Analysis Overview
Threat Level: Likely malicious
The file http://skibidi.com was found to be: Likely malicious.
Malicious Activity Summary
Boot or Logon Autostart Execution: Active Setup
Drops file in Drivers directory
Creates new service(s)
Downloads MZ/PE file
Possible privilege escalation attempt
Modifies file permissions
Loads dropped DLL
Executes dropped EXE
Checks computer location settings
Impair Defenses: Safe Mode Boot
Reads user/profile data of web browsers
Unexpected DNS network traffic destination
Legitimate hosting services abused for malware hosting/C2
Enumerates connected drives
Checks installed software on the system
Adds Run key to start application
Drops file in System32 directory
Launches sc.exe
Subvert Trust Controls: Mark-of-the-Web Bypass
Drops file in Program Files directory
Drops file in Windows directory
System Location Discovery: System Language Discovery
Browser Information Discovery
Enumerates physical storage devices
Program crash
Suspicious use of SendNotifyMessage
Suspicious use of FindShellTrayWindow
Runs net.exe
Suspicious use of SetWindowsHookEx
NTFS ADS
Uses Volume Shadow Copy service COM API
Suspicious use of WriteProcessMemory
Uses Volume Shadow Copy WMI provider
Checks processor information in registry
Suspicious behavior: MapViewOfSection
Suspicious behavior: EnumeratesProcesses
Modifies system certificate store
Suspicious use of AdjustPrivilegeToken
Uses Task Scheduler COM API
Script User-Agent
Modifies registry class
Suspicious behavior: LoadsDriver
Modifies Internet Explorer settings
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-10-14 16:48
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-14 16:48
Reported
2024-10-14 17:13
Platform
win10-20240611-en
Max time kernel
1209s
Max time network
1403s
Command Line
Signatures
Boot or Logon Autostart Execution: Active Setup
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\software\WOW6432Node\microsoft\Active Setup\Installed Components | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| Key created | \REGISTRY\MACHINE\software\WOW6432Node\microsoft\Active Setup\Installed Components | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
Creates new service(s)
Downloads MZ/PE file
Drops file in Drivers directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\system32\drivers\hitmanpro37.sys | C:\Users\Admin\Downloads\HitmanPro_x64.exe | N/A |
| File opened for modification | C:\Windows\system32\drivers\hitmanpro37.sys | C:\Users\Admin\Downloads\HitmanPro_x64.exe | N/A |
Possible privilege escalation attempt
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\is-E058H.tmp\fortnite-free-skins-download_P-btZt1.tmp | N/A |
Executes dropped EXE
Impair Defenses: Safe Mode Boot
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\hitmanpro37 | C:\Users\Admin\Downloads\HitmanPro_x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\hitmanpro37.sys | C:\Users\Admin\Downloads\HitmanPro_x64.exe | N/A |
Loads dropped DLL
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
Reads user/profile data of web browsers
Unexpected DNS network traffic destination
| Description | Indicator | Process | Target |
| Destination IP | 185.228.168.9 | N/A | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\tv_enua = "RunDll32 advpack.dll,LaunchINFSection C:\\Windows\\INF\\tv_enua.inf, RemoveCabinet" | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
Checks installed software on the system
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\D: | C:\Users\Admin\AppData\Local\Temp\7zS85C716A4\setup.exe | N/A |
| File opened (read-only) | \??\F: | C:\Users\Admin\AppData\Local\Temp\7zS85C716A4\setup.exe | N/A |
| File opened (read-only) | \??\D: | C:\Users\Admin\AppData\Local\Temp\7zS0DC98666\setup.exe | N/A |
| File opened (read-only) | \??\F: | C:\Users\Admin\Downloads\HitmanPro_x64.exe | N/A |
| File opened (read-only) | \??\D: | C:\Users\Admin\AppData\Local\Temp\7zS85C716A4\setup.exe | N/A |
| File opened (read-only) | \??\F: | C:\Users\Admin\AppData\Local\Temp\7zS85C716A4\setup.exe | N/A |
| File opened (read-only) | \??\F: | C:\Users\Admin\AppData\Local\Temp\7zS0DC98666\setup.exe | N/A |
| File opened (read-only) | \??\F: | C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\LDPlayer9_ens_com.dts.freefireth_25567197_ld.exe | N/A |
| File opened (read-only) | \??\D: | C:\Users\Admin\Downloads\HitmanPro_x64.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SysWOW64\SET7138.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File created | C:\Windows\SysWOW64\SET7138.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\msvcp50.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\McAfee\Temp2352826547\wa-common.css | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\jslang\eula-ja-JP.txt | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page0.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page15.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page8.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\jslang\eula-sv-SE.txt | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\jslang\wa-res-install-fr-CA.js | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\jslang\wa-res-shared-zh-TW.js | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\j001.nbd | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page15.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\wa_install_icon.png | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\balloon_safe_annotation.png | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\icon_failed.png | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\mfw-mwb.cab | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\jslang\wa-res-install-da-DK.js | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Apps.nbd | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\sp007.gif | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page5.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\msvcrt.dll | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb014.gif | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\jslang\wa-res-install-hr-HR.js | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page4.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page20.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\servicehost.cab | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\SSCALB32.OCX | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb005.gif | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\jslang\wa-res-install-tr-TR.js | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\jslang\wa-res-install-zh-CN.js | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\jslang\wa-res-shared-hu-HU.js | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\BonziBDY.vbw | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page16.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\jslang\eula-pl-PL.txt | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Options\uninstall.bat | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File created | C:\Program Files (x86)\BonziBuddy432\Reg.nbd.temp | C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Reg.nbd.temp | C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\wa-utils.js | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\jslang\wa-res-install-el-GR.js | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\j3.nbd | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\RACREG32.DLL | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Runtimes\CheckRuntimes.bat | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\jslang\wa-res-install-es-MX.js | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\jslang\wa-res-install-ja-JP.js | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page9.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\uihost.cab | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\P001.nbd-SR | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page4.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page4.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page12.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page8.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page2.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\jslang\eula-hr-HR.txt | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\emsmtp.dll | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\jslang\wa-res-install-it-IT.js | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Options\BonziBuddy.bat | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page10.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\poppins-regular.ttf | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\jslang\eula-fr-FR.txt | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File created | C:\Program Files\McAfee\Temp2352826547\jslang\wa-res-shared-ru-RU.js | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\j3.nbd-SR | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page8.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\Thumbs.db | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Runtimes\spchapi.EXE | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\~GLH0046.TMP | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page10.jpg | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\msagent\SET69E0.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\SET69E1.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\SET6A56.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\mslwvtts.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\help\SET6A57.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\INF\SET7137.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\msagent\chars\Peedy.acs | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File created | C:\Windows\msagent\SET6A35.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\SET6A88.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\fonts\SET7117.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\fonts\andmoipa.ttf | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File created | C:\Windows\msagent\SET6A13.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\SET69E0.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\SET6A24.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\SET6A56.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\help\SET6A57.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\intl\SET6A68.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\lhsp\tv\SET7104.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File created | C:\Windows\lhsp\help\SET7116.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| File opened for modification | C:\Windows\msagent\chars\Bonzi.acs | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Windows\msagent\SET69F1.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\AgentAnm.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\lhsp\tv\tv_enua.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\lhsp\tv\tvenuax.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| File opened for modification | C:\Windows\msagent\AgentDPv.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\SET6A02.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\SET6A23.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\AgentPsh.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\INF\SET6A46.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\Debug\ESE.TXT | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| File opened for modification | C:\Windows\msagent\AgentMPx.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\lhsp\help\tv_enua.hlp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\INF\tv_enua.inf | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| File opened for modification | C:\Windows\help\Agt0409.hlp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| File created | C:\Windows\INF\SET7137.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\msagent\AgentCtl.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\SET69F1.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\SET6A35.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\INF\SET6A46.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\INF\agtinst.inf | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\lhsp\tv\SET7115.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\lhsp\tv\SET7104.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| File opened for modification | C:\Windows\Debug\ESE.TXT | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| File created | C:\Windows\msagent\SET6A24.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\intl\SET6A68.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\lhsp\tv\SET7115.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File created | C:\Windows\fonts\SET7117.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| File opened for modification | C:\Windows\msagent\intl\Agt0409.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\lhsp\help\SET7116.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| File opened for modification | C:\Windows\msagent\AgentSR.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\SET6A88.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\SET69E1.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\AgentDp2.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\SET6A02.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\AgentSvr.exe | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
Launches sc.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\fortnite-free-skins-download_P-btZt1.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\OperaSetup.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\HitmanPro_x64.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
Program crash
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202410141703171\assistant\assistant_installer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\grpconv.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202410141704431\assistant\Assistant_114.0.5282.21_Setup.exe_sfx.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\msagent\AgentSvr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS85C716A4\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202410141703171\assistant\Assistant_114.0.5282.21_Setup.exe_sfx.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202410141704431\assistant\assistant_installer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | F:\LDPlayer\LDPlayer9\LDPlayer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\is-E058H.tmp\fortnite-free-skins-download_P-btZt1.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\saBSI.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\grpconv.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\msagent\AgentSvr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS0DC98666\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\LDPlayer9_ens_com.dts.freefireth_25567197_ld.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202410141703171\assistant\assistant_installer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\OperaSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\BonziBuddy432\BonziBDY_2.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\fortnite-free-skins-download_P-btZt1.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS85C716A4\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS85C716A4\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS0DC98666\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202410141704431\assistant\assistant_installer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod1_extract\OperaSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS85C716A4\setup.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\is-E058H.tmp\fortnite-free-skins-download_P-btZt1.tmp | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ | C:\Users\Admin\AppData\Local\Temp\is-E058H.tmp\fortnite-free-skins-download_P-btZt1.tmp | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\system32\browser_broker.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\system32\browser_broker.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{53FA8D4A-2CDD-11D3-9DD0-D3CD4078982A}\InprocServer32 | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{53FA8D4D-2CDD-11D3-9DD0-D3CD4078982A}\TypeLib | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{37DEB787-2D9B-11D3-9DD0-C423E6542E10}\ = "ISkinSource" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{53FA8D4C-2CDD-11D3-9DD0-D3CD4078982A}\TypeLib\ = "{972DE6B5-8B09-11D2-B652-A1FD6CC34260}" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{065E6FE9-1BF9-11D2-BAE8-00104B9E0792}\InprocServer32\ = "C:\\Program Files (x86)\\BonziBuddy432\\ssa3d30.ocx" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{0A45DB4D-BD0D-11D2-8D14-00104B9E072A} | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{6B1BE804-567F-11D1-B652-0060976C699F}\VERSION\ = "1.1" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{E8671A8B-E5DD-11CD-836C-0000C0C14E92}\1.0\ = "Sheridan Month/Year/DateCombo" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{22DF5084-12BC-4C98-8044-4FAD06F4119A}\ProxyStubClsid32 | C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502} | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{643F1353-1D07-11CE-9E52-0000C0554C0A}\1.0\ = "Sheridan Day Control" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Content\CachePrefix | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\InprocServer32\ThreadingModel = "Apartment" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8E3867A1-8586-11D1-B16A-00C0F0283628}\ProxyStubClsid32 | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F5BE8BE8-7DE6-11D0-91FE-00C04FD701A5}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 20b41718591edb01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\ActiveSkin.SkinScrollBar\CLSID | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\ActiveSkin.SkinEvent.1 | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MSComctlLib.TreeCtrl.2\CLSID | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8E3867A2-8586-11D1-B16A-00C0F0283628}\TypeLib | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DD9DA660-8594-11D1-B16A-00C0F0283628}\ProxyStubClsid32 | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{248DD893-BB45-11CF-9ABC-0080C7E7B78D} | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{065E6FE3-1BF9-11D2-BAE8-00104B9E0792} | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{065E6FE5-1BF9-11D2-BAE8-00104B9E0792}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F5BE8BDB-7DE6-11D0-91FE-00C04FD701A5} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\BonziBUDDY.CPeriod\Clsid | C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{972DE6C1-8B09-11D2-B652-A1FD6CC34260}\TypeLib\ = "{972DE6B5-8B09-11D2-B652-A1FD6CC34260}" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F5BE8BDD-7DE6-11D0-91FE-00C04FD701A5}\TypeLib\Version = "2.0" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8563FF20-8ECC-11D1-B9B4-00C04FD97575}\TypeLib\Version = "2.0" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\BonziBUDDY.clsDownloadManager\Clsid | C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6549F504-C43A-43F3-B8CD-D077AF0427C8}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BF1B5D50-3C5C-48CE-B991-0E86D26F6F5E}\ = "ComProcTextures Class" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{66833FED-8583-11D1-B16A-00C0F0283628} | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{0A45DB4D-BD0D-11D2-8D14-00104B9E072A}\TypeLib | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B0913412-3B44-11D1-ACBA-00C04FD97575} | C:\Windows\msagent\AgentSvr.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{22DF5084-12BC-4C98-8044-4FAD06F4119A}\TypeLib\Version = "1.1" | C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6549F504-C43A-43F3-B8CD-D077AF0427C8}\TypeLib | C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Software\Microsoft\Speech_OneCore\Isolated\PIjyYIeAhMCaaVR = "- 0001 ! 0002 & 0003 , 0004 . 0005 ? 0006 _ 0007 1 0008 ~ 0009 aa 000a a 000b oh 000c ax 000d b 000e d 000f eh 0010 ey 0011 f 0012 g 0013 hy 0014 uy 0015 iy 0016 k 0017 l 0018 m 0019 n 001a ng 001b nj 001c oe 001d eu 001e ow 001f p 0020 r 0021 s 0022 sh 0023 t 0024 uw 0025 v 0026 w 0027 y 0028 z 0029 zh 002a" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{C27CCE34-8596-11D1-B16A-00C0F0283628}\InprocServer32 | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{07D0E280-EF44-11CD-836C-0000C0C14E92}\ProxyStubClsid32 | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{CDA1CA02-8B5D-11D0-9BC0-0000C0F04C96} | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F5BE8BE1-7DE6-11D0-91FE-00C04FD701A5}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DACB7A39-CC0D-4B85-908B-10D2451761A5}\TypeLib\Version = "1.4" | C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{53FA8D4D-2CDD-11D3-9DD0-D3CD4078982A}\TypeLib\ = "{972DE6B5-8B09-11D2-B652-A1FD6CC34260}" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DCE47F78-8A6C-4C6D-A6F7-8BE4427127C4}\TypeLib\ = "{972DE6B5-8B09-11D2-B652-A1FD6CC34260}" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{065E6FD4-1BF9-11D2-BAE8-00104B9E0792}\ = "ISSButtonBase" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{22EB59AE-1CB8-4153-9DFC-B5CE048357CF} | C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2F5A7562-BDC3-41F8-8122-4A54D2C3C50C}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2334D2B1-713E-11CF-8AE5-00AA00C00905}\ = "IVBDataObject" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0A45DB4F-BD0D-11D2-8D14-00104B9E072A}\TypeLib | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8F58C9A2-9C30-11D3-8F99-00104BA312D6} | C:\Program Files (x86)\BonziBuddy432\BonziBDY_2.EXE | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{53FA8D4D-2CDD-11D3-9DD0-D3CD4078982A}\MiscStatus\ = "0" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DCE47F78-8A6C-4C6D-A6F7-8BE4427127C4}\TypeLib\Version = "1.0" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MSComctlLib.ListViewCtrl.2 | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{065E6FD9-1BF9-11D2-BAE8-00104B9E0792}\TypeLib\Version = "3.0" | C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6BA90C01-3910-11D1-ACB3-00C04FD97575}\TypeLib\Version = "2.0" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6D0ECB23-9968-11D0-AC6E-00C04FD97575} | C:\Windows\msagent\AgentSvr.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8F58C9A2-9C30-11D3-8F99-00104BA312D6}\ = "BonziBUDDY.clsBBPlayer" | C:\Program Files (x86)\BonziBuddy432\BonziBDY_2.EXE | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B2676D5B-8D53-4569-AF2C-A55A0D90C132}\ProxyStubClsid32 | C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\www.bing.com\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8 | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\saBSI.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 5c0000000100000004000000001000001900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b40300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b809000000010000000c000000300a06082b060105050703031d00000001000000100000005467b0adde8d858e30ee517b1a19ecd91400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b53000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c06200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df860b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000000f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c040000000100000010000000e94fb54871208c00df70f708ac47085b200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\saBSI.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 5c000000010000000400000000100000190000000100000010000000ffac207997bb2cfe865570179ee037b9030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e199604000000010000001000000078f2fcaa601f2fb4ebc937ba532e75492000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e | C:\Users\Admin\AppData\Local\Temp\7zS85C716A4\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4 | C:\Users\Admin\Downloads\HitmanPro_x64.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4\Blob = 19000000010000001000000063664b080559a094d10f0a3c5f4f62900300000001000000140000002796bae63f1801e277261ba0d77770028f20eee41d000000010000001000000099949d2179811f6b30a8c99c4f6b4226140000000100000014000000d2c4b0d291d44c1171b361cb3da1fedda86ad4e3620000000100000020000000c3846bf24b9e93ca64274c0ec67c1ecc5e024ffcacd2d74019350e81fe546ae409000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030153000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00b000000010000005200000047006f00200044006100640064007900200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f00720069007400790000000f00000001000000140000005d82adb90d5dd3c7e3524f56f787ec537261877620000000010000000404000030820400308202e8a003020102020100300d06092a864886f70d01010505003063310b30090603550406130255533121301f060355040a131854686520476f2044616464792047726f75702c20496e632e3131302f060355040b1328476f20446164647920436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137303632305a170d3334303632393137303632305a3063310b30090603550406130255533121301f060355040a131854686520476f2044616464792047726f75702c20496e632e3131302f060355040b1328476f20446164647920436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100de9dd7ea571849a15bebd75f4886eabeddffe4ef671cf46568b35771a05e77bbed9b49e970803d561863086fdaf2ccd03f7f0254225410d8b281d4c0753d4b7fc777c33e78ab1a03b5206b2f6a2bb1c5887ec4bb1eb0c1d845276faa3758f78726d7d82df6a917b71f72364ea6173f659892db2a6e5da2fe88e00bde7fe58d15e1ebcb3ad5e212a2132dd88eaf5f123da0080508b65ca565380445991ea3606074c541a572621b62c51f6f5f1a42be025165a8ae23186afc7803a94d7f80c3faab5afca140a4ca1916feb2c8ef5e730dee77bd9af67998bcb10767a2150ddda058c6447b0a3e62285fba41075358cf117e3874c5f8ffb569908f8474ea971baf020103a381c03081bd301d0603551d0e04160414d2c4b0d291d44c1171b361cb3da1fedda86ad4e330818d0603551d230481853081828014d2c4b0d291d44c1171b361cb3da1fedda86ad4e3a167a4653063310b30090603550406130255533121301f060355040a131854686520476f2044616464792047726f75702c20496e632e3131302f060355040b1328476f20446164647920436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100324bf3b2ca3e91fc12c6a1078c8e77a03306145c901e18f708a63d0a19f98780116e69e4961730ff3491637238eecc1c01a31d9428a431f67ac454d7f6e5315803a2ccce62db944573b5bf45c924b5d58202ad2379698db8b64dcecf4cca3323e81c88aa9d8b416e16c920e5899ecd3bda70f77e992620145425ab6e7385e69b219d0a6c820ea8f8c20cfa101e6c96ef870dc40f618badee832b95f88e92847239eb20ea83ed83cd976e08bceb4e26b6732be4d3f64cfe2671e26111744aff571a870f75482ecf516917a002126195d5d140b2104ceec4ac1043a6a59e0ad595629a0dcf8882c5320ce42b9f45e60d9f289cb1b92a5a57ad370faf1d7fdbbd9f | C:\Users\Admin\Downloads\HitmanPro_x64.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 040000000100000010000000e94fb54871208c00df70f708ac47085b0f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c0b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000006200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df8653000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c01400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b1d00000001000000100000005467b0adde8d858e30ee517b1a19ecd909000000010000000c000000300a06082b060105050703030300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b81900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b4200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\saBSI.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4 | C:\Users\Admin\AppData\Local\Temp\7zS85C716A4\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 04000000010000001000000078f2fcaa601f2fb4ebc937ba532e75490f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e4190000000100000010000000ffac207997bb2cfe865570179ee037b92000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e | C:\Users\Admin\AppData\Local\Temp\7zS85C716A4\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4\Blob = 0f00000001000000140000005d82adb90d5dd3c7e3524f56f787ec53726187760b000000010000005200000047006f00200044006100640064007900200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f007200690074007900000053000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c009000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b06010505070301620000000100000020000000c3846bf24b9e93ca64274c0ec67c1ecc5e024ffcacd2d74019350e81fe546ae4140000000100000014000000d2c4b0d291d44c1171b361cb3da1fedda86ad4e31d000000010000001000000099949d2179811f6b30a8c99c4f6b42260300000001000000140000002796bae63f1801e277261ba0d77770028f20eee420000000010000000404000030820400308202e8a003020102020100300d06092a864886f70d01010505003063310b30090603550406130255533121301f060355040a131854686520476f2044616464792047726f75702c20496e632e3131302f060355040b1328476f20446164647920436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137303632305a170d3334303632393137303632305a3063310b30090603550406130255533121301f060355040a131854686520476f2044616464792047726f75702c20496e632e3131302f060355040b1328476f20446164647920436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100de9dd7ea571849a15bebd75f4886eabeddffe4ef671cf46568b35771a05e77bbed9b49e970803d561863086fdaf2ccd03f7f0254225410d8b281d4c0753d4b7fc777c33e78ab1a03b5206b2f6a2bb1c5887ec4bb1eb0c1d845276faa3758f78726d7d82df6a917b71f72364ea6173f659892db2a6e5da2fe88e00bde7fe58d15e1ebcb3ad5e212a2132dd88eaf5f123da0080508b65ca565380445991ea3606074c541a572621b62c51f6f5f1a42be025165a8ae23186afc7803a94d7f80c3faab5afca140a4ca1916feb2c8ef5e730dee77bd9af67998bcb10767a2150ddda058c6447b0a3e62285fba41075358cf117e3874c5f8ffb569908f8474ea971baf020103a381c03081bd301d0603551d0e04160414d2c4b0d291d44c1171b361cb3da1fedda86ad4e330818d0603551d230481853081828014d2c4b0d291d44c1171b361cb3da1fedda86ad4e3a167a4653063310b30090603550406130255533121301f060355040a131854686520476f2044616464792047726f75702c20496e632e3131302f060355040b1328476f20446164647920436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100324bf3b2ca3e91fc12c6a1078c8e77a03306145c901e18f708a63d0a19f98780116e69e4961730ff3491637238eecc1c01a31d9428a431f67ac454d7f6e5315803a2ccce62db944573b5bf45c924b5d58202ad2379698db8b64dcecf4cca3323e81c88aa9d8b416e16c920e5899ecd3bda70f77e992620145425ab6e7385e69b219d0a6c820ea8f8c20cfa101e6c96ef870dc40f618badee832b95f88e92847239eb20ea83ed83cd976e08bceb4e26b6732be4d3f64cfe2671e26111744aff571a870f75482ecf516917a002126195d5d140b2104ceec4ac1043a6a59e0ad595629a0dcf8882c5320ce42b9f45e60d9f289cb1b92a5a57ad370faf1d7fdbbd9f | C:\Users\Admin\Downloads\HitmanPro_x64.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\fortnite-free-skins-download_P-btZt1.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\OperaSetup.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\fortnite-free-skins-download.apk:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\OperaSetup.exe.trctspi.partial:Zone.Identifier | C:\Windows\system32\browser_broker.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\LDPlayer9_ens_com.dts.freefireth_25567197_ld.exe.mhek87e.partial:Zone.Identifier | C:\Windows\system32\browser_broker.exe | N/A |
| File created | C:\Users\Admin\Downloads\HitmanPro_x64.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\Bon.zip:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Runs net.exe
Script User-Agent
| Description | Indicator | Process | Target |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: MapViewOfSection
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Windows\msagent\AgentSvr.exe | N/A |
| N/A | N/A | C:\Windows\msagent\AgentSvr.exe | N/A |
| N/A | N/A | C:\Windows\msagent\AgentSvr.exe | N/A |
| N/A | N/A | C:\Windows\msagent\AgentSvr.exe | N/A |
| N/A | N/A | C:\Windows\msagent\AgentSvr.exe | N/A |
| N/A | N/A | C:\Windows\msagent\AgentSvr.exe | N/A |
| N/A | N/A | C:\Windows\msagent\AgentSvr.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\HitmanPro_x64.exe | N/A |
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Windows\system32\LaunchWinApp.exe
"C:\Windows\system32\LaunchWinApp.exe" "http://skibidi.com"
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1556.0.5936842\1482037113" -parentBuildID 20221007134813 -prefsHandle 1716 -prefMapHandle 1708 -prefsLen 20767 -prefMapSize 233414 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f8d1090b-72fe-4059-bb11-5251a3329e9d} 1556 "\\.\pipe\gecko-crash-server-pipe.1556" 1796 1c4f00ea158 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1556.1.838098341\1193523241" -parentBuildID 20221007134813 -prefsHandle 2140 -prefMapHandle 2136 -prefsLen 20848 -prefMapSize 233414 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {980f0cdd-a1fb-4828-aa1c-d2cbaee6285e} 1556 "\\.\pipe\gecko-crash-server-pipe.1556" 2152 1c4e5070158 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1556.2.223668422\434854397" -childID 1 -isForBrowser -prefsHandle 2880 -prefMapHandle 2876 -prefsLen 20951 -prefMapSize 233414 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8be760d6-d8da-4cde-a6bb-a89a26431995} 1556 "\\.\pipe\gecko-crash-server-pipe.1556" 2892 1c4f43afa58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1556.3.1976877907\2107286803" -childID 2 -isForBrowser -prefsHandle 3576 -prefMapHandle 3572 -prefsLen 26136 -prefMapSize 233414 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d7103238-4b47-4b3c-8b57-3857baf3f695} 1556 "\\.\pipe\gecko-crash-server-pipe.1556" 3588 1c4e5069958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1556.4.1111173994\1830578304" -childID 3 -isForBrowser -prefsHandle 3612 -prefMapHandle 3720 -prefsLen 26136 -prefMapSize 233414 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b435f241-5bda-449c-b0a0-a16cb2ce87d3} 1556 "\\.\pipe\gecko-crash-server-pipe.1556" 3812 1c4f56ecb58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1556.5.826076449\1487568208" -childID 4 -isForBrowser -prefsHandle 5008 -prefMapHandle 5004 -prefsLen 26195 -prefMapSize 233414 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {12a91d84-8244-404b-a648-840d63589d69} 1556 "\\.\pipe\gecko-crash-server-pipe.1556" 5036 1c4f3a24258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1556.6.473071150\947250868" -childID 5 -isForBrowser -prefsHandle 4824 -prefMapHandle 4884 -prefsLen 26195 -prefMapSize 233414 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1b138b0d-4b4c-428f-858f-cc83033c4d20} 1556 "\\.\pipe\gecko-crash-server-pipe.1556" 5176 1c4f3a26f58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1556.7.1108303373\713819358" -childID 6 -isForBrowser -prefsHandle 5184 -prefMapHandle 5188 -prefsLen 26195 -prefMapSize 233414 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0168b2b5-33cf-4a90-b763-fe301bc909c7} 1556 "\\.\pipe\gecko-crash-server-pipe.1556" 5216 1c4f71f2f58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1556.8.2081678526\814574727" -childID 7 -isForBrowser -prefsHandle 5140 -prefMapHandle 2652 -prefsLen 26195 -prefMapSize 233414 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {86540792-f401-4061-815d-efda052e1740} 1556 "\\.\pipe\gecko-crash-server-pipe.1556" 5736 1c4f28cce58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1556.9.1374452804\962951391" -childID 8 -isForBrowser -prefsHandle 5652 -prefMapHandle 5936 -prefsLen 26635 -prefMapSize 233414 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {aecc13f3-d919-4c53-9d88-d9cae13f7ed0} 1556 "\\.\pipe\gecko-crash-server-pipe.1556" 5528 1c4e5062e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1556.10.1490505721\1240861849" -childID 9 -isForBrowser -prefsHandle 9680 -prefMapHandle 9684 -prefsLen 26635 -prefMapSize 233414 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2472b8cd-67dd-43d2-a268-116e2547693e} 1556 "\\.\pipe\gecko-crash-server-pipe.1556" 9672 1c4f2955d58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1556.11.367735825\1979594938" -childID 10 -isForBrowser -prefsHandle 9528 -prefMapHandle 9524 -prefsLen 26635 -prefMapSize 233414 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f4ac2239-c084-493a-9ea5-85154692e034} 1556 "\\.\pipe\gecko-crash-server-pipe.1556" 9552 1c4f2956058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1556.12.858032963\1300883542" -childID 11 -isForBrowser -prefsHandle 9252 -prefMapHandle 9256 -prefsLen 26635 -prefMapSize 233414 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ca88163c-4ce8-4eb5-a85b-91ac76df9bd9} 1556 "\\.\pipe\gecko-crash-server-pipe.1556" 9240 1c4f2956c58 tab
C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_Bon.zip\BonziBuddy432.exe"
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Program Files (x86)\BonziBuddy432\Runtimes\CheckRuntimes.bat" "
C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE
MSAGENT.EXE
C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe
tv_enua.exe
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentCtl.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentDPv.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\mslwvtts.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentDP2.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentMPx.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentSR.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentPsh.dll"
C:\Windows\msagent\AgentSvr.exe
"C:\Windows\msagent\AgentSvr.exe" /regserver
C:\Windows\SysWOW64\grpconv.exe
grpconv.exe -o
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s C:\Windows\lhsp\tv\tv_enua.dll
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s C:\Windows\lhsp\tv\tvenuax.dll
C:\Windows\SysWOW64\grpconv.exe
grpconv.exe -o
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3b8
C:\Program Files (x86)\BonziBuddy432\BonziBDY_2.EXE
"C:\Program Files (x86)\BonziBuddy432\BonziBDY_2.EXE"
C:\Windows\msagent\AgentSvr.exe
C:\Windows\msagent\AgentSvr.exe -Embedding
C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE
"C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE"
C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE
"C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE"
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe shell32.dll,Control_RunDLL speech.cpl,,0
C:\Windows\system32\RunDll32.exe
C:\Windows\system32\RunDll32.exe Shell32.dll,Control_RunDLL speech.cpl,,0
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1556.13.2019465438\1531213602" -childID 12 -isForBrowser -prefsHandle 4028 -prefMapHandle 4580 -prefsLen 27785 -prefMapSize 233414 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7858ef6c-9b77-46b4-8e70-191e09a9495e} 1556 "\\.\pipe\gecko-crash-server-pipe.1556" 4528 1c4f4499b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1556.14.555299203\1095212686" -childID 13 -isForBrowser -prefsHandle 8592 -prefMapHandle 8596 -prefsLen 27785 -prefMapSize 233414 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a137822d-3b77-4e8c-beb0-33733f72790b} 1556 "\\.\pipe\gecko-crash-server-pipe.1556" 8616 1c4f8019c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1556.15.1850742144\1184892648" -parentBuildID 20221007134813 -prefsHandle 8464 -prefMapHandle 8460 -prefsLen 27785 -prefMapSize 233414 -appDir "C:\Program Files\Mozilla Firefox\browser" - {fe3bcbff-af22-448d-a712-bfb6c00b43aa} 1556 "\\.\pipe\gecko-crash-server-pipe.1556" 8472 1c4f87ac458 rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1556.16.866794467\896160890" -childID 14 -isForBrowser -prefsHandle 7980 -prefMapHandle 7976 -prefsLen 27785 -prefMapSize 233414 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6555919e-4ad8-4c76-a58e-e17576c629d9} 1556 "\\.\pipe\gecko-crash-server-pipe.1556" 8648 1c4f8dcc358 tab
C:\Users\Admin\Downloads\fortnite-free-skins-download_P-btZt1.exe
"C:\Users\Admin\Downloads\fortnite-free-skins-download_P-btZt1.exe"
C:\Users\Admin\AppData\Local\Temp\is-E058H.tmp\fortnite-free-skins-download_P-btZt1.tmp
"C:\Users\Admin\AppData\Local\Temp\is-E058H.tmp\fortnite-free-skins-download_P-btZt1.tmp" /SL5="$5047A,1583588,832512,C:\Users\Admin\Downloads\fortnite-free-skins-download_P-btZt1.exe"
C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\saBSI.exe
"C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\saBSI.exe" /affid 91082 PaidDistribution=true CountryCode=GB
C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod1_extract\OperaSetup.exe
"C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod1_extract\OperaSetup.exe" --silent --allusers=0 --otd=utm.medium:apb,utm.source:ais,utm.campaign:opera_new_b
C:\Users\Admin\AppData\Local\Temp\7zS85C716A4\setup.exe
C:\Users\Admin\AppData\Local\Temp\7zS85C716A4\setup.exe --silent --allusers=0 --otd=utm.medium:apb,utm.source:ais,utm.campaign:opera_new_b --server-tracking-blob=NGNmNzBlYjNiZjQ0NDFlNDlkYzEyNjE4MGYyNzI5NzU0OGJjNjg4MmFkYWQ3YjYzMDVkMmZmMGI5MDM2MmU3Mzp7ImNvdW50cnkiOiJVUyIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFTZXR1cC5leGUiLCJwcm9kdWN0Ijoib3BlcmEiLCJxdWVyeSI6Ii9vcGVyYS9zdGFibGUvd2luZG93cyIsInRpbWVzdGFtcCI6IjE3MjgzODUyMTIuMjcxNiIsInVzZXJhZ2VudCI6InB5dGhvbi1yZXF1ZXN0cy8yLjMyLjMiLCJ1dG0iOnt9LCJ1dWlkIjoiOTM2ODdhYTEtN2Q1MS00YTAzLWIxN2UtZTRkYzI1OGI3YjM1In0=
C:\Users\Admin\AppData\Local\Temp\7zS85C716A4\setup.exe
C:\Users\Admin\AppData\Local\Temp\7zS85C716A4\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=114.0.5282.86 --initial-client-data=0x308,0x30c,0x310,0x304,0x314,0x707bda24,0x707bda30,0x707bda3c
C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe" --version
C:\Users\Admin\AppData\Local\Temp\7zS85C716A4\setup.exe
"C:\Users\Admin\AppData\Local\Temp\7zS85C716A4\setup.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=0 --general-interests=0 --general-location=0 --personalized-content=0 --personalized-ads=0 --launchopera=1 --installfolder="C:\Users\Admin\AppData\Local\Programs\Opera" --profile-folder --language=en --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --show-intro-overlay --server-tracking-data=server_tracking_data --initial-pid=3720 --package-dir-prefix="C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_20241014170317" --session-guid=d57446b6-3cf1-4e47-abd4-9f45e4be6e26 --server-tracking-blob="MTUyMGNhZDEwMmQ1MDg1MzYyOTc3MjYwNDVjZjgyY2VmNDkxY2FmM2EzMjRkOGQwNmFiNDMxZGMyMDY0ZWE1YTp7ImNvdW50cnkiOiJVUyIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFTZXR1cC5leGUiLCJwcm9kdWN0Ijp7Im5hbWUiOiJvcGVyYSJ9LCJxdWVyeSI6Ii9vcGVyYS9zdGFibGUvd2luZG93cyIsInN5c3RlbSI6eyJwbGF0Zm9ybSI6eyJhcmNoIjoieDg2XzY0Iiwib3BzeXMiOiJXaW5kb3dzIiwib3BzeXMtdmVyc2lvbiI6IjEwIiwicGFja2FnZSI6IkVYRSJ9fSwidGltZXN0YW1wIjoiMTcyODM4NTIxMi4yNzE2IiwidXNlcmFnZW50IjoicHl0aG9uLXJlcXVlc3RzLzIuMzIuMyIsInV0bSI6eyJjYW1wYWlnbiI6Im9wZXJhX25ld19iIiwibWVkaXVtIjoiYXBiIiwic291cmNlIjoiYWlzIn0sInV1aWQiOiI5MzY4N2FhMS03ZDUxLTRhMDMtYjE3ZS1lNGRjMjU4YjdiMzUifQ== " --silent --desktopshortcut=1 --wait-for-package --initial-proc-handle=F404000000000000
C:\Users\Admin\AppData\Local\Temp\7zS85C716A4\setup.exe
C:\Users\Admin\AppData\Local\Temp\7zS85C716A4\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=114.0.5282.86 --initial-client-data=0x304,0x314,0x318,0x2e0,0x31c,0x6fc7da24,0x6fc7da30,0x6fc7da3c
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 6784 -s 872
C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\installer.exe
"C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\\installer.exe" /setOem:Affid=91082 /s /thirdparty /upgrade
C:\Program Files\McAfee\Temp2352826547\installer.exe
"C:\Program Files\McAfee\Temp2352826547\installer.exe" /setOem:Affid=91082 /s /thirdparty /upgrade
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 6784 -s 1288
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202410141703171\assistant\Assistant_114.0.5282.21_Setup.exe_sfx.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202410141703171\assistant\Assistant_114.0.5282.21_Setup.exe_sfx.exe"
C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202410141703171\assistant\assistant_installer.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202410141703171\assistant\assistant_installer.exe" --version
C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202410141703171\assistant\assistant_installer.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202410141703171\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=114.0.5282.21 --initial-client-data=0x230,0x234,0x238,0x20c,0x23c,0x12917a0,0x12917ac,0x12917b8
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\OperaSetup.exe
"C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\OperaSetup.exe"
C:\Users\Admin\AppData\Local\Temp\7zS0DC98666\setup.exe
C:\Users\Admin\AppData\Local\Temp\7zS0DC98666\setup.exe --server-tracking-blob=OTc0MWZlM2RjMWI1YmJiYzU3MjE3ZWU1OWFkYzcwZjRhNjlmYzZmOWRjM2VkNWM4MjhmOTJjMGFmNTQzY2ZkMDp7ImNvdW50cnkiOiJHQiIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFTZXR1cC5leGUiLCJwcm9kdWN0Ijoib3BlcmEiLCJxdWVyeSI6Ii9vcGVyYS9zdGFibGUvd2luZG93cz91dG1fc291cmNlPWlubm92YSZ1dG1fbWVkaXVtPWFwYiZ1dG1fY2FtcGFpZ249ZGl0IiwidGltZXN0YW1wIjoiMTcyODkyNTQ3OC44NDA0IiwidXNlcmFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzUyLjAuMjc0My4xMTYgU2FmYXJpLzUzNy4zNiBFZGdlLzE1LjE1MDYzIiwidXRtIjp7ImNhbXBhaWduIjoiZGl0IiwibWVkaXVtIjoiYXBiIiwic291cmNlIjoiaW5ub3ZhIn0sInV1aWQiOiJjNzFjNzEyMi05YTFjLTQ2NWYtYjIxZS1kYmVlMDk3NWZhNTcifQ==
C:\Users\Admin\AppData\Local\Temp\7zS0DC98666\setup.exe
C:\Users\Admin\AppData\Local\Temp\7zS0DC98666\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=114.0.5282.94 --initial-client-data=0x304,0x308,0x30c,0x2cc,0x310,0x71ef1a74,0x71ef1a80,0x71ef1a8c
C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe" --version
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202410141704431\assistant\Assistant_114.0.5282.21_Setup.exe_sfx.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202410141704431\assistant\Assistant_114.0.5282.21_Setup.exe_sfx.exe"
C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202410141704431\assistant\assistant_installer.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202410141704431\assistant\assistant_installer.exe" --version
C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202410141704431\assistant\assistant_installer.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202410141704431\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=114.0.5282.21 --initial-client-data=0x230,0x234,0x238,0xac,0x23c,0xb517a0,0xb517ac,0xb517b8
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\LDPlayer9_ens_com.dts.freefireth_25567197_ld.exe
"C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\LDPlayer9_ens_com.dts.freefireth_25567197_ld.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1556.17.756356338\480942263" -childID 15 -isForBrowser -prefsHandle 4076 -prefMapHandle 8080 -prefsLen 27852 -prefMapSize 233414 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b6a6e581-de96-49b6-997a-75cb9d7c3b30} 1556 "\\.\pipe\gecko-crash-server-pipe.1556" 8240 1c4f9dd2b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1556.18.872740609\1433461065" -childID 16 -isForBrowser -prefsHandle 8296 -prefMapHandle 8764 -prefsLen 27852 -prefMapSize 233414 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {54b1f8a3-e758-4957-b1b4-7ab22b078c47} 1556 "\\.\pipe\gecko-crash-server-pipe.1556" 8932 1c4f9ff4958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1556.19.903266028\1378264939" -childID 17 -isForBrowser -prefsHandle 8084 -prefMapHandle 8176 -prefsLen 27908 -prefMapSize 233414 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3db3699d-2787-42e1-b7ca-aa42613731ea} 1556 "\\.\pipe\gecko-crash-server-pipe.1556" 7988 1c4f9ff9e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1556.20.944300311\424763410" -childID 18 -isForBrowser -prefsHandle 7600 -prefMapHandle 4240 -prefsLen 27908 -prefMapSize 233414 -jsInitHandle 1328 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {05b79ee1-1c1b-4b5c-9053-103c044d8dd1} 1556 "\\.\pipe\gecko-crash-server-pipe.1556" 7524 1c4fbd6ce58 tab
C:\Users\Admin\Downloads\HitmanPro_x64.exe
"C:\Users\Admin\Downloads\HitmanPro_x64.exe"
C:\Program Files\HitmanPro\hmpsched.exe
"C:\Program Files\HitmanPro\hmpsched.exe"
F:\LDPlayer\LDPlayer9\LDPlayer.exe
"F:\LDPlayer\LDPlayer9\\LDPlayer.exe" -silence -downloader -openid=25567197 -language=en -path="F:\LDPlayer\LDPlayer9\"
F:\LDPlayer\LDPlayer9\dnrepairer.exe
"F:\LDPlayer\LDPlayer9\dnrepairer.exe" listener=67260
C:\Windows\SysWOW64\net.exe
"net" start cryptsvc
C:\Windows\SysWOW64\net1.exe
C:\Windows\system32\net1 start cryptsvc
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" Softpub.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" Wintrust.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" Initpki.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" Initpki.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" dssenh.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" rsaenh.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" cryptdlg.dll /s
C:\Windows\SysWOW64\takeown.exe
"takeown" /f "F:\LDPlayer\LDPlayer9\vms" /r /d y
C:\Windows\SysWOW64\icacls.exe
"icacls" "F:\LDPlayer\LDPlayer9\vms" /grant everyone:F /t
C:\Windows\SysWOW64\takeown.exe
"takeown" /f "F:\LDPlayer\LDPlayer9\\system.vmdk"
C:\Windows\SysWOW64\icacls.exe
"icacls" "F:\LDPlayer\LDPlayer9\\system.vmdk" /grant everyone:F /t
C:\Windows\SysWOW64\dism.exe
C:\Windows\system32\dism.exe /Online /English /Get-Features
C:\Windows\SysWOW64\sc.exe
sc query HvHost
C:\Windows\SysWOW64\sc.exe
sc query vmms
C:\Windows\SysWOW64\sc.exe
sc query vmcompute
C:\Program Files\ldplayer9box\Ld9BoxSVC.exe
"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" /RegServer
C:\Windows\SYSTEM32\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\VBoxC.dll" /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\x86\VBoxClient-x86.dll" /s
C:\Windows\SYSTEM32\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\VBoxProxyStub.dll" /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\x86\VBoxProxyStub-x86.dll" /s
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc" create Ld9BoxSup binPath= "C:\Program Files\ldplayer9box\Ld9BoxSup.sys" type= kernel start= auto
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc" start Ld9BoxSup
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"powershell.exe" New-NetFirewallRule -DisplayName "Ld9BoxSup" -Direction Inbound -Program 'C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe' -RemoteAddress LocalSubnet -Action Allow
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"powershell.exe" New-NetFirewallRule -DisplayName "Ld9BoxNat" -Direction Inbound -Program 'C:\Program Files\ldplayer9box\VBoxNetNAT.exe' -RemoteAddress LocalSubnet -Action Allow
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"powershell.exe" New-NetFirewallRule -DisplayName "dnplayer" -Direction Inbound -Program 'F:\LDPlayer\LDPlayer9\dnplayer.exe' -RemoteAddress LocalSubnet -Action Allow
F:\LDPlayer\LDPlayer9\driverconfig.exe
"F:\LDPlayer\LDPlayer9\driverconfig.exe"
C:\Windows\SysWOW64\takeown.exe
"takeown" /f F:\LDPlayer\ldmutiplayer\ /r /d y
C:\Windows\SysWOW64\icacls.exe
"icacls" F:\LDPlayer\ldmutiplayer\ /grant everyone:F /t
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
F:\LDPlayer\LDPlayer9\dnplayer.exe
"F:\LDPlayer\LDPlayer9\dnplayer.exe" downloadpackage=com.dts.freefireth|package=com.dts.freefireth
C:\Windows\SysWOW64\sc.exe
sc query HvHost
C:\Windows\SysWOW64\sc.exe
sc query vmms
C:\Windows\SysWOW64\sc.exe
sc query vmcompute
C:\Program Files\ldplayer9box\Ld9BoxSVC.exe
"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" -Embedding
\??\c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe -k netsvcs -s NetSetupSvc
C:\Program Files\ldplayer9box\vbox-img.exe
"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\..\system.vmdk" --uuid 20160302-bbbb-bbbb-54d7-bbbb00000000
C:\Program Files\ldplayer9box\vbox-img.exe
"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\leidian0\data.vmdk" --uuid 20160302-cccc-cccc-54d7-000000000000
C:\Program Files\ldplayer9box\vbox-img.exe
"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\leidian0\sdcard.vmdk" --uuid 20160302-dddd-dddd-54d7-000000000000
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k netsvcs -s NetSetupSvc
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | skibidi.com | udp |
| US | 99.83.138.213:80 | skibidi.com | tcp |
| US | 99.83.138.213:80 | skibidi.com | tcp |
| US | 99.83.138.213:443 | skibidi.com | tcp |
| US | 8.8.8.8:53 | 213.138.83.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn0.dan.com | udp |
| US | 8.8.8.8:53 | cdn3.dan.com | udp |
| US | 8.8.8.8:53 | widget.trustpilot.com | udp |
| US | 8.8.8.8:53 | 32.169.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn2.dan.com | udp |
| NL | 18.238.243.71:443 | cdn2.dan.com | tcp |
| NL | 18.238.243.71:443 | cdn2.dan.com | tcp |
| NL | 108.156.60.41:443 | widget.trustpilot.com | tcp |
| NL | 108.156.60.41:443 | widget.trustpilot.com | tcp |
| NL | 18.238.243.20:443 | cdn2.dan.com | tcp |
| NL | 18.238.243.20:443 | cdn2.dan.com | tcp |
| US | 8.8.8.8:53 | cdn1.dan.com | udp |
| NL | 18.238.243.71:443 | cdn1.dan.com | tcp |
| NL | 18.238.243.71:443 | cdn1.dan.com | tcp |
| NL | 18.238.243.9:443 | cdn1.dan.com | tcp |
| NL | 18.238.243.9:443 | cdn1.dan.com | tcp |
| NL | 18.238.243.20:443 | cdn1.dan.com | tcp |
| NL | 18.238.243.71:443 | cdn1.dan.com | tcp |
| NL | 18.238.243.20:443 | cdn1.dan.com | tcp |
| NL | 18.238.243.9:443 | cdn1.dan.com | tcp |
| NL | 18.238.243.71:443 | cdn1.dan.com | tcp |
| NL | 18.238.243.71:443 | cdn1.dan.com | tcp |
| US | 8.8.8.8:53 | 71.243.238.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.60.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.243.238.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.15.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.41.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.243.238.18.in-addr.arpa | udp |
| NL | 18.238.243.71:443 | cdn1.dan.com | tcp |
| NL | 18.238.243.71:443 | cdn1.dan.com | tcp |
| US | 8.8.8.8:53 | 161.19.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.msn.com | udp |
| US | 204.79.197.203:443 | www.msn.com | tcp |
| US | 204.79.197.203:443 | www.msn.com | tcp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| GB | 2.22.249.225:443 | assets.msn.com | tcp |
| GB | 2.22.249.225:443 | assets.msn.com | tcp |
| GB | 2.22.249.225:443 | assets.msn.com | tcp |
| GB | 2.22.249.225:443 | assets.msn.com | tcp |
| GB | 92.123.128.144:443 | www.bing.com | tcp |
| GB | 92.123.128.144:443 | www.bing.com | tcp |
| GB | 92.123.128.144:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| GB | 92.123.128.144:443 | www.bing.com | tcp |
| US | 20.42.73.27:443 | browser.events.data.msn.com | tcp |
| US | 20.42.73.27:443 | browser.events.data.msn.com | tcp |
| US | 8.8.8.8:53 | 225.249.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.128.123.92.in-addr.arpa | udp |
| US | 204.79.197.203:443 | www.msn.com | tcp |
| US | 204.79.197.203:443 | www.msn.com | tcp |
| US | 8.8.8.8:53 | 27.73.42.20.in-addr.arpa | udp |
| GB | 92.123.128.144:443 | www.bing.com | tcp |
| GB | 92.123.128.144:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 92.123.128.173:443 | r.bing.com | tcp |
| GB | 92.123.128.173:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 173.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 40.126.31.71:443 | login.microsoftonline.com | tcp |
| IE | 40.126.31.71:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 71.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 92.123.128.158:443 | th.bing.com | tcp |
| GB | 92.123.128.158:443 | th.bing.com | tcp |
| GB | 92.123.128.158:443 | th.bing.com | tcp |
| GB | 92.123.128.158:443 | th.bing.com | tcp |
| GB | 92.123.128.158:443 | th.bing.com | tcp |
| GB | 92.123.128.158:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 158.128.123.92.in-addr.arpa | udp |
| GB | 92.123.128.144:443 | www.bing.com | tcp |
| GB | 92.123.128.144:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | bonzibuddy.org | udp |
| US | 198.187.29.31:443 | bonzibuddy.org | tcp |
| US | 198.187.29.31:443 | bonzibuddy.org | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | 31.29.187.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.205.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 198.187.29.31:443 | bonzibuddy.org | tcp |
| US | 198.187.29.31:443 | bonzibuddy.org | tcp |
| US | 8.8.8.8:53 | 133.5.17.2.in-addr.arpa | udp |
| US | 198.187.29.31:80 | bonzibuddy.org | tcp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.229.138.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.msn.com | udp |
| US | 204.79.197.203:443 | www.msn.com | tcp |
| GB | 2.22.249.225:443 | assets.msn.com | tcp |
| US | 20.42.73.27:443 | browser.events.data.msn.com | tcp |
| US | 20.42.73.27:443 | browser.events.data.msn.com | tcp |
| GB | 92.123.128.144:443 | www.bing.com | tcp |
| GB | 92.123.128.144:443 | www.bing.com | tcp |
| GB | 92.123.128.144:443 | www.bing.com | tcp |
| GB | 92.123.128.144:443 | www.bing.com | tcp |
| N/A | 127.0.0.1:51988 | tcp | |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | getpocket.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 34.120.5.221:443 | getpocket.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| N/A | 127.0.0.1:51994 | tcp | |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 53.121.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | 43.49.25.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 36.200.250.142.in-addr.arpa | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| GB | 142.250.180.17:443 | csp.withgoogle.com | tcp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| GB | 142.250.180.17:443 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | 17.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 216.58.201.110:443 | consent.google.com | tcp |
| GB | 216.58.201.110:443 | consent.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 216.58.201.110:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | bonzi.link | udp |
| FR | 151.106.4.82:443 | bonzi.link | tcp |
| US | 8.8.8.8:53 | bonzi.link | udp |
| US | 8.8.8.8:53 | bonzi.link | udp |
| FR | 151.106.4.82:443 | bonzi.link | udp |
| US | 8.8.8.8:53 | 82.4.106.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | d36ee2fcip1434.cloudfront.net | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | 78.169.217.172.in-addr.arpa | udp |
| GB | 172.217.169.78:443 | www3.l.google.com | udp |
| GB | 172.217.169.78:443 | www3.l.google.com | udp |
| GB | 172.217.169.78:443 | www3.l.google.com | tcp |
| GB | 172.217.169.78:443 | www3.l.google.com | tcp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 225.187.250.142.in-addr.arpa | udp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| DE | 23.55.161.211:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 142.250.200.46:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 142.250.200.46:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r4---sn-aigl6nsd.gvt1.com | udp |
| GB | 74.125.105.41:443 | r4---sn-aigl6nsd.gvt1.com | tcp |
| US | 8.8.8.8:53 | r4.sn-aigl6nsd.gvt1.com | udp |
| US | 8.8.8.8:53 | r4.sn-aigl6nsd.gvt1.com | udp |
| US | 8.8.8.8:53 | 211.161.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.105.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| GB | 74.125.105.41:443 | r4.sn-aigl6nsd.gvt1.com | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| GB | 92.123.128.144:443 | www.bing.com | tcp |
| GB | 92.123.128.144:443 | www.bing.com | tcp |
| US | 172.67.138.185:80 | bonzibuddy.tk | tcp |
| US | 172.67.138.185:80 | bonzibuddy.tk | tcp |
| US | 172.67.138.185:443 | bonzibuddy.tk | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| GB | 142.250.187.227:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | 185.138.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 151.101.194.137:443 | code.jquery.com | tcp |
| US | 151.101.194.137:443 | code.jquery.com | tcp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| US | 8.8.8.8:53 | 137.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| GB | 142.250.178.3:80 | o.pki.goog | tcp |
| US | 172.67.138.185:443 | bonzibuddy.tk | tcp |
| US | 172.67.138.185:443 | bonzibuddy.tk | tcp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| GB | 142.250.187.227:80 | c.pki.goog | tcp |
| US | 54.183.3.125:80 | www.bonzi.com | tcp |
| US | 8.8.8.8:53 | secure.bonzi.com | udp |
| US | 8.8.8.8:53 | 125.3.183.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 4.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| FI | 64.233.162.94:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| GB | 142.250.180.17:443 | csp.withgoogle.com | udp |
| GB | 142.250.180.17:443 | csp.withgoogle.com | tcp |
| FI | 64.233.162.94:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 94.162.233.64.in-addr.arpa | udp |
| GB | 172.217.169.86:443 | i.ytimg.com | tcp |
| GB | 172.217.169.86:443 | i.ytimg.com | tcp |
| GB | 172.217.169.86:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 172.217.169.86:443 | i.ytimg.com | tcp |
| GB | 172.217.169.86:443 | i.ytimg.com | tcp |
| GB | 172.217.169.86:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | 238.212.58.216.in-addr.arpa | udp |
| FI | 64.233.162.94:443 | id.google.com | udp |
| GB | 172.217.169.86:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | 86.169.217.172.in-addr.arpa | udp |
| GB | 216.58.212.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | udp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | 78.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.213.10:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.213.10:443 | jnn-pa.googleapis.com | udp |
| GB | 216.58.213.10:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| GB | 142.250.200.38:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.200.38:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 38.200.250.142.in-addr.arpa | udp |
| GB | 142.250.200.38:443 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn3.gstatic.com | udp |
| GB | 216.58.204.78:443 | encrypted-tbn2.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| GB | 216.58.204.78:443 | encrypted-tbn2.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn3.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn3.gstatic.com | udp |
| GB | 216.58.204.78:443 | encrypted-tbn2.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn3.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| GB | 142.250.200.46:443 | encrypted-tbn3.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | fortnite-free-skins-download.en.download.it | udp |
| US | 172.67.26.92:443 | fortnite-free-skins-download.en.download.it | tcp |
| US | 8.8.8.8:53 | fortnite-free-skins-download.en.download.it | udp |
| US | 8.8.8.8:53 | fortnite-free-skins-download.en.download.it | udp |
| US | 172.67.26.92:443 | fortnite-free-skins-download.en.download.it | udp |
| US | 8.8.8.8:53 | 92.26.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.download.it | udp |
| US | 8.8.8.8:53 | www.statcounter.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cmp.quantcast.com | udp |
| US | 104.22.57.224:443 | cdn.download.it | tcp |
| US | 104.22.57.224:443 | cdn.download.it | tcp |
| US | 104.22.57.224:443 | cdn.download.it | tcp |
| US | 104.22.57.224:443 | cdn.download.it | tcp |
| US | 104.22.57.224:443 | cdn.download.it | tcp |
| US | 104.22.57.224:443 | cdn.download.it | tcp |
| US | 104.22.57.224:443 | cdn.download.it | tcp |
| US | 104.22.57.224:443 | cdn.download.it | tcp |
| US | 104.22.57.224:443 | cdn.download.it | tcp |
| US | 104.22.57.224:443 | cdn.download.it | tcp |
| US | 104.22.57.224:443 | cdn.download.it | tcp |
| US | 104.22.57.224:443 | cdn.download.it | tcp |
| US | 8.8.8.8:53 | cdn.download.it | udp |
| US | 8.8.8.8:53 | cdn.download.it | udp |
| US | 8.8.8.8:53 | www.statcounter.com | udp |
| US | 104.20.95.138:443 | www.statcounter.com | tcp |
| NL | 18.239.83.22:443 | cmp.quantcast.com | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.22.57.224:443 | cdn.download.it | udp |
| US | 8.8.8.8:53 | www.statcounter.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cmp.quantcast.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cmp.quantcast.com | udp |
| US | 104.20.95.138:443 | www.statcounter.com | udp |
| US | 8.8.8.8:53 | cmp.inmobi.com | udp |
| US | 8.8.8.8:53 | d23sp3kzv1t6m5.cloudfront.net | udp |
| NL | 18.239.36.97:443 | d23sp3kzv1t6m5.cloudfront.net | tcp |
| US | 8.8.8.8:53 | d23sp3kzv1t6m5.cloudfront.net | udp |
| US | 8.8.8.8:53 | c.statcounter.com | udp |
| US | 8.8.8.8:53 | 224.57.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.95.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.83.239.18.in-addr.arpa | udp |
| US | 104.20.95.138:443 | c.statcounter.com | tcp |
| US | 8.8.8.8:53 | c.statcounter.com | udp |
| NL | 18.239.36.97:443 | d23sp3kzv1t6m5.cloudfront.net | tcp |
| US | 8.8.8.8:53 | c.statcounter.com | udp |
| US | 104.20.95.138:443 | c.statcounter.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| BE | 74.125.206.154:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| GB | 142.250.180.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| BE | 74.125.206.154:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 97.36.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.206.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 142.250.180.3:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | download.it | udp |
| US | 172.67.26.92:443 | download.it | tcp |
| US | 8.8.8.8:53 | download.it | udp |
| US | 8.8.8.8:53 | download.it | udp |
| US | 172.67.26.92:443 | download.it | udp |
| US | 8.8.8.8:53 | api.cmp.inmobi.com | udp |
| DE | 54.93.131.77:443 | api.cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | choice-apis-prod-2120274730.eu-central-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | choice-apis-prod-2120274730.eu-central-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | 77.131.93.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | net.geo.opera.com | udp |
| NL | 185.26.182.111:443 | net.geo.opera.com | tcp |
| US | 8.8.8.8:53 | eu.net.opera.com | udp |
| US | 8.8.8.8:53 | eu.net.opera.com | udp |
| US | 8.8.8.8:53 | 111.182.26.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | d2wjbs82sgy8i4.cloudfront.net | udp |
| NL | 18.239.63.180:443 | d2wjbs82sgy8i4.cloudfront.net | tcp |
| US | 8.8.8.8:53 | d2wjbs82sgy8i4.cloudfront.net | udp |
| US | 8.8.8.8:53 | d2wjbs82sgy8i4.cloudfront.net | udp |
| NL | 18.239.63.180:443 | d2wjbs82sgy8i4.cloudfront.net | tcp |
| US | 8.8.8.8:53 | www.statcounter.com | udp |
| US | 8.8.8.8:53 | cmp.quantcast.com | udp |
| US | 8.8.8.8:53 | c.statcounter.com | udp |
| US | 8.8.8.8:53 | c.statcounter.com | udp |
| US | 8.8.8.8:53 | 180.63.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dl.download.it | udp |
| NL | 95.168.168.24:443 | dl.download.it | tcp |
| US | 8.8.8.8:53 | dl.download.it | udp |
| US | 8.8.8.8:53 | dl.download.it | udp |
| US | 8.8.8.8:53 | 24.168.168.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | d1e9165hyidvf5.cloudfront.net | udp |
| GB | 3.162.19.32:443 | d1e9165hyidvf5.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 32.19.162.3.in-addr.arpa | udp |
| US | 104.22.57.224:443 | download.it | tcp |
| GB | 3.162.19.32:443 | d1e9165hyidvf5.cloudfront.net | tcp |
| US | 8.8.8.8:53 | apk.innodl.com | udp |
| US | 104.26.5.251:80 | apk.innodl.com | tcp |
| US | 8.8.8.8:53 | 251.5.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | analytics.apis.mcafee.com | udp |
| US | 54.68.233.165:443 | analytics.apis.mcafee.com | tcp |
| US | 8.8.8.8:53 | 165.233.68.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sadownload.mcafee.com | udp |
| GB | 2.19.117.95:443 | sadownload.mcafee.com | tcp |
| US | 8.8.8.8:53 | 95.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | autoupdate.geo.opera.com | udp |
| US | 8.8.8.8:53 | desktop-netinstaller-sub.osp.opera.software | udp |
| US | 8.8.8.8:53 | autoupdate.opera.com | udp |
| NL | 82.145.216.19:443 | autoupdate.geo.opera.com | tcp |
| NL | 185.26.182.123:443 | autoupdate.opera.com | tcp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| US | 8.8.8.8:53 | 121.217.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.216.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.182.26.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | download.opera.com | udp |
| US | 8.8.8.8:53 | en.download.it | udp |
| NL | 185.26.182.117:443 | download.opera.com | tcp |
| US | 8.8.8.8:53 | features.opera-api2.com | udp |
| NL | 82.145.216.16:443 | features.opera-api2.com | tcp |
| US | 8.8.8.8:53 | 117.182.26.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.216.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | download5.operacdn.com | udp |
| US | 104.18.10.89:443 | download5.operacdn.com | tcp |
| US | 8.8.8.8:53 | 89.10.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.66.101.151.in-addr.arpa | udp |
| US | 104.22.57.224:443 | en.download.it | tcp |
| US | 104.22.57.224:443 | en.download.it | tcp |
| US | 104.22.57.224:443 | en.download.it | tcp |
| US | 104.22.57.224:443 | en.download.it | tcp |
| US | 104.22.57.224:443 | en.download.it | tcp |
| US | 104.22.57.224:443 | en.download.it | tcp |
| US | 104.22.57.224:443 | en.download.it | tcp |
| US | 104.22.57.224:443 | en.download.it | tcp |
| US | 8.8.8.8:53 | cmp.quantcast.com | udp |
| NL | 18.239.83.89:443 | cmp.quantcast.com | tcp |
| NL | 18.239.83.89:443 | cmp.quantcast.com | tcp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| GB | 142.250.178.3:80 | www.gstatic.com | tcp |
| US | 104.20.95.138:443 | c.statcounter.com | tcp |
| US | 104.20.95.138:443 | c.statcounter.com | tcp |
| US | 8.8.8.8:53 | 89.83.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cmp.inmobi.com | udp |
| NL | 18.239.36.97:443 | cmp.inmobi.com | tcp |
| NL | 18.239.36.97:443 | cmp.inmobi.com | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.20.95.138:443 | c.statcounter.com | tcp |
| US | 104.20.95.138:443 | c.statcounter.com | tcp |
| US | 104.22.57.224:443 | en.download.it | tcp |
| US | 104.22.57.224:443 | en.download.it | tcp |
| US | 8.8.8.8:53 | 157.117.19.2.in-addr.arpa | udp |
| US | 172.67.26.92:443 | en.download.it | tcp |
| US | 172.67.26.92:443 | en.download.it | tcp |
| US | 8.8.8.8:53 | api.cmp.inmobi.com | udp |
| DE | 54.93.131.77:443 | api.cmp.inmobi.com | tcp |
| DE | 54.93.131.77:443 | api.cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | free-fire-gameloop.en.download.it | udp |
| US | 104.22.56.224:443 | free-fire-gameloop.en.download.it | tcp |
| US | 104.22.56.224:443 | free-fire-gameloop.en.download.it | tcp |
| US | 8.8.8.8:53 | 224.56.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 172.217.169.2:443 | ep1.adtrafficquality.google | tcp |
| GB | 172.217.169.2:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | 2.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.200.1:443 | ep2.adtrafficquality.google | tcp |
| GB | 142.250.200.1:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | 1.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.4:443 | www.google.com | tcp |
| GB | 142.250.200.4:443 | www.google.com | tcp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| US | 8.8.8.8:53 | www.bonzi.com | udp |
| US | 54.67.46.249:80 | www.bonzi.com | tcp |
| US | 8.8.8.8:53 | secure.bonzi.com | udp |
| US | 54.67.46.249:80 | www.bonzi.com | tcp |
| US | 54.67.46.249:80 | www.bonzi.com | tcp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| US | 8.8.8.8:53 | download3.operacdn.com | udp |
| GB | 2.22.249.213:443 | download3.operacdn.com | tcp |
| US | 8.8.8.8:53 | 249.46.67.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.249.22.2.in-addr.arpa | udp |
| GB | 92.123.128.149:443 | www.bing.com | tcp |
| GB | 92.123.128.149:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 149.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | net.geo.opera.com | udp |
| NL | 185.26.182.111:443 | net.geo.opera.com | tcp |
| NL | 185.26.182.111:443 | net.geo.opera.com | tcp |
| US | 8.8.8.8:53 | desktop-netinstaller-sub.osp.opera.software | udp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 35.190.72.216:443 | location.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 216.72.190.35.in-addr.arpa | udp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| US | 8.8.8.8:53 | autoupdate.geo.opera.com | udp |
| US | 8.8.8.8:53 | autoupdate.opera.com | udp |
| NL | 82.145.216.19:443 | autoupdate.opera.com | tcp |
| NL | 82.145.216.20:443 | autoupdate.opera.com | tcp |
| US | 8.8.8.8:53 | features.opera-api2.com | udp |
| US | 8.8.8.8:53 | download.opera.com | udp |
| NL | 185.26.182.117:443 | download.opera.com | tcp |
| NL | 185.26.182.118:443 | features.opera-api2.com | tcp |
| US | 104.18.10.89:443 | download5.operacdn.com | tcp |
| US | 8.8.8.8:53 | 20.216.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.182.26.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | leap.ldplayer.gg | udp |
| GB | 163.181.154.239:443 | leap.ldplayer.gg | tcp |
| GB | 163.181.154.239:443 | leap.ldplayer.gg | tcp |
| US | 8.8.8.8:53 | www.ldplayer.net | udp |
| GB | 163.181.154.237:443 | www.ldplayer.net | tcp |
| GB | 163.181.154.237:443 | www.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 237.154.181.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cmp.setupcmp.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cdn.ldplayer.net | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | play-lh.googleusercontent.com | udp |
| US | 104.26.5.6:443 | cmp.setupcmp.com | tcp |
| US | 104.26.5.6:443 | cmp.setupcmp.com | tcp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | tcp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | tcp |
| GB | 142.250.179.246:443 | play-lh.googleusercontent.com | tcp |
| GB | 142.250.179.246:443 | play-lh.googleusercontent.com | tcp |
| GB | 163.181.154.243:443 | www.ldplayer.net | tcp |
| GB | 163.181.154.243:443 | www.ldplayer.net | tcp |
| GB | 142.250.179.246:443 | play-lh.googleusercontent.com | tcp |
| GB | 142.250.179.246:443 | play-lh.googleusercontent.com | tcp |
| GB | 163.181.154.243:443 | www.ldplayer.net | tcp |
| GB | 163.181.154.243:443 | www.ldplayer.net | tcp |
| GB | 163.181.154.243:443 | www.ldplayer.net | tcp |
| US | 8.8.8.8:53 | stpd.cloud | udp |
| GB | 163.181.154.243:443 | www.ldplayer.net | tcp |
| US | 104.18.31.49:443 | stpd.cloud | tcp |
| US | 104.18.31.49:443 | stpd.cloud | tcp |
| GB | 79.133.176.186:443 | cdn.ldplayer.net | tcp |
| GB | 79.133.176.186:443 | cdn.ldplayer.net | tcp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| GB | 142.250.178.3:80 | o.pki.goog | tcp |
| GB | 142.250.178.3:80 | o.pki.goog | tcp |
| US | 8.8.8.8:53 | 6.5.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.154.181.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.31.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.176.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.130.101.151.in-addr.arpa | udp |
| GB | 163.181.154.243:443 | www.ldplayer.net | tcp |
| GB | 163.181.154.243:443 | www.ldplayer.net | tcp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| GB | 142.250.187.226:443 | www.googletagservices.com | tcp |
| GB | 142.250.187.226:443 | www.googletagservices.com | tcp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 216.239.32.3:443 | csi.gstatic.com | tcp |
| US | 216.239.32.3:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | 3.32.239.216.in-addr.arpa | udp |
| GB | 163.181.154.243:443 | www.ldplayer.net | tcp |
| GB | 163.181.154.243:443 | www.ldplayer.net | tcp |
| GB | 163.181.154.243:443 | www.ldplayer.net | tcp |
| US | 8.8.8.8:53 | apien.ldmnq.com | udp |
| GB | 79.133.176.185:443 | apien.ldmnq.com | tcp |
| GB | 163.181.154.243:443 | www.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 185.176.133.79.in-addr.arpa | udp |
| GB | 163.181.154.243:443 | www.ldplayer.net | tcp |
| US | 8.8.8.8:53 | middledata.ldplayer.net | udp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| SG | 8.219.48.146:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 146.48.219.8.in-addr.arpa | udp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 97.136.219.8.in-addr.arpa | udp |
| US | 104.20.95.138:443 | c.statcounter.com | udp |
| US | 8.8.8.8:53 | url.totaladblock.com | udp |
| US | 35.224.74.90:443 | url.totaladblock.com | tcp |
| US | 8.8.8.8:53 | url.fortifi.zone | udp |
| US | 8.8.8.8:53 | url.fortifi.zone | udp |
| US | 172.67.26.92:443 | free-fire-gameloop.en.download.it | udp |
| US | 8.8.8.8:53 | 90.74.224.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.totaladblock.com | udp |
| US | 34.160.40.40:443 | www.totaladblock.com | tcp |
| US | 8.8.8.8:53 | www.totaladblock.com | udp |
| US | 8.8.8.8:53 | www.totaladblock.com | udp |
| US | 34.160.40.40:443 | www.totaladblock.com | udp |
| US | 8.8.8.8:53 | widget.trustpilot.com | udp |
| NL | 108.156.60.63:443 | widget.trustpilot.com | tcp |
| US | 8.8.8.8:53 | widget.trustpilot.com | udp |
| US | 8.8.8.8:53 | 40.40.160.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.60.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 142.250.180.3:443 | id.google.com | udp |
| GB | 142.250.180.3:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| GB | 142.250.180.17:443 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | www.hitmanpro.com | udp |
| GB | 2.18.63.51:443 | www.hitmanpro.com | tcp |
| US | 8.8.8.8:53 | e131187.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e131187.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | 42.87.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.63.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sophos-privacy.my.onetrust.com | udp |
| US | 104.18.32.137:443 | sophos-privacy.my.onetrust.com | tcp |
| US | 104.18.32.137:443 | sophos-privacy.my.onetrust.com | tcp |
| US | 8.8.8.8:53 | sophos-privacy.my.onetrust.com | udp |
| US | 8.8.8.8:53 | sophos-privacy.my.onetrust.com | udp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | download.sophos.com | udp |
| US | 8.8.8.8:53 | e13687.d.akamaiedge.net | udp |
| GB | 2.23.221.234:443 | e13687.d.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | 234.221.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | files.surfright.nl | udp |
| US | 8.8.8.8:53 | scan.hitmanpro.com | udp |
| NL | 185.105.204.28:443 | files.surfright.nl | tcp |
| NL | 52.174.35.5:80 | scan.hitmanpro.com | tcp |
| US | 8.8.8.8:53 | 28.204.105.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.35.174.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | remnants.hitmanpro.com | udp |
| NL | 23.97.160.56:443 | remnants.hitmanpro.com | tcp |
| US | 185.228.168.9:53 | 8.8.8.8.zen.spamhaus.org | udp |
| US | 8.8.8.8:53 | 56.160.97.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.2.0.0.0.0.0.0.0.0.9.0.8.a.4.e.9.b.ip6.arpa | udp |
| US | 8.8.8.8:53 | 9.168.228.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | hash.hitmanpro.com | udp |
| NL | 23.97.160.56:443 | hash.hitmanpro.com | tcp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | middledata.ldplayer.net | udp |
| SG | 8.219.4.49:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 49.4.219.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apien.ldmnq.com | udp |
| GB | 79.133.176.185:443 | apien.ldmnq.com | tcp |
| US | 8.8.8.8:53 | scan.hitmanpro.com | udp |
| NL | 52.174.35.5:443 | scan.hitmanpro.com | tcp |
| SG | 8.219.4.49:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | middledata.ldplayer.net | udp |
| SG | 8.219.48.146:443 | middledata.ldplayer.net | tcp |
| NL | 23.97.160.56:443 | hash.hitmanpro.com | tcp |
| US | 8.8.8.8:53 | scan.hitmanpro.com | udp |
| NL | 52.174.35.5:443 | scan.hitmanpro.com | tcp |
| US | 8.8.8.8:53 | middledata.ldplayer.net | udp |
| SG | 8.219.48.146:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | discord.gg | udp |
| US | 162.159.136.234:443 | discord.gg | tcp |
| US | 162.159.136.234:443 | discord.gg | tcp |
| US | 8.8.8.8:53 | ad.ldplayer.net | udp |
| GB | 79.133.176.192:443 | ad.ldplayer.net | tcp |
| US | 8.8.8.8:53 | apien.ldplayer.net | udp |
| SG | 8.219.48.146:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | res.ldrescdn.com | udp |
| GB | 79.133.176.174:443 | apien.ldplayer.net | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | 234.136.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.176.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.176.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 162.159.135.232:443 | discord.com | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| SG | 8.219.48.146:443 | middledata.ldplayer.net | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | 232.135.159.162.in-addr.arpa | udp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 162.159.135.232:443 | discord.com | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| GB | 79.133.176.192:443 | ad.ldplayer.net | tcp |
| SG | 8.219.48.146:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | res.ldplayer.net | udp |
| GB | 79.133.176.235:443 | res.ldplayer.net | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | 235.176.133.79.in-addr.arpa | udp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | alliance.ldplayer.net | udp |
| GB | 79.133.176.181:443 | alliance.ldplayer.net | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | apien.ldmnq.com | udp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| GB | 79.133.176.185:80 | apien.ldmnq.com | tcp |
| GB | 79.133.176.185:443 | apien.ldmnq.com | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | 181.176.133.79.in-addr.arpa | udp |
| GB | 79.133.176.185:443 | apien.ldmnq.com | tcp |
| US | 8.8.8.8:53 | www.hitmanpro.com | udp |
| GB | 2.18.63.58:443 | www.hitmanpro.com | tcp |
| GB | 2.18.63.58:443 | www.hitmanpro.com | tcp |
| US | 8.8.8.8:53 | 58.63.18.2.in-addr.arpa | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| GB | 2.18.63.58:443 | www.hitmanpro.com | tcp |
| GB | 2.18.63.58:443 | www.hitmanpro.com | tcp |
| US | 8.8.8.8:53 | pricingapi.cleverbridge.com | udp |
| US | 172.64.155.119:443 | sophos-privacy.my.onetrust.com | tcp |
| US | 172.64.155.119:443 | sophos-privacy.my.onetrust.com | tcp |
| US | 104.16.243.229:443 | pricingapi.cleverbridge.com | tcp |
| US | 104.16.243.229:443 | pricingapi.cleverbridge.com | tcp |
| US | 8.8.8.8:53 | 229.243.16.104.in-addr.arpa | udp |
| GB | 2.18.63.58:443 | www.hitmanpro.com | tcp |
| US | 172.64.155.119:443 | sophos-privacy.my.onetrust.com | tcp |
| US | 172.64.155.119:443 | sophos-privacy.my.onetrust.com | tcp |
| US | 104.16.243.229:443 | pricingapi.cleverbridge.com | tcp |
| US | 104.16.243.229:443 | pricingapi.cleverbridge.com | tcp |
Files
memory/5056-17-0x000001A3F1B30000-0x000001A3F1B40000-memory.dmp
memory/5056-0-0x000001A3F1A20000-0x000001A3F1A30000-memory.dmp
memory/5056-35-0x000001A3EEEC0000-0x000001A3EEEC2000-memory.dmp
memory/1100-45-0x0000029A74F00000-0x0000029A75000000-memory.dmp
memory/5104-57-0x00000278918C0000-0x00000278918C2000-memory.dmp
memory/5104-59-0x00000278918E0000-0x00000278918E2000-memory.dmp
memory/5104-54-0x0000027891890000-0x0000027891892000-memory.dmp
memory/5104-63-0x0000027892100000-0x0000027892200000-memory.dmp
memory/5104-119-0x0000027892100000-0x0000027892200000-memory.dmp
memory/5104-135-0x00000278A3970000-0x00000278A3A70000-memory.dmp
memory/5104-137-0x00000278A3120000-0x00000278A3140000-memory.dmp
memory/5104-144-0x00000278A3C30000-0x00000278A3C50000-memory.dmp
memory/5104-170-0x00000278A3C50000-0x00000278A3C70000-memory.dmp
memory/5104-205-0x00000278A3560000-0x00000278A3562000-memory.dmp
memory/5104-207-0x00000278A36D0000-0x00000278A36D2000-memory.dmp
memory/5104-209-0x00000278A36E0000-0x00000278A36E2000-memory.dmp
memory/5104-211-0x00000278A3710000-0x00000278A3712000-memory.dmp
memory/5104-215-0x00000278A3AF0000-0x00000278A3AF2000-memory.dmp
memory/5104-213-0x00000278A3720000-0x00000278A3722000-memory.dmp
memory/5104-221-0x00000278A6CD0000-0x00000278A6CD2000-memory.dmp
memory/5104-219-0x00000278A3FF0000-0x00000278A3FF2000-memory.dmp
memory/5104-223-0x00000278A6CF0000-0x00000278A6CF2000-memory.dmp
memory/5056-285-0x000001A3F8640000-0x000001A3F8641000-memory.dmp
memory/5056-284-0x000001A3F8630000-0x000001A3F8631000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\SRU97PSA\favicon-8f8be32076803305bd39913d14e9f28567adc474d60a95af6e0d21282302ce6a[1].ico
| MD5 | 91b5b75e4f52df43982200873c1feef6 |
| SHA1 | 8a01193959229d10a361d4965e305490544c428c |
| SHA256 | 17cae8213bf0fbeae27b644f0616b74981f348af943f27b73abf8e7b3a557b8f |
| SHA512 | 8561f92fe9ee36c7576a150e11bf4ae2cf97fd99d8e9ebad1b1d537dfb884444fc40e0161f2f53f250f2d96da628ae04af2c75483e48696e62557f35eca72e76 |
memory/5104-302-0x0000027891900000-0x0000027891902000-memory.dmp
memory/5104-300-0x00000278917E0000-0x00000278917E2000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\ZVQ9VIUB\edgecompatviewlist[1].xml
| MD5 | d4fc49dc14f63895d997fa4940f24378 |
| SHA1 | 3efb1437a7c5e46034147cbbc8db017c69d02c31 |
| SHA256 | 853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1 |
| SHA512 | cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a |
memory/4660-330-0x0000024C39C00000-0x0000024C39D00000-memory.dmp
memory/4660-344-0x0000024C5ABD0000-0x0000024C5ACD0000-memory.dmp
memory/4660-353-0x0000024C4A060000-0x0000024C4A080000-memory.dmp
memory/4660-364-0x0000024C5AE90000-0x0000024C5AF90000-memory.dmp
memory/4660-375-0x0000024C4B010000-0x0000024C4B030000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\User\Default\DOMStore\9TCDQSPR\www.msn[1].xml
| MD5 | 57b0864a510cd72be6df5e5b413299e6 |
| SHA1 | 78ae11d9d61eb3d5fd88b3d53b9be6a47ae046fd |
| SHA256 | 800e656a296b71577c3f68e3973028ffcd7840d8b6c25cc9ba6345f289d244e7 |
| SHA512 | 4e0e511acad46cef0290a2f73183aae20da048a3d2cf484d6eac2e6403205e5dc4b17150195176ce3efdf4b36a9eda44d15a669998c7875e4f32f2d82e029c2b |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\User\Default\DOMStore\P3AXIIPE\www.bing[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\xvEz2IbMlyghPZ3oNAHr9N-xMOA.br[1].js
| MD5 | dc221228e109f89b8b10c48f2678fb46 |
| SHA1 | 1bfc85cba5c424136941ac1dfd779a563b5beed4 |
| SHA256 | f4fb7234959f48c2b2ca73fd6c35d36eaf65d8c431d982a1ba208f5cdc766419 |
| SHA512 | 46f49e5ac18436251778d1f50c027729a2442ed6541c3162d878720703e37797b6028d96eb1568c23ec5006fb022c8e05855e250d6a1a590f41e890866529cd2 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\fRSNKQanUHk53F1a1Bi8UA71Qt4.br[1].js
| MD5 | 9085e17b6172d9fc7b7373762c3d6e74 |
| SHA1 | dab3ca26ec7a8426f034113afa2123edfaa32a76 |
| SHA256 | 586d8f94486a8116af00c80a255cba96c5d994c5864e47deac5a7f1ae1e24b0d |
| SHA512 | b27b776cb4947eef6d9e2a33b46e87796a6d4c427f4759c08cf5aa0ee410a5f12e89ca6ab9cddd86c8471037e3c505f43c8b7fc6d8417f97f9fe3c5c47216bc4 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\CRYO0VTZ\favicon[1].ico
| MD5 | 84cc977d0eb148166481b01d8418e375 |
| SHA1 | 00e2461bcd67d7ba511db230415000aefbd30d2d |
| SHA256 | bbf8da37d92138cc08ffeec8e3379c334988d5ae99f4415579999bfbbb57a66c |
| SHA512 | f47a507077f9173fb07ec200c2677ba5f783d645be100f12efe71f701a74272a98e853c4fab63740d685853935d545730992d0004c9d2fe8e1965445cab509c3 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\R8OGHIFB\favicon-trans-bg-000-mg[1].ico
| MD5 | 5879b2763fc53367a29f1e64721976db |
| SHA1 | edee687feb0438fbb4fdf6e0b9bc941f2a0c464d |
| SHA256 | b5f794efdee46f6e8759441cfb2bdc36640f50e47cad9f11cea18bed48e6c43b |
| SHA512 | 6b04809dad6d927b7c9fe0d674b8e14c9bb374ea069558e53468e33da76be44c8de6221f90f719462bcea90bec1a90ece58a706e440229ec78d81ba9063ad0f1 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\oocd_GLJp7OiNEvIPidegylCzYE.br[1].js
| MD5 | d81d52a7a2de9189891eeb3753aac042 |
| SHA1 | 057b7068214f3af00ecf73677798979175192062 |
| SHA256 | 5d59969951587d02ccf8e5b8b08b16f8b8b3110e26dd195cfdbaaaae99674230 |
| SHA512 | 62a5c49989be283cc69609bedeba3e1a6f5d3a02edfdfda9baaaae7d55edef2fa80fecb22e9f5545b858c308cfa83b21a25768ea3ec93e4d6bc5d74c968bf2a2 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\Ti0kaOD9xRltUyrW1UKvcEi37W4.br[1].js
| MD5 | 3944ecfe8cc8046cf832427feb3b9fba |
| SHA1 | ec037c8cb888ea2034bcb3e37bf7ab496b812081 |
| SHA256 | d2ec68389884aaf1bf3a9bb2130e898ac0c53d71ecf0d8302270840b9f658472 |
| SHA512 | 3ffe91b03f1d1f276471f5d85014c66b75416fef27e68cc68edf0c89d7cfa2c56df07b187a8650fa159665ece5f417d909bd56df961ab2d9116f391a07ce59aa |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\9MqrCXB0EVjVIRzDOArDGhu3yeM.br[1].js
| MD5 | 56afa9b2c4ead188d1dd95650816419b |
| SHA1 | c1e4d984c4f85b9c7fb60b66b039c541bf3d94f6 |
| SHA256 | e830aeb6bc4602a3d61e678b1c22a8c5e01b9fb9a66406051d56493cc3087b4b |
| SHA512 | d97432e68afdaa2cfaeff497c2ff70208bd328713f169380d5afb5d5eecd29e183a79bec99664dbee13fd19fe21ebae7396315ac77a196bfb0ab855507f3dacf |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\8CgcSSLayxEVUBf0swP_bQGMId8.br[1].js
| MD5 | a5363c37b617d36dfd6d25bfb89ca56b |
| SHA1 | 31682afce628850b8cb31faa8e9c4c5ec9ebb957 |
| SHA256 | 8b4d85985e62c264c03c88b31e68dbabdcc9bd42f40032a43800902261ff373f |
| SHA512 | e70f996b09e9fa94ba32f83b7aa348dc3a912146f21f9f7a7b5deea0f68cf81723ab4fedf1ba12b46aa4591758339f752a4eba11539beb16e0e34ad7ec946763 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\n21aGRCN5EKHB3qObygw029dyNU.br[1].js
| MD5 | cb027ba6eb6dd3f033c02183b9423995 |
| SHA1 | 368e7121931587d29d988e1b8cb0fda785e5d18b |
| SHA256 | 04a007926a68bb33e36202eb27f53882af7fd009c1ec3ad7177fba380a5fb96f |
| SHA512 | 6a575205c83b1fc3bfac164828fbdb3a25ead355a6071b7d443c0f8ab5796fe2601c48946c2e4c9915e08ad14106b4a01d2fcd534d50ea51c4bc88879d8bec8d |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\Gyuq2bqitqDJM0BeAkbKXGlQXNw.br[1].js
| MD5 | a969230a51dba5ab5adf5877bcc28cfa |
| SHA1 | 7c4cdc6b86ca3b8a51ba585594ea1ab7b78b8265 |
| SHA256 | 8e572950cbda0558f7b9563ce4f5017e06bc9c262cf487e33927a948f8d78f7f |
| SHA512 | f45b08818a54c5fd54712c28eb2ac3417eea971c653049108e8809d078f6dd0560c873ceb09c8816ecd08112a007c13d850e2791f62c01d68518b3c3d0accceb |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\j7QTvC_hnIspQX0jVufvDFJYNV0.br[1].js
| MD5 | 2447b53e9405cd7ab255d826e74a979c |
| SHA1 | 7f5ea6a26a0fe6a3d82f6de20aa3dff6200e8e93 |
| SHA256 | c8bb6f5a4f3aa74fa0fa502959dfc83aa0cc4f33576b324e51da2bc31f7ed0ba |
| SHA512 | c76df8b537e381cff81c19ab947d0b077a55f841fa64e633f995da66811f944566cf11f4bffe7bb97af015d782672bbbe776f98492b836ebd234c67027787173 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\pULrRpvNB_IVlF00-EcgY1amxmk.br[1].js
| MD5 | 8db6af34e15752fcc8dd1db27883888b |
| SHA1 | 22dae88b4aa6e1943a7f4142264ee7c1b60e41fc |
| SHA256 | 3207d4044fa2485477eb984fa69e16b67753146bcc319043530c25dc60b9c6ca |
| SHA512 | 7d4fe0bcd7fabe09f94ed708ace4548cfb0b9aea33bf33016808a8855a77be39c133b4b4a1a320771c789cfd0b073fff5bcdd37982f26c878bd71bf1024f5709 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\lLk8XmbdNzzlnPRzVzDhaF9yjqw.br[1].js
| MD5 | 3ff8eecb7a6996c1056bbe9d4dde50b4 |
| SHA1 | fdc4d52301d187042d0a2f136ceef2c005dcbb8b |
| SHA256 | 01b479f35b53d8078baca650bdd8b926638d8daaa6eb4a9059e232dbd984f163 |
| SHA512 | 49e68aa570729cc96ed0fd2f5f406d84869772df67958272625cba9d521ca508955567e12573d7c73d7e7727260d746b535c2ce6a3ace4952edf8fd85f3db0dd |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\K3hC1_cQXGFr6cxRJVWYpzZJaAM.br[1].js
| MD5 | 02b0b245d09dc56bbe4f1a9f1425ac35 |
| SHA1 | 868259c7dc5175a9cc1e2ec835f3d9b4bd3f5673 |
| SHA256 | 62991181637343332d7b105a605ab69d70d1256092355cfc4359bee7bdbfb9c6 |
| SHA512 | cbb43000a142807ff1bb3bfac715cef1240233117c728f357c824ce65b06be493df2306c7b03598817f09b02e9e36ec52314f88467679c5bef3ee1504a10c7e6 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\V_fBQ_iVmAgE_Ta_T-6BNXc0ZY4.br[1].js
| MD5 | f5712e664873fde8ee9044f693cd2db7 |
| SHA1 | 2a30817f3b99e3be735f4f85bb66dd5edf6a89f4 |
| SHA256 | 1562669ad323019cda49a6cf3bddece1672282e7275f9d963031b30ea845ffb2 |
| SHA512 | ca0eb961e52d37caa75f0f22012c045876a8b1a69db583fe3232ea6a7787a85beabc282f104c9fd236da9a500ba15fdf7bd83c1639bfd73ef8eb6a910b75290d |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\_2I169N92jVtSc_VEsV0nma5sRY.br[1].js
| MD5 | 3104955279e1bbbdb4ae5a0e077c5a74 |
| SHA1 | ba10a722fff1877c3379dee7b5f028d467ffd6cf |
| SHA256 | a0a1cee602080757fbadb2d23ead2bbb8b0726b82fdb2ed654da4403f1e78ef1 |
| SHA512 | 6937ed6194e4842ff5b4878b0d680e02caf3185baf65edc131260b56a87968b5d6c80f236c1de1a059d8158bc93b80b831fe679f38fc06dfb7c3413d1d5355aa |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\9xGNA8UskvA9WHF58zbLOHZ5HvI.br[1].js
| MD5 | d6741608ba48e400a406aca7f3464765 |
| SHA1 | 8961ca85ad82bb701436ffc64642833cfbaff303 |
| SHA256 | b1db1d8c0e5316d2c8a14e778b7220ac75adae5333a6d58ba7fd07f4e6eaa83c |
| SHA512 | e85360dbbb0881792b86dcaf56789434152ed69e00a99202b880f19d551b8c78eeff38a5836024f5d61dbc36818a39a921957f13fbf592baafd06acb1aed244b |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\gKwIRAF4fg7noG1zyeUz8x3Jdhc.br[1].js
| MD5 | 47442e8d5838baaa640a856f98e40dc6 |
| SHA1 | 54c60cad77926723975b92d09fe79d7beff58d99 |
| SHA256 | 15ed1579bccf1571a7d8b888226e9fe455aca5628684419d1a18f7cda68af89e |
| SHA512 | 87c849283248baf779faab7bde1077a39274da88bea3a6f8e1513cb8dcd24a8c465bf431aee9d655b4e4802e62564d020f0bb1271fb331074d2ec62fc8d08f63 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\9cuwOQ_qE7qTGKohzrf_gIjTlPI.br[1].js
| MD5 | fabb77c7ae3fd2271f5909155fb490e5 |
| SHA1 | cde0b1304b558b6de7503d559c92014644736f88 |
| SHA256 | e482bf4baaa167335f326b9b4f4b83e806cc21fb428b988a4932c806d918771c |
| SHA512 | cabb38f7961ab11449a6e895657d39c947d422f0b3e1da976494c53203e0e91adfc514b6100e632939c4335c119165d2330512caa7d836a6c863087775edaa9f |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\Gw7eETSwe7GHmKwW1lRqGPQJXRo.br[1].js
| MD5 | 17cdab99027114dbcbd9d573c5b7a8a9 |
| SHA1 | 42d65caae34eba7a051342b24972665e61fa6ae2 |
| SHA256 | 5ff6b0f0620aa14559d5d869dbeb96febc4014051fa7d5df20223b10b35312de |
| SHA512 | 1fe83b7ec455840a8ddb4eedbbcd017f4b6183772a9643d40117a96d5fff70e8083e424d64deba209e0ef2e54368acd58e16e47a6810d6595e1d89d90bca149a |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\psgXZvzYJMEW2ydikIk493Va1d4.br[1].js
| MD5 | f4da106e481b3e221792289864c2d02a |
| SHA1 | d8ba5c1615a4a8ed8ee93c5c8e2ea0fb490a0994 |
| SHA256 | 47cb84d180c1d6ba7578c379bdc396102043b31233544e25a5a6f738bb425ac9 |
| SHA512 | 66518ee1b6c0df613074e500a393e973844529ca81437c4bafe6bf111cba4d697af4fe36b8d1b2aa9b25f3eb93cd76df63abfc3269ac7e9f87c5f28a3764008e |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\nt6a1ZR520utsLoZmSYgwxdOPgI[1].js
| MD5 | 0c2672dc05a52fbfb8e3bc70271619c2 |
| SHA1 | 9ede9ad59479db4badb0ba19992620c3174e3e02 |
| SHA256 | 54722cf65ab74a85441a039480691610df079e6dd3316c452667efe4a94ffd39 |
| SHA512 | dd2b3e4438a9deaa6b306cbc0a50a035d9fe19c6180bc49d2a9d8cdbb2e25d9c6c8c5265c640ac362dc353169727f8c26503e11a8a061a2517a303f61d0ccd3c |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\awRIKLY04rWw5wNlVL186SolQSo.br[1].js
| MD5 | e4fb9b839186660b1f729b8df8c994b4 |
| SHA1 | 931792cd70ced4ad586f6329c30c294ebea1548e |
| SHA256 | 6838611c8ab6539005e11c84ca308158f89a51db57a62caf21faab48bf576177 |
| SHA512 | 625436bb52cbd7df7ed03be05fea52c5d54b6cc15037d70c268d9598e648a22246db902b9c6f097ba8b18bd924f6ab17120736285d54dce13773237f1669853a |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\5L3iD467J3iJWEPwIjxlK0MMDpY.br[1].js
| MD5 | 2ef3074238b080b648e9a10429d67405 |
| SHA1 | 15d57873ff98195c57e34fc778accc41c21172e7 |
| SHA256 | e90558eb19208ad73f0de1cd9839d0317594bf23da0514f51272bf27183f01da |
| SHA512 | c1d7074a0ebf5968b468f98fc4c0c7829999e402dd91c617e679eeb46c873dc04096cbf9277e115fc42c97516a6c11a9f16afa571e00f0d826beb463e2d1f7b0 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\K_V1CARn2Q2lTs5njJKUvUkHyi4.br[1].js
| MD5 | 6c2c6db3832d53062d303cdff5e2bd30 |
| SHA1 | b7a064a64ceae5c9009ef7d6d8f63b90d3933c9d |
| SHA256 | 06b77ee16a2cd34acd210b4f2b6e423762ea8874bb26ae5a37db9dd01a00ff70 |
| SHA512 | bc2d115b53035b700d727af9d7efaf32dd2a39a2344f3f5fa1a82586be849ec7803e8320661e66ab7dd2a17e64b7897e95bbd84502b91997fa46eba4e67e8c7d |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\8LIV7VPMYjV_ya4Ggnu8LBWQIQQ.br[1].js
| MD5 | d81844c2ebcf5f3260a692e3e89dde7f |
| SHA1 | 5a3874fb9f597e42fdd94e5bc5da0a709b70d57a |
| SHA256 | 9905f086f3f40ac4b8ec2c9f0752a157ed637b2ffc2c87971e8306d6cb12fe9f |
| SHA512 | 8005f3ebd5bc8dc903917df581563595ea3e427f31992260aa4e6ed8bc30095442174ad153a83c378575ffb2de878338b0e87d8cdd57dfdc49e646ca9e4ada77 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\910ptS3pcIDQ7a5acMaHuQliuN0.br[1].js
| MD5 | 8898a2f705976d9be01f35a493f9a98f |
| SHA1 | bc69bec33a98575d55fefae8883c8bb636061007 |
| SHA256 | 5f30270aa2dc8a094d790e1e4a62b17c7d76a20b449d9b69af797a55fada9108 |
| SHA512 | c8575df93fbd1f65a285d484257adfe12733e47a6524a18d5910d33562eefd1d9da7197d16c7a3cad3bc5ad89546ff0fefe90e5c96e7850ecec9708c90334349 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\NfTD8Ovh04Y_Ni14YxqYB8R_2_Q.br[1].js
| MD5 | f1cf1909716ce3da53172898bb780024 |
| SHA1 | d8d34904e511b1c9aae1565ba10ccd045c940333 |
| SHA256 | 9abac0cbfa6f89106b66cd4f698ead5ccbf615ecf8cd7e9e88567a7c33cfec01 |
| SHA512 | 8b641e93405565b4a57c051edefc8e02d6c929ddd4c52f9bfbd19c57896aa40426bf5ed6760dbd479719561c4f0a25bfc4102f0f49d3d308035c9ca90b1d0fce |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\iY8PAEydb3lbGfuJiuA9ICzXgY8.br[1].js
| MD5 | 341fc0acd15df6d8a064e4c3a896f65d |
| SHA1 | 1258fd48a874d80cb635be454f9e4023a0df7c49 |
| SHA256 | 4bc6635d4d95f9c05a91904b19370a40cc6e4c2ab43661c00615eddadefcf9eb |
| SHA512 | 6b552d786e782c36f17bee1a6ae204f1e8c9f85be5eb9adac1793d60b537cad13228cb2d4299949f051e6bc364c2e5a4105de9bbf2885f492edb425cb14ce982 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\6mZmj1db42G_jniFgdT7MCvBgyA.br[1].js
| MD5 | 2ab12bf4a9e00a1f96849ebb31e03d48 |
| SHA1 | 7214619173c4ec069be1ff00dd61092fd2981af0 |
| SHA256 | f8b5acf4da28e0617f1c81093192d044bd5a6cc2a2e0c77677f859adcf3430ac |
| SHA512 | 7d5aae775be1e482eada1f453bea2c52a62c552fa94949e6a6081f322e679e916b1276bb59ff28cf7c86d21727bcc329ecb03e5d77ca93204e0cd2694faa72bd |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\mOy7YpeLJ3c40BBAFNUI6SmOUTY.br[1].js
| MD5 | 16050baaf39976a33ac9f854d5efdb32 |
| SHA1 | 94725020efa7d3ee8faed2b7dffc5a4106363b5e |
| SHA256 | 039e6b3df1d67341fb8e4a3815f0d1bb3292a2040334ceb9cfc4a8d6abf2fb55 |
| SHA512 | cf0d54f0368ffbc6908216fd2573df8f5fe4c34ac08e17301b8734b3fabc674672a7f456707f632f82f44b36812dad8a0cf81a51d5cea21ea7f0e18500298375 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\UftfQbYuKvGGEUHPU3QGHYd90Z8.br[1].js
| MD5 | 8d078e26c28e9c85885f8a362cb80db9 |
| SHA1 | f486b2745e4637d881422d38c7780c041618168a |
| SHA256 | 0bf9f3ad9cdbbc4d37c8b9e22dd06cc26eea12a27ef6c0f95db6cbe930177461 |
| SHA512 | b808a972cd44e6bda01ac1f8d904d5a281f33b9238b8caab03decb6adb6b494b19dd9bb35e3d1ea3ca914ff4957155f6d2cb5a9b3a00c2195f80f52804ffb244 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\zlfm-hC70pZAs62UVTTl3KShKOE.br[1].js
| MD5 | 8c8b189422c448709ea6bd43ee898afb |
| SHA1 | a4d6a99231d951f37d951bd8356d9d17664bf447 |
| SHA256 | 567506d6f20f55859e137fcbd98f9e1a678c0d51192ff186e16fd99d6d301cff |
| SHA512 | 6faa73d59082065426769a27081cbedcd22146ef948afdd9a86801f205b2dddc63e03ac5d555ef0af23ef05901ebffe7e8aadd82260ef505cb89d99e572fdf4a |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\TA5w4JZB_Bofmi4E2NA9kDEyusQ.br[1].js
| MD5 | 65125851782a676455b556d771d3ac70 |
| SHA1 | f201fd1277fc51d53ebb8611cba3eb2c083bb3cd |
| SHA256 | d763f1e7e5ddde8e9c79bce466a9f4fffbd1fe8018e46ae7c75df5fdc29cf8db |
| SHA512 | a2c9f13bd9be96d7fadf43ff1b02ac357767b432e63b80394ac86864ce3f8bf306c5cb52489240540dde87353451eef2d298f840c585670d603c31694c4abd29 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\nc60aT-MXWFDGmlflZLjNBVVxkM.br[1].js
| MD5 | 1c0981ac86e2ea5b7f08f34548af3280 |
| SHA1 | 57324208ddb3a9e80abd3346607d712c999c2e50 |
| SHA256 | 00ff3483d93259aedb929a9fee4454a623830b18a08f08781ac1961c1e98774a |
| SHA512 | 0f7185a8579d9bf1b89623bf126c58789010c76f7e279a3f44064c78b2e3e04bb0a89394e6be185618071153bc872e43a69211255f3470e1120e51ab0d5f2329 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\2RFgnacsz6nPw9vvxd8AGFyaQr8[1].js
| MD5 | e849f94cd30ec77987643a0d405e33e4 |
| SHA1 | d911609da72ccfa9cfc3dbefc5df00185c9a42bf |
| SHA256 | b39968f3ab3c3867efc7115c77d0239b0a2c505ae87766231bf46e32f7797c43 |
| SHA512 | dbc5ef102c16d14a99f090821176b3706ba08d87d1efba817d763af969a10f9058c7aa0ce54d442dc816e84d294b52dc78623416044c1b6efa59a28055b48504 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\R5OIlHZUEYWuNhJa46yx5Wir2pM.br[1].js
| MD5 | d7365c424e30cb142a85b84c0618d671 |
| SHA1 | 7212fe88cd0686a381acb1b0583a544ae3ada1b0 |
| SHA256 | 8fd0225b5f75ee2326adc68a10f5b9fc50c30a45bf4b61c7ee9364103e6102c8 |
| SHA512 | 26d9a5da2cc591954c6014b4de1826653c9f058e9c8287342d8f0f2c9960bdaf30e1d4f8addf529830327d94c8bca21848a3adaf2846036a5e9c618992b18d5f |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\t7vjQF3Su3ZV-EkXGBcNcV5x97o.br[1].js
| MD5 | 6904aba1ce02bb3a01b6550c4bf98a7e |
| SHA1 | 858127221daf72534247d665be661a175fad6dd6 |
| SHA256 | 4492b7ef7f9e30168d8f6410ff6928fcc3019618019116f82b25459b9267b038 |
| SHA512 | ebd259047bcded6f925c3184a27d0d197d48b0ee3ebc2c12a27a2c9843b08c551d6dc34c299cd6e4931446f33c1d6bff3f8cdeb018fb6c614671cf43b6497585 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\8aj_I6fSAQ2HauP0CPPAfDwa2j8.br[1].js
| MD5 | 4ff32905762c3a445028e11ed69f04a0 |
| SHA1 | 809535e72d3dbe00f945893f7581eb3897f4439a |
| SHA256 | 336342b76b1eec2f9698dacb5d7d7749148a2036172435cd0c1a80a80a9886e7 |
| SHA512 | 8b20273037fc33b549b6322d4b6a7623b0e24cf737c8d562e226f3bee2f5ba5a0692569fd0039e296146e9845e4f00ed5f08566980ede5fe449be08ff1f0b79f |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\LTCT2zdUcB3ayDDUpC7BI5zxXuE.br[1].js
| MD5 | 480df9ada0ab4f05ef58e5cb2e2392e1 |
| SHA1 | 5510d9c30128875621b2f587563e7c1d0153f164 |
| SHA256 | 1c56cffb0e9950e4a61b6955e8708befa2ceca71017838f1fc233e2038b23c2c |
| SHA512 | dae1a6680c0f1dfcac1c2b7b23c459f162d3d00d83548dce37bb86a74d2c04f2ec6b68449631eb53dd176153bdec74086f287b02688ef8d4d977671060709d09 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\HdiojNH85n4iu87NAQvDH5bKMnM.br[1].js
| MD5 | 794184fae3c0890ae4ea642fd8f7fbf8 |
| SHA1 | 91f8e72f3517d86a28edeb1b476f90fa5f972168 |
| SHA256 | 00ea5dc006fa84e08d604bf9708135b98138ae0a092bd2c101a912b5efe3fe17 |
| SHA512 | 3bcbc295c3e482ba7d8d99df3ac396fc1da973745a82dcae8d02270afed54b758d3f2c9811ed3c08e817f78a1a6a73eb5564d05e0c78d8009cf2608d14bb96fc |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\QbhTTihqpIpuQBHI4z0cMxYJtFg.br[1].js
| MD5 | 48833dea59bc0b37177ab4c6c233dfbb |
| SHA1 | 966780d21ad4544db989e986b2fc3ab70983260c |
| SHA256 | de9cca3cd151b7dd74da15992299c993d91a424083c1efb2a948230e87fecb4b |
| SHA512 | b7e00bd79148657ca517b959c48b4e7e1f70cc7d5ec9b30df5fbd0a7f6e9275f16797c7414cac30fa6972f958d4a64e3ac45dc7d9be8fd517f66d44aa78207ee |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\srQCAZOtTDmQ8htvHi2-HdIwn_k.br[1].js
| MD5 | 981ec7ee8567f72ccd2767fdb1784704 |
| SHA1 | cd3a81738552522d0cec179ac2500f3970a3a092 |
| SHA256 | dd932d224b094fa354111092f07e908687d279df62eeb6ee701dcd6dbed7f9f4 |
| SHA512 | df3c1a692d7cea2c37b4c4e30403fd9de55eb87c96c0421a9e237d5c5cda41d51c3fb1b89e569eb382c27330996433723f5b9d92f382ed4913a09a57002c9f19 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\s_KB_GYETp6JptI_mOoLcYDN4OY.br[1].js
| MD5 | 4d50983f08b011f80e3b470684d38023 |
| SHA1 | d168a6911a65230ac9d9ff267d2133d16c095bde |
| SHA256 | ecaa1db0e1d7b1bdf7cc063c05509d6c745ed5a2685b3b1a325ad9ca418d612d |
| SHA512 | 34656b85f2ec00e55702d572ca1967270354dfb37a36bf3983100a29879273fe68f605a336934a216bf5944ad404712ada71409325229ebaf3544ca3b8cc4c0f |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\BFQDsdSF9E9Gp0u-xRbmGVfJfe0.br[1].js
| MD5 | 60c8196199a6c715bc20652c09f64e7a |
| SHA1 | fd861e01ba063850704195b35e44db2562ae815e |
| SHA256 | 708df52a72db22b1a287439cb9aa3ef2037bb67c8246835e36e673f70695a390 |
| SHA512 | 7f16a9c7f5e6df6d78fa1d08818580dbcc4c7453db9d095794c730bb0f67e14070369e610b90225acf6961fda6471c7f497d59da0a7fef2f95e8bcc180b63a0d |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\WPedHfV8dQrn4qkif5azDZSqmn8.br[1].js
| MD5 | f5dfb6428494da3c1f195528588587cb |
| SHA1 | 7575a1f3dc367b2332d837a46d1dd2748b225c38 |
| SHA256 | f45968b3999174976d6fbea229f627f0bda56fd84f8b1924c01da624bfea01e3 |
| SHA512 | bb677ee6f22dfe28ca9ebc94a6ea7b5bdfb95288ba246c85c135f083c3af765964dbe5f3a028dca6e8a6396e967f24c2734442432abf00e690f34bc8106dfe9d |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\00BXM0d2_RU-uUgNDoDSRVtPaQg.br[1].js
| MD5 | 2e718ad7ea68b5f38e22071f7425a28e |
| SHA1 | 186f4214abfb78dd13d92dc41f2203d31adba148 |
| SHA256 | 55c5976e9b74795795dde440425382500e0abfe25baec51036e92ed8937fe1f6 |
| SHA512 | 48efe5fb424c31efd70916ad89882f6ef611a865666e10b1b4570c3c34e8ddaf109bf2ff50a0911aeef5effabec3d0b057e92963e0e0490567973a7bef1ac741 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\pYx84E5QxKsDa_GCjDkQj38YO0k.br[1].js
| MD5 | 487d9ac02e3cf57172045869ac3f97a2 |
| SHA1 | 47c9870beb200a74d274fdf9e98aa2efcd54efbd |
| SHA256 | a97799ff4c48323ad3314a13e6a20a69145d0f8257fdae6882551d6fb6610ea6 |
| SHA512 | f13633d84fe8133da9d1823ce418cf42717cbe79176c9c11f4a7dd66905ba1aef571b968bd29d7c7ca91d802b4b36aefdb0c5d715e480215754c5d164eac27cd |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\y9cMttd-SwSaYuiqhqk701fxHs0.br[1].js
| MD5 | 142a83c5800451a9731a262400de2419 |
| SHA1 | 1e5f6598f7f6b43a6f4e1b2a900ce1676e0c024d |
| SHA256 | 7d49a33d66c98ab838f9a15d2ff49bbac72c1588d979644fc174116d0afcb852 |
| SHA512 | b1d7fa83b4bc787409c088f7cba58acaa031fe3239a7bc139b6d4839ad6c66156e44cdf6f545d7b6b9309b3ebbfa0b17d9f307884f679cb6d2ae11c6935eea2f |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\7iVUkp_QNKYQoVs0zBrZVocZL9c.br[1].js
| MD5 | 97915942b6a10d84303c4dacb1504534 |
| SHA1 | e0f8113722bf674a19a62486e3bac49411808822 |
| SHA256 | a0f0cab751697baa6ebe2474b612fcb9a76dc11f3c3dc1b190b48ea97d7ae6a5 |
| SHA512 | 973400122d040141fea4bf4d19490c414ca53c39ad02e1b8d0eb06a5faf9b38127bdf36d0f172b0e71002e9f45246aba07949339ceeacb75a6f8e30f0b3281eb |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\7LkHIwasTuL6tufzeF3vEaazAxw.br[1].js
| MD5 | b8f06071ffe625e57bdfd1a21e49c819 |
| SHA1 | 2559eb20b15847c8b2f56e1d202466ba4c5f9d63 |
| SHA256 | 9793a56fbe3adbd00486687221bd29bd39952b83c16c06b59b322b06db539a45 |
| SHA512 | 04d1c6e734890261e5fe4e8898fab2398cf6a0cdb7a6f99b25808bb276c93a158882c0ea73723edbb09ad8aea298682cdc03a79d55f7ff3e9b7d78238a96f4f5 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\ehd9DVTDg25XG1HgnAeMa17fMkw.br[1].js
| MD5 | beb88ed8f5f9a2aaf9e38981609da958 |
| SHA1 | 44cecb1b5e69cae3c75accd8be11d7cb500b8dcf |
| SHA256 | 6c51f791aa6dbfbdf5e8c2803e69f6c18d58d96def088ee770bd92b7cdf8fcdc |
| SHA512 | 43cac0046ecd97ca77f6acfc6b997c014f0156e67dcff16493bf43df695c4963bfc4c109c2d75e2259e7022cb315f74aa1ab147049b92e8fcf84d33552da9704 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\aE8OMYmbAbtZuaBhCiFbNjif4c8.br[1].js
| MD5 | 4fb1c5e7b360230bcc9df540edc9e953 |
| SHA1 | 49a65c2d617a9fa5489a318dca6a7931bd26be1f |
| SHA256 | 017a095827f9514495c2c89b425832f5a05482f7de42c6bde34f9a4ea19e094c |
| SHA512 | f2ff4887493008a72b3d68d042b2db5d2013f44c109930a90f5a33c6ed7348448dacfcd4df15cb9692c7c9e3fc9e32bd609a46c14e09cfc158bc07328bd49d1a |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\MCwdqGFTwqu20jt3177s57V4wZk.br[1].js
| MD5 | 41e1135d5d4aefe240c4dbd7b71f40dd |
| SHA1 | cd1d7feee9a4202cf3a32172e8c5b081855f3061 |
| SHA256 | 2e51a8c4ab5b014aeff1eeac9da5a0937f5ca7dcde7f089f88db05460f2c47ca |
| SHA512 | 8b43c0246a2a3447dd0fc818a67faf5c76d4bdbae52989c80da3004f032033cd2fd45e484727facea150125766a8c6b9b1094b855b9e1d23495e85d8ae1ce041 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\DUK18cY3cfD0zk-_nBEv4bFX75k.br[1].js
| MD5 | 600aab0f07672850c21b8ad1f208c021 |
| SHA1 | 1164fe094cff4bebd4a1d307f6083aa13dc2f556 |
| SHA256 | be32f8b54035cf1dc8c7eb6e9b7b297262bf16275c97df2988f02084e4843390 |
| SHA512 | f6c1195c7dca727848d863d0d653f8ccb814d9a0c2b0481d511bafaa5b2278bb9b7b3d954cd26593a8e277bcce0f0b555457068c4e992eaa011bdc900bb05535 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\Ivjrtaa9JhEJURQVZcs0_qKi1j0.br[1].js
| MD5 | 1393b275fc02e98dd08b99ae54711edb |
| SHA1 | 7335dd3a3362c569fad744326398ae52593fe704 |
| SHA256 | b16854c988c234faef71a84b6fb8b0fabb88919aa7a4c473f25cb0017937a4ca |
| SHA512 | d86dc4c20d2f5bccceac4c986e91ebca270091959d447ef0ac336f83945f3262ad642ca3415f0168a8717812441b4681fc02d812dc8c87fb3853e59c1ba6a961 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\wdztorm0zepTG5y9h06J4IZsb-U.br[1].js
| MD5 | 0e84fcb6403b13a8458d66ebcf66e53b |
| SHA1 | 2621afa6dfb35a0392837505c3cdd0f5bb91e089 |
| SHA256 | 02b0bd64a0fa50ed4655add6325858ba2bcdc33978dcd9d93f4b3c5eddb05697 |
| SHA512 | 9fbfd419ecfce55444a4dea65389204e2a19ecc325f31bec3dc27683be29ab94aea1cf2374f0bc252d21a8856324788e146f3cd2e00983c2a312a0fadea724e8 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\6juFsmmZTw2skj7CvpgreXtsgqM.br[1].js
| MD5 | 8d8ef449b2b1bc9adb67f33b6e4b2c0f |
| SHA1 | 631b24772931a30f4f0c776b34bbcfc5507e2b88 |
| SHA256 | ad13abe2c6fd52cf3608fbe4388bfdb14b54c8b7243b1e8d047359ad9023ba70 |
| SHA512 | a41d6023e1d29512efe9e4e34d2ff22abb6dd17bdb05f5004df53ff082ef2d90af96c6f8ac39a6f5146b7c6e54ed9add94832f21b8aff27af7de2e223a92e0f8 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\CuoJ-XSESmq5e-S0atX4JdNgEbQ.br[1].js
| MD5 | 2f0016fc606eeae0bc4b2a3d01e02d7a |
| SHA1 | f4767ce1d5405a2b28543570bc14692fbaa9a998 |
| SHA256 | 2b0277c292e4a513ca0eba797f9958a9388f49cafd6d2497cf309e9b6370301a |
| SHA512 | 0844e67bbd61dc7bd6b1c25ea0ac3ba41b685279b538c8f07b484e2d957acc8c07ccb84ee166284950eac904f3da4a6252a9a4c40f7f60478fc088584a0e2d61 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\gGRPwribt8XPTQXpd2zkMD5o04w.br[1].js
| MD5 | eb8aa421c5061f7eceb605c499779712 |
| SHA1 | fe6d09d2ae127eec408ce082fa5fe295f803e92d |
| SHA256 | bf0522679a5e3b62e1309c7412c183375c1029b4e19c69c07d7f736f587c2b35 |
| SHA512 | d6f63a298f18e22c22f477d4d01227e896bc84ff983d60231a1cc15981f59a4bce14c78a3d8a676204e5c68e07275ece5b6684f325095595ef9e1a30a6fe3131 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\aj9VOivqSueJ9SugNuHsiq8s6rw.br[1].js
| MD5 | ffa6026338be078a92c0242a51f8cb15 |
| SHA1 | 29f43932e0fa9cb87ff63798e37adff4096f5f81 |
| SHA256 | 01de69dec68e17743c146e8612fada1cf6a44f359c39fde8b7ab61164bacc6f8 |
| SHA512 | 365c0da8aa3dc879e5ac4da2338dd50f05b63a4ec4f464b6c09374dc3936743fe24b050732dbed64aee020063bbb110d0f3f1d8d729c395835011875b9285b75 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\X9zPQVZQzKFTYze2B2WNn1LJCS4.br[1].js
| MD5 | 5b3e2fd8e824e69b2e32469c046a35e5 |
| SHA1 | ac62b20d73e2fa61030d585deed53e58d03ef74a |
| SHA256 | 9077771f70727a1d7007a97feb2a07ce753e90e3d1da19a733e46f36e7910397 |
| SHA512 | 01fde7361cee5d3ce3093f55bfea0745670004d228934a46064537288f983d26b62869ef969875e091045e6a28eae3ef0d9e59e7de824ed6b76cce52a9fc7625 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\XvPs3zdtm8Xfl-ujR40Xu7FW0LI.br[1].js
| MD5 | 23466624683daff4c2894116c7b9ac6c |
| SHA1 | 99b9540b33b694d9eac6fe5d683e6726d72bbd4d |
| SHA256 | 0b0ff20d9134242926337f043aa9e12dad809e78273db9b69796f970eba52019 |
| SHA512 | 15b0064e3f07eb9a7c85a54511cb6095516a3142710d18c942f648f5947e819031a51f7d72067f9e04b1c560e50e9e3cbcc7e3735554eb38ada0a0be2a2367ab |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\2pI-3yxS71qnL6vzhVIltDQouTg.br[1].js
| MD5 | 12ae5624bf6de63e7f1a62704a827d3f |
| SHA1 | c35379fc87d455ab5f8aeed403f422a24bbad194 |
| SHA256 | 1fb3b58965bebc71f24af200d4b7bc53e576d00acf519fb67fe3f3abdea0a543 |
| SHA512 | da5f5485e1e0feb2a9a9da0eaa342edaeeefaf12ce4dcd50d0143bf476356cb171bd62cb33c58e6d9d492d67f281982a99fef3bfd2ebb9e54cf9782f7b92c17b |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\wNhUjm3kl_kvyfrio44J6j1zdYo.br[1].js
| MD5 | 2ac240e28f5c156e62cf65486fc9ca2a |
| SHA1 | 1f143a24d7bc4a1a3d9f91f49f2e1ba2b1c3d487 |
| SHA256 | 4325982915d0a661f3f0c30c05eb11a94cb56736d448fdc0313143818741faa3 |
| SHA512 | cb90cf76cd9dc16829a3ff12be5274bd26a94097ad036f199151f1c88534a15bbb8f8dafdd699e51df5c38e73c925c00728f807b20c0b097a5842963525baf4b |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\WjLJz0ZZ3W6qclUa_RsS6VdZFzE.br[1].js
| MD5 | 6deb575ed015ba9f359671380474ef88 |
| SHA1 | 0f8f36fa0b0cbc56fa091dbd60d918a0c1f2c99a |
| SHA256 | f015ed4a8bf649fbe3333f1b9e3214ab9cd495bbdd6387812ed79039f2ddd394 |
| SHA512 | d3ace5a16cba1245128b38ef256ec2420a44c929830540dce0f8539ff45dcf833257a82f132c4316d9acfa907823741ae4146a67c99242b0ee1b1ec9471e40e8 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\RvRBoZ5KQDNHwbHfo-_ZBZIoYQo.br[1].js
| MD5 | 718c9d9c2d2a498de3c6953b6347a22f |
| SHA1 | b2f1a5400618972690d509e970cc3abeb72513f4 |
| SHA256 | 66133f155e3a433e9eeca08dfc3b4e225d358e1a89ab0665379eff319f9f0081 |
| SHA512 | ac55ef9f45d29cfcf7d80c009df4c55335f7c3b55d66aadde275f580f321125a2c7669f7157d5bf9a34b3513c1231935a461f46eeebdd87b7801685fc95dc6c3 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\lcj8996lLPHohM7LK16sWWtGSzE.br[1].js
| MD5 | 2937c6dcad55e5e4a67945f4f803c7cd |
| SHA1 | 27399487b23109021f178841013d476f92b057c6 |
| SHA256 | acb0819704ddc4062d6a3b565ba7fe999fef298778b4b56c284e8f1bebf3c9b7 |
| SHA512 | 2c07163f841a09d2061af35c7183984475247ce50a9000b4b2b0b5240701a64b140eca99853238db08bb94e9b9368bdfffe9e83185eda1745fb02e6f81110d3a |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\f2tIUlGO-Vx9ewtZM2JDtvorAmk.br[1].js
| MD5 | 3a53ccdee6715ab68cdada74b043d626 |
| SHA1 | 3cd6e53aebfafe937e6bb5760fa25c53aeb0d5a2 |
| SHA256 | 75dacdd30b50e24162a626a89636f28fd4851fd6c97ec28a832f2aeff6919a39 |
| SHA512 | f33706b9bfdb679cff063affc300dad03b08cb6f5c921487e7dd97882e8c7e3c33034b9c6f0734dfaccd508ca317bfe68ee96ddc9546a2d43b1e3731ff4f75a6 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\y1tiMssL1_ZRGIkBjxDYmR2kX8o.br[1].js
| MD5 | e3c4a4463b9c8d7dd23e2bc4a7605f2b |
| SHA1 | d149907e36943abb1a4f1e1889a3e70e9348707b |
| SHA256 | cfb7fa1c682c6eee2b763b37e002022463cd6435434a16f6335f33fb98f994a6 |
| SHA512 | 3a4e38e4c631d8e845edbc01c986f73b0368f8049beea7a3e8a34bdd5864c34103a48b19749c11b5bcc71fdaa672ef6c42e305e1cc6b37abea934766f3deb068 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\8w26ODmd1hk4C30WJtfkdBYFSfE.br[1].js
| MD5 | 072d0f8c7fdb7655402fb9c592d66e18 |
| SHA1 | 2e013e24ef2443215c6b184e9dfe180b7e562848 |
| SHA256 | 4cd4cc3d07bbacdecb7331bf78fc5353b4b2664b6c81c1c0237136123d8e704a |
| SHA512 | 44cecee114212d2901dd13f9200771c708ef6e89b9bdcb75edf898a1e39833aafa4c7f8ebfc2f613d46eeea35222a1dfee3671a1b42679a94beaec099164f009 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\AsdMf7D6KLdP5SQOeuSIZtV8-sA.br[1].js
| MD5 | 43b58b6b14b60581457ef8a405721626 |
| SHA1 | fa9da729b92847cc05ad81625b5667f299b75c08 |
| SHA256 | cef3b449403a4725a3866768f730e13f1bddec067cc67f306f023de2815a2789 |
| SHA512 | 4c22ec83b8a81e0716c4ea9c643cfb4c4f9256447a114b7b0e05c0b38bc073f4a0538e2a385e963b3e2634ef34f66050ac2c36801772a345670409be8fd2e829 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\buUaCZ-qbYO2tqBHHU578PNjjZc.br[1].js
| MD5 | e3c88357b2300e478bb1885eb450beaa |
| SHA1 | a3882b4ead208b7e9092c623b56c567fd5995362 |
| SHA256 | def75f204a79082eeae8506874bb8e649e4806fc7be9b4d9d170b2b1a0d7e9f1 |
| SHA512 | f3d3c441f65a8d99af138be945efc73d3bc9961afe75f27cc82671bfb463b153e953b3ef6f9d46cfb0025c15a2ed95ae17dfc701fad3de5ecbbfe7bd40e7cf16 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\IEsUJAq41KbrXKW7f2nmdJPCUXs.br[1].js
| MD5 | a31d65e2f94b0c7671947a653e7f7ec6 |
| SHA1 | c21bf708012f948044771dec640b3c2213e75ba1 |
| SHA256 | 457cbadcfb29fb7fa3650b9580493f71b7e57142178045b6ca0985589d91f2cc |
| SHA512 | 701f099603962b86ff543969c1447330ca5a31545fa80339db8bc558a242d740f41cfe4f0fcdb65690f7b2c092bed5b15340c16cc47717de8fb64adc7a4594ee |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\kFdRGnsF9oNJsnfvt_bKFj-yBxg.gz[1].js
| MD5 | 0794c2ffc9aaf238496bf687a9c68799 |
| SHA1 | 7938be485611f9d417e84b8c0a74bd3c589e052f |
| SHA256 | 805aaa9634639b2eaa912e117219727dfa6e92a63b8b92569c336a9ccde52dee |
| SHA512 | fefbfbd39b9b86d8975d8faab62b50515488e9bf1e21ad72fed9fa93614e10adafc99da77349ead2501b89d422d766adc313b6024bcb9b331ab83a7b99bb135f |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\43BJuM7qM_8Wd1WfIZM2_oK9zrw.gz[1].js
| MD5 | b743465bb18a1be636f4cbbbbd2c8080 |
| SHA1 | 7327bb36105925bd51b62f0297afd0f579a0203d |
| SHA256 | fee47f1645bc40fbc0f98e05e8a53c4211f8081629ffda2f785107c1f3f05235 |
| SHA512 | 5592def225e34995f2f4e781f02cc2b489c66a7698d2feff9ac9a71f09e5284b6bbdb065e1df9c06adfb1f467d5627fbd06e647abf4e6ab70cf34501232126ad |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\t5vZ9VqTO-Sl4hN969ySbvZgV0g.br[1].js
| MD5 | 6932cd1a76e6959ad4d0f330d6536bb4 |
| SHA1 | e2e7160642fe28bd731a1287cfbda07a3b5171b7 |
| SHA256 | 041eb2e6f2582f4c19c0820acf9a0e9a2c7262edede0d397a5f6f0215e83f666 |
| SHA512 | 28bd0bb200704fbac0de2d7c3d1c64a38d5567f79bf24b9c9894c7c6a3b80bb69a5c9f0929cf82163c8e8d39cb6667a2ac81dcb4e6d2072cc7fedfb63219e584 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\EUVdjTinS37NjfSnARYo0K9VebI.br[1].js
| MD5 | 7fce09b34ee7381d4daa5158533f3729 |
| SHA1 | 4b861bb4e501c0c56c0d1f4a4f28b0cb028c4098 |
| SHA256 | 99b92ffa51304cf3a7e77aa89f4e2cd349fa947b2ceba7ba786794f37554dece |
| SHA512 | fba9cc286fc3836d7ad91c04289bc616218116e95474a31dbe2433a60b463514e673e01253d03e0722fd8d9822bf7acf87535aed30dc0eba5d21f87785938cce |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\n7roHZRr1mbNerR9FtbnXOskd84.br[1].js
| MD5 | 98ed2ab2571e3f450ef265f9e506897c |
| SHA1 | 79747169dc2d59a689f575879b86109e25a7f4db |
| SHA256 | 4c4535af86d197589edaf1f6d9e9cdfec2afca8fa4466e8ad584327d0ec8145d |
| SHA512 | 0e752507b9b6cf1da4c622d34e5578aa523f123167f3429b6df24961636c67d6d2cd3d05f6cbf3ab292761e798dad80fdb29682b38bbe0d3a7f4823b2ce944d1 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\fWL2xzriHzWjhZXNxQ8Rm3CwUUU.br[1].js
| MD5 | ca42e3253b64b3e1cc112764fdb38dfa |
| SHA1 | d09178830437f890fde8580c973f5e7049039536 |
| SHA256 | 75cb5d690846dd621f5794d392600ad61904a928366ddde80f3449ed0d684b9c |
| SHA512 | 39dc86d8de9d8fdb4ca9fe8e4824ef35a038892dca766e3c6f0a30eace54fd74a9c2149061a4e54fa7dbff63b5377eea09b6d25eef16104478a2b90e5a746b73 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\Xs0bcRwli50H_9_TOsfurmNnZ64.br[1].js
| MD5 | 1511e1305fbeae4e2826ea0e2fe94e96 |
| SHA1 | b1e8f4e08eb188c1ff157375efb8afe5077ec33f |
| SHA256 | e5c67347f550530145ab3d849e51e480fefdbe3bd7bb97b714b19f7012edcfc3 |
| SHA512 | ddb65679b2ba30e6e93b0e182f36fdd134926f584745f056a52b1e35467152b0d8d5ff7ef29a8530629efea00f31d54c6e15b518cb859d565062261b4b5b9b52 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\uiannz55FdT0j3p9jGwegfI5aIY.br[1].js
| MD5 | 45345f7e8380393ca0c539ae4cfe32bd |
| SHA1 | 292d5f4b184b3ff7178489c01249f37f5ca395a7 |
| SHA256 | 3a40a1ff034448d68d92a75ababa09ba5f2b71d130f5f6bdf160dcf8851529a9 |
| SHA512 | 2bfd00bf303ad5a1e8413b5ee6a162167605511fefb8df61a8f40f80382f5520df690a53b1058365f1d81562b2668376886d0f829517a642fcd87412801fe987 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\eKvcHdnNwo1WcxoSioV4ztnfZk8.br[1].js
| MD5 | fb797698ef041dd693aee90fb9c13c7e |
| SHA1 | 394194f8dd058927314d41e065961b476084f724 |
| SHA256 | 795e9290718eb62a1fb00646dc738f6a6b715b1171dd54a3d2defa013a74f3da |
| SHA512 | e03c4ab727567be95b349b971e29cffb3890cfb1a1ddf997b34b9d69154294a00a5112f4ffca4df4e26bbf96afa75e5943e965edc8f8e21035ed2ef30b7688d8 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\ID-70CBAEOXh6Nwxga-CxgpUq4k.br[1].js
| MD5 | fd88c51edb7fcfe4f8d0aa2763cebe4a |
| SHA1 | 18891af14c4c483baa6cb35c985c6debab2d9c8a |
| SHA256 | 51f58a23f7723b6cbd51b994cb784fbc2a4ab58442adaeda6c778f648073b699 |
| SHA512 | ffe417fa00113273fe7ac1b1bd83c98a3a9dc12d41c77b60c52cc5ffd461d9ca2020c2444ac43771d737c70c58eca40786a5c5762b60f30da523f709684510df |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\ydDuUFvQrnTEDpvE14Ya7abrPGk.br[1].js
| MD5 | d807dbbb6ee3a78027dc7075e0b593ff |
| SHA1 | 27109cd41f6b1f2084c81b5d375ea811e51ac567 |
| SHA256 | 0acdce370092c141b0c6617ed6e2163f04bb9b93d3213b62c2bc7a46fe0243c7 |
| SHA512 | e037dfc31d595b459660fe7d938eedb4f43d208d247174ee8d6fd0d125f211142cd73497e4601893cecb6f565b7e2e7815ce416d72bb95504d3f277e4e806d11 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\26C212D9399727259664BDFCA073966E_F9F7D6A7ECE73106D2A8C63168CDA10D
| MD5 | 40d38bcf0af2019a1354f6ab7aa2c134 |
| SHA1 | 7cd3fe33e1ae36d30d104247d6b5f514ced352c2 |
| SHA256 | cb2cf713bbce697162fb21727573a47ef024af817dfd242871680bc48c465a36 |
| SHA512 | d6e1ff038fbc73b9da0078cbbf4d82c379287f28b4c8f1c26f5f36391d3adf77a166d5dfc3c00bc728bae146ddd0e0d79e71ab87adba227b59d0aaba1bd930fe |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\26C212D9399727259664BDFCA073966E_F9F7D6A7ECE73106D2A8C63168CDA10D
| MD5 | 6875c91796420fa5dfbc71157295fb5b |
| SHA1 | 0827826ad6328c897541f5f5304afd65ec5554e2 |
| SHA256 | 1eeb16bfdbdd68c54c497dbb7444667670bd9e082019ac96ceeb7c534b515066 |
| SHA512 | b1938faebf5c98f4ecb4be0c3968835110b1682e8cea02bacfb42483507b685fe9ed82399ac5f148d62d83486714a98a2a18a4632bc2e38ed4f8a8430fb3e1b2 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\XHM9025Q\favicon[1].ico
| MD5 | da597791be3b6e732f0bc8b20e38ee62 |
| SHA1 | 1125c45d285c360542027d7554a5c442288974de |
| SHA256 | 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07 |
| SHA512 | d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\ImageStore\d2c4jah\imagestore.dat
| MD5 | e444d703c55a67cbebd06b90496b04d8 |
| SHA1 | 8756748ed58effff368ecb3d1d89e6ad90198163 |
| SHA256 | 9361ac93f3fc25b2e34cd6c1424be862b95f217ebae94072961482e2c5e7d7a1 |
| SHA512 | ebe3c2a1623c592ae74cd1f4eaa46dbb09c9bc7fd5c687f6c83281bed66df51ba47015cc918a805e8042bd5500a71daaf7b3286d1cfac54f587e121d2b01d753 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\SRU97PSA\suggestions[1].en-US
| MD5 | 5a34cb996293fde2cb7a4ac89587393a |
| SHA1 | 3c96c993500690d1a77873cd62bc639b3a10653f |
| SHA256 | c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad |
| SHA512 | e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\Bonzi[1].zip
| MD5 | ced45b447c1b57bd09866873ae932e01 |
| SHA1 | f07389a358ceec4a8ade8bf8e0411413a610b56f |
| SHA256 | 7d1442749c55fa52503524b8565638c502565536e514bedda3a991f82c41f117 |
| SHA512 | 8e0aaa496c11fce5d722984a8d0fb6c8d59a6e71c2d641f5bc7110f6237c299d400eab1d8f6d99884e3c6a42971e38c16b07e03a0b0676567e4ebffb346e030b |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\SU1Y56JD\microsoft.8aa91a5fe4f5d8517ae1[1].js
| MD5 | 1b4bd481201681e6e6609b4e84d91900 |
| SHA1 | 712b959a52f424694b3fa5b852c3d7adf27bc19d |
| SHA256 | ce3eeed6a430adf998eac68138d70e1d064cc81a54274c00b71a22f6c1e0b2b0 |
| SHA512 | e844c8e156b94fdedc70830471a4b8cd095926c0a0e5fa3c2685b34a7efbc8d2bfdd662513f46a2021b92d46289ad25ebe7b54d3885c438ea3d4fb7cfb17e5fe |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\SU1Y56JD\common.5dd7cff85de67632bfd7[1].js
| MD5 | cd8d2938dfcc295d8d63f9e40e79b3b4 |
| SHA1 | 08a48c71162cb94c0a4737376c499de1b4666a90 |
| SHA256 | 881c2664c20a836f6784a1db963fe6f69f5809912ffa0b2d54ecc1361526e922 |
| SHA512 | fc252ab5d8444efbc3072b1101c7ce89f91cca35cef475eaa3c28b33dc746aa36b6ac82d1a6d896a975a3e086d8e73882af29392d1235962883bf9e7f0feb590 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\5JE41380\vendors.c47bf4f4981f23895ddb[1].js
| MD5 | 01cd3e668d1acb88b93ab929d450ae63 |
| SHA1 | f44e64fd07d828ef0b41a127faf5fc4d0ccb7515 |
| SHA256 | 76d32a47254928b038acae6e59dbad89eff8d7126eae4391a3a869a3ab6a4eaf |
| SHA512 | b8c1db0645e3aca3e5953724077fa2699216e1f8f780346fba8bbe27f1ec2d8c7bef62dba1a88d3cec8db445418bdc7c3307ac3bf84abfd400d1f1678681e368 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\CZ5OUZM4\otSDKStub[1].js
| MD5 | d683e952b70d9a2c76d24ff78c1e1380 |
| SHA1 | e56b51d8c3eab3969a48b2d668fa1eed770a0411 |
| SHA256 | bd2643a9b113b8811e39e676a95c54960b02f31e93d1b634268df3e981867f38 |
| SHA512 | d3145f74070b5d197be6f36ec1a70d1307211027b895585567c6d88135652ad60c0002f19a3dd58d532ffc12c96224b99786a3f7838027ed191ac5c07aa94ccc |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\QDGCFLQ9\web-worker.440858f9fe4973b6d967[1].js
| MD5 | 3c27e2c5547d9a2776909c6c8da8bff5 |
| SHA1 | c347bc4ea26cf2c55475b558ee9d29b739070c87 |
| SHA256 | 0c1146defd2749d575ddf1f34be4c0c6fe6991de08adcf85555c255df9ede1a8 |
| SHA512 | 9173de0eb213aa52d84d21bea9697c7abeffd5b8be2085e53478f4821c219f1b133dbaf10a26584405880540643bf0d1bf9e9e7718339da7fc03811c7c8231d9 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\CZ5OUZM4\otBannerSdk[1].js
| MD5 | 2c2c1edc088abc81aaec0c432b3c35a9 |
| SHA1 | a1a9308cc13c3a97018ca391bac44c3220522ffb |
| SHA256 | 77acc5d1e2f17b9111f2b7ae27c0ae6d87ccf3fd88a8d8a48606106ff2253dd9 |
| SHA512 | eeee317824b874435a23686de9aeaa85c225cf2f1ad9be8ef20f1b7c5a4e5767c42250a1b1dd378e6773f19cc9f5fa03ca56f8f200dc65df2c2442b2fd6eb489 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\CZ5OUZM4\otTCF[1].js
| MD5 | 77db7e17200d600e83e98a7d6f379f5e |
| SHA1 | 49a49444dff7a0da15a246d35d973b60b86c5392 |
| SHA256 | 8a6ccfbc35513dcb3815d99783af84a354da533ebb5bfbc8d26f65ed87191364 |
| SHA512 | ba697d35e50f2adec175459df218d1dcfe9589ae44322f4fdc0ba894a6f77e5e6f0ff56dbabaa0761c5ff6a828379a25bd4da87f58aaa0c20fc3714033873652 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\datareporting\glean\pending_pings\17b381ba-e807-4bea-b972-578e175e71a0
| MD5 | ac894c426369005ebb241f5d418f9724 |
| SHA1 | 1476fcc85457fb6afd45dc35c62cd367822abd6e |
| SHA256 | dd7ba3213ded0bf39f386f4c839350f8200099487362e235f993764766d9052b |
| SHA512 | 257b75d85f3c4464f4945f0cd6fdd507e8d3775f09239bf2a0c84f67a0f39b685ac707e0fd2947de8e4b584188649bf0aa4a64ddfe0c44345931a22118ec5c04 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\datareporting\glean\pending_pings\60b78c0b-803c-42cf-8794-e4e23bdb98d8
| MD5 | dcaa7e182c1aea7fa6f9ed3e5ddea271 |
| SHA1 | 46ff736b98476867ada4b212088ad27eb7ca8006 |
| SHA256 | 619b13248a937a1deb6a567986b629b88a68145cb25fa84c4acc87dedcd0c394 |
| SHA512 | f31a9a13a17fe61c8a89026cc78a6fbfa669729b99d7400066ef5fe6356fd01c51f02e7573fd21ee2f3da42d700a3fe23c1bb0fffb788b8dd5b31b61ccf02565 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\datareporting\glean\db\data.safe.bin
| MD5 | e9a6f731bded69cb64b076df1f8ea337 |
| SHA1 | 9523bfc5796c94d154634a78f4d518e2928865bb |
| SHA256 | ac8c6b3f336fa13feb0412390b48734580caab087b469d5782173f6ed94dc85d |
| SHA512 | 280363ebef18411ec1c8ba4e884ca4b9907cbcb31454c036000354fb0e6abb0f4ae784323256df842c60814a4ea18cad631215af876bff6028eba6eca6e16d1b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\prefs.js
| MD5 | 2d356821dec3ab52617e3f0fe7bb732c |
| SHA1 | 640c6671f4883d678fe18266099d31fc1a8793e2 |
| SHA256 | bdf2b20db591cef4e5c8ae7d018187839487b2582951bc08c4da94a8124cb525 |
| SHA512 | c924ab27a8022860310b24ab37cc6a34e1eaf9675b593f61e54d75f08782dea3b0abbd4b6fbd0efc0d5d14ce30273c3ac61cc63733d6eacc0398b8cec20a9b78 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\activity-stream.discovery_stream.json.tmp
| MD5 | e15cce7e8d5490eadf2143eeb5aee560 |
| SHA1 | b5e21ffd1efdeae643e36286f18904ff53f04cd8 |
| SHA256 | f78358752a3e799b0cd153652fd5d43fb561c99d3a36a0dc8b9be2e0a0f9d644 |
| SHA512 | ba2802326b0d6ab59d8455378fe2cad24bf39c8f9d181aaaa92a814ba56e5d5503a4ed1891f05f1050c08f91dd7d99a139797082e962578c8415a79791f3debc |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\prefs.js
| MD5 | b0cfd69ee82c33f563f38cf1f8df3d14 |
| SHA1 | 1d6d0217a62b50938c05fc2f685689e718e1c287 |
| SHA256 | fd69f3b65a0be93a201886412e6de564137b7520e16584ba3fd69c5f6ac14edb |
| SHA512 | 1e35ff55ebfdd6ee2825dde9f5b9a3fa501efc880e7e184f6d3093658906dce94925eb669db9672aac00e0a7cef87094bc942c606a5ffcd2cce7ff1572a058bb |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\settings\main\ms-language-packs\browser\newtab\asrouter.ftl
| MD5 | c460716b62456449360b23cf5663f275 |
| SHA1 | 06573a83d88286153066bae7062cc9300e567d92 |
| SHA256 | 0ec0f16f92d876a9c1140d4c11e2b346a9292984d9a854360e54e99fdcd99cc0 |
| SHA512 | 476bc3a333aace4c75d9a971ef202d5889561e10d237792ca89f8d379280262ce98cf3d4728460696f8d7ff429a508237764bf4a9ccb59fd615aee07bdcadf30 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | c86477bb8ca45c7f68c8db0577fad800 |
| SHA1 | d87be7efdad6f9385549790a038cd02139fccede |
| SHA256 | 5b43f7e5c46e841af463d000ec2e27112aafb984b61146bcb4b79af1f547fc71 |
| SHA512 | 20603793710b98e50ee711a23df59b7af68b7f5d537e1471702b292230d195b706274a3919d6914047757f2e4276053705d38df507a23164217fe4cbb22c7846 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\prefs.js
| MD5 | 6a9972774411e06629d1613fe246158d |
| SHA1 | 1b138e565c5f5962fa7676b763d4bda4ef802808 |
| SHA256 | 4392b41c2874c1f9a6430b86ee6d2691a5f0cfddc0988adc299130795c47bed9 |
| SHA512 | 95832a6c7c3d081b848d3320969c1399e01038fdafe6d783202e90926d0f0da2aee0716f885812b76f4d0aa3f1e2c0f283f1699be0f75c4401c2d4b67b2ae85f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 5640a53f6066bf97252037585b556220 |
| SHA1 | c27d713636b8e369f8408dc99507f76aea8d24f0 |
| SHA256 | 5d022bed52399cc4ff559bad4a3e08a8aa923bb09d830bb0dd8c0d96be8dac63 |
| SHA512 | 44896907753ada53b6fdbf95e2659621c607905b3503595f2c8426195943eafe6bec50aac134ad4afef60714861d5dafcb664a25459a3e1f54e1dd3043a6b677 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\cache2\doomed\4308
| MD5 | 2ee2faf3e4eaf4c5fbdb3235f2de4299 |
| SHA1 | 736fa6e8c3796b1de1354cc467b0d42285f9bf4b |
| SHA256 | 2f851ffea468df3ed13688cc4de7c3f43dd080e322681067719dc727d986c52b |
| SHA512 | 31f15476cd7d753cf9eccab253a16d833d58e6f801f7ace61e5cbf8cbf7b216911f87400a269a1edea41546c8663aa7a0ee040968399ad2261bcd4aca126835e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\prefs-1.js
| MD5 | 07df199b1a059ea33b942b36506ea296 |
| SHA1 | 0d32a39ab22d6fcceae47e5124fa0d517ff1504b |
| SHA256 | 7d09fb4e2e9ec89592b3b643130b5b977a58e221c6337e95d035ec903dc5daf0 |
| SHA512 | 46f21e09a1304fb456145077adaef84607b1e5321507d8c4d725caeed67d3551771007cb7d60157067b77ee3811f29434f13c5733fbf299c4ae2c8672094e77c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | c152f76b9276a3beb5458c4e3953913a |
| SHA1 | 6d61b4daf2877c25a118d8037282bf5f4cdfd4f0 |
| SHA256 | 1ca3ef5a6409dd1670d6ffd5dcbb1e60444dfd2de80ceafb36e20ab3c1c91f21 |
| SHA512 | f9c2808389d8fcf5f571a3b17a59472da0891acc6ede465711665ec6aa9a90352f81dbdcd4549cb305001850661e49aff8ef446be88adc4f7cddb449c19dee7c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 6034edff9b1cf76ce9964d643c7fa664 |
| SHA1 | 04104cd1b82fd176d6c3823bc5413b88048da1b0 |
| SHA256 | 3f70db796137bdbed8bd65d31c7a62ac46031922b1e719b37728456fcc9e0b18 |
| SHA512 | 282946d289c797207528bf20532f89b0440a33ad4e2a9c4e6313356f082508d36789b02581ad53fddd572c1cd03c7c7ceb60c1cb7d0d348b44f3d0f010b5dc64 |
C:\Users\Admin\Downloads\SHXHtPay.zip.part
| MD5 | ec1e844660524560cc47649bf202eb5e |
| SHA1 | 061190f0ec9c88c523e790e2bf8388e734d5141e |
| SHA256 | b110a3ebd4df80efc3ab7bc2e07b5e7e173d1e5d3d57708dcab4dc89db3b8957 |
| SHA512 | dd6565e02e68cbfcbe3674765894188f87a8bbc081b97f4063992fadda2798839ca64b9d75b0aa0d7ad4cfef364c8c4df34d4f141f457aa044e021154efd34f6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 6498564a269bb4d3be71cbddd4ab781d |
| SHA1 | 633c62730391dbb6b195ddd7a17a4a8634fdf2ec |
| SHA256 | fa7aca2bbb0ce9f9149a88bc0c5e86bcbbc0dfe40ca5feaef9198772eb8c0fb3 |
| SHA512 | 187ae96306892b15ce520cec894e174947bbe107b9a297395fc9745f97a39c44fd816f11080efadb628ac8cb2902c1cf1ecb295102742f202ec4a97c428566ea |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | a247ae80c72b0691c1456a2b712f2010 |
| SHA1 | ac8677c20aaed8a7247d6516e0ee2b493c95f7af |
| SHA256 | c82441ba4fd4e493092e49bb54ccb4894bb2f2eee5e2fbc4a116af33d26d6b21 |
| SHA512 | 2f0bffd8298ad80714680e49642d0fa63648b7819f3b92194cc06b4dfb7fc604c2f15d8f7924e301756f3192813ccec5f9841d94ba116e7aaa0473f32ffd6a1f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\prefs-1.js
| MD5 | 4b5f9824df284534063bb7d25feb479d |
| SHA1 | 5bb0a48c5c71c98f65591d629545f0fc475a587e |
| SHA256 | bb8e1ec0850e39279766d75b312dfef37433fcd026d2ae7d22b369b3a9bb408e |
| SHA512 | b4cd11944fc342e7599fccaec49638a6063dc8fbf839f3d52bd36a068cd3a39d051b04ed849c95d583c5c4bbf727dfdbac79b2385cf9eb5fadf92501aa40cd36 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | a01c5ecd6108350ae23d2cddf0e77c17 |
| SHA1 | c6ac28a2cd979f1f9a75d56271821d5ff665e2b6 |
| SHA256 | 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42 |
| SHA512 | b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | 33bf7b0439480effb9fb212efce87b13 |
| SHA1 | cee50f2745edc6dc291887b6075ca64d716f495a |
| SHA256 | 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e |
| SHA512 | d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | dd50f62da86d8f819065eee5a9f28a2f |
| SHA1 | 29147c89ad58166490e232995d58973fc4b78fb1 |
| SHA256 | ebc7878289f86d9d5b01109cff9a2238bebe0372a5bbd6d305e78617a9fe8073 |
| SHA512 | f4dfcd28e1a433fde01f5efb6640b55a25164380d2af56f7916b2cab770c28ec03c35aa8e13ce2b11aad6040a048f63a25c83d4436d58a09a53dc2d05e889eae |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\cache2\doomed\13338
| MD5 | 2caad7b89c88b251cf5193f7d7fb7b0a |
| SHA1 | e67a6d084fc79b6e9d7f01c056d7f2c0c1520240 |
| SHA256 | 8b7db46639b686fb0fefd184619cce53c4d53546c5dc5d9219695033851783e6 |
| SHA512 | 37c96c49a5d6078aafb76d0c948da930b0dce64f3c1783120128b00d1b9b8dc1672ef489c0eb24acd41ab122f08437a7ea76f9460ed762fd2c249cb1b6757712 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | 5c2092470283a0efd06aee5414efae1f |
| SHA1 | 9e3795065f3243360826ba31126e2eb5e839ce4d |
| SHA256 | f7ec8b9648bcd583c42cf003fc1307df77c5ecc34cb36a23c262788a117ca779 |
| SHA512 | 31863acefe67fadbad5a6515bb1b2a51aaf4f92bb490dee7b769ef39447c98b96d5cfac8c289af00ccb378d34a858fd2f8accc90c81e48d335eb195fbe42866b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\prefs-1.js
| MD5 | 67ae79d419af60d7b3d5360403ac2a50 |
| SHA1 | 1e521cb2c9f7da0eb935af12f5e588e00c78c5a1 |
| SHA256 | c67cd61548d423ff4656b8a9272dec3d39e51ff7398203eb210ea280449e342f |
| SHA512 | 12167071791c2a065853d008f6b326d790a418c9da8969109a738d046d383fe8f7cf53fffa954df85365336ead77b2e3e2c4d1b2335b45a5996fb53b0e5ca9f5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\broadcast-listeners.json
| MD5 | 72c95709e1a3b27919e13d28bbe8e8a2 |
| SHA1 | 00892decbee63d627057730bfc0c6a4f13099ee4 |
| SHA256 | 9cf589357fceea2f37cd1a925e5d33fd517a44d22a16c357f7fb5d4d187034aa |
| SHA512 | 613ca9dd2d12afe31fb2c4a8d9337eeecfb58dabaeaaba11404b9a736a4073dfd9b473ba27c1183d3cc91d5a9233a83dce5a135a81f755d978cea9e198209182 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\downloads.json
| MD5 | 181243634c1309bedf392b1d8995e480 |
| SHA1 | 6b12f854666abbe8d8fa66b55d96211874d26dda |
| SHA256 | 29075f49e3baa4f4df1a8cf97d76c25c8452aeebd13efff1471399be590a35ee |
| SHA512 | 1c234fd8c403ebfd74dfc3b6541bad28aa489bab4f4e90ff41460ac78f9e2e4f7120fe691fa89dc7007ea74aff9e5cba17445b0b5152428e7732b89a1892420d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\targeting.snapshot.json
| MD5 | 1c40efd946ef07c08eb489b9882d1e84 |
| SHA1 | 3d3df8fd3754f59d5420ce7d7c7e012285aca147 |
| SHA256 | 3f53013fae7f7d2f2d0eff5ed72a675c84e450066f39cac5b8b354000f90ce1d |
| SHA512 | b887dd2e9e6245afe452567e0759dee3555caf65059527db3b0b702c16e8fa093cdfbd1bd1646c877b8be16a7815ddbc7dd16cc54664c235f4cec86973485230 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\bookmarkbackups\bookmarks-2024-10-14_11_f70S+BIHcjdozL1H+8sV3g==.jsonlz4
| MD5 | 14e152530b0003973263fd54064ea363 |
| SHA1 | 98a18c46e4980317a1f795bb0f364f02b7524f06 |
| SHA256 | 98818f8d867aabab23dcf95b03d2d912fd8d6106f1bf48e1f04dc9b5af42f199 |
| SHA512 | 21a75ea8970d68bac8100f499d88b38fbdd904d5217e69492f10f63c9026f43f00508fc62e059f54f82d7a1bb6c16b15f14b281c87542613ddd20893029ce664 |
C:\Users\Admin\AppData\Local\Temp\$inst\0001.tmp
| MD5 | 8e15b605349e149d4385675afff04ebf |
| SHA1 | f346a886dd4cb0fbbd2dff1a43d9dfde7fce348b |
| SHA256 | 803f930cdd94198bdd2e9a51aa962cc864748067373f11b2e9215404bd662cee |
| SHA512 | 8bf957ef72465fe103dbf83411df9082433eead022f0beccab59c9e406bbd1e4edb701fd0bc91f195312943ad1890fee34b4e734578298bb60bb81ed6fa9a46d |
C:\Users\Admin\AppData\Local\Temp\$inst\0002.tmp
| MD5 | 596cb5d019dec2c57cda897287895614 |
| SHA1 | 6b12ea8427fdbee9a510160ff77d5e9d6fa99dfa |
| SHA256 | e1c89d9348aea185b0b0e80263c9e0bf14aa462294a5d13009363140a88df3ff |
| SHA512 | 8f5fc432fd2fc75e2f84d4c7d21c23dd1f78475214c761418cf13b0e043ba1e0fc28df52afd9149332a2134fe5d54abc7e8676916100e10f374ef6cdecff7a20 |
C:\Users\Admin\AppData\Local\Temp\$inst\0003.tmp
| MD5 | 7c8328586cdff4481b7f3d14659150ae |
| SHA1 | b55ffa83c7d4323a08ea5fabf5e1c93666fead5c |
| SHA256 | 5eec15c6ed08995e4aaffa9beeeaf3d1d3a3d19f7f4890a63ddc5845930016cc |
| SHA512 | aa4220217d3af263352f8b7d34bd8f27d3e2c219c673889bc759a019e3e77a313b0713fd7b88700d57913e2564d097e15ffc47e5cf8f4899ba0de75d215f661d |
C:\Users\Admin\AppData\Local\Temp\$inst\0004.tmp
| MD5 | 4f398982d0c53a7b4d12ae83d5955cce |
| SHA1 | 09dc6b6b6290a3352bd39f16f2df3b03fb8a85dc |
| SHA256 | fee4d861c7302f378e7ce58f4e2ead1f2143168b7ca50205952e032c451d68f2 |
| SHA512 | 73d9f7c22cf2502654e9cd6cd5d749e85ea41ce49fd022378df1e9d07e36ae2dde81f0b9fc25210a9860032ecda64320ec0aaf431bcd6cefba286328efcfb913 |
C:\Windows\msagent\chars\Bonzi.acs
| MD5 | 1fd2907e2c74c9a908e2af5f948006b5 |
| SHA1 | a390e9133bfd0d55ffda07d4714af538b6d50d3d |
| SHA256 | f3d4425238b5f68b4d41ed5be271d2f4118a245baf808a62dc1a9e6e619b2f95 |
| SHA512 | 8eede3e5e52209b8703706a3e3e63230ba01975348dcdc94ef87f91d7c833a505b177139683ca7a22d8082e72e961e823bc3ad1a84ab9c371f5111f530807171 |
C:\Windows\msagent\chars\Peedy.acs
| MD5 | 49654a47fadfd39414ddc654da7e3879 |
| SHA1 | 9248c10cef8b54a1d8665dfc6067253b507b73ad |
| SHA256 | b8112187525051bfade06cb678390d52c79555c960202cc5bbf5901fbc0853c5 |
| SHA512 | fa9cab60fadd13118bf8cb2005d186eb8fa43707cb983267a314116129371d1400b95d03fbf14dfdaba8266950a90224192e40555d910cf8a3afa4aaf4a8a32f |
C:\Users\Admin\AppData\Local\Temp\$inst\0005.tmp
| MD5 | 94e0d650dcf3be9ab9ea5f8554bdcb9d |
| SHA1 | 21e38207f5dee33152e3a61e64b88d3c5066bf49 |
| SHA256 | 026893ba15b76f01e12f3ef540686db8f52761dcaf0f91dcdc732c10e8f6da0e |
| SHA512 | 039ccf6979831f692ea3b5e3c5df532f16c5cf395731864345c28938003139a167689a4e1acef1f444db1fe7fd3023680d877f132e17bf9d7b275cfc5f673ac3 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page18.jpg
| MD5 | 108fd5475c19f16c28068f67fc80f305 |
| SHA1 | 4e1980ba338133a6fadd5fda4ffe6d4e8a039033 |
| SHA256 | 03f269cd40809d7ec94f5fa4fff1033a624e849179962693cdc2c37d7904233b |
| SHA512 | 98c8743b5af89ec0072b70de8a0babfb5aff19bafa780d6ce99c83721b65a80ec310a4fe9db29a4bb50c2454c34de62c029a83b70d0a9df9b180159ea6cad83a |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page17.jpg
| MD5 | e8f52918072e96bb5f4c573dbb76d74f |
| SHA1 | ba0a89ed469de5e36bd4576591ee94db2c7f8909 |
| SHA256 | 473a890da22defb3fbd643246b3fa0d6d34939ac469cd4f48054ee2a0bc33d82 |
| SHA512 | d57dd0a9686696487d268ef2be2ec2d3b97baedf797a63676da5a8a4165cda89540ec2d3b9e595397cbf53e69dcce76f7249f5eeff041947146ca7bf4099819f |
C:\Users\Admin\AppData\Local\Temp\$inst\0006.tmp
| MD5 | b3b7f6b0fb38fc4aa08f0559e42305a2 |
| SHA1 | a66542f84ece3b2481c43cd4c08484dc32688eaf |
| SHA256 | 7fb63fca12ef039ad446482e3ce38abe79bdf8fc6987763fe337e63a1e29b30b |
| SHA512 | 0f4156f90e34a4c26e1314fc0c43367ad61d64c8d286e25629d56823d7466f413956962e2075756a4334914d47d69e20bb9b5a5b50c46eca4ef8173c27824e6c |
\??\PIPE\srvsvc
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Program Files (x86)\BonziBuddy432\BonziBDY_2.EXE
| MD5 | 8a30bd00d45a659e6e393915e5aef701 |
| SHA1 | b00c31de44328dd71a70f0c8e123b56934edc755 |
| SHA256 | 1e2994763a7674a0f1ec117dae562b05b614937ff61c83b316b135afab02d45a |
| SHA512 | daf92e61e75382e1da0e2aba9466a9e4d9703a129a147f0b3c71755f491c68f89ad67cfb4dd013580063d664b69c8673fb52c02d34b86d947e9f16072b7090fb |
C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE
| MD5 | 73feeab1c303db39cbe35672ae049911 |
| SHA1 | c14ce70e1b3530811a8c363d246eb43fc77b656c |
| SHA256 | 88c03817ae8dfc5fc9e6ffd1cfb5b829924988d01cd472c1e64952c5398866e8 |
| SHA512 | 73f37dee83664ce31522f732bf819ed157865a2a551a656a7a65d487c359a16c82bd74acff2b7a728bb5f52d53f4cfbea5bef36118128b0d416fa835053f7153 |
C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE
| MD5 | 93f3ed21ad49fd54f249d0d536981a88 |
| SHA1 | ffca7f3846e538be9c6da1e871724dd935755542 |
| SHA256 | 5678fd744faddb30a87568ae309066ef88102a274fff62f10e4963350da373bc |
| SHA512 | 7923556c6d6feb4ff4253e853bae3675184eab9b8ce4d4e07f356c8624317801ee807ad5340690196a975824ea3ed500ce6a80c7670f19785139be594fa5e70f |
C:\Program Files (x86)\BonziBuddy432\Uninstall.exe
| MD5 | 068ace391e3c5399b26cb9edfa9af12f |
| SHA1 | 568482d214acf16e2f5522662b7b813679dcd4c7 |
| SHA256 | 2288f4f42373affffbaa63ce2fda9bb071fd7f14dbcd04f52d3af3a219b03485 |
| SHA512 | 0ba89fcdbb418ea6742eeb698f655206ed3b84c41ca53d49c06d30baed13ac4dfdb4662b53c05a28db0a2335aa4bc588635b3b205cfc36d8a55edfc720ac4b03 |
C:\Program Files (x86)\BonziBuddy432\ActiveSkin.ocx
| MD5 | 3d225d8435666c14addf17c14806c355 |
| SHA1 | 262a951a98dd9429558ed35f423babe1a6cce094 |
| SHA256 | 2c8f92dc16cbf13542ddd3bf0a947cf84b00fed83a7124b830ddefa92f939877 |
| SHA512 | 391df24c6427b4011e7d61b644953810e392525743914413c2e8cf5fce4a593a831cfab489fbb9517b6c0e7ef0483efb8aeaad0a18543f0da49fa3125ec971e1 |
C:\Program Files (x86)\BonziBuddy432\BonziCheckers.ocx
| MD5 | 66551c972574f86087032467aa6febb4 |
| SHA1 | 5ad1fe1587a0c31bb74af20d09a1c7d3193ec3c9 |
| SHA256 | 9028075603c66ca2e906ecac3275e289d8857411a288c992e8eef793ed71a75b |
| SHA512 | 35c1f500e69cdd12ec6a3c5daef737a3b57b48a44df6c120a0504d340e0f721d34121595ed396dc466a8f9952a51395912d9e141ad013000f5acb138b2d41089 |
\Program Files (x86)\BonziBuddy432\Bonzi's Beach Checkers.exe
| MD5 | c3b0a56e48bad8763e93653902fc7ccb |
| SHA1 | d7048dcf310a293eae23932d4e865c44f6817a45 |
| SHA256 | 821a16b65f68e745492419ea694f363926669ac16f6b470ed59fe5a3f1856fcb |
| SHA512 | ae35f88623418e4c9645b545ec9e8837e54d879641658996ca21546f384e3e1f90dae992768309ac0bd2aae90e1043663931d2ef64ac541977af889ee72e721a |
\Program Files (x86)\BonziBuddy432\MSCOMCTL.OCX
| MD5 | 12c2755d14b2e51a4bb5cbdfc22ecb11 |
| SHA1 | 33f0f5962dbe0e518fe101fa985158d760f01df1 |
| SHA256 | 3b6ccdb560d7cd4748e992bd82c799acd1bbcfc922a13830ca381d976ffcccaf |
| SHA512 | 4c9b16fb4d787145f6d65a34e1c4d5c6eb07bff4c313a35f5efa9dce5a840c1da77338c92346b1ad68eeb59ef37ef18a9d6078673c3543656961e656466699cf |
C:\Program Files (x86)\BonziBuddy432\MSWINSCK.OCX
| MD5 | 9484c04258830aa3c2f2a70eb041414c |
| SHA1 | b242a4fb0e9dcf14cb51dc36027baff9a79cb823 |
| SHA256 | bf7e47c16d7e1c0e88534f4ef95e09d0fd821ed1a06b0d95a389b35364b63ff5 |
| SHA512 | 9d0e9f0d88594746ba41ea4a61a53498619eda596e12d8ec37d01cfe8ceb08be13e3727c83d630a6d9e6d03066f62444bb94ea5a0d2ed9d21a270e612db532a0 |
C:\Program Files (x86)\BonziBuddy432\MSINET.OCX
| MD5 | 7bec181a21753498b6bd001c42a42722 |
| SHA1 | 3249f233657dc66632c0539c47895bfcee5770cc |
| SHA256 | 73da54b69911bdd08ea8bbbd508f815ef7cfa59c4684d75c1c602252ec88ee31 |
| SHA512 | d671e25ae5e02a55f444d253f0e4a42af6a5362d9759fb243ad6d2c333976ab3e98669621ec0850ad915ee06acbe8e70d77b084128fc275462223f4f5ab401bc |
\Program Files (x86)\BonziBuddy432\Regicon.ocx
| MD5 | 32ff40a65ab92beb59102b5eaa083907 |
| SHA1 | af2824feb55fb10ec14ebd604809a0d424d49442 |
| SHA256 | 07e91d8ed149d5cd6d48403268a773c664367bce707a99e51220e477fddeeb42 |
| SHA512 | 2cfc5c6cb4677ff61ec3b6e4ef8b8b7f1775cbe53b245d321c25cfec363b5b4975a53e26ef438e07a4a5b08ad1dde1387970d57d1837e653d03aef19a17d2b43 |
C:\Program Files (x86)\BonziBuddy432\ssa3d30.ocx
| MD5 | 48c35ed0a09855b29d43f11485f8423b |
| SHA1 | 46716282cc5e0f66cb96057e165fa4d8d60fbae2 |
| SHA256 | 7a0418b76d00665a71d13a30d838c3e086304bacd10d764650d2a5d2ec691008 |
| SHA512 | 779938ec9b0f33f4cbd5f1617bea7925c1b6d794e311737605e12cd7efa5a14bbc48bee85208651cf442b84133be26c4cc8a425d0a3b5b6ad2dc27227f524a99 |
\Program Files (x86)\BonziBuddy432\SSCALA32.OCX
| MD5 | ce9216b52ded7e6fc63a50584b55a9b3 |
| SHA1 | 27bb8882b228725e2a3793b4b4da3e154d6bb2ea |
| SHA256 | 8e52ef01139dc448d1efd33d1d9532f852a74d05ee87e8e93c2bb0286a864e13 |
| SHA512 | 444946e5fc3ea33dd4a09b4cbf2d41f52d584eb5b620f5e144de9a79186e2c9d322d6076ed28b6f0f6d0df9ef4f7303e3901ff552ed086b70b6815abdfc23af7 |
\Program Files (x86)\BonziBuddy432\sstabs2.ocx
| MD5 | 7303efb737685169328287a7e9449ab7 |
| SHA1 | 47bfe724a9f71d40b5e56811ec2c688c944f3ce7 |
| SHA256 | 596f3235642c9c968650194065850ecb02c8c524d2bdcaf6341a01201e0d69be |
| SHA512 | e0d9cb9833725e0cdc7720e9d00859d93fc51a26470f01a0c08c10fa940ed23df360e093861cf85055b8a588bb2cac872d1be69844a6c754ac8ed5bfaf63eb03 |
C:\Program Files (x86)\BonziBuddy432\SSCALB32.OCX
| MD5 | 97ffaf46f04982c4bdb8464397ba2a23 |
| SHA1 | f32e89d9651fd6e3af4844fd7616a7f263dc5510 |
| SHA256 | 5db33895923b7af9769ca08470d0462ed78eec432a4022ff0acc24fa2d4666e1 |
| SHA512 | 8c43872396f5dceb4ba153622665e21a9b52a087987eab523b1041031e294687012d7bf88a3da7998172010eae5f4cc577099980ecd6b75751e35cfc549de002 |
C:\Program Files (x86)\BonziBuddy432\Runtimes\CheckRuntimes.bat
| MD5 | 4877f2ce2833f1356ae3b534fce1b5e3 |
| SHA1 | 7365c9ef5997324b73b1ff0ea67375a328a9646a |
| SHA256 | 8ae1ed38bc650db8b14291e1b7298ee7580b31e15f8a6a84f78f048a542742ff |
| SHA512 | dd43ede5c3f95543bcc8086ec8209a27aadf1b61543c8ee1bb3eab9bc35b92c464e4132b228b12b244fb9625a45f5d4689a45761c4c5263aa919564664860c5e |
C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE
| MD5 | 66996a076065ebdcdac85ff9637ceae0 |
| SHA1 | 4a25632b66a9d30239a1a77c7e7ba81bb3aee9ce |
| SHA256 | 16ca09ad70561f413376ad72550ae5664c89c6a76c85c872ffe2cb1e7f49e2aa |
| SHA512 | e42050e799cbee5aa4f60d4e2f42aae656ff98af0548308c8d7f0d681474a9da3ad7e89694670449cdfde30ebe2c47006fbdc57cfb6b357c82731aeebc50901c |
C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe
| MD5 | 3f8f18c9c732151dcdd8e1d8fe655896 |
| SHA1 | 222cc49201aa06313d4d35a62c5d494af49d1a56 |
| SHA256 | 709936902951fb684d0a03a561fb7fd41c5e6f81ecd60d326809db66eb659331 |
| SHA512 | 398a83f030824011f102dbcf9b25d3ff7527c489df149e9acdb492602941409cf551d16f6f03c01bc6f63a2e94645ed1f36610bdaffc7891299a8d9f89c511f7 |
\Users\Admin\AppData\Local\Temp\IXP000.TMP\ADVPACK.DLL
| MD5 | 81e5c8596a7e4e98117f5c5143293020 |
| SHA1 | 45b7fe0989e2df1b4dfd227f8f3b73b6b7df9081 |
| SHA256 | 7d126ed85df9705ec4f38bd52a73b621cf64dd87a3e8f9429a569f3f82f74004 |
| SHA512 | 05b1e9eef13f7c140eb21f6dcb705ee3aaafabe94857aa86252afa4844de231815078a72e63d43725f6074aa5fefe765feb93a6b9cd510ee067291526bb95ec6 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGT20.INF
| MD5 | e4a499b9e1fe33991dbcfb4e926c8821 |
| SHA1 | 951d4750b05ea6a63951a7667566467d01cb2d42 |
| SHA256 | 49e6b848f5a708d161f795157333d7e1c7103455a2f47f50895683ef6a1abe4d |
| SHA512 | a291bb986293197a16f75b2473297286525ac5674c08a92c87b5cc1f0f2e62254ea27d626b30898e7857281bdb502f188c365311c99bda5c2dd76da0c82c554a |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTDPV.DLL
| MD5 | 7c5aefb11e797129c9e90f279fbdf71b |
| SHA1 | cb9d9cbfbebb5aed6810a4e424a295c27520576e |
| SHA256 | 394a17150b8774e507b8f368c2c248c10fce50fc43184b744e771f0e79ecafed |
| SHA512 | df59a30704d62fa2d598a5824aa04b4b4298f6192a01d93d437b46c4f907c90a1bad357199c51a62beb87cd724a30af55a619baef9ecf2cba032c5290938022a |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTDP2.DLL
| MD5 | a334bbf5f5a19b3bdb5b7f1703363981 |
| SHA1 | 6cb50b15c0e7d9401364c0fafeef65774f5d1a2c |
| SHA256 | c33beaba130f8b740dddb9980fe9012f9322ac6e94f36a6aa6086851c51b98de |
| SHA512 | 1fa170f643054c0957ed1257c4d7778976c59748670afa877d625aaa006325404bc17c41b47be2906dd3f1e229870d54eb7aba4a412de5adedbd5387e24abf46 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTSVR.EXE
| MD5 | 5c91bf20fe3594b81052d131db798575 |
| SHA1 | eab3a7a678528b5b2c60d65b61e475f1b2f45baa |
| SHA256 | e8ce546196b6878a8c34da863a6c8a7e34af18fb9b509d4d36763734efa2d175 |
| SHA512 | face50db7025e0eb2e67c4f8ec272413d13491f7438287664593636e3c7e3accaef76c3003a299a1c5873d388b618da9eaede5a675c91f4c1f570b640ac605d6 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTMPX.DLL
| MD5 | 4fbbaac42cf2ecb83543f262973d07c0 |
| SHA1 | ab1b302d7cce10443dfc14a2eba528a0431e1718 |
| SHA256 | 6550582e41fc53b8a7ccdf9ac603216937c6ff2a28e9538610adb7e67d782ab5 |
| SHA512 | 4146999b4bec85bcd2774ac242cb50797134e5180a3b3df627106cdfa28f61aeea75a7530094a9b408bc9699572cae8cf998108bde51b57a6690d44f0b34b69e |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTANM.DLL
| MD5 | 48c00a7493b28139cbf197ccc8d1f9ed |
| SHA1 | a25243b06d4bb83f66b7cd738e79fccf9a02b33b |
| SHA256 | 905cb1a15eccaa9b79926ee7cfe3629a6f1c6b24bdd6cea9ccb9ebc9eaa92ff7 |
| SHA512 | c0b0a410ded92adc24c0f347a57d37e7465e50310011a9d636c5224d91fbc5d103920ab5ef86f29168e325b189d2f74659f153595df10eef3a9d348bb595d830 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTPSH.DLL
| MD5 | b4ac608ebf5a8fdefa2d635e83b7c0e8 |
| SHA1 | d92a2861d5d1eb67ab434ff2bd0a11029b3bd9a9 |
| SHA256 | 8414dfe399813b7426c235ba1e625bd2b5635c8140da0d0cfc947f6565fe415f |
| SHA512 | 2c42daade24c3ff01c551a223ee183301518357990a9cb2cc2dd7bf411b7059ff8e0bf1d1aee2d268eca58db25902a8048050bdb3cb48ae8be1e4c2631e3d9b4 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGTINST.INF
| MD5 | b127d9187c6dbb1b948053c7c9a6811f |
| SHA1 | b3073c8cad22c87dd9b8f76b6ffd0c4d0a2010d9 |
| SHA256 | bd1295d19d010d4866c9d6d87877913eee69e279d4d089e5756ba285f3424e00 |
| SHA512 | 88e447dd4db40e852d77016cfd24e09063490456c1426a779d33d8a06124569e26597bb1e46a3a2bbf78d9bffee46402c41f0ceb44970d92c69002880ddc0476 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGT0409.HLP
| MD5 | 466d35e6a22924dd846a043bc7dd94b8 |
| SHA1 | 35e5b7439e3d49cb9dc57e7ef895a3cd8d80fb10 |
| SHA256 | e4ccf06706e68621bb69add3dd88fed82d30ad8778a55907d33f6d093ac16801 |
| SHA512 | 23b64ed68a8f1df4d942b5a08a6b6296ec5499a13bb48536e8426d9795771dbcef253be738bf6dc7158a5815f8dcc65feb92fadf89ea8054544bb54fc83aa247 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGTCTL15.TLB
| MD5 | f1656b80eaae5e5201dcbfbcd3523691 |
| SHA1 | 6f93d71c210eb59416e31f12e4cc6a0da48de85b |
| SHA256 | 3f8adc1e332dd5c252bbcf92bf6079b38a74d360d94979169206db34e6a24cd2 |
| SHA512 | e9c216b9725bd419414155cfdd917f998aa41c463bc46a39e0c025aa030bc02a60c28ac00d03643c24472ffe20b8bbb5447c1a55ff07db3a41d6118b647a0003 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGT0409.DLL
| MD5 | 0cbf0f4c9e54d12d34cd1a772ba799e1 |
| SHA1 | 40e55eb54394d17d2d11ca0089b84e97c19634a7 |
| SHA256 | 6b0b57e5b27d901f4f106b236c58d0b2551b384531a8f3dad6c06ed4261424b1 |
| SHA512 | bfdb6e8387ffbba3b07869cb3e1c8ca0b2d3336aa474bd19a35e4e3a3a90427e49b4b45c09d8873d9954d0f42b525ed18070b949c6047f4e4cdb096f9c5ae5d5 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\MSLWVTTS.DLL
| MD5 | 316999655fef30c52c3854751c663996 |
| SHA1 | a7862202c3b075bdeb91c5e04fe5ff71907dae59 |
| SHA256 | ea4ca740cd60d2c88280ff8115bf354876478ef27e9e676d8b66601b4e900ba0 |
| SHA512 | 5555673e9863127749fc240f09cf3fb46e2019b459ad198ba1dc356ba321c41e4295b6b2e2d67079421d7e6d2fb33542b81b0c7dae812fe8e1a87ded044edd44 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTSR.DLL
| MD5 | 9fafb9d0591f2be4c2a846f63d82d301 |
| SHA1 | 1df97aa4f3722b6695eac457e207a76a6b7457be |
| SHA256 | e78e74c24d468284639faf9dcfdba855f3e4f00b2f26db6b2c491fa51da8916d |
| SHA512 | ac0d97833beec2010f79cb1fbdb370d3a812042957f4643657e15eed714b9117c18339c737d3fd95011f873cda46ae195a5a67ae40ff2a5bcbee54d1007f110a |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTCTL.DLL
| MD5 | 237e13b95ab37d0141cf0bc585b8db94 |
| SHA1 | 102c6164c21de1f3e0b7d487dd5dc4c5249e0994 |
| SHA256 | d19b6b7c57bcee7239526339e683f62d9c2f9690947d0a446001377f0b56103a |
| SHA512 | 9d0a68a806be25d2eeedba8be1acc2542d44ecd8ba4d9d123543d0f7c4732e1e490bad31cad830f788c81395f6b21d5a277c0bed251c9854440a662ac36ac4cb |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\W95INF32.DLL
| MD5 | 4be7661c89897eaa9b28dae290c3922f |
| SHA1 | 4c9d25195093fea7c139167f0c5a40e13f3000f2 |
| SHA256 | e5e9f7c8dbd47134815e155ed1c7b261805eda6fddea6fa4ea78e0e4fb4f7fb5 |
| SHA512 | 2035b0d35a5b72f5ea5d5d0d959e8c36fc7ac37def40fa8653c45a49434cbe5e1c73aaf144cbfbefc5f832e362b63d00fc3157ca8a1627c3c1494c13a308fc7f |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\W95INF16.DLL
| MD5 | 7210d5407a2d2f52e851604666403024 |
| SHA1 | 242fde2a7c6a3eff245f06813a2e1bdcaa9f16d9 |
| SHA256 | 337d2fb5252fc532b7bf67476b5979d158ca2ac589e49c6810e2e1afebe296af |
| SHA512 | 1755a26fa018429aea00ebcc786bb41b0d6c4d26d56cd3b88d886b0c0773d863094797334e72d770635ed29b98d4c8c7f0ec717a23a22adef705a1ccf46b3f68 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\tv_enua.inf
| MD5 | 0a250bb34cfa851e3dd1804251c93f25 |
| SHA1 | c10e47a593c37dbb7226f65ad490ff65d9c73a34 |
| SHA256 | 85189df1c141ef5d86c93b1142e65bf03db126d12d24e18b93dd4cc9f3e438ae |
| SHA512 | 8e056f4aa718221afab91c4307ff87db611faa51149310d990db296f979842d57c0653cb23d53fea54a69c99c4e5087a2eb37daa794ba62e6f08a8da41255795 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\tvenuax.dll
| MD5 | 1587bf2e99abeeae856f33bf98d3512e |
| SHA1 | aa0f2a25fa5fc9edb4124e9aa906a52eb787bea9 |
| SHA256 | c9106198ecbd3a9cab8c2feff07f16d6bb1adfa19550148fc96076f0f28a37b0 |
| SHA512 | 43161c65f2838aa0e8a9be5f3f73d4a6c78ad8605a6503aae16147a73f63fe985b17c17aedc3a4d0010d5216e04800d749b2625182acc84b905c344f0409765a |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\andmoipa.ttf
| MD5 | c3e8aeabd1b692a9a6c5246f8dcaa7c9 |
| SHA1 | 4567ea5044a3cef9cb803210a70866d83535ed31 |
| SHA256 | 38ae07eeb7909bda291d302848b8fe5f11849cf0d597f0e5b300bfed465aed4e |
| SHA512 | f74218681bd9d526b68876331b22080f30507898b6a6ebdf173490ca84b696f06f4c97f894cb6052e926b1eee4b28264db1ead28f3bc9f627b4569c1ddcd2d3e |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Msvcp50.dll
| MD5 | 497fd4a8f5c4fcdaaac1f761a92a366a |
| SHA1 | 81617006e93f8a171b2c47581c1d67fac463dc93 |
| SHA256 | 91cd76f9fa3b25008decb12c005c194bdf66c8d6526a954de7051bec9aae462a |
| SHA512 | 73d11a309d8f1a6624520a0bf56d539cb07adee6d46f2049a86919f5ce3556dc031437f797e3296311fe780a8a11a1a37b4a404de337d009e9ed961f75664a25 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Msvcirt.dll
| MD5 | e7cd26405293ee866fefdd715fc8b5e5 |
| SHA1 | 6326412d0ea86add8355c76f09dfc5e7942f9c11 |
| SHA256 | 647f7534aaaedffa93534e4cb9b24bfcf91524828ff0364d88973be58139e255 |
| SHA512 | 1114c5f275ecebd5be330aa53ba24d2e7d38fc20bb3bdfa1b872288783ea87a7464d2ab032b542989dee6263499e4e93ca378f9a7d2260aebccbba7fe7f53999 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\tv_enua.hlp
| MD5 | 80d09149ca264c93e7d810aac6411d1d |
| SHA1 | 96e8ddc1d257097991f9cc9aaf38c77add3d6118 |
| SHA256 | 382d745e10944b507a8d9c69ae2e4affd4acf045729a19ac143fa8d9613ccb42 |
| SHA512 | 8813303cd6559e2cc726921838293377e84f9b5902603dac69d93e217ff3153b82b241d51d15808641b5c4fb99613b83912e9deda9d787b4c8ccfbd6afa56bc9 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\tv_enua.dll
| MD5 | ed98e67fa8cc190aad0757cd620e6b77 |
| SHA1 | 0317b10cdb8ac080ba2919e2c04058f1b6f2f94d |
| SHA256 | e0beb19c3536561f603474e3d5e3c3dff341745d317bc4d1463e2abf182bb18d |
| SHA512 | ec9c3a71ca9324644d4a2d458e9ba86f90deb9137d0a35793e0932c2aa297877ed7f1ab75729fda96690914e047f1336f100b6809cbc7a33baa1391ed588d7f0 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp\~DFEC067A43497D7788.TMP
| MD5 | d3cdb7663712ddb6ef5056c72fe69e86 |
| SHA1 | f08bf69934fb2b9ca0aba287c96abe145a69366c |
| SHA256 | 3e8c2095986b262ac8fccfabda2d021fc0d3504275e83cffe1f0a333f9efbe15 |
| SHA512 | c0acd65db7098a55dae0730eb1dcd8aa94e95a71f39dd40b087be0b06afc5d1bb310f555781853b5a78a8803dba0fb44df44bd2bb14baeca29c7c7410dffc812 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\Bonzi.zip.vhvch1y.partial
| MD5 | c9e05c9837c424b46b7cb57c30932a51 |
| SHA1 | a8760423d7a5b204aafc975836b7ea731bbdb0a2 |
| SHA256 | adb408bb068fb0db27313bb3c0e30e1006ef1e16db7241cdf006199c08166a41 |
| SHA512 | e095933196ec3fa452957cbee9217ca2a1dde30f44d93acc4874b34f87d4b3f1380546f13b5e4ac0c9c066ee0e60db99e0bc067c37bb7ece70c9dbc50d22c383 |
C:\Program Files (x86)\BonziBuddy432\MSVBVM60.DLL
| MD5 | 5343a19c618bc515ceb1695586c6c137 |
| SHA1 | 4dedae8cbde066f31c8e6b52c0baa3f8b1117742 |
| SHA256 | 2246b4feae199408ea66d4a90c1589026f4a5800ce5a28e583b94506a8a73dce |
| SHA512 | 708d8a252a167fa94e3e1a49e2630d07613ff75a9a3e779a0c1fcbec44aa853a68c401f31a2b84152f46a05f7d93f4e5e502afc7a60236a22ac58dea73fa5606 |
C:\Program Files (x86)\BonziBuddy432\Reg.nbd
| MD5 | a8ed45f8bfdc5303b7b52ae2cce03a14 |
| SHA1 | fb9bee69ef99797ac15ba4d8a57988754f2c0c6b |
| SHA256 | 375ecd89ee18d7f318cf73b34a4e15b9eb16bc9d825c165e103db392f4b2a68b |
| SHA512 | 37917594f22d2a27b3541a666933c115813e9b34088eaeb3d74f77da79864f7d140094dfac5863778acf12f87ccda7f7255b7975066230911966b52986da2d5c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\prefs-1.js
| MD5 | de6381f88acd02a6cae9ed64269d5e4a |
| SHA1 | 95829cbe2cf00d8af650ea40a0eed1adcc7d1769 |
| SHA256 | 8c20ddb85c9297023d86077eb62993f7b4ffa593333f87a183d5fb8b47f5ba71 |
| SHA512 | 54f357bea6c8760eda14eade138da1850755d8904bd3a685a3b25cd8b1ee871fbf771f659e76ec90a7f7de21c768efbb159a03b5e5cb2be8b4b8e9219d101275 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 957c77b36893960fb3feea668242a287 |
| SHA1 | 40d9e48ca08f4860dfb6b42a9db66f612f6b10d2 |
| SHA256 | c2952bd0464f56685bcb03adaeed59d618d4c6fe5f00b1ca0919a83858c34ba0 |
| SHA512 | 43aaa42e450ace006a1c394e2d550e3a3aad4eeb9bd8331c4f32ff34bd76ddb5a88622f9d6bca1227040359281265c36ac03ece776e9407e35c41f2fcc5c431b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | e354c17800221ca39d434ae31dc1649a |
| SHA1 | 015b2b6dea2b04f629c1c79dff6b9aaf6e7cc659 |
| SHA256 | 1931af7769add17dd3400a5612b01825cf3495ef6bbf0508587d0a98198399c9 |
| SHA512 | 71bdd4474c94ee678e7ba198db7bd656c1982b7b3e842ecbd8522762af5207c188bbdeec27d0aa394d71f3a4db3d5d300d53c5213c4194d10eeda6dc7a9e6a38 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 376a7f877fb70cfe4803d1536d4afaaf |
| SHA1 | 5c9bf48c275241039273006c32e5f8600e8e7426 |
| SHA256 | 15b005914d0f46eff8a9145c1ade0b74fdabbfd89f0a81146ac6937c7971e546 |
| SHA512 | 6b692d460c9d4cdad42e09693629ef1b3c78871444edf834973b3e8434556fb29f914bfc589d8fb71cb895f86eea077bdf55cc749bd6fb0d2a60740ff12cabbb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | dee669cf0f2fdddd2068c6c78ae0bbc6 |
| SHA1 | 818f800bdd8192d02358125f32c248370fd15931 |
| SHA256 | dd4a0e0381802b9ad3d8347eb9fc754b884699fe0a594ea50e3f801b55219ba4 |
| SHA512 | 584a8367dc536422b07a359aa9fe43ed77650d11cb39c939cc5c0434783847445eb4b236761c4822c898dde23545eedce54f8d9cf72ba66252891c54e736396d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\SiteSecurityServiceState.txt
| MD5 | a16c7333db536b8ac6dc2df02951098c |
| SHA1 | bbb2334c39b52e1dcb0ef458b84c20fb49b6742c |
| SHA256 | 1d0e43d952b1eb1569308c577c4ed791811a94da0224a69290aee56883130f7d |
| SHA512 | 0fe05c3cf8c385802b7723c01dd13e914359bdb92ce6dadd41e65a0aa184f2c04f3a6c49bbb8c1656a172a1bdf67876fc711d9742ac19b3e9a17c5a5dca9c83f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\AlternateServices.txt
| MD5 | 30901dd9788be8e05f0878023adfcf06 |
| SHA1 | c69853de659d5ce01f6ea67ea3f9de171dc722ca |
| SHA256 | 53d9edcf4f72d269f4a1a950e822f69a4b60756a9b04e5e8ef44152b0696856e |
| SHA512 | 7128b3cdf28eb7ef9ab27cc09912727eeb9830eb62219a1e3da29b973b899a2eb9eb829c5d37f50c04274f5f0a89d6a4c7eac364301b2de1f9f95a5d643f1a05 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\cache2\doomed\5164
| MD5 | 6182bc711280d72d25fb97518ea875f1 |
| SHA1 | 16f630f42ff24fb03b5b303a2956c6ad513d48f6 |
| SHA256 | 5b0f67ef072c38f39a5722c45b069584f46f0cde56266f5ae48d84f4a35f9767 |
| SHA512 | 3a2484694f89517956539e9be995a7d4baf67d6c69de014ac93808880ed112083a8102af79c8447cff0e6c93b2b09ef02f541d99ef1804c335d01599b9203cb1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\cache2\doomed\31861
| MD5 | 2156b930e953164ac74ddd1a679e067e |
| SHA1 | c7721391c1768aa69e1d8c7eb59f3ebc7fc33347 |
| SHA256 | 125f05c1a65d710f9396285b7db0fbadf62e4bfddacfbc39dd9e8c4833483748 |
| SHA512 | 17d28579e62e6a40d97fa14504e93ae949b46ed079b32d0906bb75aabb54a2adada13082ed9c49d624f98c31ec9a9f9f00ebcaaac573febb27c4c3dc70f6a04c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\cache2\doomed\7331
| MD5 | 1b95826b77c4ca1e69d056b2aecc558f |
| SHA1 | a5be67cb7a9854d8ddf9a88d9a45938063423f3d |
| SHA256 | 8da26bfa11702f57de39aba614c7ec1bf681ac14c4ed3bf067026723b4d45be8 |
| SHA512 | a292a9e25c5026a3a0f0a5c0f172991c4baf409ed649fa1c6b22356aee5f60f5eaa004ce5835cbc777ed619f31d2b391a6bb645d20b58696bfaa373db1699e14 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | a38775864c0f9aa4fd868bcd5694a8db |
| SHA1 | 1b20b3dc33ef92fefb303c92d7470d62bf2bb2a4 |
| SHA256 | 0fb082a82a3e7cc7e86d5b3f08e826d3f8cd45877c790bd9bd8d2371f849f26f |
| SHA512 | 1d51978a3abdd5b95329fce678d23056f153d5337da3cfedf843b15414e4a40caeed9a46dbb41b7a6b6499429a16441409477007d2930409b1fc321741d13a12 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\cache2\doomed\4484
| MD5 | 358d4bf5cee54a2d8e6d9afb12d9a85e |
| SHA1 | 10e7b7d1812c7a7ae610af83de7349a69e1b822b |
| SHA256 | 7a94abffbddf1f7f9d9358f20d257318b377b436c8a8890cd5a52e9c5ad41ce5 |
| SHA512 | 75e817bf10178c62c69ccf8749eb7b38dda902c9926f16a364800371e8a334df035909d1973e3a240e0e1347b1e2128c0f32bd6f9232c923c6119a0f0c0f0588 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\cache2\doomed\2577
| MD5 | 97cf0db1c85d4963d5ee5d6b7b87e483 |
| SHA1 | 1b7a2dd46eb9ede90f92bfc887f7867248057535 |
| SHA256 | 3c7bd85fae34d3b3ed72cea3f4c48200305b59528a2a874346312a38fa5e6995 |
| SHA512 | 2071a8a0c5051cc565205546e87df1f12a8911c465fb7cbbb288913fc7727f0817f26c20dc6531d9eb91e53d94bb25699beef5ddedb1afa85491163da1d98915 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\cache2\doomed\16784
| MD5 | 6f72e1d1e1c0cea9fb3933f7d9f42230 |
| SHA1 | a80ee153507397a9b7571928acb6acade1650790 |
| SHA256 | dc73442ba2ad6230bb333826cec75862d7ea311f983a3746dd2d07fae6b06734 |
| SHA512 | 3c49c768df4137962724326f8162cf7970c222d54dc806f1291375bcb01d8ff9ae8c2d4916073c8ba6f4a72c7b2a479be32b12df4c9ff20a8729dc7252a138fd |
C:\Users\Admin\Downloads\fortnite-free-skins-download_P-btZt1.Z3JUMPpU.exe.part
| MD5 | 4cef35cb56164e4427c8890cf5cdfd85 |
| SHA1 | 242815e66819f32d46c37a57ed707030f57ca2c2 |
| SHA256 | 564b8e327a13c948cea21587245b7b0005f786ea57f62bd602ef4ecec66171c6 |
| SHA512 | 10d9755fda076e6f363a13bafbd186f7161b434d54165057b06c6ec0f1b8292444bc90cd558048b228be0d5e46ebd3c99ae379bb71c27ee300224d7d9eb1200f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\downloads.json.tmp
| MD5 | 3ed73ba37ccf18127e3dd4257e783d7f |
| SHA1 | 541a4af5e48eecf268b4fc48e7ced864585a1bcc |
| SHA256 | e726f7a3e5e7d655e7161942e2e668963ca50001d068cee70ff164f4f12dfb0f |
| SHA512 | 2c5db39b949f5a5a361c619c59ce7c9ce88770aebe5843c345e532bf3f9b6c48ccc811763dbcc024670287e0f259f005af18ed841067bf975fefbc4aebc9ad19 |
C:\Users\Admin\Downloads\OperaSetup.tNwzDCjn.exe.part
| MD5 | 54df8b7c54b53de240c6ec5a9af8973f |
| SHA1 | 91511e3bbd16e377221317a00b62c75b3a502981 |
| SHA256 | 12bcf8101aef4baf2c23c3292269e2616b31b36797bdfa0a2c0c1b7e11d8b07d |
| SHA512 | 6138e07bb1dc59239685dbf9f791448188ae04a1ac2d1d792477e20f1b1067cde66179d8bd81331517b99fc5c5ff9f508865f145daf079b1a613b45fae13d4ed |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 9360f19098496ab440344f6772903c47 |
| SHA1 | 3977d7c5419361cc088a822344c0dd8231972a4f |
| SHA256 | 763f2ef3cc314845fdc1230d90c8bf50d73d47257051dfdad478e26c8966db91 |
| SHA512 | a4847a4257f73deeec95bbb2136f6a3bb1180bfd80280366760721c14ac4fc5a4c348e2e11d45f0c250f4749b0a4622901092b9696705b4d987a87e0a2d50468 |
C:\Users\Admin\Downloads\fortnite-free-skins-download.SjP5ReZF.apk.part
| MD5 | 2f18726f2f8d40da56298fd7f385a26f |
| SHA1 | 09ed48eb2fa8eb2391c4869723647ec0ea795f5a |
| SHA256 | 83d758c1c9dcbaa4c8a8201a8bf39d5b04edd4b2b865c301493f5859fe534e91 |
| SHA512 | 79ae6e5bc5c04eff8b59ac927410329d0a4d83ab91a8220beb63bd827cf8489ec088cf6f6040172970f01a3ae11aa1b482993331b5ca62f9fedb2b652e6d0efd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | b0a3dc712b48ee1025cd311a6233fabc |
| SHA1 | e810aaa847f9779c0153ce343f6e3135c6199dcc |
| SHA256 | 825a37db4236d639e050e4f2ce376beb0a68eb09e7bf7c9f5aaf507b1b1b499e |
| SHA512 | ef9447d278b53ce357428a68b674a00c0d87f1e7d4e78d63b7e33d8eb48b38df9bfdd2fe2ccf98d67e7fcfaadcd2df6473dc4ab76fdbce2a3e72738bb4bcaf16 |
C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\mainlogo.png
| MD5 | 384b09cacd77168b340e1f1ae52aa8d3 |
| SHA1 | c4d9ef3189b3a2b631dde74361189b9aa40e4e5b |
| SHA256 | a1d7bdf94274fb5f15cfeffc58f8c305a80bca77acff416b4d965a6cc9d71593 |
| SHA512 | 6539d215feef3902e4924dc9041790df9bb3dfaf539524d5f4b92aa1ca4c179ca49b8d2ea94172e4fbc282cc92328a324902e9a8f09b720d866b105e5dfe9c8d |
C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\loader.gif
| MD5 | 12d7fd91a06cee2d0e76abe0485036ee |
| SHA1 | 2bf1f86cc5f66401876d4e0e68af8181da9366ac |
| SHA256 | a6192b9a3fa5db9917aef72d651b7ad8fd8ccb9b53f3ad99d7c46701d00c78cb |
| SHA512 | 17ab033d3518bd6d567f7185a3f1185410669062d5ec0a0b046a3a9e8a82ee8f8adb90b806542c5892fc1c01dd3397ea485ebc86e4d398f754c40daf3c333edb |
C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\WebAdvisor.png
| MD5 | 4cfff8dc30d353cd3d215fd3a5dbac24 |
| SHA1 | 0f4f73f0dddc75f3506e026ef53c45c6fafbc87e |
| SHA256 | 0c430e56d69435d8ab31cbb5916a73a47d11ef65b37d289ee7d11130adf25856 |
| SHA512 | 9d616f19c2496be6e89b855c41befc0235e3ce949d2b2ae7719c823f10be7fe0809bddfd93e28735b36271083dd802ae349b3ab7b60179b269d4a18c6cef4139 |
C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\Opera_new.png
| MD5 | b3a9a687108aa8afed729061f8381aba |
| SHA1 | 9b415d9c128a08f62c3aa9ba580d39256711519a |
| SHA256 | 194b65c682a76dc04ce9b675c5ace45df2586cc5b76664263170b56af51c8aeb |
| SHA512 | 14d10df29a3bb575c40581949d7c00312de08bb42578b7335792c057b83ab2878d44c87042bbdb6ec8ceaf763b4fbd8f080a27866fe92a1baf81c4f06705a0c4 |
C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0.zip
| MD5 | f68008b70822bd28c82d13a289deb418 |
| SHA1 | 06abbe109ba6dfd4153d76cd65bfffae129c41d8 |
| SHA256 | cc6f4faf4e8a9f4d2269d1d69a69ea326f789620fb98078cc98597f3cb998589 |
| SHA512 | fa482942e32e14011ae3c6762c638ccb0a0e8ec0055d2327c3acc381dddf1400de79e4e9321a39a418800d072e59c36b94b13b7eb62751d3aec990fb38ce9253 |
C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod0_extract\saBSI.exe
| MD5 | 143255618462a577de27286a272584e1 |
| SHA1 | efc032a6822bc57bcd0c9662a6a062be45f11acb |
| SHA256 | f5aa950381fbcea7d730aa794974ca9e3310384a95d6cf4d015fbdbd9797b3e4 |
| SHA512 | c0a084d5c0b645e6a6479b234fa73c405f56310119dd7c8b061334544c47622fdd5139db9781b339bb3d3e17ac59fddb7d7860834ecfe8aad6d2ae8c869e1cb9 |
C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod1.zip
| MD5 | c360e8985dbc697ad5479b95dd9961aa |
| SHA1 | 71305867c24c347179b5acd0abbdab584c74623f |
| SHA256 | 04eb95f7784c97271822351be40df623dc0ed98fb458c3f3ead4a1711bf53133 |
| SHA512 | 09fb19365f5e3f19d7b2812fc543361ea3e34df2f7fcd5f7a9449e3ddeea8a5f91a48b655a94e33ce626b83a218e17260f12279c61692c4311b9d516f1412580 |
C:\Users\Admin\AppData\Local\Temp\is-H4U7V.tmp\prod1_extract\OperaSetup.exe
| MD5 | 9bfb889759ff25ee90ae5884c0f56388 |
| SHA1 | d36a73fb056d70b2c79fc0fc25132c544acdc9c7 |
| SHA256 | e1715b4e01bcaf3c3e14e24e32b53b22b2d1802f3f22f348405f2ab18cbd752a |
| SHA512 | 728827719dd77bcefda1f3b0467d4bab86e419116a4e83aed64a68048fa56d46a22b67ca5c130ffbafe02ac5ec11b1a78a474fb97516037c63ff6e9106305236 |
C:\Users\Admin\AppData\Local\Temp\Opera_installer_2410141703172807864.dll
| MD5 | 4b50fe97f7089d1fae0a25e5ad15ecf4 |
| SHA1 | b3663c083cecbfbb32191ce568da39a4f4216e8b |
| SHA256 | 8942345e35be841fc97ee1c1eda00648e49af780c874a17ed3aa98fcfb455c2e |
| SHA512 | 14bc32ad47cf88f4343502fc30c2e72f8f090d1517a64c9a3ab353990289e8b6981d8460fc51001a5b7adf931a68c306ab25c56b91bf81189616e375343a845b |
C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe
| MD5 | 7da8a2c448b0e24f0ac6f895858b1504 |
| SHA1 | 051b036e288f9778f68670136b919ac7f6fc8b33 |
| SHA256 | 488bb498918b959fa9bba72cb380a0f0683489336b8f754f2437fd041b13682b |
| SHA512 | 2b96a8feb3cd6b9d3e7324fed3595a74c46e1ffaec92f1fd02123d2e1fdbe69ea338956517c52f86c21a6073bfcd680a7c65a0de083bd20b6b9d00a46107fb1e |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\XHM9025Q\favicon-32x32[1].png
| MD5 | ee68a08b526f9f223c0a77ca0b1db826 |
| SHA1 | ace232139d88086f9971fd80cf85ac84bae2da7a |
| SHA256 | 486042f1d958eb079cfc0aea20ae5723d4fc39c4a8550889b9d1b13dbba1fdb5 |
| SHA512 | 14febc2d48eda65bf039298f411af3ff14e1985ae60a9772bd754b19df69a5faed210043fbb33ca7737f50ade96cfa6cddfdd6ffbc40dccf77f9b0e34315a7e7 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\js[1].js
| MD5 | 07ffb1df249c5487792832ea2510aeba |
| SHA1 | f1c3506e977dd8934e19b4d60e5e7599acde308f |
| SHA256 | 3f857e372140c1ed98ce4ab2d872a68c59ae07c4dbe49114843a37d763dc4da0 |
| SHA512 | 07f059d53bc7e1e277227e74d6b368c16009585707e1a567560bee1b6f490a820708ba95c13612035ef2f2ff586e3e85246a2eeade4b6f3181ec7d2e913e75af |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\choice[1].js
| MD5 | 1ff959070c1c7669cc85084f23cf5474 |
| SHA1 | d19f1f241d41ada19534c57d46eebc80ac575d86 |
| SHA256 | 26689e08c0519ae5c5a49c9a80ce9711fcbb88b075734a183654bcc10333e8e7 |
| SHA512 | 53a82d6b7ea2b8eb65c59ce978f18e234d11d7cf933be0af03524a87d32187a84ec2343a92c9fd3ba9745f237bc693d79ab7fd3eb724f9a9bbd36eca1d48513e |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\HhyJU5sn9vOmLxNkIwRSjTVNWLEJ6bQl2xME[1].woff2
| MD5 | ce970d793efa211d87a1fea6f70870d3 |
| SHA1 | 8feece87eae950c3804e8ae2c8620a3322c8682d |
| SHA256 | 256f08320e4147486c1bd28bf69c6e92d23426ab2c4d7daeccfe5e16c52c50a0 |
| SHA512 | 495ea4196e286c6355c808be1e926b50e3594fd6fbcb84a14b329f69f373e554b5d46d31697e5bba439cefb349230f41cdfe547512f4518122ed45a154819c57 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\vcd15cbe7772f49c399c6a5babf22c1241717689176015[1].js
| MD5 | ec18af6d41f6f278b6aed3bdabffa7bc |
| SHA1 | 62c9e2cab76b888829f3c5335e91c320b22329ae |
| SHA256 | 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f |
| SHA512 | 669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\cmp2-polyfilled[1].js
| MD5 | ec29588ae53732429d92230d67227bd3 |
| SHA1 | a1ab3152fafcdfa3b9ca88c29c5a1ecd6c3e9b10 |
| SHA256 | 375ce61ce98125bdb3c07db0d63326bb8b627583ada180907e5b058fdf81a654 |
| SHA512 | 219f17b66a020d735ec5a8b5e2020e3b5db777ac07f3361552b1bf680565365ee85d5f8ed484b1e62c6a5211b1f47b2e050a1309c9f44cbf8d0dd6f7161b1856 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\counter[1].js
| MD5 | 213b95143600b981518486483a62d7da |
| SHA1 | 034e5973746ed418e4ed98049b8aab8fb0c54e6a |
| SHA256 | 6d661954657cac563efd4b9aef7ccb60f21bf97d17059dee4f5939abfc3515f0 |
| SHA512 | c787c8165514215e03c56ab33dcbdf0e2b3f4cbbd722a37aceae57194a1cd5068e188aec13ea67235eec9363ef9de51aaaeaaab655d836e21ebffc76f3bd7799 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\HhyJU5sn9vOmLxNkIwRSjTVNWLEJN7Ml2xME[1].woff2
| MD5 | 06b620a23fa223fb235f57d55e09e742 |
| SHA1 | c54ad34ee5dfb99802b80714dfff65173cc790d5 |
| SHA256 | 3830ba0a1c13e1a44b25b86be30bcbc4581a104b2d875aa377bd613477a2e6b4 |
| SHA512 | b6070ae9416e1d502374329c9dfba002a1eede5cbfafaa61346ec18242397bd6a9793c3f91cf794c0938b972c73f37d1df2aca68944071578441e037d03a5049 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\dit-supplement[1].js
| MD5 | 276876d719b788b550844730b3851e8e |
| SHA1 | e48eb0fa09d905d1858784de3d54e6303e309c6b |
| SHA256 | 18351534209a91b2f82b9d729cd40ec03df685421e7f918abf4da735dc5237c7 |
| SHA512 | 2d654671c4a81a8a0da3d01c33d5e669f61d9b19f90a72de78cdfbba761a7860da45e62c8b2cea2700907766cb1722669bd3e9550065d4c25df5f20a3a96eb72 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\lazysizes.min[1].js
| MD5 | fd4f902b789f81baa379b0ba42c21acd |
| SHA1 | 9f5c7f1b6e8151ed8d54c24a297b27177b38efb0 |
| SHA256 | 6e61be2f374a0122510025578940baf7ef8dbbcaf3ecc5f5535cfc81bd1cfd39 |
| SHA512 | 6d88550e1bddd52e4bef156bd800c97147ae7ba30aa0eb0d0b31815250a119d8c5d165a777b7aa195bb70df2f2dcc159204f6a3e47ef71d24d7861ef58171cf8 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\search-header[1].js
| MD5 | a8911b3362bf5935c0b8942ff31e21d8 |
| SHA1 | d1bf600cfb85ea668868c3fce3cbea54f6d80855 |
| SHA256 | ec47e6472651559ca723a66ef956e8b17527d80edc59644be04633abf4516786 |
| SHA512 | a95aceca86ad4de49687a5b08a2b35cfb0a8c0761cde58d08809e89f293f5aa698aabbaf6031cf78944596a4b0decad3f6c3e95309673d8ca617c7add5d06268 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\geoip[1].json
| MD5 | c5c0c9220f8918932c3d83202ace5dc4 |
| SHA1 | 7026f4f5672431cfa396f25a46ef3ebfc9701a29 |
| SHA256 | be0225e5f79cc0803899b0a4466dbd541b54c96e903dc8f2da6f23d4da02419b |
| SHA512 | 054cda0582bdf7e5dbacdea9789cbaea17a3fd9606ebe386e26d8026d1dcfc04696fb738207e0379cfdc8900de2e99f67e21fa41339ce9997d1a95d97df4a652 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\bootstrap.min[1].js
| MD5 | 61f338f870fcd0ff46362ef109d28533 |
| SHA1 | b3c116c65e6f053aaab45e5619a78ec00271a50f |
| SHA256 | 5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548 |
| SHA512 | 8c2694d03a7721b303959e9fe9d4844129cead2b2e806e85e988a04569da822ec7a0e2ec845d64c312d3e3ec42651810b1336aa542a3e969963b1b2ef65dd444 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\popper.min[1].js
| MD5 | 84415b7368fd6fc764cbe86039ce0626 |
| SHA1 | 62f238e73348c77eb9e865426a7d1b7de23cbb2d |
| SHA256 | c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060 |
| SHA512 | 8423f7a626064813ea9d7ca974ac4a3d23b304717be6853cc10f356ba3a21971c531e2acf7ff0285b81897ba54bf02265c96f4dcde1bb35a350f399ba2479e17 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\jquery-3.4.1.min[1].js
| MD5 | 220afd743d9e9643852e31a135a9f3ae |
| SHA1 | 88523924351bac0b5d560fe0c5781e2556e7693d |
| SHA256 | 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a |
| SHA512 | 6e722fce1e8553be592b1a741972c7f5b7b0cdafce230e9d2d587d20283482881c96660682e4095a5f14df45a96ec193a9b222030c53b1b7bbe8312b2eae440d |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\dit-logos[1].css
| MD5 | 4904ba798fc6fc64de8844cf9b43668f |
| SHA1 | f6211957dae5164bd2daf40f812312a5ea0bc83e |
| SHA256 | 9d35615d83672e5ceb1bf88fb84a9da3a4c243148b10bea4b651f624bac3d674 |
| SHA512 | e2d346e832ba71ea6958b7592fa2c15354d3ad1fc4063b14a1db6e50960f077836ca815f1206cc9b298c6a757c605fbd8825da916557b25b76add141f36a10de |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\hover-min[1].css
| MD5 | 766244a6ea3ecb9c1d502e2c03e088cb |
| SHA1 | f4b638b73f95ea6e1937b5ce5792918f9ebd39c4 |
| SHA256 | 73e0bcee3ba93b5a2d0f5239bb2c55ebc5a648b0aab48a0d95c1cb5edccb093d |
| SHA512 | 72cc3431ae285c202077f7789d3729a04a33e2762fbe7936d5af1503687677384f02f8db5082ba577b22eff83f1de87076e9eaa96d7c4700892a90fbacbebb5e |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\main[1].css
| MD5 | 8294a2cb9f5220443c1cfec20f1036df |
| SHA1 | 620a179821ab575ad07af4e426b31801bd81dea3 |
| SHA256 | c91e06fa9ddd31b7ccf2097169b9334c0626886a2488dc57ff03662a8fee7f34 |
| SHA512 | 47e076b0d78639778f7ecf49a901d128efeb84152c9bb4fdb5e76460da136101ed25f73663ad46c4d08cb5b3df6a2bfada69b8515146ae4a0c4a3c7e56be9eb7 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\bootstrap.min[1].css
| MD5 | 4a06316bf34e208892e55e080848aaee |
| SHA1 | 069ae98189b1a33c3eaa923cd8a8ebedb89c8c37 |
| SHA256 | e3400e3ea6c68192ead1f3ed3b73ed718742596e653370e25dcbf279dfa4e8ad |
| SHA512 | dd7bd1828b73d5d29620805f11aeb2a79c23fd5681f43aa51c1212d78f4829e3d5ce3454131384ed743518456bb70d1343ff66b36063655793cc6ba23687a552 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\css[1].css
| MD5 | e481b1dabdde1e42c728916643efedd9 |
| SHA1 | 861922a2e156d4766d86e1517cab28b1008a7af3 |
| SHA256 | 814348bb672961b6f4207dfcdb3b032c6dec279f70ca51efaa254abdeccffd70 |
| SHA512 | 1d79b164432162d001bc2c2237f3de31669c29618d69b56deca374f278e2f6b1bab37cd2ce554401001117bfb5a2b239c226eb6c1e585f1f875ea5b699cc355e |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\35117E_0_0[1].woff
| MD5 | 351e9a80bd41ed38f558ae9a8c72d4f6 |
| SHA1 | 6b46f6f929bde787af78d57107ca5ac08456e0ab |
| SHA256 | c1826c77619422cbfc2d6c86317f35c583411abd2f75de81a7ee8bb309cd9135 |
| SHA512 | 5317bd8fb5eba7255c6f3d79685eb899cc689b71cc378be45834670e34e4b1fc8c67c00698338643919f7f3b25d718d7adbedb107adb656ea5530963df0db78c |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\SRU97PSA\free-fire-gameloop-favicon_i[1].ico
| MD5 | 5ad6aae5d08b519be2fa145db82f0343 |
| SHA1 | ea565528df01b78b13a864fbf45a94d70121f5f9 |
| SHA256 | 4e07e9e989909bf3e7f32b23ffc7187f6218c0759f26103fa5e87e96af76c471 |
| SHA512 | 21105a8dfe3a6414a697d3b7697fcc9793e93c5f956fd8829e98027ce4dae9491ce09006662302f93e0ab2992350590d6efb973d69e9d70e17eff40d64aba4ab |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\1MTV6XM1\free-fire-gameloop.en.download[1].xml
| MD5 | cce9ecbce7dd12dd1f74874db66ecfc1 |
| SHA1 | 1907880a0050a58487558be4958be72c5f8363c3 |
| SHA256 | 2486a44cbc5bbe4f498ea1ae0b35fb2ea71c1a4a12c227e80e55d5922900dfd9 |
| SHA512 | 691e0978be7b77b856bb3e86f46adfc7d3692cde29c5dbd5b84f35c1b28d9ea9bb012545e1c9c67a07662afb47a7761917bb655784724d83f512149ebab03c7e |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\smart-device[1].js
| MD5 | 6787a8772f5ae99719f785ffd7049c90 |
| SHA1 | 72c55b5b96dc70417405ca30ac0056eed621f140 |
| SHA256 | 97ceb2be755727a80c56fdaaa2d5979d25fd570f25005a674707270d6aa79de7 |
| SHA512 | 63c611fb2bdb4b037e08eb12d55cda09a4ea82595890c5681d0e0b55ca979170e63c51aed87a195c3a75870dd4b9c8b66cf8a09b6a947e4b235b810c06bff793 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\f[1].txt
| MD5 | 313879af745c6ed2fc4032c56dbcd2d3 |
| SHA1 | 9dfc6d3774b2394ff4e5a6619d49da1b04d91263 |
| SHA256 | d28450f820e56a3f4cbbc37f7ba43d77d104858cca6ef6aa326136a1cd938007 |
| SHA512 | ad4d2286e7ee2a053fb30225ca8c4ade3d70357144a2201b3767c81a917906a7f48980910ad0e42b8db51873f9687a3a2ea9b95ec0e66d30645c23a6f56b2c69 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\ouibounce[1].js
| MD5 | 69718d6898e29117b4e64aff76ab4785 |
| SHA1 | 35ce7bbad542938fb14075111f5c1bc0fa881b75 |
| SHA256 | 332a4f3e0e1cc73b6dc796594340d2c5bdd5a6af61f559740e33aae5300c23d3 |
| SHA512 | 5c86a9816c079302240cb1f586b1e62796b39e0f5225e14b50f06fa222d4c3f05bef5f82cec4112c6c84cc3accb71653a366172934ae44c7764ec545376f9ecd |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\ouibounce[1].css
| MD5 | ba26561c778bb62a6ed42cb5aae598fa |
| SHA1 | e214f2394a19bf9316bc271973708ab3154283d1 |
| SHA256 | 2e08b5b325fbbd6fbcbaa1deb294125ee425297b994d722bcce1d329d60de2b7 |
| SHA512 | 0d1be0f97114a2adac8be7403f7e3d866935d1509d6d36a02c9fbc8dee2fe1334c326613a092e118731050f2f5cf4561ba7618d7a415e1cbbf68aa689d65011e |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\ajget-download[1].js
| MD5 | a40e6068c6fe11fcd3b5eb819613b245 |
| SHA1 | 377baa31b9f5c91bfdb4cfe6cf8f66fe80320313 |
| SHA256 | a838a8cab2b7d95c437c8ee698ecefbd5745e7c9709146d473547f5e88ddab59 |
| SHA512 | e0889d9a0e1abd835f9e44e82946e6600f282659ab9824c21a5da52d096320aa38e91ed2a3b841df35d97a958422653903273fd92db1bd18014bfb156db49d7a |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\jquery.md5[1].js
| MD5 | f8518e13fbf406f1c4e998580e1fff76 |
| SHA1 | 58df51a344d8a3f41b891a51a86c2f735aacbf1d |
| SHA256 | 4c8ce6c1372920d818248559a28470c6152e5e0be4ca1f45dfb923c34808d21a |
| SHA512 | e10dcd8773404603e96275c30a75a95c2134abbcccdb7c83cd72c8ba0ffbdedd61e3ec034ff09d5883f9fdcd18306e462a470fa5b9fa2c0bd1caeb9307a4a548 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\f[1].txt
| MD5 | 2fe7063ae5312ccb71101273810f1b03 |
| SHA1 | d2f5a8708068ea411820b29350f92d4136a01f3f |
| SHA256 | de2cc0bd453b082ee50c0aacccffe976f093b0bce2984879bff3db9aa1eaa157 |
| SHA512 | a6edf8da9ebd22d42d00f974a259c9961999a32e456a7aae2bb1e6d21c6efbe9cfcf2dbb4bea6ded44fdc103017abd6a984f2437040418770db6532286d3e879 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 2d3eb1f222d8e7d24fced6d1c7512ec5 |
| SHA1 | 64eaaa9e5c4d19e96a70fb1ebc74f7db7231fc67 |
| SHA256 | 8c439a7480fefef2054306f45d213b473d7e40a60b8dff000eb607f8762742fd |
| SHA512 | 6e081987f482c0a058a1d2887bae1b48e8f3a4a60bfd35b4b0376c6fd9fe0bfafedaa824c1c88b9fad2ddbb0e459fb5eb115eec584a71414b0dfa8b4044b1d68 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\dit-logos[1].woff2
| MD5 | 1495c465f8b66f64094c9d5ff163d6e4 |
| SHA1 | 0923046c747b5b732ca91013f12e9b00095db260 |
| SHA256 | 6117060a9640c268607f9f9f26889c1cba88aee1989e9cbb5f4bbb2b0b3c7dc6 |
| SHA512 | a624562b546efc5f6ab39aa6a5202d2ef1d44e2d312ed0de6314a04792b323d07ef1c0afd5918d9475125e43b9e7024a376d66daf34b7b24e9e4d55075e183b7 |
C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202410141703171\additional_file0.tmp
| MD5 | be22df47dd4205f088dc18c1f4a308d3 |
| SHA1 | 72acfd7d2461817450aabf2cf42874ab6019a1f7 |
| SHA256 | 0eef85bccb5965037a5708216b3550792e46efdfdb99ac2396967d3de7a5e0c8 |
| SHA512 | 833fc291aacecd3b2187a8cbd8e5be5b4d8884d86bd869d5e5019d727b94035a46bb56d7e7734403e088c2617506553a71a7184010447d1300d81667b99310c7 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\OperaSetup[1].exe
| MD5 | b69aa6c0fe5eb60df7b647984ee9689a |
| SHA1 | ecbef87c65ab4b9dc9700a36755d027705064bf9 |
| SHA256 | 8c6ef4db070903df861aec196bd56a543e8e92fb2017dd103c4bb559419ca952 |
| SHA512 | df06917ed9e5f90326aa6929246a401b58c35e7c0a3520abc1b2b74397bf91fb139626f71bb73b0620781f5501741ccec009b853c25c1cad9766632e8e087e26 |
C:\Users\Admin\AppData\Local\Temp\Opera_installer_2410141704428831480.dll
| MD5 | a0a086eadb30b33d556ace427e6fe3b5 |
| SHA1 | ccd76ed307469d0e2ec59a57f4b9ef5f6db42123 |
| SHA256 | 99ad2bef393791036eb600f35cd5ba5c7d9cdb28676ceb5fb6fbb748515e2f16 |
| SHA512 | f2208b5ad4180d7bfb1b6eab3f18f52692505d5fc84ef34118e16659421a099f11fad1ea49233951057bbdfcf173c13d9927fb2ea984629b8fe60cd91c8c14a6 |
C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports\settings.dat
| MD5 | ce0696a3359504c1b2b5b1135d73b3f3 |
| SHA1 | 7c42e12ae9c62dff4781546484c3c2f852e09fb4 |
| SHA256 | 07470a7ca66aa22dbba04696e37cad859f0875a1843898953a606386b33635b3 |
| SHA512 | f692eef5d24b95863f20faa73be4a0aac9cc24662239e4fc6dbda4ad01595e3dc2ecd09440690bd6e3b408f287869ad1b340abfabdbb4130d7dd6b9626017141 |
C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe
| MD5 | d2b32d2ca95b09c440db5f37788a3829 |
| SHA1 | d0f5f06b9050ee2cc9202e6eae18349ab1257d70 |
| SHA256 | 6cab004538645353524008c307f897f76a1b46282ea6761cc88fdd4b6fe3e9ca |
| SHA512 | cc091d48ff9abf5add640bfdf99148b466cfded3cafc8451f87cf3723fd4b7f096e4b518216fbf7482f34167dc8deea5de251fe369bccd28ce2bf56b09163a86 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\raty-votable-main[1].js
| MD5 | 4cba79221d3878d9636b541403884b8b |
| SHA1 | 313d7421ce343006025b88142e7e1ad0aee62dc4 |
| SHA256 | 5b79f935e90b63658f207544145a77b0f1eda307bcfc65980d7c9f916965c2ce |
| SHA512 | 016ec47f6b10a0eacdeb76806bfe14224a9e2e31d3e5d5666c0c8a376336af0feed53f632feef593433f6f2229fcaabe505023202878ec50d6c1eaf18ce10f27 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\raty-bridge[1].js
| MD5 | b8e4e3ee3da19ddebb87ba97f12a4bd7 |
| SHA1 | 00a42adcd03b91a49de513bc5c01800b30689953 |
| SHA256 | 147bfa7f085b8fc56ba18f988db65946c89bb63a9e3ad4ac0eaf0693c345b61d |
| SHA512 | 04e28919b59f7109075462ed87d3c52e4b279b9ecd69065774fdcea75ff8db8c117a027d877538ee007be0005e29d47ac90f7be8d20b7b7b4edf0c43ea96d5ae |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\jquery.raty[1].js
| MD5 | 939ace40c4ed43f70b97d225bb2947a1 |
| SHA1 | 0f77522c3ca213b4acb75767acb1200815e20d57 |
| SHA256 | fb5112588a752ef36a064ece2242fe849bfbb90c333608d4515c4d34bbb81a60 |
| SHA512 | 8ed317ccb29cf7fe699becb653af720d9fe125b8f69b85d4bdcd1c14cd019989ffe60d4bf9a86f80d6b13537480577f0039c8b2e128b85b879452c9b9b252f8b |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\jquery.raty[1].css
| MD5 | 60a1c33ce1776d4caa1850b4b5738801 |
| SHA1 | 07d6da09233de767fe680a53eae88daa26197694 |
| SHA256 | 83d31a13cd5e137294047a76fb9f244a98ba7df979f22c492997f7f4916dd3fc |
| SHA512 | 0632815cca059782a2134370ee709732f2118294a5d73f8e0c112ef3c4d921ecccb499bb2548dd7794ceb6c546612e51c5c5ab17a19f540022ac613d05a7431d |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\raty[1].woff
| MD5 | d473b273e15ec0c8721cfd464ecab07a |
| SHA1 | b2735a8fa0907916c722a4f022e14078447d9869 |
| SHA256 | ce79bee15c8795bb7bee159131318308b432133f4268f2531eb9f2790c95bda5 |
| SHA512 | b95dc132c9acfbd6c46746fb5d604deb2ec435e17d99f3a603f1419a6c0d9ff38364e1bae22028c745eb3246b5c732cacc11811bb044c840d9d7cdc8cf43a862 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\prefs.js
| MD5 | ab132892f67130b321a327c0176209c1 |
| SHA1 | e201727a4588700ab81966b1fcdc89b1d382d312 |
| SHA256 | 1449e0d333b54237720f694aec03bf1f2afcd72c5c0e00596f624485e1a8fab5 |
| SHA512 | 10260986fdb8a369e6eb108d6c5994b05b2c154784da61e66936a03b88d0e2e9365e369ddeeaee829723e80c75d191fcf7831e1c45dd698626c4953c2662db1f |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\consent[1].json
| MD5 | f0a959f37aa8215a9ef7bd2b13878863 |
| SHA1 | 32737935ff96f2564a47327b10eefb01f284123a |
| SHA256 | 6b8cdb1d697a5ddf8dfb2043854e0ad7f04b8ca953e2c0c084c27f72fa9c94b5 |
| SHA512 | cadcf6438eac81a04178971b8606f5cfb4c7ceec37907e3e5fb7a2a8e4b28ada5d55dad6a7d163894033bf46cdcd9de5e86ad6aa29c1c8848045aae419f53ad4 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\zrt_lookup[1].htm
| MD5 | 34955220f745de9e3fc149297e7741f7 |
| SHA1 | c2fcbfa0ccb34c459e75d4878bc67b736ea4dc29 |
| SHA256 | ccb6cdaed3b6f76ab7b0cceb5e026eb994139e4b26f8bd90712bb87c04600aef |
| SHA512 | 12c3d3d001307bc5c79a01f2b0227310c4d9e8924819bd928f268c567cf310cd152f70e3e19e042b787e4fbf1f353d3f7497aebe0c0e948ef872019f753fb7ee |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\sodar2[1].js
| MD5 | 3b071d5606cc1cf92ae307f5bdb4e540 |
| SHA1 | e191068cc90e5489130489a1cf173fe50bba28b8 |
| SHA256 | ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99 |
| SHA512 | 8a1287d7528b2b65d61d6e0a639f2cbe5658afc3edb5e2af9494e8cc876aa6c8060a55d3bd4aa85a0b3b82733e64f7f7a6b4a5f2597fd99fd37136a83a6bbcad |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\-DbLkJJK3YZOSOasYi6rcjkBM_N5vpNI48728xD2bD8[1].js
| MD5 | 9089d76dbbf32efc7c97698772263a04 |
| SHA1 | 2285108b524f1bf6a36e84ea32193aa9a47cfa4d |
| SHA256 | f836cb90924add864e48e6ac622eab72390133f379be9348e3cef6f310f66c3f |
| SHA512 | ad0fd8f5b73755f93081aa859bff50f5b291b7b07123d2b79ed60727a2fcda51a9d059307a23be567a490f57806179bc85f11e48c76b7b4c1ffac6f281f3ec53 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\maglass-white[1].svg
| MD5 | a2afce8c63269c7e8a5a3d5c90a88519 |
| SHA1 | 47cf7b541c27e4d4e3d5afed9d55b288a923fd98 |
| SHA256 | 38afa88926f69f684e93ac9023338100a57b9424cedf63f7ee73b1202c98eead |
| SHA512 | 3f55865b7fb3b6ed27827baced720a9e578328a10095e7bdec07a2be70fd05ed9eedd2f76b3ebba8adfebd293cc459db73d00ce03a0fdd88169bd83d8a34b85e |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\maglass-blue[1].svg
| MD5 | d9512f0f525415f06c2957770acfb9fd |
| SHA1 | 219155047825f9a836ace8402b750116f5eaadb8 |
| SHA256 | 307238fd564ccf483e9503989f781d89c45525f80dec2bb3e80a9ad70fb37ba2 |
| SHA512 | b1bf13930cb63fc5b8c67bd09f213c0cfde364c6c2cc961361ec466e41368b8e8e134159689ad5b77c2be234aad132a1150712c95cabc64123b7530e2c11d3fd |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\delclihan[1].js
| MD5 | 4518fc3f2bc1ddfe2975d1058ef11c3d |
| SHA1 | 37276f3f02d077aa845f2e6258d7c381a3405542 |
| SHA256 | e8c917831193be87890efb04334f1054f5a4f45d2a62844f51bd6cbe7ba850e2 |
| SHA512 | e99d892a665ec550f2d9ab259791b60b27a4106a9bc87655baaf8fce93aa664299f5538a78ec2d71d75cba2f5bd39df838671481b73f20f3218ee16d43fc18b0 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\ctp[1].css
| MD5 | 70ae06c975d6e4cb0489a7f6403bb88a |
| SHA1 | 79f62089d532d314b8fd0df3e502860e2d849074 |
| SHA256 | 57794c07739dc9ad2f0da3e91e6ca1face6d98e924c438ff97397d2862809e16 |
| SHA512 | ef5becce39d4f07b98e2d81fc1cc178330daa53a36a95b3fdb7289d0f064bbb37685ef7a8a33887068bd1c13565688ba9193b28a33c40581bbbef9b61d9b464e |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\ctp[1].js
| MD5 | ed2b9b927fcd5e566929a18bf51f29da |
| SHA1 | 429dd995b5ce53a425c66bcbbc5aeb58a1a46bf3 |
| SHA256 | d4266bb58364641811aa5071886d1c61e41d8d111edc980bb11393cc3e065d2a |
| SHA512 | 94c2cee8e222ab6cdf99e1b64ef022354d6d7a633f9499462e83555b11997dffc85468c248c42d405acbd9a7dabd6a1df328aff70ffaaf955a4016fe08831e4b |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\aframe[1].htm
| MD5 | 60d84acd6e798e4050968559dd8936df |
| SHA1 | 0c72d9c68482bcb77b32e4f880c2d1c958eaab6a |
| SHA256 | 0a258ebf12354210b52b279792cbb42ce268c1faf607978576ba7009515b59d7 |
| SHA512 | 39aebbac9641a0fe9c9648e1a8bd28bba4cceab35e51355920d2cecb6ccfbf4798c35e1b71fa34c299b46394444ed77a0797d12f3c5b3b93dfa63d044f8a281c |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\runner[1].htm
| MD5 | d1f231b50b152372a6c3100f4aed1973 |
| SHA1 | 1bf10951be06da03d1371a904e19c0419f2a3637 |
| SHA256 | 9dec95894af322b087ab6e87f9c8ce66d849646cf33b375d33c957f4569ed081 |
| SHA512 | 00093b7fc4affa2d2230622f5d7da69730246b74620ad4de30ac64e41fb9ac927afd2ab426034d71dc85a3dfee9a46e73df48da7e2636a54579ea9aaac4caff6 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\f[3].txt
| MD5 | 107a44135a51cfafa2731e2abe82d6b4 |
| SHA1 | 11dacd433b837ef4c31a320c1d0a665f0719c397 |
| SHA256 | a55c75bd2fc9ac0f23b11d52c31412fd07508bfc11128827e06ee9dd62dca7b7 |
| SHA512 | 941d426a91781d43ef5aa48ae28c75196ec951adb6985929319ecee3f4663f89b0d6124eda17f6aa257fc0d1cba80bb5cdebe1a7ef19d59a150cfc16173d68a7 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\f[2].txt
| MD5 | 7af883ff0f217bb30b186cdbe16a6b9a |
| SHA1 | ff4484ce5ffbe75672a9d26353111a9f21d7fc55 |
| SHA256 | 2a2473623b8541529d038b10b49f6ac263410a7482c16c7b4cf75049d578b1ae |
| SHA512 | 94881c47cf43626b2943ab472638be2f54d296c4333cc4dbf81999feb8990d67978739df2564ce19ad3106fb5c2cea694b79da4584495ff25b458c1bb9b5859f |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\CRYO0VTZ\favicon[2].ico
| MD5 | a0c760136e1b6f7633a3582f734c53eb |
| SHA1 | 00176cd4ab6423fb4673ad856e79447b93dd05fe |
| SHA256 | c7eb5447c806948853f817df7f8a1871a8707987d5606e39b145d69f7dc29cd1 |
| SHA512 | b5f9d0e6fc9346ac34a87fc5cb42bf375a0e2d58eff5fb53dfae4a1e576940cb2f57f921be390bb66b5ebc7b174b9d88d8519a27773624f1dabc960e077ecf65 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\cmp-stub[1].js
| MD5 | de37e8e7c0a8b5bb2ef13c41bc93a023 |
| SHA1 | a053ca11f4ff372c6947879ed13d18690dd00267 |
| SHA256 | 30ecc4cd36aa5d13b26bfdf89c9b0c41af9a3311985c0c878bcc687b9f55986a |
| SHA512 | fd0a25d72ca2f41461fc5035fd82f0eca8347fb8d60de7b3fba16b74bd333968b2441b1d34d116f7d2c6787cfc7478e0f066397e33f460c86b9c8e90ed91d715 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\adMsg[1].js
| MD5 | 78374eb26788ee2dfdc4507619d0db44 |
| SHA1 | 82a0de52fe225de43a7d692aabb249d2499a50de |
| SHA256 | dbdfecc2b70677db1a00a7e115a79cc1a0e89c06593b1ae0a63128774d2ea9c8 |
| SHA512 | a3fb44d847a1b6a44e6fb26df0aff286e4ed58c1f4daded28ae78516851923e18ebf8a641a5a5f3ac6c7a56e0679943484a9c32ccbafe43345e8ce486d627125 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\stpdwrapper[1].js
| MD5 | a7733f7b31129b950371130c8746e213 |
| SHA1 | 4fc181c958159eb00d337c988eb0bee55a0bf8e3 |
| SHA256 | 90909d259afbaaa73f4accf86af27e03040ec2540cf1aca4a0a0e5aa8fbdc133 |
| SHA512 | 213f263ef0de0353e3310791737cd8de807b53462bc7eeaf3bb19334a31fdd9f1fa78abc9ac984d2fa0046d147c8617d8a11aa2e94e47c02b949d05c37f21fd8 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\cmp-v1[1].js
| MD5 | 1d6b84d4082459072318eb72ad1770fa |
| SHA1 | 822c5cb66b725a94244d0ffc608b6560187a734b |
| SHA256 | 603dd66e3cff1bfce0f397dcb657550136bee1424695c4fff19ac6d4bc8aabec |
| SHA512 | 814bdf0ce3eb3c76f1638d48841d030db49b1b365cac3921f0fa29f57388df2d134e31c4304a09e4ab1b06295f984c0c01c4f4994a6967fd18c62b15c42dea3c |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\94af347[1].js
| MD5 | 532cae2cfdadbdf5c7ab83071b02bc5a |
| SHA1 | 46fa0b45454c3bd3d22f7a131f785b0aad95bd69 |
| SHA256 | 21b437378348c1762b2b97f747f961185ca88b44e1ef14b18ca78b98aff58093 |
| SHA512 | 5ef1e926b5d95ab619acb31734f31aec219d313e872355349a46e931e15894c2e0cd9659bd4a21e483c170279464b5fa2cff4e4792002ff20bd97b82a23dd092 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\e13cbcf[1].js
| MD5 | 76affa99b737b34dcce1cb681cfeaf2b |
| SHA1 | 8bd0ef82c641f783d191dff57c4ed1924bc77aa7 |
| SHA256 | 36a8b591887a335592af7dbec0945e013381c7be379c800d8ed0aa41ab376853 |
| SHA512 | db21853ca20d3e6322ead50a85a30bc12f7817a1c624445ce42cab93f8dc2e367cbe3cd467e54dbec4d50eb4805e92958418acebefda0ece48d017212fc6c27c |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\6f2e593[1].js
| MD5 | f5ab9367d9e69a2036805e725340592d |
| SHA1 | bea098c6a3a547291c4b246dd58b8bdf2f07b8ab |
| SHA256 | 11714687f0ac7b637c25a32e9834a7f3d2db99a1bb4847332e206db3af158659 |
| SHA512 | 8cd311d79a2e8b1c35fda5b82b2a7da526480d897c57ed03435f6282aa03c09145ca2e02a28e81999716e3ace203a0c0e0a4d955a8d9f40b119127626b744d20 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\f05c90e[1].js
| MD5 | 2455c162b69c581aac02a1f2b690b412 |
| SHA1 | 0f007c75c13fa6e300336f917cc78bc7761e748a |
| SHA256 | f5f9f7f68881a676e6d38a2b7f82bf53189e024fe7afb6835a876a36dd5c83c5 |
| SHA512 | 15237b7c33cf2a42fe7e260275a793d5465f716152bf2b17e79c33a7f962dd245c9daf82d9c98faab8caa42f1080d6d6fbf279527a4b819abbc4923fb7904143 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\c18d858[1].js
| MD5 | 235eb5b66c4949a783ebfffe3cb57dd4 |
| SHA1 | fbd094d650cfa5e9c25400abd6f81b4609df67fe |
| SHA256 | 790a5a1be5c6ac8e38933d7104ecb572aed984528b759e79bb30e36b525fa9d2 |
| SHA512 | 5b273687d9b511859a6346cee06f71718808b8ae6bc5e13778fc2d815712586bc48d0377861bf05b07ce92681caa5eedc2e128fe4e536d2a89f78389c4d46c51 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\743fc12[1].js
| MD5 | 9390fbe53d16693cb3d70aad1be46334 |
| SHA1 | ebf15f51b7b4c50497ae86adaaf59447d80bb6a3 |
| SHA256 | 2903f25f74861db33481391a26de403f6cc7f5f13a58e85e3616cd4905406f2e |
| SHA512 | f760587c9ecef19e1bceae38bbcf684f05e234b3b0bf2e1dbc4bd9f70e2e42a643d04b4fc9d01a5a13b1888a334e6f9d9843ee90fc08dadebe85f035d45722ed |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\f8f31e1[1].js
| MD5 | 8b807dc4cc8de0f1529b3f5015a8f557 |
| SHA1 | 8a1ae897abe80e68a2447e41476e9ef288ddc7a3 |
| SHA256 | f7c5905f783eeab01a8a4a9f4cb44f95be4bdd4ef5182c7719888be32560b60d |
| SHA512 | 49f75d5e6e79c160d2c9d6aa925d7469879cbae2328003bd63e725ea364debf63c8452c5dc6ba3a2afe04c0b12749d5e7f02e9822309abf81245bc167fca172e |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\2af5e0e[1].js
| MD5 | 54802953774c8ff135a1af939e79c57f |
| SHA1 | 701e8d41bb7224e22ca158525ed4355ee6c950e6 |
| SHA256 | 34e4fcef31588b1e56f39603e63df8201f3f468494b4c84a3ea90e0f27a2ef99 |
| SHA512 | c97b54a6b73ca1313ecdfdbe39c1e0a4e56fe61f0cff0ebd71069cacb24ca88c688a37d7cb83c1e560cf83bc7b1669433324e2a1351983b2bde498ddffba0662 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\329aac5[1].js
| MD5 | 207e84e42d254bac5282180134170c99 |
| SHA1 | b6576339f7066c7dfd8cf2bf67c635a46c872308 |
| SHA256 | 6f4ac9ef6fef94c06b66835d928a434a344bddbe02c96e1040b848337b1ffc53 |
| SHA512 | 32491bdc3dd31e68496ccd5f093e4b7b7688ff196a856dc03f773f9fb9b7b424bb7d9acfb2abbf0dfe00b20edacb8b8b8906f8f02e3c5b96d9f67b88baf0f947 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\c520b82[1].js
| MD5 | 75ffcf20bf9172a0693c6a0ddb7ee2dc |
| SHA1 | 76f34355a234cb0b651e43fd9fc6ea8c0c319df4 |
| SHA256 | da5fb9c0f40c42d93d1d093b89894a49e0ea017fd02dcb2e588a5dbc6a58ee79 |
| SHA512 | afa8278d09b1aa09a1fbddd88aa81847a6c571ce7109f7fb3e6849b2e450dad915effba037bf24173cfb14472959d6952d46493e658308b54399aa2c98ae99d2 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\4ae49c3[1].js
| MD5 | 99b83fab76081b6e1314c3b691e78d7a |
| SHA1 | 17d54c989965294f0aae2f57f0456134d223af75 |
| SHA256 | 0299543a1371bca47b002a281d14548435f570ecfab0efae0d46d40ea3c1db3f |
| SHA512 | fcbd8789fd330cf2442ae7ca5bf9e76338f21cef186ce4e06f252bbfc660a6317fb6abfec08daf1d5fa55b133061d3b06d14b1a9e3837f009ab2ec8be2cbdac8 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\fcc86b6[1].js
| MD5 | 8619cfb2201c345cc8e0af49d0d6e2a7 |
| SHA1 | d5093c7d28893e2e07c59d27fe7f533674021a6e |
| SHA256 | 2ea65ae92f8ea5f39346ee80e8ec1833f4bb42505564eae1418ea809ae560eb0 |
| SHA512 | 816c8efe788dc843730864372e35d1e6603883ad28be4da547f101274b8de4950f2d87bfb9457af9c05d0b2c963b1601fbcff9be139c39a11f70ed6708609c04 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\936f4cf[1].js
| MD5 | 14f65b157ac99b41d1d5f730a8f5001c |
| SHA1 | 73f0d8c5ed6320349595863d1fcc5b5ec1168dea |
| SHA256 | c4b27c9234b142614c453a1bfe74f8352473de6d778b9e214ce33f002f8aba85 |
| SHA512 | cb59df8d9144a4ba6f9c32f6a088936c58e7dcac3bb1d74ec68849cb72235d13e64cecd661299d66909e62aeac39a259fd024a4f96fae015fb77174424bf7b4c |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\9811b80[1].js
| MD5 | 2f1f53b136284f63f9226a916533789b |
| SHA1 | 368efd4e550b05ce2fcbf208b009498cb90f974c |
| SHA256 | 60dc14f817719e566674db1ee379424c9168fc28d1ac72b8e4c0c3fc05dd5d56 |
| SHA512 | ca35f3981681b78bb330a1f46d083395804938ad961107a4accd85c6c02cf46ef1cc8cefa673baea645e13657bca0780a72fa1f742454076022a7db4637b0d46 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\cdb5356[1].js
| MD5 | 9a30f74b2dfa8d96555e38d01bac52da |
| SHA1 | 171d0209905e688b08503c26c8fdd877106356e8 |
| SHA256 | ef0c0312a0d5473eaf0f4d6cacd0d27fc4689981982e82758da4a942f90dbb08 |
| SHA512 | 63c44c2c5907c6d1f23c7daee70c58ed6c5f3e3d0e331bc486c98c1bc71542f771f3e40ffe9df8e697c9b5594d59b989e7eba629bf83bec0f5ef46fa72e4f78f |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\82b449b[1].js
| MD5 | b294df73fd59ad5b36e0a3dc288aa811 |
| SHA1 | 69d7eca9b131ef16db731a59e94772402b9b7879 |
| SHA256 | 3d31978e86e73ee490df3e6a24fa7d0f142bdb216dc3547ce2c3bfbd39dd3a57 |
| SHA512 | 1eeabb5152ec74fe3359b3525175cc38b91ed2cae82c5ee4c99ab025786a6d6b7c67ed68122a2929c7d467f92d23953eff9a50b64f76d38d9100ece0f716254d |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\b61908b[1].js
| MD5 | 24a1b2bf48e1146924d0ca5ee68d5172 |
| SHA1 | c0402feea940ee98f9d41ca3e4e02610aa912b1e |
| SHA256 | c039dd8f97d9cf22fee84aa6125cdb4ef292ad45b31a74264cd36c79e281a65b |
| SHA512 | 7060379f73da2df1c0b5b99af4182cc46d56058371d55343fe0ad37821e991d57555d710e8c8147e4fdbd7c1a2405391ecc03b431b7ba8c7c9e9e0f7f2fcf720 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\5597061[1].js
| MD5 | 0edb9ce150fe10773638ab43f907fa00 |
| SHA1 | 625e22b06e45782025d532cca1a2d9ba13ec49df |
| SHA256 | f58291bc1fb3d58d831657fb431eb5178d3073b03bfb7339585095aee0104c27 |
| SHA512 | fa8c8d266a15175b9cc3d5d74eb4d9eb522428dee0b4ceabfba19a8144ec1a6ce08d1b1db41fe5988e3684067d7a1a550c848f8eaac211b78ab6cdfbec2ae547 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\30f4ca2[1].js
| MD5 | d838fbe6ed4d0bcaec97ff85c1cd2b15 |
| SHA1 | 2e52e4898d92ba675725cf6c4583a5b26d42453f |
| SHA256 | 96eb4a7a2ca06b902ab5dba574590ad945586bd6178441112bb330afbe3b7c08 |
| SHA512 | 287bf29ee13bac938b4128d121575ac80d32220019547ee71682894cdd225ace614acf80b19304c6e4e0fa77393c12f78cb4d0086df372e1588a75cc66a63765 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\b1e6416[1].js
| MD5 | 71d99e59389e786b9d79128539ec827a |
| SHA1 | 3b49042b257a2a856d3bb37e712d247b7d6b259b |
| SHA256 | 1b8b1a48f585e71d2bb31a4f48ef99a0909e0a0c7cdad761229cb1ca132b3c05 |
| SHA512 | 02286e3f532e5dcd61d558172e01529796d6d92828305f12a256f7f4e9786823a492d4a428757945964594a29bd6eee71dd2ce2e8e4d76a3593de9a0f1ef9e91 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\c3e6bfb[1].js
| MD5 | ca793941c97f449838b4e9e790790dae |
| SHA1 | 8701fe08233e66d538b7ffc645b9ae84597fb90d |
| SHA256 | fea4b5c4a542ca04348daa612ba7b9e1f1f50e0a2949202d7f15deddc2e370e9 |
| SHA512 | ca98302e48e9356ab2e16f385a7e0366a8b2c691940f8677c9af48774817b88220e377a2f8adec7e6ca7f4987bdda76d0b4f93edb14054f54a19205a16364dcb |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\8a6fc82[1].js
| MD5 | ccf3865335a3618a33584b3c8a7a667e |
| SHA1 | a99bd201e87efd199802dad05314b9f856e9d8e3 |
| SHA256 | d1456281bf14c4d6b85ae49a159d74d3a95ffc2a0cfe4506bd0db5ea647f51f1 |
| SHA512 | a851a6a840f3c5658ea20daf2554ece5280d67dd5eabdfd9ba8e2af23e87f185e64ac4394c1f08cb40cc51054adf16dc7675d471f49a7006b49f6576f4e273d4 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\c14bdd6[1].js
| MD5 | 58e2b051662a9ada311694e4cd604856 |
| SHA1 | bdccb09a47c58e08daea04c3062afab36be0a839 |
| SHA256 | 1781f5655fb76455b4c2e5a75ffa6fa084815c491310b06debe5d73541d566ef |
| SHA512 | e3440b9292561a079cc1b1d5c1758ac5ae6e661f15d6f0ca01a9150e76ac8dee7eabbf59884696e9153442297ba04fe344a1727832ad13e56f86e90916c99ded |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\3db6060[1].js
| MD5 | db2e6080de203108bcd6ff24d14c2ed0 |
| SHA1 | eb0859d23667eb8a14f2b574140c7aec0ae506a4 |
| SHA256 | 7c35885fc5fd10260b8006bbff38ceef6a94aba2a29ccd18a753242e1366bef0 |
| SHA512 | 4a2c8ebd8680fdffe959c41d51144812b6d3707f1a00fb108fc210cf43f21d58b8a1ae681417cb71077a05104d71a50a5c022bc14355bc3e1fe70f4c42f08cd1 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6WTGQ1GJ\176af8a[1].js
| MD5 | 2df467151afc49ed51f9ef8b4112027a |
| SHA1 | db3f5412665fa3316bc9542a47fdac8d23620ecf |
| SHA256 | 3df3b55aa99ab5f74d069248e33ea3e34e8bd2ce36afa50f1054d2d6c130578b |
| SHA512 | e5e1531eda1074354ad1afe2be6e8e5c7022c818b686e7bc873aab44b708bbd9ba7720f6ac5da7f2921a094b42c9042cefa836dc3aa655ffe8d1510133d23b09 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\ae6e404[1].js
| MD5 | 89a9a7c1bfff84f121dbc1aba48cb850 |
| SHA1 | f0509f24f132f583649d8d17091e990a19ba59c5 |
| SHA256 | eb0bc5a84218f8e1ac562b2a3214096b8ed3ac00e5e4652b9a5b0becc5e02a26 |
| SHA512 | 55bb09c6b6cdd01d1de9b49eed96d7aba2f4e3e95a62751cdaab63c441c58e587bd281c9489dc670b1f044bd97c4b682f538386c53df65b9b7a01cbca2c3fce5 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\ea3d90c[1].js
| MD5 | d332a90821031273f8bfda1b50352d63 |
| SHA1 | 4ee6827dcc52cd101715e3e8af7a4575277694e3 |
| SHA256 | 24233a7878aa43b7f76345fd35dbfb0f00e303098e365ba1702a687c8e10d339 |
| SHA512 | a7b77bc5872eb41e5ecd092457d4890309cfa1032abf5bd3e986783fa66ad9ac4d3d21cdba1d6da83ea7232d363bb45697a4bdaf0c5885a52411bc66972d66c6 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\17827bb[1].js
| MD5 | b6a11f293424d72aab1525d348ae0741 |
| SHA1 | fb2282fec6ce9792560f2b27324d8af3f43e4434 |
| SHA256 | df72a0e8f077bd4395f0f411e9b1217bf2ec5d95a6a98a32aa773707109da6ad |
| SHA512 | f3b9bee50491a9a572b944f6d0bac7a353406a3d7ffb5aded596815eae827ca2e3f27e10a0b056c031ad3576eec61d4313130e09638cbe4580385cec47f1ba88 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\de6cf08[1].js
| MD5 | 06d82bfe795e2dfbd3b78276c26db4e8 |
| SHA1 | 96f5452203e64fb08d2a55b733a652b19d80c7c2 |
| SHA256 | 23c7a6a2057149e2ef23dd2046a5cd59302727f6160993007db441001a3abc35 |
| SHA512 | 4c3daa5c3d8832d928239b6294b019b2aa033f739e11efe2d0899e135b2febe3c6f461d418d0fd39f95d98cc83a4e60c9598f63f36706f070d1c5348b9ffa6eb |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2461P2AL\79a45c7[1].js
| MD5 | fdc280400bd0a23ec1489c69554626f5 |
| SHA1 | 9906b90a789dd72f2dcfa3e9ba2d5ed0688619f8 |
| SHA256 | abbef8ed76247013e572b1d134cd7c75f3b237469226a3398d265095cddbfab5 |
| SHA512 | 2542dad2f563884dff2284b3ebb61f3e21fa067e40b7e448d7d07cb2c86871c364cdd8557d35e7c7c2232662a3530b1106ba0468692b3e327fb91aedb12bdfac |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\2da8629[1].js
| MD5 | f0eebc7f70582718278d0eda9c284336 |
| SHA1 | 053af678a7db8b3aee05cbd81714a65d63517559 |
| SHA256 | bf3078dc2631e98b99576ffd2f5a87c53c0862b5c0684737fc3970c72418fa60 |
| SHA512 | b07053e61118f6e295c9f6cc32b15d7ff975bed2f24b77b23e1a46f91983f3dfa7f6f367376ef0965b6cbd74643beee08f824e7d0034b8f00e31f96108a424e4 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\0a02c4c[1].js
| MD5 | b6609497567372a41acb91da66a82bdf |
| SHA1 | bd40d56e6f717b1bdb3b54a1c96f7b4e8b200eb5 |
| SHA256 | 2ffc084cbdc8af180385a247bdf61f3abf6c81eb59c41dcd66e20968e50c73e3 |
| SHA512 | c36a83f47a0d90c106cd781f493a30925329ab05bafbdb93260fbd9b3d25339b17c360fd8f286581ef4e58e8374b3c783981537b833f595b6147e3362652120a |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\37bbf73[1].js
| MD5 | 42500e1255d857d2c86f9303b31c45a5 |
| SHA1 | 1e7d7db010fff1ca5129b8777aab74c4b88f5ef1 |
| SHA256 | b6d064231a49dfd3ae9faa2fb3cbb148e8bd8b7ac201cccfcc92e4e03d3ccb38 |
| SHA512 | da34bbab1b31c235f2a47ca25be9737bb0ac74ad87c8876125d84d5c17e69e12893f756567f7018a35576774b4d16cb7c91a9284803ccc30c5dabd5506102317 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\4d01370[1].js
| MD5 | 5ade3263b652f8fe8947e861d67703e6 |
| SHA1 | e6c26efa8b43114039801ec5b131fd10cf4b361c |
| SHA256 | 3d77ddd1dbe3a044bf42e354b07a2da71041d1a5d203c517c7d1c209962ca28d |
| SHA512 | 32c08baa175dd49f98687a248800c37695ec4515109fea803114147d68368e2e683e08bff302b5352c567fc2fd13bf6a2d2bc4198ddcdbc7225eba6ad319042d |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\752cf03[1].js
| MD5 | a2558a6637070c3cc93af3b64807b982 |
| SHA1 | b213327770604a3add22e75ad88cda10329186ce |
| SHA256 | 802398489ea38879f3f561550da21264875ad0a18e6c49ca84d618a61c0b065d |
| SHA512 | f3347941c1bcac8c6506a5b514e74c25eb245d49ce4cad4deea5eea916ca46cdee24309c0a1b4acebecb76245b545428c73636b531e3a229203640a84cf9e54b |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\5c2837e[1].js
| MD5 | 605dc744a32783890774053695703863 |
| SHA1 | 5aa379bb625d94ed5f3fb24a48fb1a14c7356625 |
| SHA256 | 29465071843f75a75c766f97a92ce0ff6e43d5f8f759a4d1b116e350935f4805 |
| SHA512 | fcf628405b213df1f1f64cddb089886e5e686c56583d284bd6f4ff354e9e6359c8165ec462af4216c5ba6250f9220fc9ed22110c70e6456eb9420460e8b5dcbb |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\2a7f7cd[1].js
| MD5 | ae0831cd467d6e1d6e80d21aabe23b09 |
| SHA1 | 05d1ccf3185429afe12e8433c8c9e7bdef4d3f86 |
| SHA256 | 698a2cf5cc7798c2356d1d7805dbad60aebc053f8489ff77454c15ababeec48d |
| SHA512 | d52e6c7a82ce4b80e6ec8901d82f6f4f5458ea9ade61e0c2357e01d8f633588a0c5f42239b87fe911b196198691491bee98e7e931cacfec5bde1f9a594c0e1c5 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\495baf3[1].js
| MD5 | efbaf983ab6a5ad12374cf7b3cfee790 |
| SHA1 | 8e78373768667bc54af08f19862b14a6172418bb |
| SHA256 | 87b072fd5a47ddc2fc8e1ceb8951132d666603235dde178832774d7f1fdd34d3 |
| SHA512 | c0b6707c21a4482ed96a7e2f4ff2b043ecdfb1481999a66186fd02f6424cf7f86825d66a1b47bd80c84046a5372d63b58eb010970f68fc6e761bcda17ae9fa8c |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\89ILGREF\19b2c39[1].js
| MD5 | 35f25ea6c3d206eb6ddec8363433b7dd |
| SHA1 | 7a2ef00fc8c60144a95dcdfe663897d25541741e |
| SHA256 | 6bb03f1ebf5e5d28a26696c3d355cecad574f3a42ff68b30fddc5ac74ce70d12 |
| SHA512 | b1bb544dbcaae7df2e6cb7eb19868032edb5cca70e960bc87ba3dde033c9220221057433ae5f306865d62592a82d8249fe03f373934e528024b83a48087dfd56 |
C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202410141704431\assistant\assistant_installer.exe
| MD5 | 3b103a9ba068fb4f932d272d19f5619f |
| SHA1 | 8270adf6a18d0101ce54afb77179d55a78a35fc7 |
| SHA256 | 7e9f5f137372bf9e13383dc06c71139d92a4a7efcb5c64c570311999ecafab15 |
| SHA512 | 83011d2315dfdd8838d62b66f576259882033e28e58ffb1931f97bb0a105cce5f03a4ca6c1de88611876d038f7e2ca7be626d4e0fb689d1ed8c99c6ce9adda4e |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UL3N1MAY\LDPlayer9_ens_com.dts.freefireth_25567197_ld[1].exe
| MD5 | 9855e448af8561fc920d69a7b45a309b |
| SHA1 | 9ceb185e61fde58d6db6e3c4e2e7932ca53ce712 |
| SHA256 | aebbda8979b54ca3094e835ec7bffb08aca6c79480675d46bc5df75d9750a583 |
| SHA512 | a37495c629c9fd636702f1e1479b0ffd8c7b921cc914a7208478d2b9c348149634bd7736ed41d6627902e8b8e5d5316dbeb3d5783b93574a48b7fb1786fc6d6c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | f6b01d09c1678e7e758dfa82a0894955 |
| SHA1 | 12f18a0fe96075b59dded654182dca5d6913a4eb |
| SHA256 | 718b9ba6976bd6042375fb6e2b7223c6509b9deb41d35d3ce4fda96c100f18a5 |
| SHA512 | 443dea74c5c500031ac1b24d85026193df07c52c0fa6059a91badbdbe5a8e66d5a840193b2fe9fee75fdb4b768ebacc67d64982ce5ca10f4a6862b278c6918c1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | cfb54e70e4015a2f4de60f5f306ae3bc |
| SHA1 | ceb78da716fc560bda4fd39fef6a39e3620143a4 |
| SHA256 | 14bdfd4a21196727d266fa2de63fbd13f783334194a83cd39081d99568c587ab |
| SHA512 | 97b37331432372570e6c4bab8e2b07e0df61ab28071c2b93b1b42ba9fa977a4fd347242d560c624d6f19bb47df543f8d925233b7ffdbbf423e974c405dff541e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | be55c3f87a6fd7daa37bf25398e1043d |
| SHA1 | b001c82e0ceedf44317b8da7e8423e6b3f72368f |
| SHA256 | 650b56ddc4d35c899827ffce1b2e1d8063923f4ae1e4692bf67a7fa7bb5d0455 |
| SHA512 | f27ab2a92d2526cc39e3279bdaccb89feafd572e9c680f4e1cdb8d816662271c9407c4db0261c4b228bffed1a71c6e0edc218dd6733a5a11fbf105eaa22c9a08 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\prefs.js
| MD5 | 91aa8ea4334b12e6a5073202fb61e4dc |
| SHA1 | f656577bfd88f1b3885718149800d035ef7fa495 |
| SHA256 | 452d2e3a2cd5eec40e06915724eea043248055478d556fbf41f3d44dc22cb128 |
| SHA512 | 31abff6ffb405448cb7fa720849e4440f17a7c060d610354e91cb7b2553b2db1c824e0e2fbccc417c0dbe9aeecc76ae518eca1a2afc17d10e35585247e65c714 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\cache2\entries\5B23235D54208C34AFF88FC6F18585FD8A8F8FAD
| MD5 | 841bc702c5ff82cf4078b817afb182a7 |
| SHA1 | 3bbeea395b43aa1ec09d63c7731f07edf5897fdc |
| SHA256 | dd46feea5b1c27ad1b2e10fd43d764c41b7ca1114ab66aeb56d5ff8b813aba4d |
| SHA512 | 049176ae1c08f04508e16107d6a9bbfd99f7dbc4ec752dd4ed63974afe04ed4243e751d3d9661932d5762a8c36c08c2ee9a46144659d1178db8ec1462162b81f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\cache2\entries\04B9F0FB7C466980A18B81686266C55B1664430A
| MD5 | 01dfb7a8b08449b6d0735d633926b1b7 |
| SHA1 | cfe776141e354a89103c90f1ef6e8aa4eeb3231e |
| SHA256 | 193f9a64e264822e9ce9e9fd7ed7379d5ba6425d642fe8430b07db35c84c310c |
| SHA512 | 70fcd915fbb7b8267e15bc83962cdf1801cec115c833458c534347d617e7780741938c28dc61ff32009d727ac74537ee08ee0d5ff22f71f9da8af28f0d6347b5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 06f16e229cf8eb3dbb6bdb3565eb8888 |
| SHA1 | 0e646d44943b0a45a913ed2f1655d205a5884ceb |
| SHA256 | ab0d5985e0309b93016aca85590eb8007e738708c4fd75681d7070caf48bfbee |
| SHA512 | 14d2023671b5567243c695c8e0a1572159fe34a1f69b1dc4a1f2beac4c62e3544dd936ebd7e3726d4ff8effad285cb3f8de43a494469c12ff94abcde3eb83c80 |
C:\Users\Admin\Downloads\HitmanPro_x64.mD5Kg_nD.exe.part
| MD5 | 0225da5d1e3e61268421a1b8f0bf369c |
| SHA1 | 2360c2eb74dd1bad68a2a18968be5b7d73135f37 |
| SHA256 | c107c3779d41cc18f7cc556bb02b88fd3d3d2668bb56fef8669f509632e7b63a |
| SHA512 | 7616a722b4551d76c7674d18e9cf96a8c5b24765bf846bfecdffc1746c278b5261ac5bdded053cf38257d9aa1441a34819d99eac7b69f295366899a9f01c6c5e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 89b2b63b1f20ecbfe0be3bc160955ca2 |
| SHA1 | 0f76eb5b6bd6cf2a742e15642b86d59b12f6dd30 |
| SHA256 | 71ddd101d4b86cecd229c34db0bd2873e93de2a0ff6ca5cb66c58eea7dc37d57 |
| SHA512 | bb01232c3d3596c028e41119747ff3108943379f54e2a543fce3339deb112290320f7dfdcb272bde5121b806c881cb894104a683d054a2807f113f95fed77125 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | c07dcacb8b23e5bf002d87f9eda56399 |
| SHA1 | 3ab712893c9c7a3953f74fb971d8bbd03168a58f |
| SHA256 | cdaf035e3322ae7c46440bac423bc7aa2c66959e049348d93246f4281635698e |
| SHA512 | 138d07ceddfc1a8150e8af70f41cdff43c438ed48f99f31b786473e8f155ab639e9cf60e6ad3a6c9f4ab2a9cd0844e6130faf00d2c59670eb6a131f41b99ce79 |
C:\Windows\System32\drivers\hitmanpro37.sys
| MD5 | 55b9678f6281ff7cb41b8994dabf9e67 |
| SHA1 | 95a6a9742b4279a5a81bef3f6e994e22493bbf9f |
| SHA256 | eb5d9df12ae2770d0e5558e8264cbb1867c618217d10b5115690ab4dcfe893c6 |
| SHA512 | d2270c13dc8212b568361f9d7d10210970b313d8cd2b944f63a626f6e7f2feb19671d3fcdbdf35e593652427521c7c18050c1181dc4c114da96db2675814ab40 |
C:\Windows\Logs\DISM\dism.log
| MD5 | 7f0bb70edc4834667ccd1caa7b281b21 |
| SHA1 | 7150f91aa4f8b4c84a40ba32d62fa28c6273204c |
| SHA256 | c60ae94948f4c2d0bb962918336f646c751e7b62497f04f5ef30fc33f2ffb3bb |
| SHA512 | 0d9f1a8ec7cc2d2e9c0841fa63ce21467e581d3cc0a4aa2aba03b721fbe0c39cd93f6809348ef1e2a84905bab5bd580b6a595a2cef4f6e0b13e83217d1ed6d72 |
memory/3348-11418-0x0000000004400000-0x0000000004436000-memory.dmp
memory/3348-11419-0x0000000006EF0000-0x0000000007518000-memory.dmp
memory/3348-11420-0x0000000006E50000-0x0000000006E72000-memory.dmp
memory/3348-11421-0x0000000007600000-0x0000000007666000-memory.dmp
memory/3348-11422-0x00000000076E0000-0x0000000007746000-memory.dmp
memory/3348-11423-0x00000000078E0000-0x0000000007C30000-memory.dmp
memory/3348-11424-0x00000000075A0000-0x00000000075BC000-memory.dmp
memory/3348-11425-0x0000000007EC0000-0x0000000007F0B000-memory.dmp
memory/3348-11428-0x0000000007FA0000-0x0000000008016000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_2atnftfb.y2n.ps1
| MD5 | c4ca4238a0b923820dcc509a6f75849b |
| SHA1 | 356a192b7913b04c54574d18c28d46e6395428ab |
| SHA256 | 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b |
| SHA512 | 4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a |
memory/3348-11446-0x0000000008DD0000-0x0000000008E03000-memory.dmp
memory/3348-11447-0x000000006BC10000-0x000000006BC5B000-memory.dmp
memory/3348-11448-0x0000000008DB0000-0x0000000008DCE000-memory.dmp
memory/3348-11453-0x0000000008F10000-0x0000000008FB5000-memory.dmp
memory/3348-11454-0x00000000092F0000-0x0000000009384000-memory.dmp
memory/3348-11531-0x0000000009290000-0x000000000929E000-memory.dmp
memory/7524-11623-0x000000006BC10000-0x000000006BC5B000-memory.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 28f905b22471522edb5dcefd50abec62 |
| SHA1 | 44cd3f71d1d82f4a5eea557567186fa37be460c6 |
| SHA256 | 0585284d768eb6fa14dfe91e6d094076cd48e26a540830902b5484a795ae2a1c |
| SHA512 | a5d086bbcd12bf6b7687c3ce3972c656e2bd035b3314034eb6c3332bbb7e051f3e4166acedb0a965d6dfd538c4021ef713607be9b6727b725a26fbbf7f320684 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\jumpListCache\q1djQgUOgGNqj+ogMWOUug==.ico
| MD5 | 42ed60b3ba4df36716ca7633794b1735 |
| SHA1 | c33aa40eed3608369e964e22c935d640e38aa768 |
| SHA256 | 6574e6e55f56eca704a090bf08d0d4175a93a5353ea08f8722f7c985a39a52c8 |
| SHA512 | 4247460a97a43ce20d536fdd11d534b450b075c3c28cd69fc00c48bdf7de1507edb99bef811d4c61bed10f64e4c788ee4bdc58c7c72d3bd160b9b4bd696e3013 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libssl-1_1.dll
| MD5 | e8fd6da54f056363b284608c3f6a832e |
| SHA1 | 32e88b82fd398568517ab03b33e9765b59c4946d |
| SHA256 | b681fd3c3b3f2d59f6a14be31e761d5929e104be06aa77c883ada9675ca6e9fd |
| SHA512 | 4f997deebf308de29a044e4ff2e8540235a41ea319268aa202e41a2be738b8d50f990ecc68f4a737a374f6d5f39ce8855edf0e2bb30ce274f75388e3ddd8c10b |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcp120.dll
| MD5 | 50260b0f19aaa7e37c4082fecef8ff41 |
| SHA1 | ce672489b29baa7119881497ed5044b21ad8fe30 |
| SHA256 | 891603d569fc6f1afed7c7d935b0a3c7363c35a0eb4a76c9e57ef083955bc2c9 |
| SHA512 | 6f99d39bfe9d4126417ff65571c78c279d75fc9547ee767a594620c0c6f45f4bb42fd0c5173d9bc91a68a0636205a637d5d1c7847bd5f8ce57e120d210b0c57d |
F:\LDPlayer\ldmutiplayer\fonts\Roboto-Regular.otf
| MD5 | 4acd5f0e312730f1d8b8805f3699c184 |
| SHA1 | 67c957e102bf2b2a86c5708257bc32f91c006739 |
| SHA256 | 72336333d602f1c3506e642e0d0393926c0ec91225bf2e4d216fcebd82bb6cb5 |
| SHA512 | 9982c1c53cee1b44fd0c3df6806b8cbf6b441d3ed97aeb466dba568adce1144373ce7833d8f44ac3fa58d01d8cdb7e8621b4bb125c4d02092c355444651a4837 |
F:\LDPlayer\LDPlayer9\fonts\NanumGothicLight.otf
| MD5 | e2e37d20b47d7ee294b91572f69e323a |
| SHA1 | afb760386f293285f679f9f93086037fc5e09dcc |
| SHA256 | 153161ab882db768c70a753af5e8129852b9c9cae5511a23653beb6414d834a2 |
| SHA512 | 001500f527e2d3c3b404cd66188149c620d45ee6510a1f9902aacc25b51f8213e6654f0c1ecc927d6ff672ffbe7dc044a84ec470a9eb86d2cba2840df7390901 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\ssleay32.dll
| MD5 | 0054560df6c69d2067689433172088ef |
| SHA1 | a30042b77ebd7c704be0e986349030bcdb82857d |
| SHA256 | 72553b45a5a7d2b4be026d59ceb3efb389c686636c6da926ffb0ca653494e750 |
| SHA512 | 418190401b83de32a8ce752f399b00c091afad5e3b21357a53c134cce3b4199e660572ee71e18b5c2f364d3b2509b5365d7b569d6d9da5c79ae78c572c1d0ba0 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcr120.dll
| MD5 | 50097ec217ce0ebb9b4caa09cd2cd73a |
| SHA1 | 8cd3018c4170072464fbcd7cba563df1fc2b884c |
| SHA256 | 2a2ff2c61977079205c503e0bcfb96bf7aa4d5c9a0d1b1b62d3a49a9aa988112 |
| SHA512 | ac2d02e9bfc2be4c3cb1c2fff41a2dafcb7ce1123998bbf3eb5b4dc6410c308f506451de9564f7f28eb684d8119fb6afe459ab87237df7956f4256892bbab058 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcr110.dll
| MD5 | 4ba25d2cbe1587a841dcfb8c8c4a6ea6 |
| SHA1 | 52693d4b5e0b55a929099b680348c3932f2c3c62 |
| SHA256 | b30160e759115e24425b9bcdf606ef6ebce4657487525ede7f1ac40b90ff7e49 |
| SHA512 | 82e86ec67a5c6cddf2230872f66560f4b0c3e4c1bb672507bbb8446a8d6f62512cbd0475fe23b619db3a67bb870f4f742761cf1f87d50db7f14076f54006f6c6 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcp110.dll
| MD5 | 3e29914113ec4b968ba5eb1f6d194a0a |
| SHA1 | 557b67e372e85eb39989cb53cffd3ef1adabb9fe |
| SHA256 | c8d5572ca8d7624871188f0acabc3ae60d4c5a4f6782d952b9038de3bc28b39a |
| SHA512 | 75078c9eaa5a7ae39408e5db1ce7dbce5a3180d1c644bcb5e481b0810b07cb7d001d68d1b4f462cd5355e98951716f041ef570fcc866d289a68ea19b3f500c43 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libssh2.dll
| MD5 | 52c43baddd43be63fbfb398722f3b01d |
| SHA1 | be1b1064fdda4dde4b72ef523b8e02c050ccd820 |
| SHA256 | 8c91023203f3d360c0629ffd20c950061566fb6c780c83eaa52fb26abb6be86f |
| SHA512 | 04cc3d8e31bd7444068468dd32ffcc9092881ca4aaea7c92292e5f1b541f877bdec964774562cb7a531c3386220d88b005660a2b5a82957e28350a381bea1b28 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libeay32.dll
| MD5 | ba46e6e1c5861617b4d97de00149b905 |
| SHA1 | 4affc8aab49c7dc3ceeca81391c4f737d7672b32 |
| SHA256 | 2eac0a690be435dd72b7a269ee761340099bf444edb4f447fa0030023cbf8e1e |
| SHA512 | bf892b86477d63287f42385c0a944eee6354c7ae557b039516bf8932c7140ca8811b7ae7ac111805773495cf6854586e8a0e75e14dbb24eba56e4683029767b6 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libcurl.dll
| MD5 | 2d40f6c6a4f88c8c2685ee25b53ec00d |
| SHA1 | faf96bac1e7665aa07029d8f94e1ac84014a863b |
| SHA256 | 1d7037da4222de3d7ca0af6a54b2942d58589c264333ef814cb131d703b5c334 |
| SHA512 | 4e6d0dc0dc3fb7e57c6d7843074ee7c89c777e9005893e089939eb765d9b6fb12f0e774dc1814f6a34e75d1775e19e62782465731fd5605182e7984d798ba779 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libcrypto-1_1.dll
| MD5 | 01c4246df55a5fff93d086bb56110d2b |
| SHA1 | e2939375c4dd7b478913328b88eaa3c91913cfdc |
| SHA256 | c9501469ad2a2745509ab2d0db8b846f2bfb4ec019b98589d311a4bd7ac89889 |
| SHA512 | 39524d5b8fc7c9d0602bc6733776237522dcca5f51cc6ceebd5a5d2c4cbda904042cee2f611a9c9477cc7e08e8eadd8915bf41c7c78e097b5e50786143e98196 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\cximagecrt.dll
| MD5 | 66df6f7b7a98ff750aade522c22d239a |
| SHA1 | f69464fe18ed03de597bb46482ae899f43c94617 |
| SHA256 | 91e3035a01437b54adda33d424060c57320504e7e6a0c85db2654815ba29c71f |
| SHA512 | 48d4513e09edd7f270614258b2750d5e98f0dbce671ba41a524994e96ed3df657fce67545153ca32d2bf7efcb35371cae12c4264df9053e4eb5e6b28014ed20e |
F:\LDPlayer\LDPlayer9\ldmutiplayer\7za.exe
| MD5 | ad9d7cbdb4b19fb65960d69126e3ff68 |
| SHA1 | dcdc0e609a4e9d5ff9d96918c30cb79c6602cb3d |
| SHA256 | a6c324f2925b3b3dbd2ad989e8d09c33ecc150496321ae5a1722ab097708f326 |
| SHA512 | f0196bee7ad8005a36eea86e31429d2c78e96d57b53ff4a64b3e529a54670fa042322a3c3a21557c96b0b3134bf81f238a9e35124b2d0ce80c61ed548a9791e7 |
F:\LDPlayer\LDPlayer9\dnplayer.exe
| MD5 | fa2c08e402cc1c1fca849ba2e4eb56aa |
| SHA1 | 133dbe827d469e8dcfb792734f1fced97690efca |
| SHA256 | bd6ed960624c4ffb99ce82611f23365733df329b1ff3216590292ee8034a4421 |
| SHA512 | d96f84f06784f6d2c2182301ae4437303f5f3ab8936e6e3512606c28cc99de268bd186a4eb73b092c1e54995fa849c38080a26fe6dc2b8c1e7171781677d3eb6 |
F:\LDPlayer\LDPlayer9\dnmultiplayer.exe
| MD5 | 38f88ca4211fb378c41412c23af886e2 |
| SHA1 | 7c904c5fdf84d13ffd47703be39380861b5a6a7f |
| SHA256 | 6b149b8b72bf3631111f0e7b95b4dbe2646b786a3de1b414110438927d3f9c38 |
| SHA512 | 6ff289ee872bb96de9de4a3ef82d043f93542545f1555885bd4b6aa008892a8e3fd5f59eb4ed76a402aaa884989725168206aaec6582ea37bd556e7f642d681b |
C:\Users\Admin\AppData\Roaming\XuanZhi9\ldopengl32x.dll
| MD5 | 395970be72d1bcc7755f95a04b3b303d |
| SHA1 | f4019b43fd95f1748e2392d5cb1aa4486aadbc13 |
| SHA256 | 5fa3f4cb4f4f603bd8b9a538b54658ebbcf9198d99f2b0e1ce447322b22fb312 |
| SHA512 | 2f4968b8564bd3bbc624a6838ec33de22413afb8711e08cc36b082863f4e146212c1b6173921ea110c65a0dc20b97c9e187a8ef006005711efcf4237db0bcd1e |
F:\LDPlayer\LDPlayer9\vms\leidian0\sdcard.vmdk
| MD5 | 4d592fd525e977bf3d832cdb1482faa0 |
| SHA1 | 131c31bcff32d11b6eda41c9f1e2e26cc5fbc0ef |
| SHA256 | f90ace0994c8cae3a6a95e8c68ca460e68f1662a78a77a2b38eba13cc8e487b6 |
| SHA512 | afa31b31e1d137a559190528998085c52602d79a618d930e8c425001fdfbd2437f732beda3d53f2d0e1fc770187184c3fb407828ac39f00967bf4ae015c6ba77 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\R8OGHIFB\favicon[1].ico
| MD5 | ec2c34cadd4b5f4594415127380a85e6 |
| SHA1 | e7e129270da0153510ef04a148d08702b980b679 |
| SHA256 | 128e20b3b15c65dd470cb9d0dc8fe10e2ff9f72fac99ee621b01a391ef6b81c7 |
| SHA512 | c1997779ff5d0f74a7fbb359606dab83439c143fbdb52025495bdc3a7cb87188085eaf12cc434cbf63b3f8da5417c8a03f2e64f751c0a63508e4412ea4e7425c |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\ImageStore\d2c4jah\imagestore.dat
| MD5 | e2fee601dab985f9be78b8ececa5df41 |
| SHA1 | 18000c9c0ae37331d739e63205ccd697f344d355 |
| SHA256 | f12c409876146df65c29fb1465dcd4012f2775262d399b5ea0298083fa57e43c |
| SHA512 | 701e22e80b6c86df73fb8fdac97103955776bdb9b966f7d1a1eae27ff7b794532ce1e8c31d3e9f4195c02024d630b75d01fcd026a1f3731c6be4ce485f4b41de |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\XHM9025Q\favicon[2].ico
| MD5 | dc07ce58639e2deeddd787b3c7bf432e |
| SHA1 | b0aa235f7ee556249350c73d7b64d0402f656ca3 |
| SHA256 | eccd82a9b6a9e2bc95a036f90af21a7891ce8e86b612f2db40b1083ef6db2c80 |
| SHA512 | 3da2bbf1be19c66d6bf09bb3334c37da0434d6ea38045590eae3d7d20cb382acb3272978cda116ee28ae612c784545bc5de37961d20c0184c990fbe2603a2a55 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 73798c893886eea29d1adf879116fcc2 |
| SHA1 | c3d5ad4e0277047918f8d0afee88d4d7982b1f91 |
| SHA256 | c43e605039ab53f8aa5b3acef87cfe83a8c13e6312f0af98e918f432564ab640 |
| SHA512 | 279df359faa2177d5cba9928736c7f8786fdb968bfd9db07423e9db16917e945e35a392791ad479f758535ea00030d0b67c2463f3a4d3f2678d56e19a1a5aa19 |