etw_provider.man" /fromwow64

C:\ProgramData\Solara\Solara.exe

"C:\ProgramData\Solara\Solara.exe"

C:\Users\Admin\Downloads\BootstrapperV1.22.exe

"C:\Users\Admin\Downloads\BootstrapperV1.22.exe"

C:\Windows\SYSTEM32\cmd.exe

"cmd" /c ipconfig /all

C:\Windows\system32\ipconfig.exe

ipconfig /all

C:\Program Files\nodejs\node.exe

"node" -v

C:\ProgramData\Solara\Solara.exe

"C:\ProgramData\Solara\Solara.exe"

C:\Program Files\nodejs\node.exe

"node" "C:\ProgramData\Solara\Monaco\fileaccess\index.js" 81dd15b9565f4a98

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=163 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=164 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8700 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=165 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=166 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7492 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=167 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11744 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=168 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11720 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=169 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10620 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=170 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12488 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=11368 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=8524 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=173 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7476 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=175 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9476 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2600 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6292 /prefetch:8

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,1393951595717825092,14138707871236680844,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=178 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4780 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-eadc3c90bb1a4267\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EUD3E1.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUD3E1.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7ODA1MzQ5Q0UtRDhFRC00NzQ3LTlDNkEtNjE3MEUwMTg3M0VCfSIgdXNlcmlkPSJ7RTEyNDJFMTEtNTFGQy00MzYyLUEzMkItMUZBQzc0QjE3MjJEfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins1M0RERDg4Ri04QTc2LTRFRjctOTExQi0yNDJCRDE1RDhGMzR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iIi8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNDcuMzciIG5leHR2ZXJzaW9uPSIxLjMuMTcxLjM5IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDc1OTIwNzc2OCIgaW5zdGFsbF90aW1lX21zPSI1OTMiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{805349CE-D8ED-4747-9C6A-6170E01873EB}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7ODA1MzQ5Q0UtRDhFRC00NzQ3LTlDNkEtNjE3MEUwMTg3M0VCfSIgdXNlcmlkPSJ7RTEyNDJFMTEtNTFGQy00MzYyLUEzMkItMUZBQzc0QjE3MjJEfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InsxOTBFOEUwMy0xMDA0LTQzQTktODIyRC05RjMzMTU5QzZFMUF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iIi8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEyMy4wLjYzMTIuMTIzIiBuZXh0dmVyc2lvbj0iMTIzLjAuNjMxMi4xMjMiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSI1IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDc2MzEyNzY4MSIvPjwvYXBwPjwvcmVxdWVzdD4

Network

Country Destination Domain Proto
US 8.8.8.8:53 wearedevs.net udp
US 104.26.6.147:443 wearedevs.net tcp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 151.101.65.229:443 cdn.jsdelivr.net tcp
US 151.101.65.229:443 cdn.jsdelivr.net tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 cdn.wearedevs.net udp
US 8.8.8.8:53 147.6.26.104.in-addr.arpa udp
US 8.8.8.8:53 4.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 229.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 14.25.17.104.in-addr.arpa udp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 226.20.18.104.in-addr.arpa udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 232.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
GB 142.250.179.226:443 googleads.g.doubleclick.net tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
GB 142.250.180.3:443 www.google.co.uk tcp
GB 74.125.206.156:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
GB 172.217.169.78:443 fundingchoicesmessages.google.com tcp
GB 172.217.169.78:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 g.bing.com udp
US 150.171.28.10:443 g.bing.com tcp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 226.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 156.206.125.74.in-addr.arpa udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 78.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 88.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
GB 142.250.187.193:443 lh3.googleusercontent.com tcp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
US 8.8.8.8:53 193.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 142.250.187.225:443 tpc.googlesyndication.com tcp
GB 142.250.187.225:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
N/A 224.0.0.251:5353 udp
GB 142.250.179.226:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 225.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 228.179.250.142.in-addr.arpa udp
GB 142.250.179.228:443 www.google.com udp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 2.200.250.142.in-addr.arpa udp
GB 92.123.128.169:443 www.bing.com tcp
US 8.8.8.8:53 169.128.123.92.in-addr.arpa udp
US 216.239.32.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
GB 92.123.128.133:443 r.bing.com tcp
GB 92.123.128.164:443 r.bing.com tcp
GB 92.123.128.164:443 r.bing.com tcp
GB 92.123.128.133:443 r.bing.com tcp
US 8.8.8.8:53 133.128.123.92.in-addr.arpa udp
US 8.8.8.8:53 164.128.123.92.in-addr.arpa udp
US 8.8.8.8:53 aefd.nelreports.net udp
GB 2.19.117.143:443 aefd.nelreports.net tcp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 20.190.159.68:443 login.microsoftonline.com tcp
US 8.8.8.8:53 143.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 68.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 2.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 53.210.109.20.in-addr.arpa udp
US 8.8.8.8:53 zeltser.com udp
US 138.197.15.59:443 zeltser.com tcp
US 138.197.15.59:443 zeltser.com tcp
US 8.8.8.8:53 cdn.zeltser.com udp
NL 185.172.149.104:443 cdn.zeltser.com tcp
NL 185.172.149.104:443 cdn.zeltser.com tcp
NL 185.172.149.104:443 cdn.zeltser.com tcp
NL 185.172.149.104:443 cdn.zeltser.com tcp
NL 185.172.149.104:443 cdn.zeltser.com tcp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 59.15.197.138.in-addr.arpa udp
NL 185.172.149.104:443 cdn.zeltser.com tcp
US 8.8.8.8:53 104.149.172.185.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 138.197.15.59:443 zeltser.com tcp
US 8.8.8.8:53 bazaar.abuse.ch udp
US 151.101.130.49:443 bazaar.abuse.ch tcp
US 151.101.130.49:443 bazaar.abuse.ch tcp
US 8.8.8.8:53 49.130.101.151.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.179.228:443 www.google.com udp
GB 142.250.179.228:443 www.google.com udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 185.199.109.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 185.199.109.133:443 user-images.githubusercontent.com tcp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 154.110.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.109.199.185.in-addr.arpa udp
US 8.8.8.8:53 collector.github.com udp
US 185.199.110.154:443 github.githubassets.com tcp
US 140.82.112.22:443 collector.github.com tcp
US 8.8.8.8:53 api.github.com udp
US 140.82.112.22:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
GB 2.19.117.143:443 aefd.nelreports.net udp
US 8.8.8.8:53 48.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 185.199.111.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 133.111.199.185.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 www.babylon-software.com udp
US 174.138.88.129:443 www.babylon-software.com tcp
US 174.138.88.129:443 www.babylon-software.com tcp
US 8.8.8.8:53 129.88.138.174.in-addr.arpa udp
US 8.8.8.8:53 42.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 edge.marker.io udp
US 104.26.14.104:443 edge.marker.io tcp
US 8.8.8.8:53 api.marker.io udp
US 104.26.14.104:443 api.marker.io tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 40.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 104.14.26.104.in-addr.arpa udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 s.w.org udp
US 192.0.77.48:443 s.w.org tcp
US 192.0.77.48:443 s.w.org tcp
US 192.0.77.48:443 s.w.org tcp
US 192.0.77.48:443 s.w.org tcp
US 192.0.77.48:443 s.w.org tcp
US 192.0.77.48:443 s.w.org tcp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 48.77.0.192.in-addr.arpa udp
US 8.8.8.8:53 aefd.nelreports.net udp
GB 2.19.117.143:443 aefd.nelreports.net udp
US 216.239.34.36:443 region1.google-analytics.com udp
GB 92.123.128.169:443 www.bing.com tcp
US 8.8.8.8:53 r.bing.com udp
GB 92.123.128.133:443 r.bing.com tcp
GB 92.123.128.133:443 r.bing.com tcp
GB 92.123.128.133:443 r.bing.com tcp
US 8.8.8.8:53 assets.msn.com udp
GB 92.123.128.23:443 assets.msn.com tcp
US 8.8.8.8:53 www.msn.com udp
US 8.8.8.8:53 23.128.123.92.in-addr.arpa udp
US 8.8.8.8:53 c.msn.com udp
IE 13.74.129.1:443 c.msn.com tcp
US 8.8.8.8:53 c.bing.com udp
US 8.8.8.8:53 browser.events.data.msn.com udp
GB 92.123.128.23:443 assets.msn.com tcp
US 13.107.21.237:443 c.bing.com tcp
US 20.42.65.90:443 browser.events.data.msn.com tcp
US 20.42.65.90:443 browser.events.data.msn.com tcp
US 8.8.8.8:53 237.21.107.13.in-addr.arpa udp
US 8.8.8.8:53 90.65.42.20.in-addr.arpa udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 img-s-msn-com.akamaized.net udp
GB 2.19.117.168:443 img-s-msn-com.akamaized.net tcp
GB 2.19.117.168:443 img-s-msn-com.akamaized.net tcp
GB 2.19.117.168:443 img-s-msn-com.akamaized.net tcp
GB 2.19.117.168:443 img-s-msn-com.akamaized.net tcp
GB 2.19.117.168:443 img-s-msn-com.akamaized.net tcp
GB 2.19.117.168:443 img-s-msn-com.akamaized.net tcp
US 8.8.8.8:53 168.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 deff.nelreports.net udp
GB 2.19.117.83:443 deff.nelreports.net tcp
US 8.8.8.8:53 83.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 246.197.219.23.in-addr.arpa udp
US 8.8.8.8:53 th.bing.com udp
GB 92.123.128.181:443 th.bing.com tcp
US 8.8.8.8:53 181.128.123.92.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 10.27.171.150.in-addr.arpa udp
US 8.8.8.8:53 18.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 www.top10.com udp
CZ 65.9.95.29:443 www.top10.com tcp
CZ 65.9.95.29:443 www.top10.com tcp
US 8.8.8.8:53 29.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 images.top10.com udp
US 8.8.8.8:53 umbrella.data.naturalint.com udp
GB 163.70.147.23:443 connect.facebook.net tcp
BE 74.125.206.157:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 umbrella.s3.naturalint.com udp
GB 3.162.20.106:443 umbrella.data.naturalint.com tcp
GB 3.162.20.106:443 umbrella.data.naturalint.com tcp
GB 3.162.20.106:443 umbrella.data.naturalint.com tcp
US 8.8.8.8:53 api.naturaltracking.com udp
US 151.101.66.97:443 images.top10.com tcp
CZ 65.9.95.55:443 umbrella.s3.naturalint.com tcp
GB 3.162.20.106:443 umbrella.data.naturalint.com tcp
US 151.101.66.97:443 images.top10.com tcp
US 151.101.66.97:443 images.top10.com tcp
US 151.101.66.97:443 images.top10.com tcp
US 151.101.66.97:443 images.top10.com tcp
GB 18.134.224.169:443 api.naturaltracking.com tcp
CZ 65.9.95.55:443 umbrella.s3.naturalint.com tcp
US 8.8.8.8:53 tags.tiqcdn.com udp
CZ 65.9.95.123:443 tags.tiqcdn.com tcp
US 8.8.8.8:53 91.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 157.206.125.74.in-addr.arpa udp
US 8.8.8.8:53 23.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 106.20.162.3.in-addr.arpa udp
US 8.8.8.8:53 97.66.101.151.in-addr.arpa udp
US 8.8.8.8:53 169.224.134.18.in-addr.arpa udp
US 8.8.8.8:53 55.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 123.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 cdn.userway.org udp
US 8.8.8.8:53 solutions.invocacdn.com udp
US 8.8.8.8:53 t.naturaltracking.com udp
US 8.8.8.8:53 static.hotjar.com udp
DE 37.19.194.80:443 cdn.userway.org tcp
GB 3.162.20.48:443 solutions.invocacdn.com tcp
CZ 65.9.95.97:443 static.hotjar.com tcp
US 8.8.8.8:53 cdn.popt.in udp
US 8.8.8.8:53 bat.bing.com udp
CZ 65.9.95.119:443 t.naturaltracking.com tcp
US 172.67.166.202:443 cdn.popt.in tcp
US 150.171.27.10:443 bat.bing.com tcp
US 8.8.8.8:53 crt.rootg2.amazontrust.com udp
CZ 65.9.95.119:443 t.naturaltracking.com tcp
CZ 65.9.95.119:443 t.naturaltracking.com tcp
CZ 65.9.95.119:443 t.naturaltracking.com tcp
CZ 65.9.95.56:80 crt.rootg2.amazontrust.com tcp
US 8.8.8.8:53 collect.tealiumiq.com udp
IE 54.246.156.60:443 collect.tealiumiq.com tcp
IE 54.246.156.60:443 collect.tealiumiq.com tcp
DE 37.19.194.80:443 cdn.userway.org tcp
US 8.8.8.8:53 script.hotjar.com udp
CZ 65.9.95.91:443 script.hotjar.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
BE 74.125.206.157:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 216.239.34.36:443 region1.analytics.google.com udp
GB 142.250.180.3:443 www.google.co.uk udp
US 8.8.8.8:53 www.clarity.ms udp
US 13.107.246.64:443 www.clarity.ms tcp
US 8.8.8.8:53 48.20.162.3.in-addr.arpa udp
US 8.8.8.8:53 80.194.19.37.in-addr.arpa udp
US 8.8.8.8:53 97.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 119.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 202.166.67.172.in-addr.arpa udp
US 8.8.8.8:53 56.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 60.156.246.54.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 api.userway.org udp
US 52.27.102.7:443 api.userway.org tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.200.36:443 www.google.com udp
US 8.8.8.8:53 pnapi.invoca.net udp
US 44.219.121.120:443 pnapi.invoca.net tcp
US 8.8.8.8:53 b.clarity.ms udp
US 4.153.129.168:443 b.clarity.ms tcp
US 8.8.8.8:53 display.popt.in udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 c.clarity.ms udp
US 104.21.50.204:443 display.popt.in tcp
US 104.21.50.204:443 display.popt.in tcp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 36.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 194.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 7.102.27.52.in-addr.arpa udp
US 8.8.8.8:53 120.121.219.44.in-addr.arpa udp
US 8.8.8.8:53 168.129.153.4.in-addr.arpa udp
US 8.8.8.8:53 204.50.21.104.in-addr.arpa udp
US 8.8.8.8:53 aurainc.sjv.io udp
US 35.227.211.136:443 aurainc.sjv.io tcp
US 35.227.211.136:443 aurainc.sjv.io tcp
US 8.8.8.8:53 www.ojrq.net udp
US 34.95.127.121:443 www.ojrq.net tcp
US 35.227.211.136:443 aurainc.sjv.io udp
US 8.8.8.8:53 buy.aura.com udp
US 104.18.38.43:443 buy.aura.com tcp
US 8.8.8.8:53 136.211.227.35.in-addr.arpa udp
US 8.8.8.8:53 121.127.95.34.in-addr.arpa udp
US 8.8.8.8:53 g.fastcdn.co udp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 8.8.8.8:53 cdn.optimizely.com udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 172.64.146.38:443 g.fastcdn.co tcp
US 172.64.146.38:443 g.fastcdn.co tcp
US 151.101.65.229:443 cdn.jsdelivr.net udp
US 104.18.86.42:443 cdn.cookielaw.org tcp
US 104.18.66.57:443 cdn.optimizely.com tcp
US 104.18.86.42:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 a23477880699.cdn.optimizely.com udp
US 8.8.8.8:53 v.fastcdn.co udp
US 8.8.8.8:53 heatmap-events-collector.instapage.com udp
US 8.8.8.8:53 cdn.instapagemetrics.com udp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 104.18.32.137:443 geolocation.onetrust.com tcp
US 104.18.37.5:443 heatmap-events-collector.instapage.com tcp
US 34.36.17.181:443 cdn.instapagemetrics.com tcp
US 8.8.8.8:53 43.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 38.146.64.172.in-addr.arpa udp
US 8.8.8.8:53 42.86.18.104.in-addr.arpa udp
US 8.8.8.8:53 57.66.18.104.in-addr.arpa udp
US 8.8.8.8:53 assets.website-files.com udp
US 8.8.8.8:53 api.trustpilot.com udp
US 104.18.34.201:443 assets.website-files.com tcp
US 104.18.34.201:443 assets.website-files.com tcp
US 104.18.34.201:443 assets.website-files.com tcp
US 104.18.34.201:443 assets.website-files.com tcp
US 104.18.34.201:443 assets.website-files.com tcp
US 104.18.34.201:443 assets.website-files.com tcp
CZ 65.9.95.24:443 api.trustpilot.com tcp
US 8.8.8.8:53 d.impactradius-event.com udp
US 8.8.8.8:53 diffuser-cdn.app-us1.com udp
US 8.8.8.8:53 contentdsp.com udp
US 35.186.249.72:443 d.impactradius-event.com tcp
US 104.18.128.216:443 diffuser-cdn.app-us1.com tcp
US 34.197.67.81:443 contentdsp.com tcp
US 8.8.8.8:53 logx.optimizely.com udp
US 8.8.8.8:53 137.32.18.104.in-addr.arpa udp
US 8.8.8.8:53 5.37.18.104.in-addr.arpa udp
US 8.8.8.8:53 181.17.36.34.in-addr.arpa udp
US 8.8.8.8:53 201.34.18.104.in-addr.arpa udp
US 8.8.8.8:53 24.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 72.249.186.35.in-addr.arpa udp
US 8.8.8.8:53 216.128.18.104.in-addr.arpa udp
US 34.49.241.189:443 logx.optimizely.com tcp
US 8.8.8.8:53 uploads-ssl.webflow.com udp
US 8.8.8.8:53 cdn.heapanalytics.com udp
US 104.18.34.147:443 uploads-ssl.webflow.com tcp
US 104.18.34.147:443 uploads-ssl.webflow.com tcp
US 3.165.148.5:443 cdn.heapanalytics.com tcp
US 8.8.8.8:53 prism.app-us1.com udp
US 104.17.31.174:443 prism.app-us1.com tcp
US 34.95.127.121:443 www.ojrq.net udp
US 8.8.8.8:53 tags.srv.stackadapt.com udp
US 8.8.8.8:53 heapanalytics.com udp
US 3.220.14.82:443 heapanalytics.com tcp
DE 52.28.39.231:443 tags.srv.stackadapt.com tcp
DE 52.28.39.231:443 tags.srv.stackadapt.com tcp
US 34.49.241.189:443 logx.optimizely.com udp
US 8.8.8.8:53 81.67.197.34.in-addr.arpa udp
US 8.8.8.8:53 189.241.49.34.in-addr.arpa udp
US 8.8.8.8:53 147.34.18.104.in-addr.arpa udp
US 8.8.8.8:53 5.148.165.3.in-addr.arpa udp
US 8.8.8.8:53 174.31.17.104.in-addr.arpa udp
US 8.8.8.8:53 231.39.28.52.in-addr.arpa udp
US 8.8.8.8:53 82.14.220.3.in-addr.arpa udp
US 8.8.8.8:53 ec.instapagemetrics.com udp
GB 163.70.147.23:443 connect.facebook.net tcp
US 8.8.8.8:53 loader.wisepops.com udp
US 8.8.8.8:53 dx.mountain.com udp
US 8.8.8.8:53 cdn.taboola.com udp
US 8.8.8.8:53 a.quora.com udp
US 8.8.8.8:53 cdn.pdst.fm udp
US 8.8.8.8:53 analytics.tiktok.com udp
US 8.8.8.8:53 www.redditstatic.com udp
US 8.8.8.8:53 js.adsrvr.org udp
US 8.8.8.8:53 d34r8q7sht0t9k.cloudfront.net udp
US 151.101.193.140:443 www.redditstatic.com tcp
US 35.244.142.80:443 cdn.pdst.fm tcp
US 151.101.65.44:443 cdn.taboola.com tcp
US 52.7.151.245:443 dx.mountain.com tcp
US 162.159.152.17:443 a.quora.com tcp
US 104.21.51.207:443 ec.instapagemetrics.com tcp
US 172.67.74.220:443 loader.wisepops.com tcp
GB 95.100.104.10:443 analytics.tiktok.com tcp
GB 18.165.153.119:443 js.adsrvr.org tcp
CZ 65.9.94.24:443 d34r8q7sht0t9k.cloudfront.net tcp
US 8.8.8.8:53 snap.licdn.com udp
US 8.8.8.8:53 apps.rokt.com udp
US 151.101.193.140:443 www.redditstatic.com tcp
US 8.8.8.8:53 wisepops.net udp
US 8.8.8.8:53 pixel-config.reddit.com udp
US 8.8.8.8:53 q.quora.com udp
US 8.8.8.8:53 pixels.spotify.com udp
GB 18.165.153.119:443 js.adsrvr.org tcp
US 8.8.8.8:53 pt.ispot.tv udp
GB 2.19.117.161:443 snap.licdn.com tcp
US 151.101.1.140:443 pixel-config.reddit.com tcp
US 35.186.224.24:443 pixels.spotify.com tcp
US 104.26.15.97:443 wisepops.net tcp
GB 2.19.117.78:443 apps.rokt.com tcp
US 151.101.194.132:443 pt.ispot.tv tcp
US 8.8.8.8:53 tag.tapad.com udp
US 35.186.225.155:443 tag.tapad.com tcp
US 8.8.8.8:53 alb.reddit.com udp
US 8.8.8.8:53 trc.taboola.com udp
US 8.8.8.8:53 px.ads.linkedin.com udp
US 35.186.224.24:443 pixels.spotify.com udp
US 3.33.220.150:443 insight.adsrvr.org tcp
US 104.26.15.97:443 wisepops.net tcp
US 104.21.51.207:443 ec.instapagemetrics.com tcp
US 13.107.42.14:443 px.ads.linkedin.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 52.71.121.170:443 52.71.121.170 tcp
GB 157.240.214.35:443 www.facebook.com tcp
US 8.8.8.8:53 ipv4.podscribe.com udp
US 184.73.242.226:443 ipv4.podscribe.com tcp
US 8.8.8.8:53 140.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 44.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 80.142.244.35.in-addr.arpa udp
US 8.8.8.8:53 207.51.21.104.in-addr.arpa udp
US 8.8.8.8:53 17.152.159.162.in-addr.arpa udp
US 8.8.8.8:53 10.104.100.95.in-addr.arpa udp
US 8.8.8.8:53 24.94.9.65.in-addr.arpa udp
US 8.8.8.8:53 245.151.7.52.in-addr.arpa udp
US 8.8.8.8:53 220.74.67.172.in-addr.arpa udp
US 8.8.8.8:53 170.121.71.52.in-addr.arpa udp
US 8.8.8.8:53 35.214.240.157.in-addr.arpa udp
US 8.8.8.8:53 150.220.33.3.in-addr.arpa udp
US 8.8.8.8:53 155.225.186.35.in-addr.arpa udp
US 8.8.8.8:53 78.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 132.194.101.151.in-addr.arpa udp
US 8.8.8.8:53 97.15.26.104.in-addr.arpa udp
US 8.8.8.8:53 140.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 161.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 24.224.186.35.in-addr.arpa udp
US 8.8.8.8:53 119.153.165.18.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 226.242.73.184.in-addr.arpa udp
US 8.8.8.8:53 verifi.podscribe.com udp
US 52.73.5.36:443 verifi.podscribe.com tcp
US 8.8.8.8:53 px.mountain.com udp
US 52.42.124.195:443 px.mountain.com tcp
US 52.42.124.195:443 px.mountain.com tcp
US 8.8.8.8:53 activity.wisepops.com udp
US 104.26.10.19:443 activity.wisepops.com tcp
US 8.8.8.8:53 trc-events.taboola.com udp
US 8.8.8.8:53 36.5.73.52.in-addr.arpa udp
US 8.8.8.8:53 195.124.42.52.in-addr.arpa udp
NL 141.226.228.48:443 trc-events.taboola.com tcp
US 8.8.8.8:53 privacyportal-de.onetrust.com udp
US 8.8.8.8:53 gs.mountain.com udp
US 104.18.32.137:443 privacyportal-de.onetrust.com tcp
US 35.81.162.201:443 gs.mountain.com tcp
US 8.8.8.8:53 48.228.226.141.in-addr.arpa udp
US 8.8.8.8:53 19.10.26.104.in-addr.arpa udp
US 8.8.8.8:53 201.162.81.35.in-addr.arpa udp
US 104.18.37.5:443 heatmap-events-collector.instapage.com tcp
US 8.8.8.8:53 my.aura.com udp
CZ 65.9.95.107:443 my.aura.com tcp
CZ 65.9.95.107:443 my.aura.com tcp
US 8.8.8.8:53 107.95.9.65.in-addr.arpa udp
GB 142.250.200.36:443 www.google.com udp
US 8.8.8.8:53 3.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 o745714.ingest.sentry.io udp
US 104.18.66.57:443 a23477880699.cdn.optimizely.com tcp
US 34.120.195.249:443 o745714.ingest.sentry.io tcp
US 8.8.8.8:53 249.195.120.34.in-addr.arpa udp
US 8.8.8.8:53 cdn.plaid.com udp
US 35.186.225.155:443 tag.tapad.com udp
CZ 65.9.95.74:443 cdn.plaid.com tcp
US 8.8.8.8:53 74.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 collector.github.com udp
US 140.82.113.22:443 collector.github.com tcp
US 8.8.8.8:53 22.113.82.140.in-addr.arpa udp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 aefd.nelreports.net udp
GB 2.19.117.148:443 aefd.nelreports.net udp
US 8.8.8.8:53 148.117.19.2.in-addr.arpa udp
CA 69.50.175.178:80 tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
GB 2.19.117.148:443 aefd.nelreports.net udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 noxic.app udp
US 104.21.81.17:443 noxic.app tcp
US 104.21.81.17:443 noxic.app tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 17.81.21.104.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 objects.githubusercontent.com udp
FR 185.136.161.124:6128 tcp
FR 185.136.161.124:6128 tcp
FR 185.136.161.124:6128 tcp
FR 185.136.161.124:6128 tcp
US 8.8.8.8:53 modmenu.pages.dev udp
US 172.66.44.198:443 modmenu.pages.dev tcp
US 8.8.8.8:53 198.44.66.172.in-addr.arpa udp
US 172.66.44.198:443 modmenu.pages.dev udp
US 8.8.8.8:53 d3h83s39ga3y3t.cloudfront.net udp
CZ 65.9.94.157:443 d3h83s39ga3y3t.cloudfront.net tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 d1i1d9hx0883rq.cloudfront.net udp
CZ 65.9.94.225:443 d1i1d9hx0883rq.cloudfront.net tcp
CZ 65.9.94.225:443 d1i1d9hx0883rq.cloudfront.net tcp
US 8.8.8.8:53 157.94.9.65.in-addr.arpa udp
US 8.8.8.8:53 225.94.9.65.in-addr.arpa udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 d2lmlpk6xgu7kg.cloudfront.net udp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
CZ 65.9.94.161:443 d2lmlpk6xgu7kg.cloudfront.net tcp
CZ 65.9.94.161:443 d2lmlpk6xgu7kg.cloudfront.net tcp
CZ 65.9.94.161:443 d2lmlpk6xgu7kg.cloudfront.net tcp
CZ 65.9.94.161:443 d2lmlpk6xgu7kg.cloudfront.net tcp
GB 172.217.16.234:443 ajax.googleapis.com tcp
CZ 65.9.94.161:443 d2lmlpk6xgu7kg.cloudfront.net tcp
US 8.8.8.8:53 14.24.17.104.in-addr.arpa udp
US 8.8.8.8:53 161.94.9.65.in-addr.arpa udp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
FR 185.136.161.124:8761 tcp
FR 185.136.161.124:8761 tcp
US 8.8.8.8:53 aefd.nelreports.net udp
GB 2.19.117.148:443 aefd.nelreports.net udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
FR 185.136.161.124:8761 tcp
FR 185.136.161.124:8761 tcp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
GB 92.123.128.194:443 r.bing.com tcp
GB 92.123.128.161:443 r.bing.com tcp
US 8.8.8.8:53 194.128.123.92.in-addr.arpa udp
US 8.8.8.8:53 161.128.123.92.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
FR 185.136.161.124:11614 tcp
FR 185.136.161.124:11614 tcp
FR 185.136.161.124:11614 tcp
FR 185.136.161.124:11614 tcp
GB 2.19.117.148:443 aefd.nelreports.net udp
FR 185.136.161.124:15822 tcp
FR 185.136.161.124:15822 tcp
FR 185.136.161.124:15822 tcp
FR 185.136.161.124:15822 tcp
US 8.8.8.8:53 kiwix.dev udp
US 104.21.66.13:443 kiwix.dev tcp
US 104.21.66.13:443 kiwix.dev tcp
US 8.8.8.8:53 13.66.21.104.in-addr.arpa udp
US 8.8.8.8:53 bit.ly udp
US 67.199.248.11:443 bit.ly tcp
US 67.199.248.11:443 bit.ly tcp
US 8.8.8.8:53 filesilo.cloud udp
US 104.21.29.170:443 filesilo.cloud tcp
US 8.8.8.8:53 stackpath.bootstrapcdn.com udp
US 8.8.8.8:53 code.jquery.com udp
US 104.18.10.207:443 stackpath.bootstrapcdn.com tcp
US 151.101.2.137:443 code.jquery.com tcp
US 8.8.8.8:53 save.enabledstats.com udp
IE 34.253.39.217:443 save.enabledstats.com tcp
US 8.8.8.8:53 11.248.199.67.in-addr.arpa udp
US 8.8.8.8:53 170.29.21.104.in-addr.arpa udp
US 8.8.8.8:53 137.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 207.10.18.104.in-addr.arpa udp
US 8.8.8.8:53 217.39.253.34.in-addr.arpa udp
US 8.8.8.8:53 glovedinosaurs.website udp
SE 194.54.164.123:80 glovedinosaurs.website tcp
SE 194.54.164.123:80 glovedinosaurs.website tcp
FR 185.136.161.124:17443 tcp
US 8.8.8.8:53 www.win-rar.com udp
DE 51.195.68.163:443 www.win-rar.com tcp
US 8.8.8.8:53 123.164.54.194.in-addr.arpa udp
US 8.8.8.8:53 163.68.195.51.in-addr.arpa udp
FR 185.136.161.124:17443 tcp
FR 185.136.161.124:17443 tcp
FR 185.136.161.124:17443 tcp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
GB 92.123.128.169:443 r.bing.com tcp
US 8.8.8.8:53 github.com udp
US 185.199.110.154:443 github.githubassets.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 private-user-images.githubusercontent.com udp
US 8.8.8.8:53 camo.githubusercontent.com udp
US 8.8.8.8:53 github-production-user-asset-6210df.s3.amazonaws.com udp
US 52.216.216.201:443 github-production-user-asset-6210df.s3.amazonaws.com tcp
US 52.216.216.201:443 github-production-user-asset-6210df.s3.amazonaws.com tcp
US 52.216.216.201:443 github-production-user-asset-6210df.s3.amazonaws.com tcp
US 8.8.8.8:53 201.216.216.52.in-addr.arpa udp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
FR 185.136.161.124:8761 tcp
FR 185.136.161.124:8761 tcp
FR 185.136.161.124:8761 tcp
FR 185.136.161.124:8761 tcp
US 8.8.8.8:53 www.gamepur.com udp
US 104.18.3.223:443 www.gamepur.com tcp
US 104.18.3.223:443 www.gamepur.com tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 infinity-js.gamepur.com udp
US 8.8.8.8:53 launcher.spot.im udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
GB 216.58.204.66:443 securepubads.g.doubleclick.net tcp
GB 216.58.204.66:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 stats.wp.com udp
CZ 65.9.98.75:443 c.amazon-adsystem.com tcp
US 192.0.76.3:443 stats.wp.com tcp
CZ 65.9.95.60:443 launcher.spot.im tcp
US 8.8.8.8:53 gamurs.group udp
US 8.8.8.8:53 secure.gravatar.com udp
US 8.8.8.8:53 static.chartbeat.com udp
US 8.8.8.8:53 geniuslinkcdn.com udp
US 8.8.8.8:53 s.skimresources.com udp
US 8.8.8.8:53 htlbid.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 8.8.8.8:53 open-api.spot.im udp
US 8.8.8.8:53 geoip.gamurs.workers.dev udp
US 174.138.117.212:443 geniuslinkcdn.com tcp
US 192.0.73.2:443 secure.gravatar.com tcp
US 192.0.73.2:443 secure.gravatar.com tcp
US 151.101.193.91:443 s.skimresources.com tcp
US 104.18.15.215:443 gamurs.group tcp
US 172.67.202.192:443 geoip.gamurs.workers.dev tcp
US 3.232.14.82:443 open-api.spot.im tcp
CZ 65.9.95.59:443 htlbid.com tcp
CZ 65.9.93.122:443 static.chartbeat.com tcp
CZ 65.9.93.122:443 static.chartbeat.com tcp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
CZ 65.9.95.111:443 sb.scorecardresearch.com tcp
US 8.8.8.8:53 spc.gamepur.com udp
US 8.8.8.8:53 tealjewel.com udp
US 34.120.157.206:443 spc.gamepur.com tcp
US 8.8.8.8:53 cmp.inmobi.com udp
US 104.18.25.111:443 tealjewel.com tcp
US 8.8.8.8:53 pixel.wp.com udp
US 8.8.8.8:53 r.skimresources.com udp
CZ 65.9.95.8:443 cmp.inmobi.com tcp
US 8.8.8.8:53 api-2-0.spot.im udp
US 8.8.8.8:53 static-cdn.spot.im udp
US 35.190.59.101:443 r.skimresources.com tcp
US 34.238.19.250:443 api-2-0.spot.im tcp
US 199.232.211.52:443 static-cdn.spot.im tcp
US 8.8.8.8:53 t.skimresources.com udp
US 8.8.8.8:53 p.skimresources.com udp
US 8.8.8.8:53 direct-events-collector.spot.im udp
US 199.232.211.52:443 static-cdn.spot.im tcp
US 8.8.8.8:53 publisher-assets.spot.im udp
US 8.8.8.8:53 www.clarity.ms udp
US 199.232.211.52:443 publisher-assets.spot.im tcp
US 35.201.67.47:443 t.skimresources.com tcp
US 35.190.91.160:443 p.skimresources.com tcp
US 35.190.91.160:443 p.skimresources.com tcp
US 199.232.211.52:443 publisher-assets.spot.im tcp
US 199.232.211.52:443 publisher-assets.spot.im tcp
US 52.5.72.72:443 direct-events-collector.spot.im tcp
US 13.107.246.64:443 www.clarity.ms tcp
US 8.8.8.8:53 silo48.p7cloud.net udp
US 8.8.8.8:53 static.trueanthem.com udp
US 34.120.157.206:443 spc.gamepur.com udp
CZ 65.9.95.24:443 silo48.p7cloud.net tcp
US 172.67.72.135:443 static.trueanthem.com tcp
US 8.8.8.8:53 ping.chartbeat.net udp
US 8.8.8.8:53 mab.chartbeat.com udp
US 54.205.180.189:443 ping.chartbeat.net tcp
US 8.8.8.8:53 223.3.18.104.in-addr.arpa udp
US 8.8.8.8:53 66.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 75.98.9.65.in-addr.arpa udp
US 8.8.8.8:53 3.76.0.192.in-addr.arpa udp
US 8.8.8.8:53 60.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 2.73.0.192.in-addr.arpa udp
US 8.8.8.8:53 91.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 215.15.18.104.in-addr.arpa udp
US 8.8.8.8:53 122.93.9.65.in-addr.arpa udp
US 8.8.8.8:53 73.79.16.104.in-addr.arpa udp
US 8.8.8.8:53 192.202.67.172.in-addr.arpa udp
US 8.8.8.8:53 59.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 212.117.138.174.in-addr.arpa udp
US 8.8.8.8:53 111.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 82.14.232.3.in-addr.arpa udp
US 8.8.8.8:53 206.157.120.34.in-addr.arpa udp
US 8.8.8.8:53 111.25.18.104.in-addr.arpa udp
US 8.8.8.8:53 8.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 101.59.190.35.in-addr.arpa udp
US 8.8.8.8:53 52.211.232.199.in-addr.arpa udp
US 8.8.8.8:53 47.67.201.35.in-addr.arpa udp
US 8.8.8.8:53 160.91.190.35.in-addr.arpa udp
US 8.8.8.8:53 250.19.238.34.in-addr.arpa udp
US 8.8.8.8:53 72.72.5.52.in-addr.arpa udp
US 8.8.8.8:53 135.72.67.172.in-addr.arpa udp
US 151.101.2.202:443 mab.chartbeat.com tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 static.adsafeprotected.com udp
US 151.101.193.229:443 cdn.jsdelivr.net udp
CZ 65.9.95.99:443 static.adsafeprotected.com tcp
US 8.8.8.8:53 unpkg.com udp
CZ 65.9.95.99:443 static.adsafeprotected.com tcp
US 104.17.249.203:443 unpkg.com tcp
US 35.201.67.47:443 t.skimresources.com udp
GB 216.58.204.66:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 ams-pageview-public.s3.amazonaws.com udp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 p.gcprivacy.com udp
US 8.8.8.8:53 cdn.growthbook.io udp
US 52.217.115.193:443 ams-pageview-public.s3.amazonaws.com tcp
US 104.22.74.216:443 btloader.com tcp
CZ 65.9.95.41:443 p.gcprivacy.com tcp
US 151.101.65.91:443 cdn.growthbook.io tcp
US 8.8.8.8:53 b.trueanthem.com udp
US 104.26.11.164:443 b.trueanthem.com tcp
US 8.8.8.8:53 b.clarity.ms udp
US 8.8.8.8:53 ad-delivery.net udp
US 4.153.129.168:443 b.clarity.ms tcp
US 172.67.69.19:443 ad-delivery.net tcp
US 172.67.69.19:443 ad-delivery.net tcp
US 8.8.8.8:53 p2.gcprivacy.com udp
US 104.18.25.111:443 tealjewel.com tcp
US 54.211.99.187:443 p2.gcprivacy.com tcp
US 8.8.8.8:53 api.cmp.inmobi.com udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 api.btloader.com udp
DE 3.64.79.185:443 api.cmp.inmobi.com tcp
DE 3.64.79.185:443 api.cmp.inmobi.com tcp
CZ 65.9.95.29:443 config.aps.amazon-adsystem.com tcp
US 130.211.23.194:443 api.btloader.com tcp
US 130.211.23.194:443 api.btloader.com tcp
CZ 65.9.9.197:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 202.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 229.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 99.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 203.249.17.104.in-addr.arpa udp
US 8.8.8.8:53 189.180.205.54.in-addr.arpa udp
US 8.8.8.8:53 216.74.22.104.in-addr.arpa udp
US 8.8.8.8:53 41.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 91.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 193.115.217.52.in-addr.arpa udp
US 8.8.8.8:53 164.11.26.104.in-addr.arpa udp
US 8.8.8.8:53 70.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 187.99.211.54.in-addr.arpa udp
US 8.8.8.8:53 185.79.64.3.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 197.9.9.65.in-addr.arpa udp
US 8.8.8.8:53 ua.p7cloud.net udp
US 8.8.8.8:53 location.p7cloud.net udp
US 8.8.8.8:53 lal.p7cloud.net udp
US 8.8.8.8:53 d2tbszkvx1p56e.cloudfront.net udp
CZ 65.9.95.80:443 lal.p7cloud.net tcp
CZ 65.9.94.74:443 d2tbszkvx1p56e.cloudfront.net tcp
CZ 65.9.95.70:443 lal.p7cloud.net tcp
CZ 65.9.95.54:443 location.p7cloud.net tcp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 8.8.8.8:53 cdn.hadronid.net udp
US 8.8.8.8:53 id.a-mx.com udp
US 8.8.8.8:53 a.ad.gt udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 id.crwdcntrl.net udp
US 104.22.53.173:443 cdn.hadronid.net tcp
DE 37.252.171.53:443 ib.adnxs.com tcp
NL 79.127.227.46:443 id.a-mx.com tcp
US 104.22.5.69:443 a.ad.gt tcp
IE 99.80.212.73:443 id.crwdcntrl.net tcp
US 104.22.4.69:443 a.ad.gt tcp
US 8.8.8.8:53 80.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 74.94.9.65.in-addr.arpa udp
US 8.8.8.8:53 70.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 54.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 173.53.22.104.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 69.4.22.104.in-addr.arpa udp
US 8.8.8.8:53 46.227.127.79.in-addr.arpa udp
US 8.8.8.8:53 53.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 73.212.80.99.in-addr.arpa udp
US 8.8.8.8:53 2.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 1fe1a4b985707c1bbdf2ab49d974b0ef.safeframe.googlesyndication.com udp
US 8.8.8.8:53 live.primis.tech udp
GB 142.250.187.193:443 1fe1a4b985707c1bbdf2ab49d974b0ef.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 amspbs.com udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 8.8.8.8:53 s.seedtag.com udp
US 8.8.8.8:53 g2.gumgum.com udp
US 8.8.8.8:53 prebid.smilewanted.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 ads.yieldmo.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 8.8.8.8:53 p.ad.gt udp
US 8.8.8.8:53 token.rubiconproject.com udp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 image2.pubmatic.com udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 ids.ad.gt udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
CZ 65.9.95.73:443 live.primis.tech tcp
US 18.118.125.172:443 amspbs.com tcp
US 18.118.125.172:443 amspbs.com tcp
FR 163.5.194.31:443 prebid.a-mo.net tcp
US 34.149.50.64:443 s.seedtag.com tcp
US 104.18.36.155:443 htlb.casalemedia.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
US 104.22.30.209:443 prebid.smilewanted.com tcp
US 104.22.30.209:443 prebid.smilewanted.com tcp
IE 63.32.128.150:443 ads.yieldmo.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
IE 54.73.12.34:443 g2.gumgum.com tcp
IE 54.73.12.34:443 g2.gumgum.com tcp
US 172.67.23.234:443 p.ad.gt tcp
US 15.197.193.217:443 match.adsrvr.org tcp
US 35.80.233.11:443 ids.ad.gt tcp
US 35.80.233.11:443 ids.ad.gt tcp
US 35.80.233.11:443 ids.ad.gt tcp
NL 185.89.210.244:443 secure.adnxs.com tcp
GB 185.64.191.210:443 image2.pubmatic.com tcp
CZ 65.9.95.37:443 hb.yellowblue.io tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
GB 216.58.201.98:443 cm.g.doubleclick.net tcp
GB 142.250.187.225:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 dpm.demdex.net udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 sync.smartadserver.com udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
IE 52.213.85.12:443 dpm.demdex.net tcp
GB 142.250.200.36:443 www.google.com udp
GB 216.58.201.98:443 cm.g.doubleclick.net udp
NL 89.149.193.104:443 sync.smartadserver.com tcp
US 8.8.8.8:53 ad.360yield.com udp
US 35.80.233.11:443 ids.ad.gt tcp
IE 52.212.195.206:443 ad.360yield.com tcp
US 172.67.23.234:443 p.ad.gt tcp
US 8.8.8.8:53 pixels.ad.gt udp
US 104.22.5.69:443 pixels.ad.gt tcp
US 35.80.233.11:443 ids.ad.gt tcp
US 8.8.8.8:53 hbx.media.net udp
US 151.101.193.229:443 cdn.jsdelivr.net udp
GB 2.23.220.28:443 hbx.media.net tcp
US 8.8.8.8:53 64.50.149.34.in-addr.arpa udp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 209.30.22.104.in-addr.arpa udp
US 8.8.8.8:53 31.194.5.163.in-addr.arpa udp
US 8.8.8.8:53 234.23.67.172.in-addr.arpa udp
US 8.8.8.8:53 73.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 139.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 210.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 98.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 244.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 217.193.197.15.in-addr.arpa udp
US 8.8.8.8:53 150.128.32.63.in-addr.arpa udp
US 8.8.8.8:53 149.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 37.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 34.12.73.54.in-addr.arpa udp
US 8.8.8.8:53 172.125.118.18.in-addr.arpa udp
US 8.8.8.8:53 11.233.80.35.in-addr.arpa udp
US 8.8.8.8:53 12.85.213.52.in-addr.arpa udp
US 8.8.8.8:53 104.193.149.89.in-addr.arpa udp
US 8.8.8.8:53 206.195.212.52.in-addr.arpa udp
US 8.8.8.8:53 178.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 ssc-cms.33across.com udp
US 67.202.105.21:443 ssc-cms.33across.com tcp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 u.openx.net udp
US 8.8.8.8:53 28.220.23.2.in-addr.arpa udp
US 8.8.8.8:53 21.105.202.67.in-addr.arpa udp
GB 23.219.196.188:443 ads.pubmatic.com tcp
US 35.244.159.8:443 u.openx.net tcp
US 52.20.180.112:443 cs-server-s2s.yellowblue.io tcp
US 35.244.159.8:443 u.openx.net udp
US 8.8.8.8:53 api-gdpr.intentiq.com udp
US 8.8.8.8:53 sync-gdpr.intentiq.com udp
CZ 65.9.95.108:443 api-gdpr.intentiq.com tcp
CZ 65.9.95.115:443 sync-gdpr.intentiq.com tcp
US 34.120.157.206:443 spc.gamepur.com udp
US 8.8.8.8:53 pixel.quantserve.com udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 188.196.219.23.in-addr.arpa udp
US 8.8.8.8:53 csync.loopme.me udp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
US 8.8.8.8:53 eb2.3lift.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 cs.media.net udp
US 8.8.8.8:53 mb9eo.publishers.tremorhub.com udp
US 8.8.8.8:53 8.159.244.35.in-addr.arpa udp
US 8.8.8.8:53 112.180.20.52.in-addr.arpa udp
DE 91.228.74.166:443 pixel.quantserve.com tcp
US 8.8.8.8:53 pubads.g.doubleclick.net udp
NL 35.214.136.108:443 x.bidswitch.net tcp
US 76.223.111.18:443 eb2.3lift.com tcp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
GB 87.248.114.11:443 ups.analytics.yahoo.com tcp
IE 63.34.85.94:443 ap.lijit.com tcp
US 35.153.233.103:443 mb9eo.publishers.tremorhub.com tcp
NL 35.214.153.114:443 csync.loopme.me tcp
US 8.8.8.8:53 video.primis.tech udp
NL 35.214.136.108:443 x.bidswitch.net tcp
NL 35.214.153.114:443 csync.loopme.me tcp
US 76.223.111.18:443 eb2.3lift.com tcp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
GB 87.248.114.11:443 ups.analytics.yahoo.com tcp
US 35.153.233.103:443 mb9eo.publishers.tremorhub.com tcp
IE 63.34.85.94:443 ap.lijit.com tcp
US 3.165.148.104:443 video.primis.tech tcp
GB 142.250.200.34:443 pubads.g.doubleclick.net tcp
US 8.8.8.8:53 ads.stickyadstv.com udp
US 34.149.50.64:443 s.seedtag.com udp
GB 142.250.200.34:443 pubads.g.doubleclick.net udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 ssbsync-global.smartadserver.com udp
FR 178.32.210.230:443 ssbsync-global.smartadserver.com tcp
FR 154.54.250.80:443 ads.stickyadstv.com tcp
US 80.77.87.162:443 cs.admanmedia.com tcp
US 8.8.8.8:53 cm.adform.net udp
DK 37.157.6.243:443 cm.adform.net tcp
US 8.8.8.8:53 a.teads.tv udp
US 8.8.8.8:53 108.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 115.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 11.114.248.87.in-addr.arpa udp
US 8.8.8.8:53 108.136.214.35.in-addr.arpa udp
US 8.8.8.8:53 18.111.223.76.in-addr.arpa udp
US 8.8.8.8:53 114.153.214.35.in-addr.arpa udp
US 8.8.8.8:53 94.85.34.63.in-addr.arpa udp
US 8.8.8.8:53 104.148.165.3.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 103.233.153.35.in-addr.arpa udp
US 8.8.8.8:53 230.210.32.178.in-addr.arpa udp
US 8.8.8.8:53 80.250.54.154.in-addr.arpa udp
NL 35.214.136.108:443 x.bidswitch.net udp
US 8.8.8.8:53 cdn.ampproject.org udp
US 8.8.8.8:53 match.sharethrough.com udp
US 8.8.8.8:53 sync.richaudience.com udp
US 8.8.8.8:53 creativecdn.com udp
US 8.8.8.8:53 csync.smilewanted.com udp
GB 92.123.241.36:443 a.teads.tv tcp
DE 18.184.119.72:443 match.sharethrough.com tcp
DE 148.251.40.117:443 sync.richaudience.com tcp
GB 142.250.200.33:443 cdn.ampproject.org tcp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 8.8.8.8:53 sync.a-mo.net udp
US 8.8.8.8:53 sync.kueezrtb.com udp
NL 46.228.174.117:443 sync.1rx.io tcp
NL 185.184.8.90:443 creativecdn.com tcp
GB 23.215.239.190:443 secure-assets.rubiconproject.com tcp
US 161.35.11.141:443 sync.kueezrtb.com tcp
GB 92.123.242.2:443 eus.rubiconproject.com tcp
US 172.64.149.180:443 js-sec.indexww.com tcp
US 151.101.129.108:443 acdn.adnxs.com tcp
US 8.8.8.8:53 cs.seedtag.com udp
US 8.8.8.8:53 c1.adform.net udp
FR 163.5.194.34:443 sync.a-mo.net tcp
GB 142.250.200.33:443 cdn.ampproject.org udp
DK 37.157.5.133:443 c1.adform.net tcp
US 8.8.8.8:53 cacerts.rapidssl.com udp
US 104.16.183.87:443 cs.seedtag.com tcp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
US 8.8.8.8:53 bh.contextweb.com udp
US 8.8.8.8:53 image8.pubmatic.com udp
US 8.8.8.8:53 static.smilewanted.com udp
US 8.8.8.8:53 ib.adnxs-simple.com udp
US 8.8.8.8:53 rtb.primis.tech udp
NL 69.173.156.148:443 pixel-eu.rubiconproject.com tcp
US 8.8.8.8:53 prebid-server.rubiconproject.com udp
GB 185.64.191.214:443 image8.pubmatic.com tcp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
DE 148.251.40.117:443 sync.richaudience.com tcp
NL 35.214.153.114:443 csync.loopme.me tcp
US 8.8.8.8:53 assets.a-mo.net udp
DE 148.251.40.117:443 sync.richaudience.com tcp
GB 18.165.160.9:443 rtb.primis.tech tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 185.89.211.84:443 ib.adnxs-simple.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
US 8.8.8.8:53 csync.smartadserver.com udp
NL 208.93.169.131:443 bh.contextweb.com tcp
IE 67.220.224.150:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 visitor.omnitagjs.com udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 sync.adkernel.com udp
US 8.8.8.8:53 ads.us.e-planning.net udp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 8.8.8.8:53 t.adx.opera.com udp
US 70.42.32.159:443 b1sync.zemanta.com tcp
IE 52.212.12.89:443 match.prod.bidr.io tcp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
NL 193.3.178.3:443 ads.us.e-planning.net tcp
IE 52.212.12.89:443 match.prod.bidr.io tcp
GB 2.19.117.8:443 csync.smartadserver.com tcp
US 104.19.158.19:443 assets.a-mo.net tcp
DE 51.89.9.251:443 onetag-sys.com tcp
NL 193.3.178.3:443 ads.us.e-planning.net tcp
US 70.42.32.159:443 b1sync.zemanta.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
NL 103.67.200.72:443 sync.adkernel.com tcp
US 8.8.8.8:53 162.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 243.6.157.37.in-addr.arpa udp
US 8.8.8.8:53 36.241.123.92.in-addr.arpa udp
US 8.8.8.8:53 33.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 72.119.184.18.in-addr.arpa udp
US 8.8.8.8:53 117.40.251.148.in-addr.arpa udp
US 8.8.8.8:53 190.239.215.23.in-addr.arpa udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
US 8.8.8.8:53 2.242.123.92.in-addr.arpa udp
US 8.8.8.8:53 108.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 180.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 141.11.35.161.in-addr.arpa udp
US 8.8.8.8:53 133.5.157.37.in-addr.arpa udp
US 8.8.8.8:53 87.183.16.104.in-addr.arpa udp
US 8.8.8.8:53 214.191.64.185.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 server.cpmstar.com udp
GB 142.250.187.225:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 9.160.165.18.in-addr.arpa udp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
US 8.8.8.8:53 150.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 84.211.89.185.in-addr.arpa udp
US 8.8.8.8:53 150.224.220.67.in-addr.arpa udp
US 8.8.8.8:53 8.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 19.158.19.104.in-addr.arpa udp
US 8.8.8.8:53 153.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 3.178.3.193.in-addr.arpa udp
US 8.8.8.8:53 251.9.89.51.in-addr.arpa udp
US 52.5.72.72:443 direct-events-collector.spot.im tcp
US 8.8.8.8:53 8.213.145.82.in-addr.arpa udp
US 131.153.151.116:443 server.cpmstar.com tcp
US 8.8.8.8:53 159.32.42.70.in-addr.arpa udp
US 8.8.8.8:53 72.200.67.103.in-addr.arpa udp
US 8.8.8.8:53 pix.spot.im udp
US 52.5.72.72:443 pix.spot.im tcp
US 52.5.72.72:443 pix.spot.im tcp
US 8.8.8.8:53 116.151.153.131.in-addr.arpa udp
US 8.8.8.8:53 imasdk.googleapis.com udp
GB 172.217.169.42:443 imasdk.googleapis.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
BE 74.125.206.155:443 stats.g.doubleclick.net udp
GB 172.217.16.227:443 www.google.co.uk udp
US 216.239.32.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 155.206.125.74.in-addr.arpa udp
FR 185.136.161.124:11614 tcp
FR 185.136.161.124:11614 tcp
FR 185.136.161.124:11614 tcp
FR 185.136.161.124:11614 tcp
GB 92.123.128.133:443 www.bing.com tcp
US 8.8.8.8:53 www.diy.com udp
CZ 65.9.95.126:443 www.diy.com tcp
CZ 65.9.95.126:443 www.diy.com tcp
US 8.8.8.8:53 126.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 ccl-prod.cache.ap.digikfplc.com udp
US 8.8.8.8:53 media.diy.com udp
US 8.8.8.8:53 consent.truste.com udp
US 8.8.8.8:53 js-cdn.dynatrace.com udp
US 8.8.8.8:53 tags.tiqcdn.com udp
CZ 65.9.95.107:443 tags.tiqcdn.com tcp
CZ 65.9.95.7:443 consent.truste.com tcp
GB 95.100.104.19:443 media.diy.com tcp
GB 95.100.104.19:443 media.diy.com tcp
GB 95.100.104.19:443 media.diy.com tcp
CZ 65.9.95.2:443 ccl-prod.cache.ap.digikfplc.com tcp
CZ 65.9.95.93:443 js-cdn.dynatrace.com tcp
CZ 65.9.95.126:443 www.diy.com tcp
US 8.8.8.8:53 consent.trustarc.com udp
CZ 65.9.95.23:443 consent.trustarc.com tcp
CZ 65.9.95.23:443 consent.trustarc.com tcp
US 8.8.8.8:53 cdns.brsrvr.com udp
US 23.21.138.188:443 cdns.brsrvr.com tcp
US 8.8.8.8:53 19.104.100.95.in-addr.arpa udp
US 8.8.8.8:53 7.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 2.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 93.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 23.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 188.138.21.23.in-addr.arpa udp
US 8.8.8.8:53 ade.googlesyndication.com udp
GB 142.250.180.2:443 ade.googlesyndication.com tcp
GB 142.250.180.2:443 ade.googlesyndication.com tcp
US 8.8.8.8:53 diy-37lrujlpnq-nw.a.run.app udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.38.53:443 diy-37lrujlpnq-nw.a.run.app tcp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 p-eu.brsrvr.com udp
GB 142.250.180.2:443 ade.googlesyndication.com udp
IE 52.16.30.236:443 p-eu.brsrvr.com tcp
US 216.239.38.53:443 diy-37lrujlpnq-nw.a.run.app udp
US 8.8.8.8:53 2.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 53.38.239.216.in-addr.arpa udp
US 8.8.8.8:53 236.30.16.52.in-addr.arpa udp
US 8.8.8.8:53 bf70766xfx.bf.dynatrace.com udp
IE 52.212.19.183:443 bf70766xfx.bf.dynatrace.com tcp
US 8.8.8.8:53 183.19.212.52.in-addr.arpa udp
US 8.8.8.8:53 analytics.tiktok.com udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 cdn.optimizely.com udp
CZ 65.9.95.43:443 consent-pref.trustarc.com tcp
GB 95.100.104.14:443 analytics.tiktok.com tcp
GB 163.70.147.23:443 connect.facebook.net tcp
US 104.18.66.57:443 cdn.optimizely.com tcp
US 8.8.8.8:53 6017306.fls.doubleclick.net udp
US 8.8.8.8:53 12173950.fls.doubleclick.net udp
GB 172.217.169.6:443 12173950.fls.doubleclick.net tcp
GB 172.217.169.6:443 12173950.fls.doubleclick.net tcp
GB 172.217.169.6:443 12173950.fls.doubleclick.net tcp
GB 142.250.200.36:443 www.google.com udp
GB 172.217.169.6:443 12173950.fls.doubleclick.net udp
US 8.8.8.8:53 a20678180166.cdn.optimizely.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 t.contentsquare.net udp
US 8.8.8.8:53 s.pinimg.com udp
US 8.8.8.8:53 gs.nmgassets.com udp
GB 172.217.169.6:443 12173950.fls.doubleclick.net udp
US 8.8.8.8:53 secure.quantserve.com udp
US 8.8.8.8:53 static.ads-twitter.com udp
US 8.8.8.8:53 digitalfeedback.euro.confirmit.com udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 collect-eu-west-1.tealiumiq.com udp
US 107.178.244.157:443 gs.nmgassets.com tcp
US 8.8.8.8:53 storage.googleapis.com udp
CZ 65.9.95.90:443 t.contentsquare.net tcp
GB 216.58.213.2:443 googleads.g.doubleclick.net udp
US 151.101.128.84:443 s.pinimg.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 146.75.72.157:443 static.ads-twitter.com tcp
US 150.171.28.10:443 bat.bing.com tcp
IE 54.246.156.60:443 collect-eu-west-1.tealiumiq.com tcp
US 152.199.21.175:443 digitalfeedback.euro.confirmit.com tcp
GB 142.250.179.251:443 storage.googleapis.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 trk.tidaltv.com udp
US 8.8.8.8:53 set.tidaltv.com udp
US 8.8.8.8:53 rules.quantcount.com udp
IE 108.128.8.154:443 trk.tidaltv.com tcp
IE 108.128.8.154:443 trk.tidaltv.com tcp
IE 108.129.58.39:443 set.tidaltv.com tcp
CZ 65.9.95.47:443 rules.quantcount.com tcp
US 8.8.8.8:53 t.co udp
US 162.159.140.229:443 t.co tcp
US 162.159.140.229:443 t.co tcp
US 104.244.42.67:443 analytics.twitter.com tcp
US 104.244.42.67:443 analytics.twitter.com tcp
US 107.178.244.157:443 gs.nmgassets.com udp
US 8.8.8.8:53 beacon.raaslab-analytics.com udp
GB 23.44.64.184:443 s.pinimg.com tcp
GB 23.44.64.184:443 s.pinimg.com tcp
GB 23.44.64.184:443 s.pinimg.com tcp
GB 23.44.64.184:443 s.pinimg.com tcp
GB 23.44.64.184:443 s.pinimg.com tcp
GB 23.44.64.184:443 s.pinimg.com tcp
US 13.107.246.64:443 beacon.raaslab-analytics.com tcp
US 8.8.8.8:53 c.contentsquare.net udp
US 8.8.8.8:53 43.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 14.104.100.95.in-addr.arpa udp
US 8.8.8.8:53 6.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 2.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 157.244.178.107.in-addr.arpa udp
US 8.8.8.8:53 90.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 84.128.101.151.in-addr.arpa udp
US 8.8.8.8:53 157.72.75.146.in-addr.arpa udp
US 8.8.8.8:53 175.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 154.8.128.108.in-addr.arpa udp
US 8.8.8.8:53 39.58.129.108.in-addr.arpa udp
US 8.8.8.8:53 47.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 229.140.159.162.in-addr.arpa udp
US 8.8.8.8:53 67.42.244.104.in-addr.arpa udp
IE 34.251.36.92:443 c.contentsquare.net tcp
IE 34.251.36.92:443 c.contentsquare.net tcp
US 152.199.21.175:443 digitalfeedback.euro.confirmit.com tcp
US 8.8.8.8:53 logx.optimizely.com udp
IE 34.251.36.92:443 c.contentsquare.net tcp
US 34.49.241.189:443 logx.optimizely.com udp
US 107.178.244.157:443 gs.nmgassets.com udp
US 8.8.8.8:53 colrep.sitelabweb.com udp
DE 3.77.74.218:443 colrep.sitelabweb.com tcp
DE 3.77.74.218:443 colrep.sitelabweb.com tcp
US 4.153.129.168:443 b.clarity.ms tcp
DE 3.77.74.218:443 colrep.sitelabweb.com tcp
US 8.8.8.8:53 92.36.251.34.in-addr.arpa udp
US 8.8.8.8:53 184.64.44.23.in-addr.arpa udp
US 8.8.8.8:53 218.74.77.3.in-addr.arpa udp
IE 52.212.19.183:443 bf70766xfx.bf.dynatrace.com tcp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
GB 92.123.128.149:443 r.bing.com tcp
US 8.8.8.8:53 149.128.123.92.in-addr.arpa udp
US 8.8.8.8:53 wearedevs.net udp
US 104.26.6.147:443 wearedevs.net tcp
US 8.8.8.8:53 cdn.wearedevs.net udp
US 8.8.8.8:53 cdn.discordapp.com udp
US 162.159.133.233:443 cdn.discordapp.com tcp
US 8.8.8.8:53 233.133.159.162.in-addr.arpa udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
GB 172.217.169.78:443 fundingchoicesmessages.google.com udp
GB 142.250.187.225:443 tpc.googlesyndication.com udp
GB 142.250.200.36:443 www.google.com udp
FR 185.136.161.124:15822 tcp
US 8.8.8.8:53 www.e-iceblue.com udp
CZ 65.9.95.67:443 www.e-iceblue.com tcp
CZ 65.9.95.67:443 www.e-iceblue.com tcp
US 8.8.8.8:53 67.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 cdn.e-iceblue.com udp
US 8.8.8.8:53 csi.gstatic.com udp
CZ 65.9.95.11:443 cdn.e-iceblue.com tcp
CZ 65.9.95.11:443 cdn.e-iceblue.com tcp
CZ 65.9.95.11:443 cdn.e-iceblue.com tcp
CZ 65.9.95.11:443 cdn.e-iceblue.com tcp
CZ 65.9.95.11:443 cdn.e-iceblue.com tcp
CZ 65.9.95.11:443 cdn.e-iceblue.com tcp
US 216.239.32.3:443 csi.gstatic.com tcp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 www.termsfeed.com udp
US 151.101.2.137:443 code.jquery.com tcp
US 172.67.75.149:443 www.termsfeed.com tcp
US 8.8.8.8:53 11.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 3.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 149.75.67.172.in-addr.arpa udp
US 8.8.8.8:53 demo.e-iceblue.com udp
US 50.112.160.207:443 demo.e-iceblue.com tcp
US 104.18.228.34:443 jqueryui.com tcp
US 8.8.8.8:53 ssl.google-analytics.com udp
US 8.8.8.8:53 cse.google.com udp
GB 172.217.169.40:443 ssl.google-analytics.com tcp
GB 172.217.169.40:443 ssl.google-analytics.com udp
FR 185.136.161.124:15822 tcp
US 8.8.8.8:53 www.adsensecustomsearchads.com udp
GB 172.217.169.78:443 www.adsensecustomsearchads.com tcp
US 8.8.8.8:53 clients1.google.com udp
US 8.8.8.8:53 34.228.18.104.in-addr.arpa udp
US 8.8.8.8:53 207.160.112.50.in-addr.arpa udp
GB 172.217.169.46:443 clients1.google.com tcp
US 8.8.8.8:53 syndicatedsearch.goog udp
GB 142.250.187.238:443 syndicatedsearch.goog tcp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
GB 172.217.169.46:443 clients1.google.com udp
FR 185.136.161.124:15822 tcp
FR 185.136.161.124:15822 tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 151.101.1.229:443 cdn.jsdelivr.net udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 229.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 cdnwrd2.com udp
US 172.67.166.253:443 cdnwrd2.com tcp
US 172.67.166.253:443 cdnwrd2.com tcp
US 8.8.8.8:53 253.166.67.172.in-addr.arpa udp
FR 185.136.161.124:17443 tcp
FR 185.136.161.124:17443 tcp
FR 185.136.161.124:17443 tcp
FR 185.136.161.124:17443 tcp
US 8.8.8.8:53 getsolara.dev udp
US 104.21.93.27:443 getsolara.dev tcp
N/A 127.0.0.1:6463 tcp
US 8.8.8.8:53 27.93.21.104.in-addr.arpa udp
US 8.8.8.8:53 pastebin.com udp
US 104.20.3.235:443 pastebin.com tcp
US 8.8.8.8:53 9bb7a1a1.solaraweb-alj.pages.dev udp
US 172.66.44.59:443 9bb7a1a1.solaraweb-alj.pages.dev tcp
US 8.8.8.8:53 235.3.20.104.in-addr.arpa udp
US 8.8.8.8:53 59.44.66.172.in-addr.arpa udp
US 1.1.1.1:53 getsolara.dev udp
US 172.67.203.125:443 getsolara.dev tcp
US 1.1.1.1:53 clientsettings.roblox.com udp
FR 128.116.122.4:443 clientsettings.roblox.com tcp
US 1.1.1.1:53 125.203.67.172.in-addr.arpa udp
US 1.1.1.1:53 4.122.116.128.in-addr.arpa udp
US 1.1.1.1:53 www.nodejs.org udp
US 104.20.23.46:443 www.nodejs.org tcp
US 1.1.1.1:53 nodejs.org udp
US 104.20.22.46:443 nodejs.org tcp
US 1.1.1.1:53 46.23.20.104.in-addr.arpa udp
US 1.1.1.1:53 46.22.20.104.in-addr.arpa udp
US 1.1.1.1:53 233.38.18.104.in-addr.arpa udp
FR 185.136.161.124:8761 tcp
FR 185.136.161.124:8761 tcp
US 1.1.1.1:53 aefd.nelreports.net udp
GB 184.50.113.40:443 aefd.nelreports.net udp
US 1.1.1.1:53 40.113.50.184.in-addr.arpa udp
US 1.1.1.1:53 9bb7a1a1.solaraweb-alj.pages.dev udp
FR 185.136.161.124:8761 tcp
FR 185.136.161.124:8761 tcp
US 172.66.47.197:443 9bb7a1a1.solaraweb-alj.pages.dev tcp
US 1.1.1.1:53 197.47.66.172.in-addr.arpa udp
US 1.1.1.1:53 pastebin.com udp
US 104.20.4.235:443 pastebin.com tcp
FR 128.116.122.4:443 clientsettings.roblox.com tcp
US 1.1.1.1:53 235.4.20.104.in-addr.arpa udp
US 172.67.203.125:443 getsolara.dev tcp
FR 128.116.122.4:443 clientsettings.roblox.com tcp
US 104.20.4.235:443 pastebin.com tcp
FR 128.116.122.4:443 clientsettings.roblox.com tcp
US 172.67.203.125:443 getsolara.dev tcp
US 1.1.1.1:53 c.pki.goog udp
GB 142.250.178.3:80 c.pki.goog tcp
US 172.67.203.125:443 getsolara.dev tcp
US 172.67.203.125:443 getsolara.dev tcp
US 172.67.203.125:443 getsolara.dev tcp
US 172.67.203.125:443 getsolara.dev tcp
US 172.67.203.125:443 getsolara.dev tcp
N/A 127.0.0.1:54373 tcp
N/A 127.0.0.1:54378 tcp
N/A 127.0.0.1:54381 tcp
N/A 127.0.0.1:54384 tcp
N/A 127.0.0.1:54387 tcp
N/A 127.0.0.1:54389 tcp
FR 185.136.161.124:11614 tcp
FR 185.136.161.124:11614 tcp
FR 185.136.161.124:11614 tcp
FR 185.136.161.124:11614 tcp
GB 2.18.66.48:443 www.bing.com tcp
US 1.1.1.1:53 r.bing.com udp
US 1.1.1.1:53 th.bing.com udp
GB 2.18.66.170:443 r.bing.com tcp
GB 2.18.66.170:443 r.bing.com tcp
GB 104.86.110.107:443 th.bing.com tcp
GB 104.86.110.107:443 th.bing.com tcp
US 1.1.1.1:53 48.66.18.2.in-addr.arpa udp
US 1.1.1.1:53 170.66.18.2.in-addr.arpa udp
US 1.1.1.1:53 107.110.86.104.in-addr.arpa udp
US 1.1.1.1:53 bing.com udp
US 204.79.197.200:443 bing.com tcp
US 1.1.1.1:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
US 1.1.1.1:53 80.5.107.13.in-addr.arpa udp
GB 184.50.113.40:443 aefd.nelreports.net udp
US 1.1.1.1:53 www.roblox.com udp
FR 128.116.122.4:443 www.roblox.com tcp
FR 128.116.122.4:443 www.roblox.com tcp
US 1.1.1.1:53 css.rbxcdn.com udp
US 1.1.1.1:53 static.rbxcdn.com udp
US 1.1.1.1:53 js.rbxcdn.com udp
GB 216.137.44.38:443 css.rbxcdn.com tcp
GB 216.137.44.38:443 css.rbxcdn.com tcp
GB 216.137.44.38:443 css.rbxcdn.com tcp
GB 216.137.44.38:443 css.rbxcdn.com tcp
GB 216.137.44.38:443 css.rbxcdn.com tcp
GB 216.137.44.38:443 css.rbxcdn.com tcp
GB 104.86.110.154:443 static.rbxcdn.com tcp
GB 18.245.253.65:443 js.rbxcdn.com tcp
GB 18.245.253.65:443 js.rbxcdn.com tcp
GB 18.245.253.65:443 js.rbxcdn.com tcp
GB 18.245.253.65:443 js.rbxcdn.com tcp
GB 18.245.253.65:443 js.rbxcdn.com tcp
GB 18.245.253.65:443 js.rbxcdn.com tcp
US 1.1.1.1:53 roblox.com udp
US 1.1.1.1:53 ecsv2.roblox.com udp
GB 128.116.119.3:443 roblox.com tcp
US 1.1.1.1:53 metrics.roblox.com udp
US 1.1.1.1:53 apis.roblox.com udp
FR 128.116.122.3:443 metrics.roblox.com tcp
FR 128.116.122.4:443 apis.roblox.com tcp
US 1.1.1.1:53 locale.roblox.com udp
US 1.1.1.1:53 apis.rbxcdn.com udp
GB 216.137.44.38:443 css.rbxcdn.com tcp
US 1.1.1.1:53 auth.roblox.com udp
US 1.1.1.1:53 images.rbxcdn.com udp
GB 88.221.134.170:443 apis.rbxcdn.com tcp
GB 216.137.44.124:443 images.rbxcdn.com tcp
GB 216.137.44.124:443 images.rbxcdn.com tcp
GB 216.137.44.124:443 images.rbxcdn.com tcp
GB 216.137.44.124:443 images.rbxcdn.com tcp
GB 216.137.44.124:443 images.rbxcdn.com tcp
GB 216.137.44.124:443 images.rbxcdn.com tcp
US 1.1.1.1:53 38.44.137.216.in-addr.arpa udp
US 1.1.1.1:53 154.110.86.104.in-addr.arpa udp
US 1.1.1.1:53 65.253.245.18.in-addr.arpa udp
US 1.1.1.1:53 3.122.116.128.in-addr.arpa udp
US 1.1.1.1:53 3.119.116.128.in-addr.arpa udp
US 1.1.1.1:53 170.134.221.88.in-addr.arpa udp
US 1.1.1.1:53 124.44.137.216.in-addr.arpa udp
FR 185.136.161.124:15822 tcp
FR 185.136.161.124:15822 tcp
FR 185.136.161.124:15822 tcp
FR 185.136.161.124:15822 tcp
US 1.1.1.1:53 assetgame.roblox.com udp
FR 128.116.122.3:443 assetgame.roblox.com tcp
FR 128.116.122.3:443 assetgame.roblox.com tcp
US 1.1.1.1:53 arkoselabs.roblox.com udp
GB 18.244.140.29:443 arkoselabs.roblox.com tcp
US 1.1.1.1:53 29.140.244.18.in-addr.arpa udp
US 1.1.1.1:53 realtime-signalr.roblox.com udp
US 1.1.1.1:53 lms.roblox.com udp
US 1.1.1.1:53 thumbnails.roblox.com udp
US 1.1.1.1:53 contacts.roblox.com udp
US 1.1.1.1:53 accountsettings.roblox.com udp
US 1.1.1.1:53 notifications.roblox.com udp
US 1.1.1.1:53 economy.roblox.com udp
US 1.1.1.1:53 friends.roblox.com udp
US 1.1.1.1:53 privatemessages.roblox.com udp
US 1.1.1.1:53 trades.roblox.com udp
US 1.1.1.1:53 usermoderation.roblox.com udp
US 1.1.1.1:53 lax4-128-116-63-3.roblox.com udp
US 1.1.1.1:53 atl1-128-116-99-3.roblox.com udp
US 1.1.1.1:53 fra4-128-116-44-3.roblox.com udp
US 1.1.1.1:53 c0aws.rbxcdn.com udp
US 1.1.1.1:53 fra2-128-116-123-3.roblox.com udp
US 1.1.1.1:53 lax2-128-116-116-3.roblox.com udp
US 1.1.1.1:53 iad4-128-116-102-3.roblox.com udp
US 1.1.1.1:53 pulsar.roblox.com udp
US 1.1.1.1:53 c0.rbxcdn.com udp
US 1.1.1.1:53 c0ak.rbxcdn.com udp
DE 128.116.44.3:443 fra4-128-116-44-3.roblox.com tcp
US 128.116.99.3:443 atl1-128-116-99-3.roblox.com tcp
US 128.116.63.3:443 lax4-128-116-63-3.roblox.com tcp
DE 128.116.123.3:443 fra2-128-116-123-3.roblox.com tcp
US 128.116.102.3:443 iad4-128-116-102-3.roblox.com tcp
US 128.116.116.3:443 lax2-128-116-116-3.roblox.com tcp
US 128.116.121.3:443 pulsar.roblox.com tcp
GB 108.156.46.103:443 c0.rbxcdn.com tcp
GB 108.156.46.127:443 c0.rbxcdn.com tcp
GB 104.86.110.192:443 c0ak.rbxcdn.com tcp
US 1.1.1.1:53 tr.rbxcdn.com udp
GB 23.56.238.91:443 tr.rbxcdn.com tcp
US 128.116.121.3:443 pulsar.roblox.com tcp
US 1.1.1.1:53 103.46.156.108.in-addr.arpa udp
US 1.1.1.1:53 127.46.156.108.in-addr.arpa udp
US 1.1.1.1:53 3.44.116.128.in-addr.arpa udp
US 1.1.1.1:53 192.110.86.104.in-addr.arpa udp
US 1.1.1.1:53 3.123.116.128.in-addr.arpa udp
US 1.1.1.1:53 3.102.116.128.in-addr.arpa udp
US 1.1.1.1:53 3.99.116.128.in-addr.arpa udp
US 1.1.1.1:53 3.63.116.128.in-addr.arpa udp
US 1.1.1.1:53 3.116.116.128.in-addr.arpa udp
US 1.1.1.1:53 presence.roblox.com udp
US 1.1.1.1:53 91.238.56.23.in-addr.arpa udp
US 1.1.1.1:53 games.roblox.com udp
US 1.1.1.1:53 followings.roblox.com udp
US 1.1.1.1:53 voice.roblox.com udp
US 1.1.1.1:53 badges.roblox.com udp
AU 1.0.0.1:53 voice.roblox.com udp
AU 1.0.0.1:53 badges.roblox.com udp
US 1.1.1.1:53 cs.ns1p.net udp
US 128.116.121.3:443 pulsar.roblox.com tcp
US 1.1.1.1:53 sea1-128-116-115-3.roblox.com udp
US 1.1.1.1:53 sin4-128-116-50-3.roblox.com udp
US 1.1.1.1:53 cdg1-128-116-122-3.roblox.com udp
US 1.1.1.1:53 gold.roblox.com udp
US 1.1.1.1:53 ord2-128-116-101-3.roblox.com udp
AU 1.0.0.1:53 cs.ns1p.net udp
DE 35.157.176.117:443 cs.ns1p.net tcp
US 128.116.115.3:443 sea1-128-116-115-3.roblox.com tcp
US 128.116.101.3:443 ord2-128-116-101-3.roblox.com tcp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
US 128.116.115.3:443 sea1-128-116-115-3.roblox.com tcp
US 1.1.1.1:53 s.ns1p.net udp
AU 1.0.0.1:53 s.ns1p.net udp
DE 3.126.159.190:443 s.ns1p.net tcp
US 1.1.1.1:53 1.0.0.1.in-addr.arpa udp
US 1.1.1.1:53 117.176.157.35.in-addr.arpa udp
US 1.1.1.1:53 3.101.116.128.in-addr.arpa udp
US 1.1.1.1:53 3.50.116.128.in-addr.arpa udp
US 1.1.1.1:53 190.159.126.3.in-addr.arpa udp
AU 1.0.0.1:53 117.176.157.35.in-addr.arpa udp
AU 1.0.0.1:53 190.159.126.3.in-addr.arpa udp
AU 1.0.0.1:53 3.50.116.128.in-addr.arpa udp
AU 1.0.0.1:53 3.101.116.128.in-addr.arpa udp
GB 108.156.46.127:443 c0.rbxcdn.com tcp
US 1.1.1.1:53 bom1-128-116-104-3.roblox.com udp
IN 128.116.104.3:443 bom1-128-116-104-3.roblox.com tcp
US 1.1.1.1:53 b.ns1p.net udp
AU 1.0.0.1:53 b.ns1p.net udp
US 1.1.1.1:53 3.104.116.128.in-addr.arpa udp
AU 1.0.0.1:53 3.104.116.128.in-addr.arpa udp
FR 185.136.161.124:17443 tcp
FR 185.136.161.124:17443 tcp
FR 185.136.161.124:17443 tcp
FR 185.136.161.124:17443 tcp
US 1.1.1.1:53 ncs.roblox.com udp
AU 1.0.0.1:53 ncs.roblox.com udp
US 1.1.1.1:53 setup.rbxcdn.com udp
AU 1.0.0.1:53 setup.rbxcdn.com udp
GB 13.224.245.39:443 setup.rbxcdn.com tcp
US 1.1.1.1:53 39.245.224.13.in-addr.arpa udp
AU 1.0.0.1:53 39.245.224.13.in-addr.arpa udp
N/A 127.0.0.1:58679 tcp
US 1.1.1.1:53 ecsv2.roblox.com udp
AU 1.0.0.1:53 ecsv2.roblox.com udp
FR 128.116.122.3:443 ecsv2.roblox.com tcp
US 1.1.1.1:53 client-telemetry.roblox.com udp
AU 1.0.0.1:53 client-telemetry.roblox.com udp
FR 128.116.122.4:443 client-telemetry.roblox.com tcp
US 1.1.1.1:53 clientsettingscdn.roblox.com udp
AU 1.0.0.1:53 clientsettingscdn.roblox.com udp
GB 18.165.242.74:443 clientsettingscdn.roblox.com tcp
US 1.1.1.1:53 setup.rbxcdn.com udp
AU 1.0.0.1:53 setup.rbxcdn.com udp
GB 2.18.190.79:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:58692 tcp
N/A 127.0.0.1:58695 tcp
GB 2.18.190.79:443 setup.rbxcdn.com tcp
GB 2.18.190.79:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:58710 tcp
US 1.1.1.1:53 74.242.165.18.in-addr.arpa udp
US 1.1.1.1:53 79.190.18.2.in-addr.arpa udp
FR 185.136.161.124:8761 tcp
FR 185.136.161.124:8761 tcp
FR 185.136.161.124:8761 tcp
FR 185.136.161.124:8761 tcp
AU 1.0.0.1:53 config.edge.skype.com udp
US 1.1.1.1:53 msedge.api.cdp.microsoft.com udp
AU 1.0.0.1:53 msedge.api.cdp.microsoft.com udp
US 52.252.28.242:443 msedge.api.cdp.microsoft.com tcp
US 1.1.1.1:53 242.28.252.52.in-addr.arpa udp
US 1.1.1.1:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
AU 1.0.0.1:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
US 199.232.210.172:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 1.1.1.1:53 172.210.232.199.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 37f660dd4b6ddf23bc37f5c823d1c33a
SHA1 1c35538aa307a3e09d15519df6ace99674ae428b
SHA256 4e2510a1d5a50a94fe4ce0f74932ab780758a8cbdc6d176a9ce8ab92309f26f8
SHA512 807b8b8dc9109b6f78fc63655450bf12b9a006ff63e8f29ade8899d45fdf4a6c068c5c46a3efbc4232b9e1e35d6494f00ded5cdb3e235c8a25023bfbd823992d

\??\pipe\LOCAL\crashpad_2304_KECSYTISARYPNDTJ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 d7cb450b1315c63b1d5d89d98ba22da5
SHA1 694005cd9e1a4c54e0b83d0598a8a0c089df1556
SHA256 38355fd694faf1223518e40bac1996bdceaf44191214b0a23c4334d5fb07d031
SHA512 df04d4f4b77bae447a940b28aeac345b21b299d8d26e28ecbb3c1c9e9a0e07c551e412d545c7dbb147a92c12bad7ae49ac35af021c34b88e2c6c5f7a0b65f6a8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e9c2861a77a7ab1a24bb4d8b38e841e3
SHA1 61d80e90034d0a14e6bf13d60c91296ff1aeb468
SHA256 242e5a26ce99fb1e21bccb5dd851e2189ca13b4f015a814965aa60329f42a5ac
SHA512 eb01dc7e22b466bb68686cf8da60c01fdd0c11c2cdb910e57e8aca43b0fb37b431ccd333b388ba5bbf6eba3bfe314079cbe6ce1b60c1c54e6d2e3a6dc07a3d76

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 740663950aa32761f40d01d91688639f
SHA1 698d8f7d5d57bf4e60a4df758ed9ad20e3a0c466
SHA256 6635ec01af995cccb4e895c4b324bfc658caeba7d259c10a7e608767108ae1e6
SHA512 d7d60bfa3995db96c181be2535e396f480cf07dbb763f388539b6a2629c5c7ed2a5ec7adcc5d09741c9947ab06b1841efaa7aca581a59362bb3d8e59f887b718

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f1051ee5ba0692ff7976ae1904c5b4c4
SHA1 4370d197b67925be0d53e0b604de4a0ff06f5abe
SHA256 241d23d21a0305da09bdccd826b59ddc50db4aa91aac05371301eaacccfb9c47
SHA512 3ea28701d909b5ff787464a7ea26b3c57709164954c529da3c8a145838d2832d71ea4f3dc078fff69c83313edd06d104ce7da072e8c3cb141e8bc7d65ed2840c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57d2d1.TMP

MD5 650a4a3f6486093d006e2819c0a1d0a6
SHA1 07124d23e7b46f24e0cdb1aa216f5c927402061c
SHA256 d029e0c77b05bb8e9a04839954c448e7ed63db1de5d1045835557465cd142036
SHA512 e028493d945208ca361051c46dc50a3049ae28cf6c92ccc3471e461bb7f123dbd47ae7650837050da7b64b38476b69ff02427ae392c73a5b73a7380e280dc558

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f0ab7cf490c9f0837e7ac199ed459933
SHA1 7f78cd11ed16f31394433775094f7bf2535b0918
SHA256 7b14a064255b89da723d8ffff5f79fa7703339f6640fb18fac02fac13b4c07b6
SHA512 1204766f649c9b6cee881816b5221af12bcb34cd4c5fec75344a73be92a8f8fa33e3ff77f42ee207243dbbb778b45d176ab902583dad19e4a4a19dfce9ddcf02

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e610208c10ea6a19f3e52a0371427c2f
SHA1 00ecb3b1d9befa2fc3e8c9afc2815e4ee5620963
SHA256 4af066bc8c625a078521e56ea6cbda43c2b218a514e07718db15b58b25e53bc1
SHA512 ae5dcb39ed5ea9c244d8e4fe17c95f2a813100a5ed67503480d7efedc92b8fc1293c2875b24fe700e9bf5ce07cf7643752040ed7484ed90b38848416850017fb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4c0d03b135e0f69fbbf7987697a9b759
SHA1 737256a134028ab552221ceacd7d621f6b6cc119
SHA256 77426a3c96089f9cfa53b4125cda1a7b3b92c143081474138924acdd8e89bf14
SHA512 d888c78a53960229e47c4f7eff1bc92137048fa9d93e044e36dff4385f85d6371bf747c7d4f441553d21b143f34188cd1426c14502951b39584c19d6adf3cac6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 460782f36d0654755dd9d5e4ca53950d
SHA1 7215a0e7b31b0890111f894bb94271f607e54c21
SHA256 2206a75e1591f75fd436cac0325101c66a9c8d8c5a623ef7064550d5200f70f7
SHA512 1f643c735bc6655dd2ae45b276075bbfbbcf436eab5112b0c50d787d45986696b76f2891f689e6c4b475d5321285cb6f1f15e2d910b9924d379593b6e763a708

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f964b10a7ee9da11303f1054b668b471
SHA1 f3348b26ba7f24239d8349a9ab373db0dc64e336
SHA256 5eb476109a7b6ed6601fdd12b0b1e568d59a7c4ed1084cd984ec4c84a9c02c50
SHA512 8ff55ee20b3ce7ae806f938f3e1c64a0a55ea82f28ddb2e56ba270ba31dcf48b78f6bfd8b34a1080410783a4f73c759769d8cbe0f5c632ec44de813a8e417655

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

MD5 1585c4c0ffdb55b2a4fdc0b0f5c317be
SHA1 aac0e0f12332063c75c690458b2cfe5acb800d0a
SHA256 18a1cfc3b339903a71e6a68791cde83fca626a4c1a22be5cb7755c9f2343e2a5
SHA512 7021ed87f0c97edc3a8ff838202fa444841eafcbfa4e00e722b723393a1ac679279aa744e8edde237a05be6060527a0c7e64a36148bd2d1316d5589d78d08e23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e20e72ede2c842b75e79504bc9d69588
SHA1 351691222dcc05c27cff0168032cd1dcc1e6d994
SHA256 f2a59e0e99482fa187fea45ccc7439418a6f088471d8e0ee3c62b2197afe78a9
SHA512 50a09b8c0fd67b3f8658d87cd4e43ac13a3cd862863841da7e4dd9002413fddc34b590465f0e30dde1e06a31a3b5a21a603f5e4c1b4630546f96587d77b44674

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 7a5c361080400e88b8666082519da06e
SHA1 85154832d9d28872944be1ab07a1ee31d34d9528
SHA256 0d8097ec37bbad646d03fdf67753fa47b0abd524c5a5eb1264f75061a2aff8a9
SHA512 17886a522f816c300a4788ac8c3e0b55bd34cf397f8b197ea9beb35b1cc0fd3ed7b03addca29444d56ba719f07c4a2f530cc64585c3dc89de1992a7614987696

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 c4e275e399d349d0f307947812b62d89
SHA1 dc8ae3fbc2d61cfb1f102d3d483b303c762ca5b2
SHA256 e2153072a76c29e2bbedff3de0224e8797f89bd2c3df99667db48664a48de752
SHA512 8d301aa38c7c0d0ad1662bdbc0f6b0766c8efaf4c22714c34d93a9bdacc1e172db83a68bfa663b6796844c0db87878156b7dcd8fe207a8ee314f384ba3fb9824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 faff07a9fac549914aefeff5c4b8fa3e
SHA1 be770ad7fc208af5364dd02d7bd3061fd20c52c7
SHA256 cb49d9b8d3ee739884837a829656c9c873b977e4498ba5362f830f6aa062b75f
SHA512 2fa0abe0d49f0c818cf51a04b0478b1c2b2c331495cd861c372c3087d4503a13e77a4bb802cf7ee7ece5ea8ed4edad8f1a0b84583d85da44279701419b9dd799

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6cb8847964b97484f751d8b911ea74ff
SHA1 d43812fa35ca1740c2df8530ef137ccbf9c76cc1
SHA256 8af94bf151e81f520eb3667b8f62c6bcd10fa830499f1a595b085052483d6b59
SHA512 d439d39d699d649027f3c1423da2d2be202b98e6cbaef9f312e9f695aac17d3168fe2575a3a1b487aa32c63f323fd1c1a17fac3da3a7de8a38dbd5e8a4c79d72

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 65fc2a09ee16db8f71de6691c705553d
SHA1 6a1c2f78f0e06f41169837e48742bbc937e26108
SHA256 440c518132ec982a8ce8b290a0d417c4e78c283d8fff86bb7de42e89a1902ece
SHA512 8e7cf8470c5a77657628d5a54bd845b6853a40ea8d42f51e646911556b7fbc337be619cca5aef268e3fabaf9b9d49d709ce45561ec82ef1909212819d0d19d21

C:\Users\Admin\Downloads\Unconfirmed 524495.crdownload

MD5 53f25f98742c5114eec23c6487af624c
SHA1 671af46401450d6ed9c0904402391640a1bddcc2
SHA256 7b5dec6a48ee2114c3056f4ccb6935f3e7418ef0b0bc4a58931f2c80fc94d705
SHA512 f460775308b34552c930c3f256cef1069b28421673d71e3fa2712b0467485861a98285925ae49f1adea1faf59265b964c873c12a3bb5de216122ac20084e1048

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fc5c9bf46ca3afb8678929849b6766c1
SHA1 5ef9f451b583d918754a8fdc20a2a919c6f6288d
SHA256 9c3c7a96adb8a8bf0eec91c74b7f63a774ee6d2f587766ff8be54de37404129f
SHA512 70c328984f1219ffd46ec33737ba5a14847bf5535dcd98174e57ba7b6c6e5f6d4f4917bbb7d5a7baaada841fffe2bebfaa31ad1d19670b641491ee20b17b40ee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f4a7b0030042ddc2af2b89b6d776721c
SHA1 78baf1083d753dcadf4f49436c9c66e6d5ea3170
SHA256 b28c7fe7bb626dd87020f6a08f155277bdc7ef294b2864379c64e8248da26898
SHA512 770126c40edf6ab63e250796f2c94b7b596dcb037a8fd3e71cc2a8cc1c521509213156437b39853f5dd03b5013b2560e7f321749832973b45192f4df560eb5af

memory/4360-646-0x0000000000400000-0x0000000000413000-memory.dmp

C:\Users\Admin\Documents\sweet.jpg

MD5 58b1840b979ae31f23aa8eb3594d5c17
SHA1 6b28b8e047cee70c7fa42715c552ea13a5671bbb
SHA256 b2bb460aa299c6064e7fc947bff314e0f915c6ee6f8f700007129e3b6a314f47
SHA512 13548e5900bddc6797d573fcca24cec1f1eefa0662e9d07c4055a3899460f4e135e1c76197b57a49b452e61e201cb86d1960f3e8b00828a2d0031dc9aa78666a

C:\Users\Admin\Documents\setup.exe:SmartScreen

MD5 4047530ecbc0170039e76fe1657bdb01
SHA1 32db7d5e662ebccdd1d71de285f907e3a1c68ac5
SHA256 82254025d1b98d60044d3aeb7c56eed7c61c07c3e30534d6e05dab9d6c326750
SHA512 8f002af3f4ed2b3dfb4ed8273318d160152da50ee4842c9f5d9915f50a3e643952494699c4258e6af993dc6e1695d0dc3db6d23f4d93c26b0bc6a20f4b4f336e

memory/4360-1749-0x0000000000400000-0x0000000000413000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0df86a5eb17cf8bed6e2209218441849
SHA1 b22bcb2284ad1e4b63f90c769899f84bb82aa16e
SHA256 7e20e328060690170820a14109e6fc0586f9d834d6dce8d52cc925e783a320da
SHA512 11a28b65a119ec33dec62e77a07e8f6e105e579ebd55676f8bb9e22dd36d8612a61ed6edca9f812e3295ee15daf0a41ac3344044e81398fc21734222a63f6981

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ecbedb4c716549396cfa47d1a317a435
SHA1 1b6b95fe7fcec292e573ee15cec4436d3c290975
SHA256 c1d21febb5d324233dcf42d3838a81ce2f73f1422d73311c961636c6ab4cf3ef
SHA512 db75a35a5b74047e6237a411aa9b14b0e7bf1dd45300c551574174d9c0b6feff8e500244b4cee0102e87d32682950799d47380901036c849df647487a3478bc4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 df5acf409a5fa4466c3d60130fae634c
SHA1 3e4360fb144fc7a66d02d9ffd8587592a3dea63d
SHA256 dc13b10458c50f3937673214db0118b4090fd85e3db0bde4046062b294c59b70
SHA512 0b6d1080f66d6e4f97e7abddb4fdd3fca25bbd8f4b98a5ae9fb992eb5b5564bd3f73e67120357947038f502ebeebc0ef3f809e28fcea02088a0aa16def392108

memory/4988-2932-0x0000000000400000-0x0000000000413000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 e2c23d6f2cc721344f6ddcfa2ca28b48
SHA1 3fd18bc77512c12175b01e097cfb201f3bfa647e
SHA256 880e0ca24888689bc67abee2c9eb5ccf0239e7ece6a16a4d0c7f2bd9ac4c9429
SHA512 a9f73f50a0c91bbfaa83a600a5ea621e889da2f68defad480d6720b79195557d6fadb2502147d8e6815a3f415af2d99fdf47e73409a31b2bb39e473dd854fcf8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a633a39b39d4d50b97f8d6f0d6b1d98e
SHA1 5e8d599f1e8ee6a20b4a47ea34cf6bb1c95dbfbe
SHA256 3e991e448a8f0bed15d09fc962b36c9389b6056ebf50ae96db1e152540967de3
SHA512 65202f4eaca7a5edab82939e5a37bb28c10b2d1424773c407aad9bf220de59b9ab564b444415982e092a856adba9b876edda9fc3f7f78572e685e50d745ecc0a

C:\Users\Admin\Downloads\BabylonToolbar.txt

MD5 2ab0eb54f6e9388131e13a53d2c2af6c
SHA1 f64663b25c9141b54fe4fad4ee39e148f6d7f50a
SHA256 d24eee3b220c71fced3227906b0feed755d2e2b39958dd8cd378123dde692426
SHA512 6b5048eeff122ae33194f3f6089418e3492118288038007d62cdd30a384c79874c0728a2098a29d8ce1a9f2b4ba5f9683b3f440f85196d50dc8bc1275a909260

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 91158056bc79d2890589c4c9fc96f549
SHA1 8a922defbd7de9694a628ac5cb2e9681116a4cc6
SHA256 cb5422d27c81caed209ebfc579803a7b66a0bd33905ef9779bac92a44248f77c
SHA512 30abddc7111632b0718391d4d76dbebb9f091a05183b76438113dab56a41d97c8fbc92c93277cd2374464ea3058f53fb7a62e16c4ed32561c631147682125b86

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 266193d73c14867a021dcc4e2e2da044
SHA1 51d95524d4dc979c6b7ec50716ab74b7c41af9cc
SHA256 0ba35bd88a5ab063425b29820a4234948eec8065d006a6dd99c9edb14f3010af
SHA512 8dd67031d64ac4e3ddb64708b350129eecf08fa70f3e4c75c2e21622747ab8aeb24b240f27880e27718215516da34de490db6aaabbbc43a1f10e64b2a2995181

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3fb27c72b35cb50fc11272a00ed941f0
SHA1 38225fa6c2bda16b244a1b7fa91d8db8cbc743ba
SHA256 35a633f031d064ff0c5b26b0e4b4106b74e461604217c7c559070773e8aef22b
SHA512 b04a80790d14f55489bb752d8d206fd2a0bb9c45e1403fa5288bb2d5c719cd20bb1cca560e9cd21025284f960290c1d8ad7a52db2107d0f1203f3d35fcd6c9fa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a33db77527105e87d2c077e3ba7b8ae8
SHA1 04118f3f9253aaf688d6fc19c0daa68895d7a34c
SHA256 33f48796dfa7ec7876f6bad8bb4a6cedc0eae4d8ac249e252411eb2986c2b675
SHA512 f6bac004ed009be1d416e192a564322b6d17b21272e248810c6262c5d2a7846cbe9b21313b4181a214b5f669c155fdd6480bbc3b475ebfaaa5e8fc7866004531

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 1af847f60719cb92e6ae1bee235cbf47
SHA1 dce43d4d7e1e77fb213988c2826384b5859e8d7c
SHA256 a2682a442d3ef16397b76003294ce6b6de5e02d7c6e47bb8553409d0eeee5d64
SHA512 f44c0f9137721cb4e98abef2a5b43064cd635e8063b63f3a40bf6c7ad6d8fc2a5644ddd5dfc69c64424889a44113b05d97b6c2123f196a0b9b645910cf0ac23d

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 362ac7ebbaf7feb2053963bc15b22ae6
SHA1 39273f433a891cc385f66c5713b7caaf841f0f7e
SHA256 c9bb3b0bba4db5999a8483978813edb55624f92e43e807ebee0953ad2c46db51
SHA512 211aaa532829470eef046e9748068997ceb23ba5f0013705658fb46617d270fd15cb931ca135a782883ccc7890333b9005905bbb554c901dffb481e6c24b451c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4586020b8cd6ab9ea96c6e73491c40b1
SHA1 62fe4a521830470f0c7330c4348bf2e744de334a
SHA256 92aaf03e4997547e4bda653609c069ce2e86dc2e84d0473a8062bfc6fa69433a
SHA512 e5ebe8c72b412aba89d054e248b92871e046af9510fa0f8e5e92ca496440d1b1f310cdeaf27dc56a13237bb73cc0a4bb6d6ddb34cd471a6c6b01a213a9b2232a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6d6c6a74b009106cc0766587b1451f58
SHA1 71b03e192603e3f3e171513f2750eff6dad2f298
SHA256 5951e6a6e63380fd6164c61d6c8df011081c88c0ccc2ddcea9dea324b07f5f27
SHA512 cafe4152eedb03df3bf253518bd80289c357e2b4a44f3d017705bd0b70112a31c7350af22aa854a85c9252f63741102609ee6c0e0af62652491f389c3bf9d465

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 41204ec39d9238887e13b4390715d5d8
SHA1 430e977369e366374a3c39d2523d2b910ef32d9e
SHA256 4482f6833d71636e09bc1b262bb28f52b47d537639a513d1e137f36cd902ec03
SHA512 feb63a403f23891e9b0f078c1039da17583079259c76a1b5929d9e9a8d5366dcb873ab7504d3cfc17b065c6f0e2b65634fce464135770347d36af8c697090f78

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 0dc60dbe2fb1c698b2ad375510cd0806
SHA1 96a902f4bad06e7568d880b6d677d28b504addc0
SHA256 2bdfffca14a4b265bc52022febaf0e007ef9df8fafe7e942f29223c71f573448
SHA512 1b87319186e5fd6f832133ec34ec65d49eb8bb0f03ea333b00de3cbe0b714b0f5074016d7b904b4da0964308382692174390648b6e89d9d4917fd2ad7270ad8b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 1727f3f1df04518caa7931fd0972eb45
SHA1 d6291d86bc9ef52e4ecf3ee409b109a5ff72589f
SHA256 6caef4b60ec0ef91ebb8001a3251c2bf97e049503e194e6879166d9286cb4eef
SHA512 2f987058795e4c1c780b43127d334dfeff4e8a3177dd658dd491adddfe119db5db0b2b804dcc3b8fb751b21bfb42ace0ff15c5a5fe0c9a8f14144ce0427567de

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8ebd834a51125df22af350bfafac5365
SHA1 9e24d1e85c8be1880f9d8f61e68da10dc2c9f293
SHA256 e2ffee76bf9c45db3d52fd3340f9528b858fdc015bf9d34e629175ca4359b288
SHA512 08467b6adc2f2a6d423b654db240931a3fe7347a0f7883227b8eb2f7ed1322a63637cc91034ea8c9e0c4678c6600852db606efbc17539c214aadfec9fab615f2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 4308671e9d218f479c8810d2c04ea6c6
SHA1 dd3686818bc62f93c6ab0190ed611031f97fdfcf
SHA256 5addbdd4fe74ff8afc4ca92f35eb60778af623e4f8b5911323ab58a9beed6a9a
SHA512 5936b6465140968acb7ad7f7486c50980081482766002c35d493f0bdd1cc648712eebf30225b6b7e29f6f3123458451d71e62d9328f7e0d9889028bff66e2ad2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 76a3f1e9a452564e0f8dce6c0ee111e8
SHA1 11c3d925cbc1a52d53584fd8606f8f713aa59114
SHA256 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c
SHA512 a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

MD5 c3c0eb5e044497577bec91b5970f6d30
SHA1 d833f81cf21f68d43ba64a6c28892945adc317a6
SHA256 eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb
SHA512 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 710d7637cc7e21b62fd3efe6aba1fd27
SHA1 8645d6b137064c7b38e10c736724e17787db6cf3
SHA256 c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b
SHA512 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8a4fc4083b482af959832d8c28d3c9f2
SHA1 32abd95fa2d5d6c3246301516c92a5de4a3afbbb
SHA256 d9711805f9132ed4fa09014c4c1a78364a80829f715f9c56a0dcba17e52111fb
SHA512 d5b12da6c536fbf462c35001e0b462adcf0a85589ea6b7ec53862f859151cbd8a4779d88f7d0c88a9fb5d911e4cac39acf40743ae7feb5d627b3f991c68ec725

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 beb25b4005d7c744a9b05264f6a4ed3f
SHA1 8b101378849fa5da74004b8beeada0b37b06ac8c
SHA256 d02cb4292bf97c4ae0e66ca0e9141ab57a6dcf6cbc13b19bd96dd0980671dc5b
SHA512 069d1eebc693446e2de5440fb2c26f3c6074065bfc5364c1fa6b2018e41fdd64a9336cc85e43f299597239a022ec172ca82540f84ca2e29cdb487141562cc8a1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 36b25d2c8c2a840d701b5699c6e2b8a6
SHA1 39e7483e0e3a799b86d15070618bb328896ea8f3
SHA256 b40e7452cae0734b49b506eb25ecddcb69932d0c77e4c2a1a9469a11ed982f9b
SHA512 03a337185f6b02fbef9d1bc9f16ad77bc09f87dd816108e788f468e7843c519ded6027b696397a3634d1bdca0a16269208bf64beeb07aa17454bb68c40ce5034

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000012

MD5 e8e1f8273c10625d8b5e1541f8cab8fd
SHA1 18d7a3b3362fc592407e5b174a8fb60a128ce544
SHA256 45870d39eb491375c12251d35194e916ace795b1a67e02841e1bbcb14f1a0e44
SHA512 ca77d40ec247d16bc50302f8b13c79b37ab1fcf81c1f8ab50f2fc5430d4fabc74f5845c781bd11bb55840184e6765c2f18b28af72e1f7800fe0bb0b1f3f23b24

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c63aa7e22b1cb1a2cdffc387450b83c0
SHA1 c57923c23f69e2cc212cf3420d40f7b1dcb0ad4d
SHA256 cdd5a780c99ad98a20ef0f9c2513b0d9f6763b5cf00bb0ae331ad21af6fe339b
SHA512 d2d6d1a997d6444fa6e6afdd30e939849804d2098427a7d8fca3a75a524333be12bb643fad49f3c31004111e5966fcc4ae377d98d7ee95e9b92f5b95939afdb7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 133cb9a9a7584fb51491d52d3f7ef01e
SHA1 43585bd1a76f96a13871cc5d5e2728e63ce8fdbe
SHA256 4873789a5ca5a9140a8c6c0b75a5694c6c90656c3debf4b533e7cce9b404a12c
SHA512 107f5d31b4cffb1af3241bd92edcb3ff555106dbe44fcfffe48a4dc6d55abcb78f067079ca31687e242fe263de849aa348504ed31263d53c00ed8baa920c624b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000014

MD5 aab2532f8363e63359dbf0c31981f57f
SHA1 a21523eb85636a0455977ffe525260a1a8568043
SHA256 a6abef5f074c67b1f9fbee679151a4c705b71f054c98f720dfabdc65786d5d13
SHA512 7b3c4ce6574b36bf0d4e05bba1063798b525744fdb37b28ad6fc78456ef7d704677795ae4dd0d0eda0954d15b3776395fa931abf82dd4b64583c360dd9916f64

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bcd6c6a8590f4742b684cf27647621cf
SHA1 69305b814d86f4abe8a39d964a8eab2dfac62311
SHA256 9fb2de4db13089c329a4cd84765616c8a0fbbe710ee20cfebde42fbc098c4a24
SHA512 f5881a3f36cd87dc50f1b7ae294b669c1226c31d52a4768fb4dbf160f8f64ab1c1b757308ba92f91148f147a32a2a31ff051c5f8791498de70a3a572e2c439b3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ad

MD5 e118f92b4cc04f0d3914f1e253ff7d13
SHA1 d042c5f9af027c287880ea245fc3c61bf01a89b7
SHA256 35a9094e7b0d141799d01917418230f9cd752d44dd9ba63f529d8bd642ea6d5f
SHA512 181602800edcc83905ef94c68bb0fe76b19da29c5edd150ce2ef4b78c994c3eea34febd4edfa1bc9da386ee864384f8c179884cbf13fd4d47f7f9c3394cd93db

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 8c19d01ecd6ab67a5c6a7095ac34b955
SHA1 21896f179b865bc910cceab9407bc7903884893a
SHA256 a9d3c97ba5fec4cd70de2eae85ed17695abe17f1cb6f3150c85e9d25d24a5ba2
SHA512 f6049c951a63882a9849e922136704af00dab2d4bbd8cfb74d78b6aa438a5fbb515a3d4117c308a5317c90be99961aa0732d2d256d95a3536b0914dbd6fe6247

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 ec0c421415299068a54ed4ee3c0e5fc6
SHA1 9a825e6322c399cdacf8a83ededd4f2a257b0fd8
SHA256 5db49899975d59a4a3af6e28a4a85f94dabc0f3ea84746f2a4c499c9d96c7ade
SHA512 347359f3f8cb22eaf5168b223d18d5a462b9b8a620a6a94a4547758e0641c7d9aabd2a35fa2ac8e5e871a96d507ea05d0bfccacaa17eab88d87ab4a10a0dc079

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7412d5b18703a1b7bcfad4fc3b6ff95a
SHA1 8848cabb6e24d5a5c1ab56618b9a080d0c785cd5
SHA256 21ca2e652a276c7b25d5e85ba3baad3405627d5e9d62a902d375ce1f96000ab7
SHA512 4251c443dde4418b8d008feb5518ca779dd3e078b320d2a9bf6d16bd19ce071bee60505dd81aca832bd729822839c87db15d4e052f89a92636e63ebd8e242f8c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0bd489d55ea8f0499c500319f2f80e7f
SHA1 45746cfa4a22a1086b60ce4a812fdd88892c06d3
SHA256 2dda39b6ff5a94a9da6c19ac5fa13c4a97efbb15ec73905cf55b8e9e79941ed2
SHA512 084f641111c8b2289a1f076413d60bfa5640bd5a84cd34c18d05dedb32a680930a379ef52cf7e3218af7623b180702ecd26055fea78c4a25db7c5453908f7032

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 421b56cd0ddf6c7c38ad92146fdef791
SHA1 54e3940895dae07f5c520426f64b770450028369
SHA256 ad0e5c272edf5eebb1217b9b906e3eb608beb3b974891878447ca7513369afaf
SHA512 6e2ccd1b7637b43d30531a051df2e0c31c9ed636a2b7c197f01f6485148cd8e91499571806290111db62e3a30302aa0b56f8a9f522d019f1a15eb2a8f319ac4a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 756b55febeaeba02f8c30ade56550122
SHA1 4b9c5b76185a48fd58adcc16d55f0f9e38da3e3d
SHA256 06e242fe31d0485676c41edc9b424a0096367bc114d0542ad7835d2c7e48fcf9
SHA512 29136b86c10714d92d0cfa03382c601e23a53943b23706890e91a727429c797b92e13e2a49b2ac27ddbcc59694290c29542c14ba7db39f06c265fd0bcbc8fc83

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a7169044dcf40c1f5ce699ffdcd43768
SHA1 1be6291c75f989bbd56168eeed20eca73b1c1425
SHA256 39c9ebf94888980e7a50a735fee19d96e7d6bcd97394eb7f9c90380091f1adf6
SHA512 7f7598a9fe3281e702c404226b54c2e643f7d096ec6547f769896ec3f6ea50aac2fb8f3940b4ca0b5ceb4d7882217a6a2e7d5d611962265615b4ea2c74e2f30c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

MD5 d8ad625c3b6ebf71c6081a85f887e6bb
SHA1 379f10b8da67d19ab8ad932639a7afd4975c964b
SHA256 aff84929e57c1898ad3441f3fc7f850d903641cff756ac5a86baaefb33145db3
SHA512 41c690dffac3a8dd4cb07e61947fc8a0d966d46c6f1993c6cc3156dc89f34dcd0b1378e6afd60ec57859c27dd01149655cecd642becfb2bc986f351f7998a271

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

MD5 3051c1e179d84292d3f84a1a0a112c80
SHA1 c11a63236373abfe574f2935a0e7024688b71ccb
SHA256 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3
SHA512 df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 68f0a51fa86985999964ee43de12cdd5
SHA1 bbfc7666be00c560b7394fa0b82b864237a99d8c
SHA256 f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f
SHA512 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2f5aebab3a4541bbc843fecd5405c1f7
SHA1 d5f1f94d11aa0aa4b3fc511298b817094448b24a
SHA256 d2ff1d4661a241a65bdb6a0f29c32556f1f60f30b699e96c705d771cd808d37f
SHA512 594758484ab8281e774fd8216dd338afb3bfc8fe85c9b260e4fa3e0bc61408bea973fb24f084707ea10feebb623fa09dada86dbce76a95f8345449aca2e9beb1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 10c6c10f1db91cd3c16610b91fa6749b
SHA1 5fffcc4984e899cfadfb849cf181a18a6d871fc9
SHA256 05bf56d6d63a76fd5454564b3e48156528040ed9b44e56a5c98f54b659716599
SHA512 1310c943659342c6675fb4e2ee9c78445d20f1e38e4578fb48f83a13ea65e40dac1e44a20eef871a24ef7046a7b5305d8b48daadbc382327c8681443766f7aa9

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 90bda47c41e2e3e07c641b8c02ff8aa8
SHA1 d95ba17e3bf060a6317f300ad05d0bd3cb32e66c
SHA256 edba0d504c927ff75e32332f1e498ca4ffd3ad882d6d6f2f374804eea37f2dcc
SHA512 e2fe22cac104628c2824ca39748c91c4689d36357c3a0ee629b161246b9ea76cb02415e8d8619320adcb700f0ed3b44831124a4354c38345c2345197ef5491ae

C:\Users\Admin\Downloads\Unconfirmed 475726.crdownload

MD5 ab3e43a60f47a98962d50f2da0507df7
SHA1 4177228a54c15ac42855e87854d4cd9a1722fe39
SHA256 4f5f0d9a2b6ef077402a17136ff066dda4c8175ceb6086877aaa3570cabb638f
SHA512 9e3365c7860c4766091183d633462f1cc8c30d28871ae2cd8a9a086ce61c0bccf457f919db6826b708f0cf4f88e90f71185420edc4756b7d70137e2096f8797f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 035837dcc2231cde1975088f7f7fe655
SHA1 de3b0d7d65fac1ce21620523faba3b060b28e35a
SHA256 97fa60c3b90ba1e67875110ddcd95239ac7cfc9e1318c4febc5a5e01924787ed
SHA512 e8569990402e0ad9c8172d37f0dc1389b0bb1d7d243065210ea1f4a92dd611063b537dadfd89d76780d235c568c7151585289829c359fa3608ea99cff848898c

memory/4028-4260-0x0000000000400000-0x000000000040E000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 fd99db64551021a18d5a461d3a13f7f7
SHA1 9779b3224d79f65db1517a27224b2ac2de5306cd
SHA256 bb1974b1251f6bcc57d0b0ad107bbd86a77f3be035bab8561dd1b7f89751e76e
SHA512 7e2717c7ffb72894be6f87766f9297d8194c482c4d710a5409895d470c9a1202f13a2c89cfae565868c1e0c62718fdb03440530301de997c5a06a059f32cf3d6

memory/4028-4288-0x0000000000400000-0x000000000040E000-memory.dmp

C:\Users\Admin\Downloads\Unconfirmed 751114.crdownload

MD5 b6e148ee1a2a3b460dd2a0adbf1dd39c
SHA1 ec0efbe8fd2fa5300164e9e4eded0d40da549c60
SHA256 dc31e710277eac1b125de6f4626765a2684d992147691a33964e368e5f269cba
SHA512 4b8c62ddfc7cd3e5ce1f8b5a1ba4a611ab1bfccf81d80cf2cfc831cffa1d7a4b6da0494616a53b419168bc3a324b57382d4a6186af083de6fc93d144c4503741

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b1b4e5f39fc68e79c6b5966a6e738db9
SHA1 e8eaa4ad87db1f5bd9ce47d92bdb123720b8ec3b
SHA256 ff7b9a1d5a90271d379f81dbfa7ef148db263f1e469d1ee1252a7edbb5743df8
SHA512 712b31326c40b7abcf6f34e1a30cb416781936961deb79ff48545b23b5351e90c6b83742067b6d15f806abf218d2dfa360ac17d4cc9b1fdc93cc4de1f857a727

memory/1412-4333-0x000002783AAF0000-0x000002783AB0E000-memory.dmp

C:\ProgramData\Hdlharas\mdkhm.zip

MD5 b635f6f767e485c7e17833411d567712
SHA1 5a9cbdca7794aae308c44edfa7a1ff5b155e4aa8
SHA256 6838286fb88e9e4e68882601a13fa770f1b510a0a86389b6a29070a129bf2e5e
SHA512 551ba05bd44e66685f359802b35a8c9775792a12844906b4b53e1a000d56624c6db323754331c9f399072790991c1b256d9114a50fb78111652a1c973d2880af

C:\ProgramData\Hdlharas\dlrarhsiva.exe

MD5 64261d5f3b07671f15b7f10f2f78da3f
SHA1 d4f978177394024bb4d0e5b6b972a5f72f830181
SHA256 87f51b4632c5fbc351a59a234dfefef506d807f2c173aac23162b85d0d73c2ad
SHA512 3a9ff39e6bc7585b0b03f7327652e4c3b766563e8b183c25b6497e30956945add5684f1579862117e44c6bac2802601fc7c4d2a0daa1824f16c4da1fd6c9c91a

memory/2960-4363-0x000001D7D7020000-0x000001D7D7934000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 fe6e26f9de2dfdfe9d64a55dfbe6724c
SHA1 fe1d6c6a1530542d23b2bd57abe8916db4ad8f55
SHA256 dfe05eaa1c406a9c6190e168cac129eb69aa0a9d28d39c83f2433b49b725087c
SHA512 b6aac707e9a3189751562bf9b250a76bb2ea2f59a5a0c2bb0565135755e92325d5e0e6a72a7ca737b72a8d058c008678fcd199362e15bc46553a6e49fee6d39c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 92b8ec231b9da1ec449e3ed60f75f867
SHA1 8279f6e928928a66ff5918ce93c9fe594b65822c
SHA256 db9d4f21dfea4fd3f18b393e1e199851588a25f1f94555c81b1d196499934ef7
SHA512 4abed3f67c9607ea9c0ddbbc4295beb372e672690b9f3ffe0b8fcf932f7764b296d9ae3e4721db90b9f10286b8499f8f951bdd79e0b786d64944ef05ab539e5b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6cc847c0840430d856af519b34b58c9d
SHA1 366b8fcbdf8f6b18100b56c25945ba03063f6060
SHA256 22d4f4bc708914033d19a70148cf2c5083cd74886ffebb11f0d0a6665f0e9a21
SHA512 a1cbe6fefb99e430b70ab12be6c12266d2ce14bc1a5005bcdcfff10258a33a7e78dd52d3bef29cdf541edbf1dc2376fed527c746bda745d776db8ec14a354e6f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7d4efa4e1789630686325a504cdef1b7
SHA1 fdb7321747277af1040d6edbfdf345c7349ea451
SHA256 fdebddc4ede8658f5c9180ee5ae2e20eed09cacffc8b18525f04da1f3cd76cf5
SHA512 013f798d884d84d174b4ec3206263a9faa7fead5662483c9478e6957f01a085b5f81bfe73dc16f32428a852de11a829218db5653303ca0a0fdf67dbaf8091cff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b768e04267136cfc201f455bce5d9df9
SHA1 54374fbce463be3a41fae0a351a48b08319a9270
SHA256 bbbd87a83258b6afed290867a15ef8a7c01a9b6aae02b161524418feb2de4c02
SHA512 589e382d56ba1250e7418446cd0608b10e743ed6f1fc2f7e77e2723fd9c06dc9e6280302798777ab2d674f2a1abffe451978ed5832e4708ec703c8f8692f33d3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 1a9bff750a4479d88c4a08a0e1b31abb
SHA1 7f0405f0ed86a0bc711b6e452812b1b000c49c84
SHA256 0ef08bc03a47a2bdf279d24163b17f0366a5ad0d5df722a1257bbb391908b8f8
SHA512 9b3e813e833cc05e37cf0d34c646fb1df9528fd239617f33f4a24dc9116c09b6507841afc004eafaa93228d874d00ff11e1e47bc91a431d57df37d6e05e13030

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 d02d97a646d2b0d66d2e79c90f26bc27
SHA1 5e8bd80a8ae4fd7a159edd2b5029764e0914bcf7
SHA256 a9e995112516e358cd55db3148be7133e716d9fba63082053ef7ecab4278ba22
SHA512 bc6b6eb12de2810b3b2fe5c1e1f57a94b3e068d9d749d346ccbfd8cfa06cf416269b0ab7dce0c08d1555e1eaadefa3d30957f418debe6dc171215293bb7bd7f6

memory/3412-4829-0x00000000008B0000-0x0000000000B8D000-memory.dmp

memory/3412-4837-0x00000000008B0000-0x0000000000B8D000-memory.dmp

memory/2552-4840-0x00007FFBFE850000-0x00007FFBFE851000-memory.dmp

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Roaming\noxic™-nativefier-41fdc3\Session Storage\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

memory/868-4908-0x00007FFBFE420000-0x00007FFBFE421000-memory.dmp

memory/868-4909-0x00007FFBFEF10000-0x00007FFBFEF11000-memory.dmp

memory/2552-4941-0x000001F35A3C0000-0x000001F35A715000-memory.dmp

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 5ac2ef752431cbe3d5139c58d087cac5
SHA1 81029c897316e556ae51317a3e05ab1f9f3f7648
SHA256 1227803872efe654d735f4e902ab05cbaad230c81981cb84689c7c6e6db42e17
SHA512 86d23b9f3b70760c8bd560566f000b051e6bcad57a29a31fcf011d536d71914c6e7d594d820f0535c33325d90e7551381f7d07b034421b6e445625c061d12545

memory/868-4965-0x0000024061240000-0x0000024061595000-memory.dmp

C:\Users\Admin\AppData\Roaming\noxic™-nativefier-41fdc3\Code Cache\js\index-dir\the-real-index

MD5 50b2a7564013fdf5789f32431a805ee2
SHA1 cfef33e5dc36e68d1cd7008c3e7ab4de855ed3f7
SHA256 f30267405b8224276fd2cc92d6079367994a34d3ac49dc70cd2ccf2e179fbb33
SHA512 e8d04dd519efda09dfd444d7661dc22bae80f1af7e8a4b5649e1e54d8465fe564db529a0283e189dc69768dbf97d73083c7244ae6c9db7150f866f2be23574d9

C:\Users\Admin\AppData\Roaming\noxic™-nativefier-41fdc3\Code Cache\js\index-dir\the-real-index~RFe5fe5f4.TMP

MD5 b3b90a485b6f37163a9e9b270eedbfdf
SHA1 aef77a34b307ae0c6b893739acb7159f4936f6a4
SHA256 0ace133d3fbaf67504ebd7fa47f3452e31b5a7a2f178b5bee178cc32b079a328
SHA512 bf2c01ea27ed6972f3564fb86677b99acea22eefc5a8905d87ce6182844ed97e234817a76dd9466a0462a738a98781a6e5f81145e778720a82b28cf6ba239e07

C:\Users\Admin\AppData\Roaming\noxic™-nativefier-41fdc3\Network\Network Persistent State~RFe5fe613.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Roaming\noxic™-nativefier-41fdc3\Network\Network Persistent State

MD5 80b0d41d827db8dccaa4711690182258
SHA1 e310f5d5dd1d9ec71d410e6f873f7acb012ad2cb
SHA256 db8026fc36d0104dea2d1a22f9f2b074eeaa55ea5cd4964057a713fbd7f1f708
SHA512 7fe7740e12d64a3237a900a47152cb8358e99ecec8e924f50bd803ea118fc0bb9b9bee348660bac45d9207a241c3d96477d1a54d231aef9e1b7b9e0e14a5c577

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 2d8f71a9a58dab1a8afd85e91beb8e2b
SHA1 a3e895dfa793200568ed4f299666dcadcf59405a
SHA256 80bee49749e667aaefb4408dbdcece8e0fc5adb2e37f803eb92124f635b42698
SHA512 e549c54bcba88d7ec48ada98fcfaaa9306120f456a971db36ddad04e0b1a9587392a3d77388aeb6828b3d4eb2478359ff88fb8f9eeb29bec985678a4fb891334

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0

MD5 b20b082da95f62eff79b532f8ffc74f7
SHA1 986b0fc6ca4fd6e002cf17f5ca1ca4cfa204a2b7
SHA256 5e14ef05df5c02f26941957e560f853bbb59097fe7b7e66b3d0e2cfc778037d7
SHA512 99db09617879dd20a1a30e0a91204f0cebc22a4eff4ef1dab339e753292a2227229947964647c9ff8da8eed61d3df420338aecbf1170ce0a548fcaeb6bb2418c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0

MD5 95e7c3ac03e27b8c4ee0d7d333d43427
SHA1 1d1c41d2da37894189e17fd97b143730a577f07b
SHA256 f98ebd35e005e42f5556a124c42db8ccc1f10d0245651f56233cacce87956ac3
SHA512 3597f51e7b61829b51508ede3c175a748bd3c5e76e31badb921b2b962d76c76d539a9a2734205426cd7c3f5456c9670310b7ee23a3f372f8ab86490088fd1c21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f89251fac2b69325_0

MD5 0ad827f03ebbf4a7b19be37b1e87fe60
SHA1 06e7aee01ea8e029f0ecdac0ca4bf8bb73162d77
SHA256 119143b64c712cd6215e3db4461892e320ac693cb6bfd0f972e72863082c5aa2
SHA512 ace7dd35aff2f8b5bac9e613a1a7c6fe2b50198173e073524a3947967eec7e1afb41b60b0271682a76704e1f9db5f97e4a4278605aacbb8466ae33fec6af64f0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\eeea6a59c461170c_0

MD5 cc221b5bc29b535c2f7baa26f7643bf4
SHA1 ae087a7be3e874c08bc1c4e88a6d6dbe52d6fd73
SHA256 aa8840edef61328cc2fc25c821747feb33999bae704103c81766f4bdf0e08bb6
SHA512 797d7cea73d9c8b0a84e60aa619bcd37eb3fa0467824b97193fc6ee6da1585c6ef503c2ea2dad317e713bb9d4be04170794a978de8cb71c5582655bf83c29eca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\14ff8116b518ca2d_0

MD5 ae7931db2a2def898c85f5721f589f91
SHA1 02b4a5053a733978ab53ba443ca9f3f2e0e6b94e
SHA256 eb46f579b9ef190f97fa14cb4142a71c9ba1bb0f17e4ca9a74f10f215b25da57
SHA512 32229c4ac96975962187c31588c96048b6e9c2ca41010e20df1cb66cf1008bf1eca794a11b411e26edb7427bce59d13f16ecc8a1dce39dd5793aa163fd4e25c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\874983e5141808c1_0

MD5 6987bcd00c35a7bdea69da6f2484d0a9
SHA1 7e120271f4e7906000ebf90ccdcf3a264c144736
SHA256 c18e8169df1961815fb409ad0ae12bb0044395b39c9dd40fd7455f1a84b90f28
SHA512 9fabcb70b2a7dab1576f60a397f1a53a257e69671a367dfe673ac4c03285e66368856737f5440717ad152f4ee4fa703fcae84268bf6f83b0976960861916f44e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e4f85019800026a2_0

MD5 60723f04ec85017d606a6c847badec38
SHA1 6020011a22728c48db38f9ebac0fb0b5cacc1502
SHA256 2d8ebb23919c370458170b84a618d513026f814ec69f3341131768540fe4f97b
SHA512 3a3016245f03b71796a370d4e4317ae0141647a18222cb8fa1f89b42fbe46983df84e1799df7f37624e254471e15c95a614d8a163f6ceaeeec1da3cff7c08f3f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\02735674612cbc52_0

MD5 eda7ac9530a34e9425b6fd34277ae798
SHA1 c3a43690bb38f2b3992b1d77f020f1f117142a99
SHA256 94cd00ff5a23d9fe7955c5ac015098e09df97d3b6b7e008cc514395fcb1fc97d
SHA512 ec6ff3be711f77e4ca8406a1a88db36c2ad9dc6e00fa5ec060147cd8556da2571be6f7cfd4b0c4bb1d8a1d4a69ea84a3b83594b707827a138118af6476e7ab34

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 41f1f4c7116a2bd5158968729e0b8595
SHA1 2c5ed5eae519e767163d6b45db176c86436482a3
SHA256 000ce18ddfa9275a68318512c0e8ced27cf6e48405465421eee14db8aaf82238
SHA512 c2f035cd2961a64116049a88b31d1680e029bca37fe9d789c66ff4b8292271715f8cba884c797ff18c8a7498e59797ab0af20d13de152d1eecef9cffdf25740c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9edbe9237660c4fcb7a13c861d7eadcb
SHA1 9857342aa76dbe76c04ce20bd240fe17af6dfc1f
SHA256 0b139ee97c59e35b5d036931e08b321b639649718cbada18fd5ade7b182c5cf2
SHA512 7ab65b4998fa525b4a5d8b1b33f2bc39372f2f506e9176fccfe0fe570b2490583f47df1f860c7c3b396c0690f9db093f52d0f42dd4bf1204303df6f2c2903560

C:\Users\Admin\Downloads\KiwiXExternal.zip

MD5 229b707117b874ae0b572bbfa329357b
SHA1 e5d630335d8b4c17af44756c45bb286318c803a7
SHA256 e52f137f70cfd82d9b618af702f65587335af1acc881daae47277901b10ce9ec
SHA512 67c3941f743cab00ecf8b45dad6019e63fa61ab676986d9e59491bcbace5d41dc6c70bdaad4fd8d0d0161096ed9e78e04d8fad017d1651f64ad036eda8497f6d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e89372fbac8a9cbd83bf455b82506fc8
SHA1 ab6e7906f808b08e46af099d2c93dcd430364c4d
SHA256 e275d97724543e06ecd0535fd6be0a944d878965157b770a19035c4d87a78412
SHA512 1bea45adc7aecc39b407130856350d080087eaee1540d221443b9c262706f49551bdf6b85d48193bfc8151139d329aa48fd522aa923980b343522aca3df2dc02

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 50914bae5db146735f9e7a54fbb70c04
SHA1 2ff69595f304c5105b01eb7bf1cf4926d3b4e344
SHA256 8586f27181e0befdd658f1cc620362bda438f95fec28d2acdfaadac86445d301
SHA512 9b2476985adfd84c45fbf59a514d519b124dc701feefeb72b650c72fcdf1bd7095736ba53f4c5a191c30b0e5b25cecc9ccae89317b5f2897332c150000dc61fe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 d67995cd8565aa012791b102c50e843c
SHA1 da06b4d74781effd341c9952d9017a3d656441f8
SHA256 dcec62243fa7217bf15b061d3c149ae6f4cc848a3b35da32698961a79fa5150e
SHA512 026c11ad662407f827b1d289f6afd92d77ac39777617f7da0e23acc68b18c14b9fa33c808f8d9b02395350e8b0ea26f40207136ab8e05af3a0c23528edf9a767

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 1d9db520cb840a673a69ee2cf08500da
SHA1 b6b71bd566b6d24a90f55b5fe3973c5bd99662b7
SHA256 f775540fbd1e0f1bde3f84ccaa001f3c61752e48acf6d4f12331a8d48d57e6b4
SHA512 7234a2cf0828bd5579a46a1a80a4fcd8846db63a543f6c5830c82c5126cdb8a4f5459afe2c60645690d1765aeb03aa14cb1c24fcd3029247647f28d1945f7a47

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e2

MD5 1fa0aa3156ab2805068976fb61a40a15
SHA1 6657dfb36c1a64c894974eedbbfb9fc760b8963c
SHA256 8e94848923935526b0bc2fc2b29b14343cf88997480e66ae2eb8bcfe5f0ec855
SHA512 50c650b6aa6bae3f03a447d2ac123aba41711cb047cc21ac3aee226b2b1bb963df6e422a3b526319ebe9aba1c677b74430442a9b5984918742488d84a7793e48

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 4faa764f126a54637c0003fdb3e01d55
SHA1 59e4a631e281e07276c559c93774654125eea612
SHA256 27220df55cb2c1c111bc1ed60906d7bf637d6a49066fa171529eb3dcf682d10c
SHA512 79859fed0c1dac0719ceb9f50635e7a15ac89df9eeba80f04c42936c41809a345af5e6dd29ae60ddb673185f7bbf4d366c70c81b7279167b90ccd78fde6e5932

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 09999bc0e17155b1afe40ee7fb5c7940
SHA1 7f76617c8e3876a8847665df64d43be80fd9fe80
SHA256 c0aabbcc76f99a953827c686278dd93bebe02b6f23bc676eca38234f656d1eca
SHA512 78b078c9e4a770a8425237dfe6fdc20b73b833698a37cb86101353abbb54fd8a2a9184bf6ddb1efda56deb3ade3c1655662b9a6b523e82c89bc0fc061ef83a09

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ddb5014110d66f56dd09e8469bfa10a7
SHA1 aee8ee3609ad575bd5b6597ccac7f4cd0358c31d
SHA256 7f5b51bd7f5ca6d821f37e129c212ae0970ce14b345c18230e653e2560cd4690
SHA512 4e01a26338586e82dc405a3ccc6f99939bbf0034942bce61e33924db32752c5436896b6dd1b66624b4e9dbfc2357074956ae43b74c3b4b213b82aa030ed0b76d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 38ab78f82018166d04cfd5429f5c0e7e
SHA1 d6c755ece3433ff0833c7936661d94da060011e4
SHA256 3f4160a4abe8b21433778e55acd65d8cb3cc765f236e636622a44fa643b7a9fe
SHA512 f71cadbb42772e7b1f72ab9a4d329d07c3fa7522bb450f8b735de8b6e7bea75f8f3f18960bfad9bda893a725ba4acd5536d51b2c8fb488def272574132bc3d45

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 d2862d25c39759df692af8a06a56c90d
SHA1 4f23e4fca389bf239f01826f71f024fd1abb7a93
SHA256 731d37d28b3d94fdb835a7a58d70caabe1293ec550a701bb10cf5801241f3b93
SHA512 1d194bdbb697c6f89d4395fbc394973f32556efbf66a747838d27308d7c4d01bb2ff670a39c26a04cce30034216c041e04d6f34286dc3a25b3fb32d2005b2a55

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 24558a49f81fc9cd8b52f76dd3153c5f
SHA1 4eaea046f9d3c9bef9533e53a0223228ba592cd1
SHA256 1efffccb1574a707e5ac8e6c6afe85007fb5b2951456f84fe7525190b807d322
SHA512 63d8a985d4e484dace41863023257ac8bb4bc329f37bbe27a0fdf46593f75c42c5ab61d231632a47ae4516724c67017b9a80792f587b13ab4b85ce687fd6d5a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c71baaba1b2ec8d10475d5d15bc28c8b
SHA1 92642923ae71aa2a0a10f92628d4de5c72f89449
SHA256 f1cfb1a8dd72109e3ea3981866fcd45dc2ac837283dc9ffd1cb8913728126783
SHA512 a17b0230bd8b753fac62389f860983ff844ecf992637dd8256b5ad6d0ea72228369b72d3bc133cb5ae1c903cee608e455e4f51c6dc5c43ec084f07029a375da4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dfe07f2c15075c28_0

MD5 8fdf7fc91509d62cba958b9405203872
SHA1 d3c11e23fded8612486bc8ce675eca13cec3f157
SHA256 e5b04def89c121f1191e53554dc4aa715b2480da05e0a689e9dd6050e9cee6ba
SHA512 7db679643653e2b2c242e5f6a8d622b7dfa5a13d22a006f3665fbe3c69435448226ab13fdef7fafbae0b4af995ce5e400cf042b8514244b4b9b403b4a8cb1ce5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\580fd9376c2d4a3e_0

MD5 fedb2b807c4c1678d6d92e7448189dca
SHA1 f589cdd6295a100104f456530335bdb1203fc451
SHA256 f9752d7f47c41ba46042c8ce6bd9725ffa7fea8b2763c1b2198bee66a3c83a4e
SHA512 66faf5b109a03b2d242aa154f0071b5a2fda2c9bae460725b5fb27dcff76494902d42dd0ed2489075857e3c7012eaf8b2d0e650e9db3dafa3f9e306f0a223fde

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f9f54d7f2e6cf0b1_0

MD5 0167afb4041e0be83f84902f6c36e6da
SHA1 b3b6778576a18e2e2af3666844ece258d3b83c7d
SHA256 a22b9223bb9e065e99be89fc34a23bb46ee4833d191180672e39f421f9c510ab
SHA512 de597b3b36263f302968b1e697d87bc6a9db50c0c7aee401e9450eba01704c1fbba0b54d3d89cc86e096e6c73688ec9eafe7559e08f8cf3365576225e0d673cf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0bbe00d9bf7b798e_0

MD5 f1b35615daf6682d6fcefba2019f902e
SHA1 595bf3d6a25761f14ca5a84a2b81b813f72c527d
SHA256 780548ba0f08a2e66dc9e2cf4ea3e24d3c0d1368f42fc0eb8b609b39a2eab243
SHA512 5ce998209dafe5c6a59a6866c49b7c5049f920cdc36a229a15e63d28a28643e27c2a7866e765345c8299a46c473a0c2921072d3c2c96bd8c48f8c0f5ab2d0347

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5a994fe24b451732_0

MD5 88ca41061f820ea27c932b5c31cd8b62
SHA1 beb6b085806a054df17f3edb7144f1ca487e9f3e
SHA256 c72e4f3c8f5957fa4481ad1e70970b24ad42dbc775856d40c4015117104fab87
SHA512 4541f842ad8bf26a9f39395aec7d97cb5e4a41e1d56c850313bff197e782220ac2f1219145d0de7b00662c45dbacb266fa06e6e8f3ea5febc0816642b888f083

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6e1427d19ff38087_0

MD5 ff9cb0ab269094b7e8c2cd93710a46ac
SHA1 fd4e25bfe767083beadf9ddbb269276d92d2eb12
SHA256 e79ce890f3b641af44619a5aa714c321144f22726e384dbc5c00fcebad6f80e3
SHA512 83122d6e2a96972c209dfe37663c44ab4df17acb51f4acdc15db1e85deb9cd7a014518362615c8800fc78c7b0765028ff02123bce4b9b3d17ce26a193d59ee26

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9d8b2b572f60a09f_0

MD5 6948759ceeb2b14f92ebb861b7fa4ed1
SHA1 851a1d1b4632224e013d83303bb86a53e36a0f54
SHA256 91e8238c9f0d94f9846b81f33ecec16adbf50641b63919425e9c9db32ee6c62a
SHA512 1ee96d72116a364b7b753bee8aae8165ac594e203773b37288ff84311c3e6e60e8e6da4a926931768b3820faff9589cb767aeb1593a6f729ff6a60c5ebe1e37b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d7a29efad91a1117_0

MD5 5ee8e1dff65aecfb8a718b4ff4362dc2
SHA1 28a14df903bbf021886313b1db92773d446ad8cf
SHA256 e10bf1cd9dcfceab3d5c13486a6f2e41ed2c9de43aa293aa598fd9fa5de78176
SHA512 4b8ab3e61f5c5fcaeffdbd2e7bccc45984f61bb96c7f211eec750fa0522fe3ce49cfd9d3d9d7fce38a06e61f0f31024eadae8a0219eea93a91ce43a796f62863

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ee73a31bd0cce7d_0

MD5 566073ef08d4b6d2aa011c75bb5e659c
SHA1 bb042d18afe7e85081ca8b4f401fcceca92adb6d
SHA256 62263daed53ef0d5133bd226766d31717fab2006922b9b3992141ef78ef033c0
SHA512 df644d54657725358a4d2014a09102fa6ac260fb6670db007741cb43192ca2061ebb46cc977a215708c01287bc8df8424a5ac864ff1bb0e31550e3a3f2a34453

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\54c70e8d154012bd_0

MD5 b744f530e5193b52e288639906ba842a
SHA1 5f75a06058393b82adaddbc4c332376a004d4089
SHA256 28e8409559fec913807b3bcb7adf18bb7f9c0bc7bf60ae24295de78e04d677db
SHA512 89eb76adf33d381f3f938af5b529c587bd06609d6afa2cb85167edae4d8076ec36540150d6567707d4a1f17cd9ffbf966b7bd37dd05e36111d1176c07dd1da65

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\076109382dea1731_0

MD5 33a33772e51d5c420507aeb4758c9da6
SHA1 3bfdfdc985cd08fcfeeb324a105cc780aa732ae3
SHA256 72de2d349d34cb86d3826ce8746db7197bdcceb53433b0049523305ff55d6c53
SHA512 96511eead25f5b42f4ccaaf740f800418a5b31a28a68b3528a157639cc107e2685e221e837da95715282a521a07114ba20fdc712a75d28d9e1f56f30cc45e125

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9412c8b664751f90_0

MD5 b548415b1ac3cb20657cd9469a3dd978
SHA1 34095614a920097ba3a5f7e8b05a9791a583bf38
SHA256 3b37546cacae9a4fdf21075bd2097439337a6856b56e0597c8a61388b2590afa
SHA512 1f071c9944e92e1749ec3479c760a7ecbb0482d286042427f659d61572484224908c0f906555a9e0b487d16865d7596116eb9d1823745e9e562f5feb1d11185b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0

MD5 b7d24e4ce59cb544ff10e3f265f63dfb
SHA1 2d53d17af7b1c18ac81946f732130d939a182c95
SHA256 17dde429eda0cd9158fadca95e6219a8d3a0209e858587555a504ff6f73dbc66
SHA512 93d4f47e55f2d0a288ea02690743c47d53c3df40991a134878bd7d856abe3dd5c3d09cc966704646314c38cb785da061c75f723adcee443cdcfbcf199bca3c9a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d0c04f9998369cd_0

MD5 0ea7e1232bf061c21e7f09aea4a8c438
SHA1 ef9e176c9c3649dcbcdcde8567a252a3063f228b
SHA256 13adf4a95ed9e149ac57cc4f1790c2e4b7ecc913b5f3d91eec2dc364d953b231
SHA512 431cc6ab68164d637499134a04c756fd466737e48269700bf5278abee0aa53a02499bb8a97bd44725817e4a5ab191feb1e4d30996d32753374bccea23db0dafb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0

MD5 14c9a7d784b7da6f81e219f105d99091
SHA1 ba24d5bf7420a888ddcc11f38328fe768115c92d
SHA256 fa17dd61406cedca71516078aac890724aadcf2008670ac21f8406792fb2df2e
SHA512 f9e4c7649442d7ae3efe5a6ce1c95e88b8116bb67e45fb32d71adb7701e7528643c1cd414331ba52e89130bf0ddaa96e160a7216f3ded1285801516a4a383133

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\83d6d3a772bbc707_0

MD5 0412f628d37409a6d74f0c253cea012c
SHA1 e5d9c3f2096fba95da8f3869e492ac1e1020e862
SHA256 344d939215d0ff9cbe3670987d3bf8fb5d5b8878596f4cf463c4d942739a7c9c
SHA512 56505da1dbb07ad0f6bc32dc4e73f6aed874d58f09e9feedc0626b6ed33fe2ad4b937f66cdaecdf9573049f0ea6c6dd41c19b48aeed98ef6509cea06c2645706

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e55f0a6d1b533c66_0

MD5 2c5f72d9a7f3f16b25a9bdde9d3201dd
SHA1 bd78b43eced3bbeda2c3dcb5c5e05ffc9f4a2df3
SHA256 f9f2727af01ece3faef1a9d99e60239f9fb24947c09b65d7da681be65a2c573a
SHA512 7470d553a79a721dca82baf851809b94a63880dd5185a3c1ec724e03aff4b9b8adf972ac9e4db4f8d5636ba3e47419a99240e83eede59911ea6b32c09e6bdf9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5dd1e579c9681f95_0

MD5 23a4dd56c8b7fb11386651df09e38c9e
SHA1 c912bd95e306b644dffbd4f78753acf0257d8a2c
SHA256 cb949d34b767f70e9b5df14b551d350c5db0f7368d55f5bb89c4da9cf6e301fa
SHA512 0247f962a2929c21ae022d52dd798cdb3e1fe22243429063d176062850cb1d2df1bb9b0c73f640deed86a5ec60c828ddcddb130b5080258f66656cbb1fdad2a0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0

MD5 c1f8888bba7ab8885a389ff7bd93dff9
SHA1 c32bd386c1e114eff2d23bdc6e6069407a247f83
SHA256 b451a3a21329bacf91f4d9d67e35106666a35102782a5c05d14669b2dab66b29
SHA512 ca4ca3f12a542958bfa9859d9c0456e4de95c211760dfc70bac4e9f6cd3909724d5bbd1e5e0a3a3870e0fffd28429b00eae77f3d7ad15ca0bf177ccbc504e567

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a267b7c21d8b8c9c_0

MD5 23204ef1acfa51cb2859c794d3239d11
SHA1 3b6aefabae4c8af4f515b767b2451a0ea07ec92d
SHA256 17e57f248959b01b3e702f49e6d7002b09861e51f32c6ba00641e54c3d9f3b25
SHA512 019a9fae6ba0ead48437bdad93c4f42eba97b9c9d6ed72efc791ecd62751a09675813077e0f5a25b9f708505cc2c622ee33c07294ff6ab0260e891589a10665a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d3dbb3008455b523_0

MD5 42e083b19c65b9433e72e8073bedc0a9
SHA1 f07936c9e48559114c56113721dd240ae33d3e65
SHA256 3dadcfb3af2e7f9e9b6366be490303a2034d26915e40995ebfb04dd2e4da8b0f
SHA512 ad8795f44b67e949aad248f57b193a0adb351181971e15bcf2d50ce35cc17a0c29e930d76ba27785ad22dc22b214a17d99937c44bb1ceb4bd561d757ad589def

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\498a3bff9d90147a_0

MD5 9e820077811b188d2eac27eb7fa240c3
SHA1 7e88b4c007086ea48a9dc9dc74994fffd8f0659b
SHA256 436880595a11155f330f3218c9d47e7d2ace54c02f60bd187166315721c875d5
SHA512 ec535aab7fe419d0ab3bb240f2118d963c8e5737c3a80300612f2607faefe376e81ecdc735f73e5a235048e7fe7f7a2b4ac8b74faf568945fce34c78e93b7949

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a09f6271ad0c4092_0

MD5 34abc551796fe336a88fe50bd53a07fc
SHA1 dc51bdf9959ba4bb6680f86e759f7b24cd6f1e68
SHA256 64ce9080fa2d35753e85d5377c5daa9cb5a96a93eafb90c499968750b3a569cc
SHA512 cb17d46c0e53d5293662881b15efb082a8739472879adf49b196c5df5b4ab088435a4152f4c8078a0e15e41febb202061ef2379cfc3ffbb5a133095902abaf6d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7a66a1246c4f29f4_0

MD5 22c244f9889414fb7aaad28f9ddadb60
SHA1 e9ffd25dd6a5431c6ce9958a62507488f0b65304
SHA256 2bee3d962946113f549b21f8f992b9b41deadcce5e2e55da126df70398dfbbec
SHA512 fef8b8cec089b0db627db1eefbdc95895138132fe33adfedfcc73303448c4a901b395436409be2cf6609699c478577dc250d1f5bc7e7760947c68226642b30af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3fd2be14abb3904c_0

MD5 a046dadeaac48901468e26dfa6ada6a6
SHA1 96b35d69323c9dd482842fe31c2e20154beb208c
SHA256 db8d1f6898fb944315cd12cda202ac23f4a7870923c555ca91bd3e61c267a304
SHA512 d51c94b087a179188c1bd6247d406b9ede1931cc61beb1518ec3fea66c52d5df4a72fc5ce44c857a6a76c8661332af7f4415a6609c50b8957c220978551877ad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9dbb949d27873cbc_0

MD5 1a9f98ce2a6b8ef6744f795ebf94f351
SHA1 96128fb650603bc95df05f86572ca811845052ca
SHA256 d8be5480473e2a2d2bccc35ca4fd96f8d1debf7de6799e951bc6f68ed77fc41f
SHA512 63acbbf54305816e1a562b5c8c1d97f4b083218c2624a2c298d18b844ab7ce67efd9aa5b73e8347750b96d1e58936851ec2bcd33b7edf6460d560cdc120187f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0a44ad51d1ad22c6_0

MD5 cf6f3d5f93b99786a922bba48f03efe1
SHA1 99c40d554cc0aac0ee0d2d8a871066ffc7bca852
SHA256 ad1a603a8c698c97fde7c9aa550122befd94281e390077388ffef9331bae5938
SHA512 c37a74caa226c37182bd1325338c25e03a87afd514f6256aa5c6ef163eeb77a18b35b9758bbc88ee53ea3067db9979857a60867fbae2647b73c41845658c915a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6d3b0ad57bdf7db9_0

MD5 c6c07223115506a9b5a1d8e87b86f4a1
SHA1 0e4e81f9eb8e5810aca942ea1557646ef309e230
SHA256 51b550cf238bac9c6b1d55cd12b2ac9a7140dfdc5ec59ad2c704b617ed167f27
SHA512 1b69facbdd00829b1bf3f36870aa409169ea0efd9084d7f0454de9a45ffae17c9182d1713aace5a9f8f9c083eb03a763090dba455174e8afbf2d32b56899c509

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1927a26afb9a8b4a_0

MD5 7c1af8d128aa6fddf75d5df671ee344e
SHA1 b0098837df9e6eede9ccf7f6891d6ce6963a36f7
SHA256 4a828c90f62fcaab9c97e2d7db4a9b7cd6de341cadf8b15acaa5b75ad749e00c
SHA512 9e0cfa2e61522ad9dfaed7138666ab8fcdb4b5ff0d090ae580747fd7ad4fd28de621d466aeb7772ccb4976ca28063cd1a687770aa6298bd7eb9964d9cc15ff74

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daea348421cbc209_0

MD5 a55fa3ef68674612b5fa9d25c7a487ee
SHA1 bd56744f2abcbc9fec880f3f9a9019cdfea61c55
SHA256 ed15e3d908d63a104601704e773838832d1f3793d7550e7ffd19e98c048018c5
SHA512 97f88014b5c94353166e6a165d628250562f171aad6b29a955443b6d28856bf9e0e16831d4ec84391e0ca72712df7a97c8519a1500432c89d64b6d3f25de92c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\273820857948f45a_0

MD5 4b15a6d5019b2aeb22f9e4d2cb44da82
SHA1 7518d8c075bc167fb8fd975dec60b21b635219f0
SHA256 29826b34679b2b778bbdd4addfad6c8bfc0c74715bed6bff01d4a5b11f513ea2
SHA512 c54384f7ca6755b5b0be8c0e4c508008e0c614fe1cf63ab96b43936635f62d3e91bbf3ce444c6ca32372b2aee6c6f65a142912e643137b099271dcb1ecfe47cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\448abf5e90f8602d_0

MD5 519ce28e2b0ed889948ebc3005285bee
SHA1 960067749aa107a4a9dc6c72816bf924167b8b88
SHA256 85f7e81f2e630c2ee9fa93817e7e555e832e3d616575243f95caa559490d2b43
SHA512 96a14c0d1b82252d0e1d9260ba949ff15b410b1e01cb80a8be74bb5ba75e2a18ed903b894e6c4b0e651d6fab302cbb88a6bbb682baa047bf07af9dc09b983a3b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c9091b186daf8204_0

MD5 24c6f60fb88b7f53a59ea2463db81e7c
SHA1 095d07183f0ac0e080d3a2be421c98315f19eef1
SHA256 d1f4872a69484c9c44fa76bae9e5786d621c6e5f64b323af3cd63232b772139e
SHA512 aed5d0fbaf5928b51d7703a73c9332d14d7f21cadd837859f5e2803dba4abbaf568d11fa8dbd8d2482a0f69f0d9769720a479cb41fb572460be7828d367cb690

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038

MD5 02240241c502c60a601fea4d1ddf616c
SHA1 654602ee1bbdcade5912f9b727473f592ddc3237
SHA256 2c57c29f743821138afdd7d3e75f38f4b3912f60bb7a3c5e0170bd79adc1709a
SHA512 8b135da031724d41b7ed6fc4e6b78568c915f900a9ad35f09f98cdffe58d0f1e611232b46c78c1fc0eec6acdbaff1822887e2cdfff2ffe6aa3f5fd897261b62e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036

MD5 2e23d6e099f830cf0b14356b3c3443ce
SHA1 027db4ff48118566db039d6b5f574a8ac73002bc
SHA256 7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885
SHA512 165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037

MD5 89b14043a36def333f547e45b88b36be
SHA1 7729f36422740316ae722cfe5b6e5fe3d731d021
SHA256 e13e0d24952c346806b3c5bfda2626f51886baf807f96f58efc82a6d88b00e81
SHA512 3489698d642de8232fff37b4e289110670dae623f98222dc4635ca0e6e4252911a7d499169dbd37cc8e9e777d0ce410ff7176c50e7b0dcfee8b2a67a429315fe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003c

MD5 b6b2fb3562093661d9091ba03cd38b7b
SHA1 39f80671c735180266fa0845a4e4689b7d51e550
SHA256 530eb1f6d30ce52b11c3844741721eed669decc69060854ddb6666012c6e9e20
SHA512 7c3f88910bb87eb58078104290d0a6fc96bb34705974bf93e6dffd928160a9f28e34d879f015f0a05754f56aeacc462e27ba3f332e9dddd6e3879c5d97db5089

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b

MD5 76d82c7d8c864c474936304e74ce3f4c
SHA1 8447bf273d15b973b48937326a90c60baa2903bf
SHA256 3329378951655530764aaa1f820b0db86aa0f00834fd7f51a48ad752610d60c8
SHA512 a0fc55af7f35ad5f8ac24cea6b9688698909a2e1345460d35e7133142a918d9925fc260e08d0015ec6fa7721fbeae90a4457caa97d6ce01b4ff46109f4cd5a46

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a

MD5 cfff8fc00d16fc868cf319409948c243
SHA1 b7e2e2a6656c77a19d9819a7d782a981d9e16d44
SHA256 51266cbe2741a46507d1bb758669d6de3c2246f650829774f7433bc734688a5a
SHA512 9d127abfdf3850998fd0d2fb6bd106b5a40506398eb9c5474933ff5309cdc18c07052592281dbe1f15ea9d6cb245d08ff09873b374777d71bbbc6e0594bde39b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 1b6703b594119e2ef0f09a829876ae73
SHA1 d324911ee56f7b031f0375192e4124b0b450395e
SHA256 0a8d23eceec4035c56dcfea9505de12a3b222bac422d3de5c15148952fec38a0
SHA512 62b38dd0c1cfb92daffd30d2961994aef66decf55a5c286f2274b725e72e990fa05cae0494dc6ad1565e4fbc88a6ddd9685bd6bc4da9100763ef268305f3afe2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

MD5 fed3d674a2f247d846667fb6430e60a7
SHA1 5983d3f704afd0c03e7858da2888fcc94b4454fb
SHA256 001c91272600648126ab2fd51263117c17f14d1447a194b318394d8bb9b96c5d
SHA512 f2b9d820ac40a113d1ab3ed152dfed87322318cd38ba25eb5c5e71107df955b37448ab14a2779b29fce7ebd49cc0bbafbd505748786bc00cd47c3a138aefdddc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039

MD5 bf95b000a1f52c689cebc5fa260f201e
SHA1 ebe21a68dd7d8321b540757f246ed6e10a18683a
SHA256 0abded4712a9ab59e84a24ec40179ed475eded446a082584d22c2f7708db6c40
SHA512 151752d4174ff487b3895535521e38071a729e7853b3b2605928b14350ff4106d2d73aae14f7c9a69843d417648a2dfcb9b295a254391c18d99f354c39e8c32b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 7eab02c9122098646914e18bd7324a42
SHA1 5e2044e849182f1d3c8bcf7aa91d413b970fc52f
SHA256 d58d66c51a1feb9af55ba4a2dcf2c339b7976dd011fbd5d071ca86b9d7f58a42
SHA512 dbb0f94de62d7d77d4bfe6c298043c559a0d4bc117bd7dc1d627caabffa8e712cec5e3adb4a737b350429493ac0ebfb81c8759aebed41b30218d0e7ff6f3196f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

MD5 a6f79c766b869e079daa91e038bff5c0
SHA1 45a9a1e2a7898ed47fc3a2dc1d674ca87980451b
SHA256 d27842b8823f69f4748bc26e91cf865eceb2a4ec60258cbca23899a9aef8c35a
SHA512 ed56aaa8229e56142ffa5eb926e4cfa87ac2a500bfa70b93001d55b08922800fe267208f6bd580a16aed7021a56b56ae70dae868c7376a77b08f1c3c23d14ab7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d

MD5 ca39c956585ff3441ed99f219a95908e
SHA1 c17d8ac3a1fa156abb4d7d6f4799bbabc09966b1
SHA256 c23e03e141a70b1967f6d62a272ecbc588655211752e250f9173bebcc61127df
SHA512 57b5cbce513d2f1c698e4ca82cb9b2ba1c26d7b80f21e4efa77493d0053943bd5a8eaedc3dccb23192c0145dc411a99a86356777e95afa78ac616ce3f5189a5c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6531a70bd67cc7208b2780d4eb1c1c62
SHA1 785c5dbb9cc0891b8d89001e74f55afef5cd573d
SHA256 5692e034a34147fb9a98514a4a05e788695330c10b88ae7da803b367e764643a
SHA512 17630cfbd1a6c5110e2d7e23f35d7949f029040c0d798146a5808317f665bf45693f8db1831f9045a3b385cee23ef09a739aed3cde5986b9230641c6587f7426

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\8e317c92-dba8-414c-8f81-fe83ee84bb6e.tmp

MD5 3cfe7e09becbf2a7dcc218681ddd39e1
SHA1 5953930209366ff30912a59a9c0ea5d35dd293e4
SHA256 f038055e3ba22dde52aa908daf7710bafb0395d0d190c567b7a07567b8489574
SHA512 ff18563b27167a3b4fce3ec1b665600f52194521298a406bee3d3fc4ae95794d7d68d9429e67e0e7d8bb9dcc637689714f389e3d04d0e05d58ecf5e80e8de4b9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 3ab2a20cee729b61c59da12a34a8764e
SHA1 43a9a6536e4513bfdb8fc6aaf1b19cb74a7b72ad
SHA256 2bb4c3548cf42dda58091b143d4a31870267815597008e94e6ef694cd5480573
SHA512 d0e3f124a2876bd5c9d4687a29ce0591a508b9ce969cba1a3fb084eaeee91490f9aa58a4532e3fae68f2db20cd819c5ef4541c498a385df294a34d2f5a709658

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 df1223e7b183840b4f061720cea91021
SHA1 7fe4bb5f23d6a23c51d04e7b06abf6a7d3eab41a
SHA256 f49d180e9984bcd17a74e0d0f23303e22d816d17932d9449f1936368ddfb1419
SHA512 c7eeca1b95b52d5adb31cb28cecbc89bf3cad165e3e194a89313165c19010e7751e87be2bc8184822b7c3ee2981b011ed90ce317eaf982f7db4508eda1151d1b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.gamepur.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4a42217cc6dafaf1b4b309876bf33203
SHA1 aa60b5780a1673e5b2715d87556c8fa0da698aea
SHA256 6ec6dceab26a381b8415574a92ac433bf9d046acef838a7920c1d3017f20a7bd
SHA512 e43df562a84b69b2b2acd71249aa4b971ca5ceee04c76cfbde3f67cf0ddfdcbc599914270a29ce1416e34dc8829c22fd001f27cca6848e7040a01e032baa4566

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1a797e6ef8e9d61eb6761776ce18d435
SHA1 6f1185fc342ed51a0c26d6cb937b3156f4526c12
SHA256 fc90dfc3e19418d56dd5d419c977b9185c7ff79062ac996e4cf9a3f5f13613f2
SHA512 ab2aefe1fc9518b244e6f3df49bc66cd39099b2a202ad80517aec3a97919cf21de1c843270213eac5797368e0e74ce823dd9caa36c10be6a82f814f8ff41de72

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 78c7f2f06914ca07f3edb54ac52a1dba
SHA1 0671340764dc2e1c0cad1e4b51871de03d4a15c9
SHA256 c7103f69d65fa8a9a61c35b7e7dcd785dc7c8486ba2db19ce64e7adefd2b3360
SHA512 78302a3a8ebe619dccfa44519b61ed8fad2a5b2df0cb768a06c974a957992580066e04b72fdd1bf8bd56455314b066a5473ad59502dd4541fad3fbc91555ca08

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bb590398441a469d44bbd384e1cc8b38
SHA1 4fb9b42350bea8dd7153d1e79556bf7dbed43118
SHA256 34d40d2144db2e6a7f44fdcb0f8f802fce2f3e4c4a85eb4ad40158c3ffdc570c
SHA512 ba74886b0c17b721a0ef6200ac62c9bf0f66b2666a962bb3a3175b3a459d1721ea98c49d4ad064b7b78eb5ff05309356732f8aa1a07e5fd5ae721991f5e52866

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 64b658a3453b56199a69e8ba9168d9c8
SHA1 fb88afd9c9a067dd9fbd8b409ebf365528c59685
SHA256 e5a25e03bc919c3abff2a7cfd7df69d93a8918406805d2d55b90b85e80b6c20b
SHA512 cffcf83526f27df5ff9acc5bf983e71e1219abc0b502f4ccf23d0c52cc7eded4aa9661b879d932a10208e435f21c8f4d6a1a029412a71012dc0e24e9d1f3ff0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 821b75922551eeb52bec0317c1c1b70b
SHA1 6aa49c0016377e06c7ed15f48f0be00c38324c6a
SHA256 37f6fa6f0a886396ba117df1ba84869cd3a3b9ff31e00dd18a43ca93dced649e
SHA512 db54074f90789dc8c90d55aa60d0af0352939d74ffa327150c1192cec6a8494b9d43bf9701c1ff5937219f0f1a3188bd6b221fd9f7a898d75d3d6d6a33ad9c1e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\81764cdb356c9506_0

MD5 cfa07511fa5fbb0bdf68ed670f430dc5
SHA1 bb6c1f777b8c8395fe77c5d8d4bea29ced40011c
SHA256 99e9e6e70a1ca07cb1fe653d588e15c599dda292e6c272ec180e06adf8763dcf
SHA512 e178fb7a2c4f0bd508c6878d96cb38a6077cdec1d498774d7d50dab045ac9dd0458b80f992092686f2adc7578e3e3e4c6fa5e022476b9366d75d56f508522a5c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8e5987d08f7b6e11_0

MD5 ebc886eb6bf1d65a60edd31c64dfc475
SHA1 309b32969aa89401c1cc7aae9a555245bd5107f3
SHA256 8c56110946b87b2d43ba418ec02d637eb2a5e09d28a555efe4062cbb052fd439
SHA512 8343a48d7c80738bfef8f870053a3e4e6958f62e58178e60fb5bc80d5f1753abf2f49963c3e3f9a27cd594dd48a716724bdb801fa977f167ca08ca24ebaeae8c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\48b1105b4c2874b5_0

MD5 1117082a56d92b419b11e1b80cb34962
SHA1 289a0514e3727684380ba14639b141dd3ce635db
SHA256 1af346447fbba3a569d23714c8f96c0689ad21dfd4123de9766bae580c97d2ef
SHA512 7afb277ab2c7bc70c7fc892a604569bb4ac62696daf2aaff7686053a04d98691980154c972006ec38e164126ccff6a2b7b32d7a85cc6da468ac4bc4c203acf73

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa5fe3b36e22e31b_0

MD5 b930661c30178c5114cf8a5170d767ec
SHA1 59d9f33b95be4e927c0593aabbeffe00887d9eaa
SHA256 08c6a4b66246980ee36f293d00b6d7f186d33cc3f49dbea892c9ff87c2bf2006
SHA512 ec425bb98dcce58626e5abfbcda1ed48b1de9d1d7fc9811d0c9a49cb777f7b3ee0400ce38153eded0d98933c35868daaef900ceeb861497028ac99b9b7ac6b82

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7cf9843337c39c04_0

MD5 de4181386cd47aee64c46f61ba529f38
SHA1 47b3c6fdb17e7fbf6cf22ec9567a63270869f6a6
SHA256 dea45300a499c9482366cf2e5c569d6cd6e513fa60762b9bd5ccd65a402ce7e6
SHA512 047ab9078457ebf5e9a4c04eeb6daaff9642a0680419d4629c6fc1180238ad470c93154245b2c9f7c958786c5a6fb30f5502581905f0610d78f783a5a0165758

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\03eef0e77feb64d4_0

MD5 e334c3c641caff9c9657a8cdb3daa657
SHA1 1046cb4f413905060933638949fa6ec14dcf85a2
SHA256 28a53c10bd8975f714f8e3675b030ecbc970ca2c437efcc0f49a1639c60998fd
SHA512 cbbed30e83d82ba9b91fc40cf5db0c068805349c51f3e85e5eea4bc453e913ff272194cbe4ce5bb596e18acd301e5533dae56c3ea52b230742a9af3aa69cc1b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\635e64b37935c888_0

MD5 378716aa7c4c70dde9f5a36b35b2ee73
SHA1 600c232b12a845f254947a62f7f3e3e96bed9f27
SHA256 22607eb34b59619e365d7c10e31dd05dbd75fc2d9a589c10d85a4a78850a2f08
SHA512 75e7393d46d1129eff494c06d342ca8267cb5ad154d581704874a7375bd7fe1d4731b83ad0799a7f58899172c99f8bdf8a75343aa23fb391ceb60979a6f3844c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ca5bb3c84b908d6e_0

MD5 7a73424e9d22a7c9e4a7fd70f21acf66
SHA1 8f2cc1500b0ceefaa26a0ada0c2e713f55845d5c
SHA256 4f5f16940234e5d2f2522d55aba391ff933dc50aa37144397f2296f3712e1bf9
SHA512 e6dfdb4692294e913ebfb4e9d365603078161a48cbf64f3ca7b740a714aa5d80aa2e03c0d3851e820337a59d4178f2ca667e385ca2c679e1085c07df8ec07212

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8908012b8e4a5af1_0

MD5 03830b89329f53ce2ce346998ba8d83b
SHA1 df1f429428c12c671506c6b401a768598afc1975
SHA256 9d1eb931d658452813e6ac704dfaeee30046f8c6c96c15ced8a95d24c7b91e7d
SHA512 866330b1e32998940512ecf874087e5d4bc3e81b37f590c92451fc5eb3d59cd0e9778952d2326943c35769efcf4905291351466fa382144edd4f27491a1e7208

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\718aba49c9504085_0

MD5 baf6e7c44dc15602643c0411e0459937
SHA1 046f569fb39b363fb2ae00ab62f79c9dbd9d67a8
SHA256 bbc3aafc1e5fca862244a763d9a03e1eab29182d0caca58658814a7f2ff97f90
SHA512 06f4256a5dda03e070d30cd7b7c51be3959b5e35b04c89b404a1193378aca7402193cbdaa0c9f072496b23defe1dc2c8c9d2a2e623e91dda7f57c96331d495ac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ec4b11de0b23393_0

MD5 4ecf337ee09d052b6570eca744a65b28
SHA1 ed8d86e565355b16c392e5d8d1570f40e790e76e
SHA256 9ee8a0209755140646fcb6c52244bcb8463b916d4fd436d6c20be386e885fe4a
SHA512 5137831085eb67cf92b7d801e4d026a85bafd29650bd4c77edb26e9a1cd10bbd29bc3bb142a14ad67081a9c563a0f291327f52330cda9417e2efd21383e9527e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5801d3329fb36c59_0

MD5 3308197f3029a0895252ee508a70cf01
SHA1 10b39811761f547a88c7e284044e5cb84fc7c507
SHA256 bc127cf31ecae2a7da5ba1ef750eb17cfa41fc3fbb2135cdb9f4a8fd12c0eb63
SHA512 ba7293c9ddcb0504d24355a40d08eab5882aff322ed483bea27e9e96e97a9219f79350821ac5c1520d63f188e60c14d77b80517b4f1b90ef46a039890be8590a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6aa9a2943612cce1_0

MD5 0216c53dbd618cbf15f9e26912fa73d9
SHA1 b76bfe15016abade20fcdbf9d41df4b23d18f723
SHA256 517b1dce6881ed85b250dfdab4e97ebd89f05597dcaad4bc6e5d9199a1a36104
SHA512 8afe5d0207867e6dd0b4c30491ddc12b6cfba42cbf386da42fe575b045227fbede288b5d1ab5c0e4ed7ed454015f71f0ea9223567ab6808c63c59d59b344d7b7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\476831ba582729ec_0

MD5 0420b4ca1ed36b270a25c098d7ecb6e3
SHA1 5c45c0a62c01b768b9ae6e024e4a0e14562c69c9
SHA256 a12fc4d9f87a889aea953a9df38de2b349e9d5980ea50b16c6e5c23e6c9e125c
SHA512 bd7a438c3fa9c9c46fcd2d19635b9f6370e136c191dbaa55120d1d53ba7a47837b95810ea5e020946fb3af55c133d63ac88540000ae38436b52ef16e6a114af0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa4ba7faba93e196_0

MD5 1c90326b2e0d1690c39704dbaf88212c
SHA1 ecc909515e0f8ab1dfe9459ce77eff0efbdcf6c8
SHA256 16a2a777002b8bb3f2fe6872fea30535f0d1a2628a1ac421844b242f46c8a36f
SHA512 e9c1b25bfe1ca303b1ce9f7176cbfe445f818856fa53dfe978fa8e13883f88f37b069c81e6297cfea469cdb7f07c52579207a45f04cae66c7ae6fba68f340fb5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\534ab76442c26020_0

MD5 9db3f82d22a32636be1b2d1fb6c52608
SHA1 5b198de0739be820919766d85ccde1a063b7a8d0
SHA256 cace978c88be8c064501effbe4ae520355469b18a4082eee491bd0a29fe08aa4
SHA512 a79cb4820ec4e315235b703e7c7269d3bcfdd6e9b6f7e2429821bd57d50687f80d02365710dbf5ca556884b54bf096165b059723872775038449362d461d55af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\87bfea9426cb2ef3_0

MD5 b41818ca859c5552a75d2e73a943afb7
SHA1 6fcd6fbcba17add02653667bc7fbb7215ed721db
SHA256 11c21d2547654ec33f9cb6c3fcfedeb338b1fd1103abab9f3bcbd80a0f941705
SHA512 a3a81d63c9247b159e09f5d4c0453d827afd1f497764cae68b93aa6df05e49f25747829e97b2b06a432a1de08e68ce88e49dc7aab27d9360d568a8e8a709217d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b4efbb7782bded86_0

MD5 3d74405fe6dbdae0f87d02d8019b751c
SHA1 0fd9a7044033ac91d34c7955122d632ac75070a5
SHA256 bd1e35d88894946ae7472e7ecd3f918fb68f50c1f70cab200ec641465dad6f2d
SHA512 004756703c31d8130861013b51c3d72521d721c91c4f843a1d04c4fef62c4fa3bd154433348004e9d2d93f022bc99b8188115bc115500278ab72a4206671012b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 54eedefbf68b9e2a31cdefcc2c3be12a
SHA1 6f56f4143d6fcaaf7fe4d9d36b53cfd719117a11
SHA256 501e9bccb224af0f241096a940dfc042ee4d0a5eaca1b79846446d81d4da7452
SHA512 2392c2f7fa778914fb1f66e152be20ccdb8adbc59022119a412e474e32e73eb454ccc917b889b109a68a51655643c1a6bbf54c78768a6b4e7ecf6373d1dfe331

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000153

MD5 ca02f0538fb4f32d9e8af05e49256b32
SHA1 18c32fbd2c4d50d23afedac285d8c6cf429d5cfe
SHA256 3eba2798fe3c48ad8c745f120a8295164e00d7273586287a743a3229921f88cb
SHA512 a18274adca013b0661d17981d8c8a9ab3cd9367ba904be1deab74ddf0948963827447d56529197b0c30a74cbc3ed02b9bfe5f674912d2d1e71d6530e63d5c6c6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\14b8f7160c1754472f9dec5065b819cd75822df0\index.txt

MD5 e356ff67d30c74bdfcfc98bdcbdea5c8
SHA1 c8d2fb0301ca6c8526cb0a418e543b379096ec09
SHA256 2bb1581e162295c7d03b4a933cfcc40020b62d38b9793af40d34e5484269af07
SHA512 69f2d04359763a0b3f5f42cf9c74ad34f10858adf76e5f466f471825f051581629190494637436026df465ae1e2bb1d6b82b38d428084c4d0e27f68aa9fed221

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\14b8f7160c1754472f9dec5065b819cd75822df0\index.txt~RFe630286.TMP

MD5 4024b98fe49da88b5d356c761ceef162
SHA1 a7be575fd6e2aed2f4b3b6442d13447730173e43
SHA256 50305aa12fd351f24b7acef3ba405134b15c24724f824f58fcc84d8112c03778
SHA512 bca4ee84020c5529474b2d0279836a2cb1295d21f662bcc06d396d829043a29397e394f50d836a3fd97212d949abab9cef525e3cafecb7a2aa62d0eb553c56df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00015d

MD5 2233de78cbb1c88a3bfa13fa54b0de3c
SHA1 22510880588be256c5c0b97d07a2314756cac4eb
SHA256 08f2e17c95d4e68f3091b8d3fe93b744b50c4c383a9caa8219cec0c30b297994
SHA512 930d79ff1aeee756d64104bf2823d37dc5c4a8235fc37b8e2e8fc9d1486736721c9480e70d5455f1e03a413d5b0c606de1186d3b82a043773a6df92d195293e7

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 e872c51fdd581bfa56f7938fd1ce9d4b
SHA1 28274951b95c47612d712b64e6a29aa749b42b42
SHA256 f6ce4f934e46c5a4e98f3b124563b0604e7efe3715109794c26060d436f9aa7f
SHA512 d12b1f2416f935eaaa6eba6adaa99d044755913110ea4a62d4c37b5f1166e44361bd6bbe81c73e4379356c2f6abecb142f25423383b320153182945533a62c2a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7a5a33fc629e4af7678c6bf4eb56a83f
SHA1 d01168da1386a8c1f039f1710848e1a4c984f64d
SHA256 c668a3698864b2bb30fa5396ec15564f09f0ad133800c5f6c4b83e4848a433fe
SHA512 ebdc0cfadb5e8ddb987aefff8334ba14fe473c46bc9d5cf41ec2f99478d9f8ee20dbca027e55f7d30de5b0193ba855d23b2035dd54bd3d7eed191f1c8317ac51

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 06cc15033e31d8d6b33bcfbbfe0f6827
SHA1 84edd1f037156e99b9d376b84adea533cd28df83
SHA256 33103e030f4646eea679793cdfd3a543c1f1a2111c52a894d5aacce8729d84e5
SHA512 1c6c3a5e9135004bce080092ccc1cfbb99f9b476eff80558e2e4412d47b1b42b9e19a7649fc9bb4eb30b30ae1e0662aaf67737484eaccb701f29c7294a97acf3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

MD5 49cbefd08639aca7f6921c43a85d9905
SHA1 8ab5b92fb186f50cfdb124fa9631d4b59ccada78
SHA256 3cd2609cb9fc79af0d14a44ba31b2dd33ee28c64d6c108c06d27c61366b6b020
SHA512 c57894a7c80df7e7a5add407f52587d7f6d001237c5d8e90761237d7c6497adfba010ca0b64d3f80829aa010a6eaa6e38b5ab374c51f9db9013d09949f09fdf4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

MD5 da93aa5083d4a8a231142493c28fdae3
SHA1 7ec3646cb8219a1e3f4d2bfb9b80343ad4ad0fde
SHA256 f953d546d5c0159ed38fb748e442276e47958eb0f95f29c6af82b7e31e3667ff
SHA512 4af42d49043a6d8d193ed491a66999fa5d57942b6d1ceea33574eaabd53bb7cf86573980ee9c4aac98b3e039011634c2450041343872de503661416cad2616f4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

MD5 1aca735014a6bb648f468ee476680d5b
SHA1 6d28e3ae6e42784769199948211e3aa0806fa62c
SHA256 e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
SHA512 808aa9af5a3164f31466af4bac25c8a8c3f19910579cf176033359500c8e26f0a96cdc68ccf8808b65937dc87c121238c1c1b0be296d4306d5d197a1e4c38e86

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

MD5 57e3e0f8029ac4d82e5c9ac127418abc
SHA1 bc9828d0a593450b445f98ba52377096174c821e
SHA256 6ea006a2bc9e5c905ed167cbeb2b186e49593e4ac81458f5535ae512f14f9ac5
SHA512 39141e02f4b55e90a25f2c84e7111e9c9065602a67153d8a94ac1d2424493391d25fe50bd5013e99d46fc7344cea1f7e6c29219131e77932aee30253923bf562

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

MD5 c115e615bb3c2709322079e46d6719a8
SHA1 d5066fc2d54f99dd607345e582412178b1ec691f
SHA256 394a642a0e6a19db28018f3622fe129aca7bfaf0f63cbe294b51b71841eb1d3e
SHA512 30c5cf95acf5322ed6ae12df4e8b74396b56a4cbea30ea6334b50a362aa13bf94019c1d9ba69215b30aa34609d0a996d372472e90a7909aa63ec2e7e02ee4d2b

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 6f8f000f531def34b3e49acd982f170c
SHA1 4e3946bfac2e4445a781481919c04f8f83398173
SHA256 b18b23bd28fe61d25f119697b5e81c11c6c48456daac7663b42573d0ef78c775
SHA512 d23f3659495f075febb173dfd301a47bd5d2ed0a7054d2e84b9161ec67e0a217b39c69f7bda9dad1a19cb640adee434cf70a803ef4d7aa71bce08137c1579815

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\14b8f7160c1754472f9dec5065b819cd75822df0\index.txt

MD5 37cc6572cbf4a807372a80500105b526
SHA1 f649af6eded875871adc1567890823ba505f608d
SHA256 16a806d960f7025398096c6b117abd1395adfcc227569498505697137aaaedcb
SHA512 6803722c912997402076f1efb9f8f4d1e8c6b19d4e687fd859ed117c89a7597459b52fc5e315cf2a1d8f1af588d8c1c632f6b90d44e0556f5e432b4e889773c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 de46ece0b8218ad2467fee20bce6f044
SHA1 66d6b4f349ec7ee0f995c7b22b9453ca8e98a829
SHA256 822aa836c19e32eb51e6ab6cf840cb04b22e32110e5683bd15574e554fc0586e
SHA512 c834063d43428111f50a6c85e686c646f66c85b66c3e4b431a9536584b16ea47245b43025a6ff9870091440148decb277e78739a01e8b52310da618d8e153b7e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f5f423c60b5b9f519b11834a7edcbbc5
SHA1 613eb8ae963224f9d8eeb6056e8eb4563b734c81
SHA256 407fd7d0db17d048dfb212b73aacc05d6ebc3828fda743b3e0eae1908f02609f
SHA512 437bc53fbe14259c23f887ba027e1d7b9988e1a6cf6281805bb71a867182fc7e2e554e3885ccd327c16baeff67b83fa965dbc5ac7cb4544e6acd0c2e689fbe20

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c751633eb421680de43c72e3f5cc509a
SHA1 f782af61e2ab8eccbf7d43f1a7cb7b60784f2609
SHA256 7f0211f81a8c90ef833b8d1db2e0c624d82385c673763c41df4cf80e56932ab4
SHA512 8b407552f269e56bca82a7046b94da249402742b362ecc9378e42b71fd036d6c70bb4b658134a388ffbe36c25304c00b97b37dc7fae1d7bc5ebf1f93c090c396

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 de765fd3ef36dc0272017ce3f2c6434f
SHA1 5c76095441790eb8fd56491842b7a8747a4683e4
SHA256 ad2b99b3e3ddeac7465a73843ef84d8c77310ddb111425ad299ec30759019e17
SHA512 8c028e89b5257c15d69d8739bde29e671dd1107efb20f7ae83d04b91ed7615aa1cc528c70c9a41bcd1c81ccb5e7be75e9a84f3f61bcca07ba8de26c0402a2357

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000197

MD5 35fcc7335ba5826364816a9cb13efb29
SHA1 8249860ab24246f52b6aba66e0f25cbba9b55c91
SHA256 ddaaeb6772a523d163fb711626caf0f3e238c0c0d7f5d2e7f544f0460a6d72fa
SHA512 55b6c21029e7f65d9ea31892742ad8dbce0201cca00da352d2e8e5c3a7a98b14ff2f7e81e24e20fbc17e3a10493e0d7fc29771419744686fe8e475164d421ff1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00017d

MD5 8d62e4fe4b3e1d3609d8f574680d8e08
SHA1 490c0328aecac2306ea1546413c6d2cfe3fb6c3a
SHA256 f72460bee435c07eb5a668fb097848788bce03feceed02e758d25f650d1f1e91
SHA512 96ea3912d3a633d20191849c04572da64afdf72b7c94f2cac4569eff857dc58b58a44cae0596bdf2860a6211112b147353b7cfd4d28e966988f1b9709801dcdb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 da13e0e94aff5c2faff4f73a39e4f14a
SHA1 9244729b7ad5894aaf418416ca811c6722337cc5
SHA256 6508fc4c49970035101099adb66e5c05619285460bfd8c2176edad0603a7bf6a
SHA512 4d2dd0af344f56825365c995e45f7218530403a02bbaf241c155d8ec871f622d02eebe788573d07120988eb31ed0ef48c0fb0691b5db2a66e96f2106a2682695

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 a61f9b09aa4d4941fe212b835baa813e
SHA1 3157cfc5bcb68d1f166504c902848dce6c32ce02
SHA256 333c1069c037bb8cf45d9054b0a874cca531d2e1eb7e3f75b07ecd7b69d77edf
SHA512 f176df85ba410252cf8c8ceacfbeba502ff11e81a0c30fde4ae9c64ca484ca690178577416ef2931dac8eddf78df75d9d27b1e9cc207ae99b13378a5dc3a8ad3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 3901431a1cf953a09fb115f792530d50
SHA1 9d3f7fea615821763849cd320e3c9fe501d9cbda
SHA256 f6495dbf769719aa52f4bd6887e8e84a6565368841249e480143f6bdafeac85d
SHA512 b480791f426899e8c212d327bce05f9e9b9a9efc0ad09f73168103291a236bf72cc6c3c0f4048ad2feaa560a51235e1ef91dd11720cfc273b99f59fbd60ccb52

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

MD5 4561dbe6e874a51a6654978aed224d3d
SHA1 eb7c4a675ae3d113bc719af783e99b909112045b
SHA256 199bdaa0ad8f0f20090ba77e15d0f39f0d0a48ddfb9f6ec21105208dd2293e7b
SHA512 29dc306b236272dc4fdd87ffe709a9986d0c17c302d07af2f6229038fee64dd190bbada553b87e727e23e3659de24048659d2e89e9d339ab21c80a9f380dbedd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

MD5 6e848fe6c5045f265abb3ee3967eca49
SHA1 b2fdfe3700ac53d45eb2211c541dd68d353263d8
SHA256 6bec4063d074aadfcbdee7eb7e62f58b6406bc3ab59f273d0b4bca52d45946e1
SHA512 0d6737464a3bc6996cf656b72cba4ef019c737ca4716dbfb711de80256ea2a02339a5fc56e319c23e92f07c9efdd1c36a4533daf58dbf03fb6775955dcf3ba68

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 67e34ff880a035a0e5642ec6a48601d2
SHA1 d4ddc225e623c7838ae1e0408f82f2ebee711926
SHA256 0ba1ca746bc749b81467841f60a53404b3449e5b3ae3d809b5359e89e3d3aedf
SHA512 8f1f5f23b6f42bc8cc0262aa16ddf27c49629c49c456c2cf75b4c97fb9b7be419ab546956abfe38a582f2e6efeb97d12a5ea6860c46176ce5d3a2afdf9c32331

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 5f928ea8f3b967c9d9c7066927264464
SHA1 d10280ca98cb993a805a4c7be6cb449f0bb8d5cc
SHA256 6b1250eee59e5b5aeb112434682b4e70a5fec9f3b536a6105b5b8a0889a1bb03
SHA512 1a2058f9e0a9e28de5861f83d2d2cce16838cd9946ab4be6fa8bc0a1c89cce5cb4698a79347d0d63cda7ea843bfa718e86e0ba6c58f61c0a774c33884e492153

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

MD5 a2edb5c7eb3c7ef98d0eb329c6fb268f
SHA1 5f3037dc517afd44b644c712c5966bfe3289354c
SHA256 ba191bf3b5c39a50676e4ecae47adff7f404f9481890530cdbf64252fbb1a57e
SHA512 cc5644caf32302521ca5d6fd3c8cc81a6bbf0c44a56c00f0a19996610d65cf40d5bae6446610f05a601f63dea343a9000e76f93a0680cfbf1e4cf15a3563a62c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 282bfb3e02bce53fc66b6dc472e3f369
SHA1 fa1fe581b53de0266197dfca3ef65211897a10df
SHA256 d60bfca72397cb95b176c766a875058fa161edf8fe7b784aceaf11c072147d3a
SHA512 d93f50dfa0de8a37acc1e27611b8518b5e4131e26453d15ee051805fd616254582804acdaea674b4a28241611274e6640e3bdf40947d499c4ba3f6d3ad63c046

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000165

MD5 3070b0d3a0854092db26c3ddd2f7b044
SHA1 dcb02d3ca182c85e94fec612e151add71bc5284f
SHA256 bb4d02d2480746bd00ae9e0188a1f262480bdbc866bf3ebf7b84052fec535b58
SHA512 5552400d2b631f9de2c005d201eeb857b95b2d686606195c498e38e6a4296de78045a74bd463866318bef61e3f51f7a559a55fccf460ff6bc7b0f674b6e2810d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000164

MD5 e6a85e6ab9d15ce7195cffe41549c8bb
SHA1 b5a7efb8ff2992ec8623a2496aa42219ec9a1ba0
SHA256 f858afed3a53c49be782ba2484d020c94e5bfff779912792cf3410a48cc0facc
SHA512 240abad90460df5219631a93a3126e2670b98dbf653aabe5200ee6a4cd83ea92dc14ba585c7a4547876cb9449f38174fec9bd3c420191261e1bbd4135788f978

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000163

MD5 30572bc81bf860f471f7357316172b09
SHA1 fefe7a69ca54d753a826bc33b6846cdccbe227c3
SHA256 490d408e7b45aa17a64c1c888ab1ba160b7e8d8b08f46a561a6f9218c02ea8ab
SHA512 bc14466ed9a3b754c92792d5e65a2ba0adad659d9f562b37ea9e91bb7089ab32fcbc43d0d4ccb677389aa047f94d570e55382f3ff72fc1fa4fe28a2023c06c68

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000162

MD5 ac3619eb929bc137ce24d816cdbf9af5
SHA1 9c3e6a39f020e467635fad161cb8f7cdbfe9c447
SHA256 e64784beaa8988670c944843ba27750a57b438901de18033fecd92df6f98d8e3
SHA512 cb1281e7c932af484ae17ff5930185b5b52de4f2cbe1627afdb8723235467f08630dfbc086eba76c76dc28fb9f566fcdfa03bf512b97515a6227de4a08327e5f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5c7caad5e68100ea_0

MD5 6084c8eacd5e916fbc5f45d3801d4f37
SHA1 7f286e89375efd0595f9665096d4a991839c0ae8
SHA256 51972ca7655f1d168d7cf3fcdaef2ee657f3ed32cf6d29552960f016668211cf
SHA512 e13024e6df7ca6847f6b5a7a5600511a2ca0a2a16dbc8571836eaf0a45f1a5ff6420e806e18bc9d6df55f6f33cb38760a0468487b5d1c0cdc24b1c6dc8beeecd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\af7b42f6-d8d2-4467-b793-f3fdcafa99cf.tmp

MD5 a6638b5e146fbd9d848843666ebebd0e
SHA1 2acc34461211159a059047d4bb4fdda3146a9c92
SHA256 4e85bc69e9515ac465a3d7b66684081275bfd6c9450cb06d2017970beacf1ead
SHA512 594791b6c0ffc5e1bd8fd84c33fbfdc8d3885dc6df596fbcab3906f9c87f1e98024e7d326123573cace8522cf6145668f14adde7570d548d91e378f194807e17

C:\Users\Admin\Downloads\Unconfirmed 589493.crdownload

MD5 4b94b989b0fe7bec6311153b309dfe81
SHA1 bb50a4bb8a66f0105c5b74f32cd114c672010b22
SHA256 7c4283f5e620b2506bcb273f947def4435d95e143ae3067a783fd3adc873a659
SHA512 fbbe60cf3e5d028d906e7d444b648f7dff8791c333834db8119e0a950532a75fda2e9bd5948f0b210904667923eb7b2c0176140babc497955d227e7d80fb109d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 5da40469c5a633b74e38eadc1ef4bf46
SHA1 58ffa3acf175094e77271530d27fe3d72d7bdd42
SHA256 48a6968dd0f8ada776dbc83e5ac325e903212bfbe1ac11f973dc429a42492510
SHA512 14dda2b2baff07a956eac476233844569738975e6faf72594abfb2cd610d81afcee300d0d4e56b43b90c95e8381f2a584dfaa6ecc33f7dc8400bd4048f255219

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 7e923fcf5fabf0eabc11859d9b3e3076
SHA1 4b1f1cf3336b833958ab6ced11d9d24f5fb215f6
SHA256 2fcc01113e2f5c6c36417954a8fe3a69e047678d27e1434171e5dcb2316c355d
SHA512 ebd4d608a9ea6bba4f73543d81a7eb55823ef64c84242d2ea22d80cc0146ffa70c4b95b5ef2cc2ccb9928f39a45902e4c2f15137c7d5ee7d55218e1c71840b5d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe6420e6.TMP

MD5 50a6cff3f4d0eba9c6dbf13b8ef3b651
SHA1 a685e1753ac06f923ff6577dd48318ac52fd7841
SHA256 f51f124fcf3ef144ffa8fe3d9bc676b0b5da7200ecb11a6f1c96d7e5211fa9d3
SHA512 8efe1c7827113a58a7a839dd418074331bd72c89e2c3d34a3038ea2bd9b0029007b2894db7567782a0c0a5c9071dd083a2242b67233ddc83dea0c77b4b9c04c6

memory/6332-7483-0x00000169A2290000-0x00000169A235E000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 322bb75c99d667858731dd2fe5029af0
SHA1 59b74847842c9405107411cd746d0c327718e365
SHA256 30a0ac2a27c62013bdd0ee9b569d68047f895eec6b81561021fa5400d1029d23
SHA512 6d55b8375804b140aa40835417d9f89136d94c8c7211c426053fd59cbd139fc9b65cb2118f3f4dbedfcc0ae3a329967f6b0265a66885372595f2330789aed008

memory/6332-7503-0x00000169A3F80000-0x00000169A3FA2000-memory.dmp

C:\Users\Admin\Downloads\BootstrapperV1.22.exe

MD5 2a4dcf20b82896be94eb538260c5fb93
SHA1 21f232c2fd8132f8677e53258562ad98b455e679
SHA256 ebbcb489171abfcfce56554dbaeacd22a15838391cbc7c756db02995129def5a
SHA512 4f1164b2312fb94b7030d6eb6aa9f3502912ffa33505f156443570fc964bfd3bb21ded3cf84092054e07346d2dce83a0907ba33f4ba39ad3fe7a78e836efe288

memory/6752-7514-0x00000243ABF90000-0x00000243AC05E000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e3f334d96011bfb6c244a3620622c47e
SHA1 ad1bd511878e2c06bc4cf8bc59fc1023ed95124c
SHA256 3c91e45797254ef74f7c35c93d6f4d7b36fa6feaee7bfbc122710214e3285b83
SHA512 9873e279a9abed656fff80166736e793071a6157491fbb038726474f873845b3af415d691f1868aa853a79a2a854944f9395866c0ceda6bc74195c6758320d8c

C:\Windows\Installer\MSI6AE6.tmp

MD5 a3ae5d86ecf38db9427359ea37a5f646
SHA1 eb4cb5ff520717038adadcc5e1ef8f7c24b27a90
SHA256 c8d190d5be1efd2d52f72a72ae9dfa3940ab3faceb626405959349654fe18b74
SHA512 96ecb3bc00848eeb2836e289ef7b7b2607d30790ffd1ae0e0acfc2e14f26a991c6e728b8dc67280426e478c70231f9e13f514e52c8ce7d956c1fad0e322d98e0

C:\Program Files\nodejs\node_modules\npm\node_modules\nopt\LICENSE

MD5 b020de8f88eacc104c21d6e6cacc636d
SHA1 20b35e641e3a5ea25f012e13d69fab37e3d68d6b
SHA256 3f24d692d165989cd9a00fe35ca15a2bc6859e3361fa42aa20babd435f2e4706
SHA512 4220617e29dd755ad592295bc074d6bc14d44a1feeed5101129669f3ecf0e34eaa4c7c96bbc83da7352631fa262baab45d4a370dad7dabec52b66f1720c28e38

C:\Program Files\nodejs\node_modules\npm\node_modules\bin-links\LICENSE

MD5 d2cf52aa43e18fdc87562d4c1303f46a
SHA1 58fb4a65fffb438630351e7cafd322579817e5e1
SHA256 45e433413760dc3ae8169be5ed9c2c77adc31ad4d1bc5a28939576df240f29a0
SHA512 54e33d7998b5e9ba76b2c852b4d0493ebb1b1ee3db777c97e6606655325ff66124a0c0857ca4d62de96350dbaee8d20604ec22b0edc17b472086da4babbbcb16

C:\Program Files\nodejs\node_modules\npm\node_modules\promise-all-reject-late\LICENSE

MD5 7428aa9f83c500c4a434f8848ee23851
SHA1 166b3e1c1b7d7cb7b070108876492529f546219f
SHA256 1fccd0ad2e7e0e31ddfadeaf0660d7318947b425324645aa85afd7227cab52d7
SHA512 c7f01de85f0660560206784cdf159b2bdc5f1bc87131f5a8edf384eba47a113005491520b0a25d3cc425985b5def7b189e18ff76d7d562c434dc5d8c82e90cce

C:\Program Files\nodejs\node_modules\npm\node_modules\aggregate-error\license

MD5 5ad87d95c13094fa67f25442ff521efd
SHA1 01f1438a98e1b796e05a74131e6bb9d66c9e8542
SHA256 67292c32894c8ac99db06ffa1cb8e9a5171ef988120723ebe673bf76712260ec
SHA512 7187720ccd335a10c9698f8493d6caa2d404e7b21731009de5f0da51ad5b9604645fbf4bc640aa94513b9eb372aa6a31df2467198989234bc2afbce87f76fbc3

C:\Program Files\nodejs\node_modules\npm\node_modules\minizlib\node_modules\minipass\LICENSE

MD5 d7c8fab641cd22d2cd30d2999cc77040
SHA1 d293601583b1454ad5415260e4378217d569538e
SHA256 04400db77d925de5b0264f6db5b44fe6f8b94f9419ad3473caaa8065c525c0be
SHA512 278ff929904be0c19ee5fb836f205e3e5b3e7cec3d26dd42bbf1e7e0ca891bf9c42d2b28fce3741ae92e4a924baf7490c7c6c59284127081015a82e2653e0764

C:\Program Files\nodejs\node_modules\npm\node_modules\minizlib\node_modules\minipass\index.js

MD5 bc0c0eeede037aa152345ab1f9774e92
SHA1 56e0f71900f0ef8294e46757ec14c0c11ed31d4e
SHA256 7a395802fbe01bb3dc8d09586e0864f255874bf897378e546444fbaec29f54c5
SHA512 5f31251825554bf9ed99eda282fa1973fcec4a078796a10757f4fb5592f2783c4ebdd00bdf0d7ed30f82f54a7668446a372039e9d4589db52a75060ca82186b3

C:\Program Files\nodejs\node_modules\npm\node_modules\tar\node_modules\fs-minipass\node_modules\minipass\index.d.ts

MD5 f0bd53316e08991d94586331f9c11d97
SHA1 f5a7a6dc0da46c3e077764cfb3e928c4a75d383e
SHA256 dd3eda3596af30eda88b4c6c2156d3af6e7fa221f39c46e492c5e9fb697e2fef
SHA512 fd6affbaed67d09cf45478f38e92b8ca6c27650a232cbbeaff36e4f7554fb731ae44cf732378641312e98221539e3d8fabe80a7814e4f425026202de44eb5839

C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmorg\LICENSE

MD5 072ac9ab0c4667f8f876becedfe10ee0
SHA1 0227492dcdc7fb8de1d14f9d3421c333230cf8fe
SHA256 2ef361317adeda98117f14c5110182c28eae233af1f7050c83d4396961d14013
SHA512 f38fd6506bd9795bb27d31f1ce38b08c9e6f1689c34fca90e9e1d5194fa064d1f34a9c51d15941506ebbbcd6d4193055e9664892521b7e39ebcd61c3b6f25013

C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\arborist\LICENSE.md

MD5 2916d8b51a5cc0a350d64389bc07aef6
SHA1 c9d5ac416c1dd7945651bee712dbed4d158d09e1
SHA256 733dcbf5b1c95dc765b76db969b998ce0cbb26f01be2e55e7bccd6c7af29cb04
SHA512 508c5d1842968c478e6b42b94e04e0b53a342dfaf52d55882fdcfe02c98186e9701983ab5e9726259fba8336282e20126c70d04fc57964027586a40e96c56b74

C:\Program Files\nodejs\node_modules\npm\node_modules\minipass-pipeline\node_modules\minipass\package.json

MD5 d116a360376e31950428ed26eae9ffd4
SHA1 192b8e06fb4e1f97e5c5c7bf62a9bff7704c198b
SHA256 c3052bd85910be313e38ad355528d527b565e70ef15a784db3279649eee2ded5
SHA512 5221c7648f4299234a4637c47d3f1eb5e147014704913bc6fdad91b9b6a6ccc109bced63376b82b046bb5cad708464c76fb452365b76dbf53161914acf8fb11a

C:\Program Files\nodejs\node_modules\npm\node_modules\treeverse\LICENSE

MD5 1d7c74bcd1904d125f6aff37749dc069
SHA1 21e6dfe0fffc2f3ec97594aa261929a3ea9cf2ab
SHA256 24b8d53712087b867030d18f2bd6d1a72c78f9fb4dee0ce025374da25e4443b9
SHA512 b5ac03addd29ba82fc05eea8d8d09e0f2fa9814d0dd619c2f7b209a67d95b538c3c2ff70408641ef3704f6a14e710e56f4bf57c2bb3f8957ba164f28ee591778

C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmhook\LICENSE.md

MD5 e9dc66f98e5f7ff720bf603fff36ebc5
SHA1 f2b428eead844c4bf39ca0d0cf61f6b10aeeb93b
SHA256 b49c8d25a8b57fa92b2902d09c4b8a809157ee32fc10d17b7dbb43c4a8038f79
SHA512 8027d65e1556511c884cb80d3c1b846fc9d321f3f83002664ad3805c4dee8e6b0eaf1db81c459153977bdbde9e760b0184ba6572f68d78c37bff617646bcfc3b

C:\Program Files\nodejs\node_etw_provider.man

MD5 d3bc164e23e694c644e0b1ce3e3f9910
SHA1 1849f8b1326111b5d4d93febc2bafb3856e601bb
SHA256 1185aaa5af804c6bc6925f5202e68bb2254016509847cd382a015907440d86b4
SHA512 91ebff613f4c35c625bb9b450726167fb77b035666ed635acf75ca992c4846d952655a2513b4ecb8ca6f19640d57555f2a4af3538b676c3bd2ea1094c4992854

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js website.url

MD5 35b86e177ab52108bd9fed7425a9e34a
SHA1 76a1f47a10e3ab829f676838147875d75022c70c
SHA256 afaa6c6335bd3db79e46fb9d4d54d893cee9288e6bb4738294806a9751657319
SHA512 3c8047c94b789c8496af3c2502896cef2d348ee31618893b9b71244af667ec291dcb9b840f869eb984624660086db0c848d1846aa601893e6f9955e56da19f62

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js documentation.url

MD5 db7dbbc86e432573e54dedbcc02cb4a1
SHA1 cff9cfb98cff2d86b35dc680b405e8036bbbda47
SHA256 7cf8a9c96f9016132be81fd89f9573566b7dc70244a28eb59d573c2fdba1def9
SHA512 8f35f2e7dac250c66b209acecab836d3ecf244857b81bacebc214f0956ec108585990f23ff3f741678e371b0bee78dd50029d0af257a3bb6ab3b43df1e39f2ec

C:\Windows\Installer\e645e13.msi

MD5 0e4e9aa41d24221b29b19ba96c1a64d0
SHA1 231ade3d5a586c0eb4441c8dbfe9007dc26b2872
SHA256 5bfb6f3ab89e198539408f7e0e8ec0b0bd5efe8898573ec05b381228efb45a5d
SHA512 e6f27aecead72dffecbeaad46ebdf4b1fd3dbcddd1f6076ba183b654e4e32d30f7af1236bf2e04459186e993356fe2041840671be73612c8afed985c2c608913

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 19380e1b46dfdd41148e3a76ac56111f
SHA1 a5ec77b8bad0e8a105277297a2f90579c6ef8e57
SHA256 378d34a7c86094f2137aea974ed103b2aa720e1299e89396e167cf5d6dc71846
SHA512 a19654cb3715c5dc05ab26862baccf9d7d3b4abc420f26da90ed19cc7fa5616ae1a9e5ba8a53c3a9a308634d126685997e3af741b924595b3e58ddd31fd475bf

C:\Config.Msi\e645e12.rbs

MD5 92bd46b7afdb1d914109a0fb8cd77254
SHA1 bf07e1579c675ee0c014cdc9248c3c0372820d71
SHA256 dcdf349a423534d126450b2c5f68702e063fe8d044ff8b99b911a181c38f11d0
SHA512 a40393f8cf462b41ee093253b7704f7482d2dfda767ae8f9e9633851798c257ddf17f8ce7a2a6779f7a73b31ea70d321e3e308ac316907f53bf0cced9fccc501

C:\Windows\Installer\MSI8847.tmp

MD5 9fe9b0ecaea0324ad99036a91db03ebb
SHA1 144068c64ec06fc08eadfcca0a014a44b95bb908
SHA256 e2cce64916e405976a1d0c522b44527d12b1cba19de25da62121cf5f41d184c9
SHA512 906641a73d69a841218ae90b83714a05af3537eec8ad1d761f58ac365cf005bdd74ad88f71c4437aaa126ac74fa46bcad424d17c746ab197eec2caa1bd838176

memory/5384-9890-0x0000017B85C80000-0x0000017B86741000-memory.dmp

memory/6752-9893-0x00000243C8990000-0x00000243C899A000-memory.dmp

memory/6752-9895-0x00000243C8A10000-0x00000243C8A22000-memory.dmp

C:\ProgramData\Solara\Solara.exe

MD5 c6f770cbb24248537558c1f06f7ff855
SHA1 fdc2aaae292c32a58ea4d9974a31ece26628fdd7
SHA256 d1e4a542fa75f6a6fb636b5de6f7616e2827a79556d3d9a4afc3ecb47f0beb2b
SHA512 cac56c58bd01341ec3ff102fe04fdb66625baad1d3dd7127907cd8453d2c6e2226ad41033e16ba20413a509fc7c826e4fdc0c0d553175eb6f164c2fc0906614a

memory/6996-10309-0x000001A68E0D0000-0x000001A68E0F4000-memory.dmp

memory/6996-10310-0x000001A6A8E20000-0x000001A6A935C000-memory.dmp

memory/6996-10311-0x000001A6A89A0000-0x000001A6A8A5A000-memory.dmp

memory/6996-10312-0x000001A6A8A60000-0x000001A6A8B12000-memory.dmp

memory/6212-10335-0x0000000180000000-0x000000018108E000-memory.dmp

memory/6212-10336-0x0000000180000000-0x000000018108E000-memory.dmp

memory/6212-10337-0x0000000180000000-0x000000018108E000-memory.dmp

memory/6212-10338-0x0000000180000000-0x000000018108E000-memory.dmp

memory/6212-10340-0x0000026E34CB0000-0x0000026E34CC0000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 811488ef206794269de34f1bdefe96bc
SHA1 08e6338c2666f0a1906612b1ef1b7461b967d954
SHA256 e3f71e776683e60e49a92f5d2b1d76f6f69107d745f83a29fd78ce4e6a4475d6
SHA512 76b8d366463e0e092dd638b77069bdbea313224e11856893df27ccfdf4441aff23cbcc973f40d0a9a62b8bab6d27057c57c2568fe20f75b727da5976158e569d

memory/6212-10350-0x0000026E4E280000-0x0000026E4E310000-memory.dmp

memory/6212-10352-0x0000026E4D6A0000-0x0000026E4D6A8000-memory.dmp

memory/6212-10355-0x0000026E4E4A0000-0x0000026E4E4AE000-memory.dmp

memory/6212-10354-0x0000026E4E4E0000-0x0000026E4E518000-memory.dmp

memory/6212-10356-0x0000000180000000-0x000000018108E000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\63bab61298dfac24_0

MD5 487cd21ba1eb18758dd7103e3b8a35dd
SHA1 812517b98c8600d608587751808c9c2d7c9003f7
SHA256 0a954fb90a60861ecd5e626085d13e0fc27643830dec58f0dfb5ae6624d772b9
SHA512 900bdb31b2824b7badd77b8a4dd5c9d8da72b987f4f72ccabf044a2693adda0e8e8ada2242b3005c55e8109bb6ec2c9289274a39009830c8d15f1d826ac045dd

memory/6212-10443-0x0000000180000000-0x000000018108E000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a033c4946600dd9df75263929cbb1453
SHA1 4c594e24a7f452f35480fb53c5205b205ae50d2f
SHA256 85a19f2fd185582d45de3c0dae63feba3af23975f1224320ede7742d500c59be
SHA512 1249ce0163e0dbabb89c850dcb1241e358f7d01e5d1386f451cc4492789436a88236827d041a6b9a2abfe1a1f81fc28e72b4fc9df4c819f67a5f9b4408e6c18e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a67769912ffcf13f_0

MD5 847e8e67d1c2dd589fa2874e83dee543
SHA1 97ab82c9712995648829bbef171cf7ac9b62ff61
SHA256 33bd08abf2b563679697015c487f9ebeba186c31f133763088f643af2ab52ba2
SHA512 d9ad8b99b6f28155a4c98561e3bfd51d1a9460df79c50d35867eb29f7dddd74a427d5c28f0a871907e982c737ea5597bede37d0ab28006aee8ba074ad94c5123

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9a93a5af80c0c9ac_0

MD5 8b4103f6f1eaf70da61c40faba32466d
SHA1 7fa05a6acb66ca18b9e48b93444ec7ee3d2fc939
SHA256 675ed721b9901d2e9df0e53a5fa85f83feaa770b488d8bac813ecbdcb7ea2112
SHA512 c7f19d23f8fa2a4deae69c7c1a53aab477354edc4e3625fcac90898770346d3d5adf2907f428cb995e15326a6f35be5fc5eecd68b08ac69228c8432872293fdb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cc2f0fedd3e9608a_0

MD5 51fa517a16bde8f9d7a389b3e4da8ec8
SHA1 352ee377292b2d3f20d47130611f8e8361930a15
SHA256 a0b5905662385cb5aec780f92467de6a2f1928e4300c9bdcc196e0bd9905269e
SHA512 0a6ea2baf339c42072819fa08b98e93290dee50e3d166a70323965a9ad1611672cb019327e364d4061432fd183d81a4636bf697f3e19d690e032f2a2a2851074

memory/6212-10567-0x0000000180000000-0x000000018108E000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 78a759975fd9f2d3dea0c26cc43771e3
SHA1 04228da485a238739078e794993bffa69244808c
SHA256 9580f84ef7e6b18aa42aee6ce3536d53b0bedcd3fe7438fd484e664d5b84af70
SHA512 9bc843da8cb6c8f6484501bc822078f6bbdfeae2a7e30bbcfcb5b55fafaebc1c217d93c3aaa1174e5fe67283cb8253f083c76821cb6370fec93180f9ea1dc731

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 dfd51fd885b7660852c1310edc91e882
SHA1 fc0ba8a8de6ea214efc2c0ad7661b9af3d32a93d
SHA256 1a42abf7a5fb69a63d80384d96adfb60fc2f30759ea50ccd23cf8b885ad8db82
SHA512 adc460cf29f283b60fa53645f9ff4062f0c8cc8910e8d6941ac85bb16186557d982fd4d42a69f37494d367dca4120a85172cbd58c097ab142d367277e1089e5c

memory/6212-10746-0x0000000180000000-0x000000018108E000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1955177f5f2fad99e55eb44948ec7ba6
SHA1 eaa9321cf4c9201a269f5eaa4a774bb3d7206d33
SHA256 a5aa0b79e5b320d342272ae369fc14c75ed390526062807192993ecd1a34fb00
SHA512 6e41d0e9f613651267e16055837b4d8b943d69ea966fadaad5eb182cb5275a751ce481d621d1f73ed332c97f12ca9efd6c39774c20741ff099b54d3a57ac4b8b

memory/6212-10783-0x0000000180000000-0x000000018108E000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 063f28c20a13a17dac4ba0b681048d06
SHA1 2102925dbb941f5deffc4407a264b593808c08bf
SHA256 d9108430a2490d42f890d5f04e553b35431272a48d7457066c86ace2714f1d44
SHA512 b815c57d72953d77f4264bb30a05d6f906e11ed3aa8214e374fbc757641b4246dba5cfececa07ed3cef3eda405dc1f7807f43bc3fb81603c78c126050d3760cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 03fc8eed320877e2c4ff8e8e0ffd0f94
SHA1 f55f28cc3fe11a9e3d3e927f99c789b1b0e51664
SHA256 2ac9961382b9d639c0d5c33d16a1e1e6b1be2bcd5c55b732f3baf4768b0b6370
SHA512 54a38bf0c75a6b8afeb026e9051bd9c7894a1e9490e5b5fe55a6ad02f0e04e5a795a0a5a9e205210ced9dc3f2d15f6b04f55e80ec819025d11134e93ed11697f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bbb5b8fd87cbcd5f02121e1610a826c0
SHA1 df2ac146cfe4e98e46457c644e743ee7bc475108
SHA256 46e99e36a5f1f23f424f65a99b855f8f06079ed5f6c1c92a3b787ea4fd885f85
SHA512 65b81ce6251a9eb26f61615dc70eb4bdfeeedbf293d7726ef86644f953989e0acde8b9e504f2b6e9bd0953b5cba218e51bc6887724165a3774b5adc4b8c959ad

memory/6212-10859-0x0000000180000000-0x000000018108E000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001e0

MD5 588ee33c26fe83cb97ca65e3c66b2e87
SHA1 842429b803132c3e7827af42fe4dc7a66e736b37
SHA256 bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760
SHA512 6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d9a2d587720a2d989cd1653b1dee09f0
SHA1 78150e8bc2e112928b815e4be0361b2407b62e00
SHA256 ccef2c17969d0b15942d541899938a3212630daad3635befae555ef2acd90a1f
SHA512 efed5e126431f59231c35cd7df02a3566bab2bba1c6fd01adb7ee18317fae7e126be2b550b05256a16625fed33bc5c017ce902c382e859182f76ce9919dfecba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 fda50bedf5c5076ee68733ec8b9e1c60
SHA1 236045174f785e2b50ca5e93957e00939b823ad7
SHA256 e9dc22cebb5e013b8a94a82b106b404467d96dcc189f367d6abe6f2bc314ab7c
SHA512 e75136994a0742be8a5f3941d5d0f14a615f64eee1a9284151a9348f998d4a5f98864fe0c32b3023cbbaf58796a67df867469f348f0d577d60497ba5e2f678cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001b3

MD5 c535db5e1d8243db74029c8363b45b99
SHA1 bf255bd19bc9be9a4c5b2cf7fb1a338826ebdc78
SHA256 dca731ca378f8dd434b94c6e73fcf325d088c266bef141ff08c6ad7eb4205283
SHA512 c125b3d0f445f6d57f5661420c7f7231c21cb8f50cafe26dac4e6b5b615bd763718ada127dc91710e7038cf8b8c19d4c1792f865dc314683e454e2de41576426

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 9c18705d6ed4c5c64b1286e1193ad3a2
SHA1 173273f85d0a19af74c50097ea28f2baebb5627e
SHA256 2eb4bf0951f4eec054ca4a7fca150364119e84b059875026f0a021def0fe7576
SHA512 35778c90f2de1ec521d79c615fa320cf49e907cee2e03ab8286fb0487bad6358547550596368389d766604a4364ee85db7c46cd11595e85d0e7da9a5596db465

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old~RFe65ff2c.TMP

MD5 b2b99323a5f94c3f1f7a042ede105c78
SHA1 2439daebfae56fb508bb56dede74b2f07d68987b
SHA256 a8b37ee5d3b48a91b1a003c6b5a130bc63c3c761fb388b00f68223db3d693526
SHA512 886aa0ae65199cb240ce6c2914f5b8afae3155aaa5f1ef26208498ac5905a62ddd90fec5beb2f07364ca0ef6ae3a14a7f2c73d4373c1ef1151aef7aa3a0dc000

memory/6212-11372-0x0000000180000000-0x000000018108E000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 791f2891f56d46a34299122435f8166c
SHA1 44191a3497eb2b56ad39e22c64f008c5290292d0
SHA256 da727759154d487bda0960eb8206c8dbfdc02dad38b4b98d4bd453f908a7628d
SHA512 271a6606026e51680d7ecf0b4f59e07b8e761166ac17a7dca3e00e138ce7ed1abe34c3c9e65e8af625113fa4f1eaf21d66f50af022659b76c1d0ef9a36d6e4c2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e4fa0698d33c43ebdc64cd8e25ff58ca
SHA1 bb56c1385f930fbd89ffb7917bb32a16832934e9
SHA256 24062b87179153958cd5c68f33fe85c6caaf4284854ff5858d880c51ebd5afc4
SHA512 9212f05c72a1fe0db53c2c7688fc8bc3b272927c4474a8b2dc332d4537158bbf25e76fcc4fb9b9b518b73dc53829f39f8e77dbf4b4e0f392bc6055c5c5d0a983

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 eb658a658c620a3207c8cf5f7bd19610
SHA1 f442d86947e67b79c6b8cbe9143f247921c2a30a
SHA256 aa1159f86ad9f08231574355306231c57d2ccdf8d0a2c33ec7a6aa4a0a7efc50
SHA512 57217037388f8df3daa4ebd6b7cf0b7387c76f26b3c78c86033b0cf6276f315a644ae3547247f2dcd6d2c6bc8782287edbb8b0989b53ef0f7b701619d39e6b16

memory/6212-11451-0x0000000180000000-0x000000018108E000-memory.dmp

memory/6212-11462-0x0000000180000000-0x000000018108E000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b971a1e7eec30bc91025eda6bf1f16cb
SHA1 c990495edb90fa6499f5ba69d027e16321704090
SHA256 cf7064488b546586dbbcb1895ec453d38fb211f16505956d1640ea5152d18d6c
SHA512 eebe1c6880124cbc7cd4d7ec386567765e636f1e228b79cbae96ea84046d419db3d4841d7101e974d54ac04c915b4e61f87d28f4bec608c9fe562bf35bc5fcd1

C:\Users\Admin\Downloads\Unconfirmed 364485.crdownload

MD5 74515548bb70650c0176df71d7e108f4
SHA1 1892ea497636c4c2641427bc2fd466c531d0cd95
SHA256 6e0dea6726076158e4569745c0793202dfd6fbcc377117898c4c29f5be2a08fd
SHA512 0272691263875c882265709300b40f4d1dc62e13699ace6fa547457389c8a9f8a7a6e4902914f2c813669db80d980d8fc8bfccfbd1aff4158444cd2d238ef99b

memory/6212-11483-0x0000000180000000-0x000000018108E000-memory.dmp

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

MD5 5b794d63ae37a70dafde076b14f13960
SHA1 c61ff3b39739803048232dbfb8fcd18d4feedeb9
SHA256 a9de88a9e0ef908e7683cbb26e3b9d203c3db4de03f16220a219b3f4d61ce402
SHA512 5be5ca2fadc8e970cb13b3b99662d4ea65dd6766579ef9776b8a958675d04afd0199b136e55a73907f2bf43880a539e08b4815f3dc56b0d4e6a82339ec60c63e

memory/6212-11549-0x0000000180000000-0x000000018108E000-memory.dmp

memory/6212-11586-0x0000000180000000-0x000000018108E000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\8263143ec91689bfdb1cc2ae6a7c0563

MD5 8263143ec91689bfdb1cc2ae6a7c0563
SHA1 bdb03e3dea5bcc0cd66d1c7e93f8a2a5cf88bdf5
SHA256 da74e2706cb9511b77459ea29949e5b9045f02e97ff4c230a7437d9495c696d1
SHA512 9f8f5fc2ce193ad0d33c458b56bc899383568fc8a8ee1dd98279d09a00698f9885846fe826fadb03dd3737e52276157f61b5dd8da4a0d021b3ada875ee7b649a

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 e152de49ff6bdee833310e2509755e9b
SHA1 0b285920557a1ffe24b53cee6196e1c8c57bc13a
SHA256 723d36eee760d8f31f874ac4b0c79283af2150b430545af9319dead8f178bea4
SHA512 bcbdd02c10361b6c25f067213fc438ab4e15f92f7326ae0780d969c2b68d5692c03846f482d3c6acb56e34196d7732ee28baffcebe464fe56cff507588153990

memory/6212-11738-0x0000000180000000-0x000000018108E000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4a79b11d9022d66d508c2276fbdfaeaf
SHA1 eae230b7e2f0f90ca91c8af16cee82c6f6af63e3
SHA256 e8e93ec5c2e8cc8643a82b00759ab80870b76c9eb48fd06d0836c1b8f9bea205
SHA512 0571afae741f63645936201aa07e4c862076952628eee475062f6c3ad0195622e4251800754d12d82daefd8c2652ad65dcbf839c30c6e8a0d1419b93807d9e92

memory/6828-11758-0x0000000000F00000-0x0000000000F35000-memory.dmp

memory/6828-11759-0x0000000073010000-0x0000000073220000-memory.dmp

memory/6212-11769-0x0000000180000000-0x000000018108E000-memory.dmp