Analysis Overview
Threat Level: Known bad
The file https://veruscheats.site/ was found to be: Known bad.
Malicious Activity Summary
Lumma Stealer, LummaC
Suspicious use of NtCreateUserProcessOtherParentProcess
Wannacry
Modifies WinLogon for persistence
Deletes shadow copies
Sets service image path in registry
Modifies RDP port number used by Windows
Drops file in Drivers directory
Modifies Windows Firewall
Downloads MZ/PE file
Impair Defenses: Safe Mode Boot
Executes dropped EXE
Loads dropped DLL
Checks computer location settings
Credentials from Password Stores: Windows Credential Manager
Event Triggered Execution: Component Object Model Hijacking
Checks BIOS information in registry
Reads user/profile data of web browsers
Enumerates connected drives
Accesses cryptocurrency files/wallets, possible credential harvesting
Checks installed software on the system
Checks whether UAC is enabled
Writes to the Master Boot Record (MBR)
Legitimate hosting services abused for malware hosting/C2
Drops file in System32 directory
Boot or Logon Autostart Execution: Authentication Package
UPX packed file
Probable phishing domain
Drops file in Program Files directory
Drops file in Windows directory
Event Triggered Execution: Netsh Helper DLL
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Browser Information Discovery
Opens file in notepad (likely ransom note)
Enumerates system info in registry
Checks processor information in registry
Suspicious behavior: EnumeratesProcesses
Uses Task Scheduler COM API
Modifies system certificate store
Scheduled Task/Job: Scheduled Task
Suspicious use of WriteProcessMemory
NTFS ADS
Modifies data under HKEY_USERS
Suspicious use of AdjustPrivilegeToken
Modifies Internet Explorer settings
Uses Volume Shadow Copy WMI provider
Script User-Agent
Modifies registry class
Suspicious behavior: LoadsDriver
Suspicious use of SendNotifyMessage
Uses Volume Shadow Copy service COM API
Kills process with taskkill
Checks SCSI registry key(s)
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SetWindowsHookEx
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-10-19 23:15
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-19 23:15
Reported
2024-10-19 23:40
Platform
win10v2004-20241007-en
Max time kernel
1154s
Max time network
1498s
Command Line
Signatures
Lumma Stealer, LummaC
Modifies WinLogon for persistence
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit = "C:\\Windows\\system32\\userinit.exe," | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit = "C:\\Windows\\system32\\userinit.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Suspicious use of NtCreateUserProcessOtherParentProcess
| Description | Indicator | Process | Target |
| PID 5340 created 3452 | N/A | C:\Users\Admin\Downloads\MBSetup.exe | C:\Windows\Explorer.EXE |
Wannacry
Deletes shadow copies
Downloads MZ/PE file
Drops file in Drivers directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SysWOW64\drivers\mbamtestfile.dat | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| File created | C:\Windows\SysWOW64\drivers\mbamtestfile.dat | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| File created | C:\Windows\system32\drivers\mbae64.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\MbamElam.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\MbamElam.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\mbamswissarmy.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\mbam.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\drivers\mbamtestfile.dat | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| File created | C:\Windows\SysWOW64\drivers\mbamtestfile.dat | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\MbamChameleon.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\mwac.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\farflt.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Modifies RDP port number used by Windows
Modifies Windows Firewall
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\system32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\system32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\system32\netsh.exe | N/A |
Sets service image path in registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\MBAMSwissArmy\ImagePath = "\\SystemRoot\\System32\\Drivers\\mbamswissarmy.sys" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\mbamchameleon\ImagePath = "\\SystemRoot\\System32\\Drivers\\MbamChameleon.sys" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\is-AVTAM.tmp\7l_csgo_latest_setup.tmp | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
Credentials from Password Stores: Windows Credential Manager
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Impair Defenses: Safe Mode Boot
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\MBAMService | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\MBAMService\ = "Service" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
Loads dropped DLL
Reads user/profile data of web browsers
Accesses cryptocurrency files/wallets, possible credential harvesting
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Program Files\Counter-Strike Global Offensive\Run_CS2.exe | N/A |
Enumerates connected drives
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
Boot or Logon Autostart Execution: Authentication Package
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\Lsa\Notification Packages = 73006300650063006c00690000000000 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\Lsa\Authentication Packages = 6d007300760031005f00300000000000 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\21EA03E12A6F9D076B6BC3318EA9363E_6EF0095DA824AE045AE9FC5B645DF095 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\07CEF2F654E3ED6050FFC9B6EB844250_D94F4A82266DCEDAC0F3F1BFD0843F4D | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netvchannel.inf_amd64_ba3e73aa330c95d6\netvchannel.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\net819xp.inf_amd64_ff7a5dd4f9b1ceba\net819xp.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\mwlu97w8x64.inf_amd64_23bc3dc6d91eebdc\mwlu97w8x64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\38D10539991D1B84467F968981C3969D_C92678066E2B4B4986BC7641EEC08637 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9EC3B71635F8BA3FC68DE181A104A0EF_10CFC0D4C45D2E76B7EA49C8C22BEDFE | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\ndisimplatformmp.inf_amd64_8de1181bfd1f1628\ndisimplatformmp.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\net8192su64.inf_amd64_66c8bfc7a4b1feed\net8192su64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netathrx.inf_amd64_220db23f5419ea8d\netathrx.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netathr10x.inf_amd64_2691c4f95b80eb3b\netathr10x.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FA0E447C3E79584EC91182C66BBD2DB7 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\wnetvsc.inf_amd64_9a5b429abc465278\wnetvsc.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netwlv64.inf_amd64_0b9818131664d91e\netwlv64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\msux64w10.inf_amd64_5aa81644af5957b3\msux64w10.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{678334b1-2c16-5b48-9d24-ec795459942a}\SET4420.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\201DA8C72BE195AF55036D85719C6480 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\System32\ntdll.pdb | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\1B1401C7EC8E96BC79CBFD92F9DF762D_E35D496D1CD0B884BEBCAFED0FE61600 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\42B9A473B4DAF01285A36B4D3C7B1662_178C086B699FD6C56B804AF3EF759CB5 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netwmbclass.inf_amd64_dba6eeaf0544a4e0\netwmbclass.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netrtwlane01.inf_amd64_b02695ef070d7a42\netrtwlane01.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\net8185.inf_amd64_7a30f5a9441cd55b\net8185.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\System32\DriverStore\Temp\{678334b1-2c16-5b48-9d24-ec795459942a} | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\CatRoot2\dberr.txt | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9E5AF9A59B2A0198F537F5F6F7EBA776_57ABCF7C80DDF20409A123C0B25EDA1D | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A334956C3F99BD182BF4859935BADE72_FACA7E02B2152427A5B3C5BC1AC9CE92 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\66AE3BFDF94A732B262342AD2154B86E_0D0888CE7AC1F2D5AD77780722B1FE14 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\dc21x4vm.inf_amd64_3294fc34256dbb0e\dc21x4vm.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netimm.inf_amd64_8b2087393aaef952\netimm.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\Temp\{678334b1-2c16-5b48-9d24-ec795459942a}\SET441F.tmp | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Malwarebytes\Logs\MBAMSI.alt1.lock | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\21EA03E12A6F9D076B6BC3318EA9363E_6EF0095DA824AE045AE9FC5B645DF095 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3E3E9689537B6B136ECF210088069D55_EF6C9357BB54DDB629FD2D79F1594F95 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9E5AF9A59B2A0198F537F5F6F7EBA776_57ABCF7C80DDF20409A123C0B25EDA1D | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\net9500-x64-n650f.inf_amd64_e92c5a65e41993f9\net9500-x64-n650f.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\net44amd.inf_amd64_450d4b1e35cc8e0d\net44amd.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netwew01.inf_amd64_153e01d761813df2\netwew01.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\572BF21E454637C9F000BE1AF9B1E1A9 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8EC9B1D0ABBD7F98B401D425828828CE_466BAFE78D4077069B6C3828315C7C8D | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C56C4404C4DEF0DC88E5FCD9F09CB2F1 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netloop.inf_amd64_762588e32974f9e8\netloop.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netrtl64.inf_amd64_8e9c2368fe308df2\netrtl64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7447D0CD4A15D8A8E94E184F8B1DF8DF | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\206742EA5671D0AFB286434AEACBAD29 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\System32\taskkill.pdb | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netrndis.inf_amd64_be4ba6237d385e2e\netrndis.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0F7456FD78DEB390E51DB22FDEB14606 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\System32\repdrvfs.pdb | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DA3B6E45325D5FFF28CF6BAD6065C907_FBEAFB4EE7383EC8E0A3A2C1EC7FCEAC | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DA3B6E45325D5FFF28CF6BAD6065C907_FBEAFB4EE7383EC8E0A3A2C1EC7FCEAC | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\usbnet.inf_amd64_9e6bb7a4b7338267\usbnet.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\kdnic.inf_amd64_6649425cdcae9b5f\kdnic.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\b57nd60a.inf_amd64_77a731ab08be20a5\b57nd60a.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0F7456FD78DEB390E51DB22FDEB14606 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7B8944BA8AD0EFDF0E01A43EF62BECD0_2E01D413E600DA01958BFB19A6EF6010 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netl1e64.inf_amd64_8d5ca5ab1472fc44\netl1e64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netk57a.inf_amd64_d823e3edc27ae17c\netk57a.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C3E814D1CB223AFCD58214D14C3B7EAB | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8890A77645B73478F5B1DED18ACBF795_C090A8C88B266C6FF99A97210E92B44D | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\bcmdhd64.inf_amd64_e0bae6831f60ea5f\bcmdhd64.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netwtw08.inf_amd64_7c0c516fb22456cd\netwtw08.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netsstpa.inf_amd64_e76c5387d67e3fd6\netsstpa.PNF | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
Probable phishing domain
| Description | Indicator | Process | Target |
| HTTP URL | https://insanitycheats.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d5488211d1479c6 | N/A | N/A |
| HTTP URL | https://insanitycheats.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d54885538c679c6 | N/A | N/A |
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Numerics.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Security.Cryptography.OpenSsl.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\pt-BR\UIAutomationTypes.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\ru\System.Windows.Controls.Ribbon.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\SQLitePCLRaw.batteries_v2.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Collections.Specialized.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.IO.FileSystem.Primitives.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\es\WindowsFormsIntegration.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\PresentationFramework.Aero2.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\tr\PresentationFramework.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\zh-Hant\System.Windows.Input.Manipulations.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\api-ms-win-crt-private-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Net.ServicePoint.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Net.Sockets.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\pl\PresentationFramework.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Runtime.Serialization.Formatters.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\Prism.Container.Extensions.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.cat | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\api-ms-win-crt-locale-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Diagnostics.Process.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Net.WebSockets.Client.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\fr\UIAutomationTypes.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\pl\System.Windows.Forms.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\Prism.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Windows.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\Microsoft.WindowsDesktop.App.deps.json | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\ru\UIAutomationClient.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\zh-Hans\UIAutomationProvider.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json.bak | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.ComponentModel.EventBasedAsync.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\mbae64.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\MBAMShim.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\api-ms-win-core-file-l1-2-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Memory.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\pt-BR\PresentationCore.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\zh-Hans\System.Windows.Forms.Design.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\System.Diagnostics.EventLog.Messages.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\api-ms-win-crt-string-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\mscorrc.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.IO.MemoryMappedFiles.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\fr\PresentationFramework.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\ko\UIAutomationClient.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\ru\WindowsFormsIntegration.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\PresentationFramework.Classic.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\pt-BR\System.Windows.Input.Manipulations.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\mbuns.exe\:SmartScreen:$DATA | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\api-ms-win-core-namedpipe-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Diagnostics.StackTrace.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Net.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\cs\WindowsBase.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\fr\UIAutomationClientSideProviders.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\clretwrc.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Reflection.Primitives.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\System.DirectoryServices.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\tr\WindowsBase.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\MbamPt.exe | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\api-ms-win-crt-stdio-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\hostpolicy.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\fr\ReachFramework.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.UI.Theme.Light.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.NETCore.App\6.0.33\System.Runtime.InteropServices.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\vcruntime140_cor3.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\cs\Microsoft.VisualBasic.Forms.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\shared\Microsoft.WindowsDesktop.App\6.0.33\pt-BR\UIAutomationClient.resources.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\inf\oem3.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File created | C:\Windows\inf\oem3.inf | C:\Windows\system32\DrvInst.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe | N/A |
| File opened for modification | C:\Windows\INF\setupapi.dev.log | C:\Windows\system32\svchost.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
Event Triggered Execution: Netsh Helper DLL
| Description | Indicator | Process | Target |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\notepad.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\notepad.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Temp1_Verusloader.zip\Vеrus\Verus.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\undetek-v6.9.6.9.4.2\undetek-v6.9.6.9.4.2\undetek-v6.9.6.9.4.2.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\7l_csgo_latest_setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\is-AVTAM.tmp\7l_csgo_latest_setup.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Counter-Strike Global Offensive\Run_CS2.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\ConfigFlags | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0009 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\HardwareID | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\CompatibleIDs | C:\Windows\system32\DrvInst.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Phantom | C:\Windows\system32\DrvInst.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\mbam.exe = "11000" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\mbamtray.exe = "11000" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\ | C:\Program Files\Counter-Strike Global Offensive\Run_CS2.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\Run_CS2.exe = "11001" | C:\Program Files\Counter-Strike Global Offensive\Run_CS2.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\Malwarebytes.exe = "11000" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\15.0\Common | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\16.0 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\16.0\Common | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\16.0 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\ROOT | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications\malwarebytes:\ | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\Software\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\15.0\Common | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\16.0\Common | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Windows\system32\DrvInst.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MB.UpdateController | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B8E2CB10-C8DE-4225-ABBB-6CE77FF04FFA}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B471ACFB-E67A-4BE9-A328-F6A906DDDEAA}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2650A9C4-A53C-4BEF-B766-7405B4D5562B}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C0D8223D-D594-4147-BAD8-1E2B54ED1990} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E4BDE5F8-F8D4-4E50-937F-85E8382A9FEE}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B1D8E799-D5A2-45B4-9524-067144A201E4}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Moniker = "cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B32065E5-189E-4C5F-AA59-32A158BAF5B7}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F49090F8-7DC6-4CBC-893A-C1B3DCF88D87} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E32ABD9A-1CBD-44A5-8A62-55D347D3C4F0}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F1E58D1A-2918-4508-908A-601219B2CCC6}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E03FDF96-969E-4700-844D-7F754F1657EF}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{983849D5-BFE9-43E9-A9A0-CBAFBC917F39}\ = "_ICleanControllerEventsV4" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6696D5DD-4143-482C-ABF4-3B215CF3DBFC}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8A574BA8-3535-41F9-AB73-FA93F8A7DC3B}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{50538523-AA2F-40D3-9B58-DB51D5BD3D4A}\TypeLib\ = "{783B187E-360F-419C-B6DA-592892764A01}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9A30501F-26D0-4C5F-818A-9F7DFC5F8ABC}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D51C573D-B305-4980-8DFF-076C1878CCFB}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{68E3012A-E3EC-4D66-9132-4E412F487165}\TypeLib\ = "{5709DEEB-F05E-4D5C-8DC4-3B0D924EE08F}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B471ACFB-E67A-4BE9-A328-F6A906DDDEAA}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{18C5830A-FF78-4172-9DFB-E4016D1C1F31}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B1D8E799-D5A2-45B4-9524-067144A201E4}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1917B432-C1CE-4A96-A08E-A270E00E5B23}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{11D1E5E8-14E1-4B5B-AE1A-2678CB91E8E5}\ProgID\ = "MB.CleanController.1" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D81C2A20-D03D-40D4-A371-A499633A2AD3} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{CDA4F172-98EF-4DF6-89AB-852D1B0EC2D4}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{237E618C-D739-4C8A-9F72-5CD4EF91CBE5}\TypeLib\ = "{49F6AC60-2104-42C6-8F71-B3916D5AA732}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B860FC17-5606-4F3A-8AE5-E1C139D8BDE3}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{36F3C7D7-BCB1-4359-AB71-0CB816FE3D38} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1861D707-8D71-497D-8145-62D5CBF4222F}\TypeLib\ = "{5709DEEB-F05E-4D5C-8DC4-3B0D924EE08F}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{503084FD-0743-46C7-833F-D0057E8AC505} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{4163399F-AB08-4E5E-BE28-6B9440393AD3}\TypeLib\ = "{49F6AC60-2104-42C6-8F71-B3916D5AA732}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{08932AD2-C415-4DE8-821D-5AF7A5658483} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D88AC9B4-2BC3-4215-9547-4F05743AE67B}\TypeLib\ = "{49F6AC60-2104-42C6-8F71-B3916D5AA732}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{014D0CF7-ACC9-4004-B999-7BDBAAD274B7} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{36F3C7D7-BCB1-4359-AB71-0CB816FE3D38}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7196E77C-8EA5-4824-92C9-BAE8671149FA}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BF474111-9116-45C6-AF53-209E64F1BB53}\Version\ = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DE35F2CA-6335-49BA-8E86-F6E246CFCEA6}\TypeLib\ = "{C731375E-3199-4C88-8326-9F81D3224DAD}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1861D707-8D71-497D-8145-62D5CBF4222F}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F77B440A-6CBC-4AFD-AA22-444552960E50} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E230930A-6CC2-4B9D-8CE1-03F86A8EDA05}\TypeLib\ = "{5709DEEB-F05E-4D5C-8DC4-3B0D924EE08F}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MBAMExt.MBAMShlExt\ = "MBAMShlExt Class" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{115D004C-CC20-4945-BCC8-FE5043DD42D0} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{99E6F3FE-333C-462C-8C39-BC27DCA4A80E}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6B2CCE9B-6446-450F-9C9D-542CD9FA6677}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{698A4513-65F0-46A3-9633-220A6E4D1D07}\TypeLib\ = "{2446F405-83F0-460F-B837-F04540BB330C}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7196E77C-8EA5-4824-92C9-BAE8671149FA}\ = "_ISPControllerEventsV2" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{BD221458-5E85-4235-B1EF-4658F6751519}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{106E3995-72F9-458A-A317-9AFF9E45A1F0}\ = "ILogEntry" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7968A0D1-5C9E-4F28-8C2F-E215BC7DF146}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{0E64B3CF-7D56-4F76-8B9F-A6CD0D3393AE}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{25321640-5EF1-4095-A0DA-30DE19699441}\TypeLib\ = "{A82129F1-32E1-4D79-A39F-EBFEE53A70BF}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FB81F893-5D01-4DFD-98E1-3A6CB9C3E63E}\ = "IMWACControllerV12" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4163399F-AB08-4E5E-BE28-6B9440393AD3}\ = "IMWACControllerV13" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{964AD404-A1EF-4EDA-B8FA-1D8003B29B10}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{DE03E614-112D-43E0-8E15-E7236CC32108}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{993A5C11-A9B8-41E9-9088-C5182B1F279A}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{834906DC-FA0F-4F61-BC62-24B0BEB3769C}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{893E5593-9490-4E90-9F1E-0B786EC41470}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DAD5232C-6E05-4458-9709-0B4DCB22EA09}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C5201562-332D-4385-87E7-2BB41B1694AA} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9B1790AB-65B0-4F50-812F-7CC86FA94AF7}\TypeLib\ = "{FFB94DF8-FC15-411C-B443-E937085E2AC1}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 040000000100000010000000d474de575c39b2d39c8583c5c065498a0f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc30b00000001000000120000004400690067006900430065007200740000001d00000001000000100000008f76b981d528ad4770088245e2031b630300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25190000000100000010000000ba4f3972e7aed9dccdc210db59da13c92000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\7B0F360B775F76C94A12CA48445AA2D2A875701C\Blob = 0300000001000000140000007b0f360b775f76c94a12ca48445aa2d2a875701c1400000001000000140000006837e0ebb63bf85f1186fbfe617b088865f44e42040000000100000010000000d91299e84355cd8d5a86795a0118b6e90f000000010000003000000065b1d4076a89ae273f57e6eeedecb3eae129b4168f76fa7671914cdf461d542255c59d9b85b916ae0ca6fc0fcf7a8e64190000000100000010000000a344f71a7a52a76ee49b74b1d8816b155c000000010000000400000000100000180000000100000010000000ffac207997bb2cfe865570179ee037b92000000001000000b4060000308206b030820498a003020102021008ad40b260d29c4c9f5ecda9bd93aed9300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3231303432393030303030305a170d3336303432383233353935395a3069310b300906035504061302555331173015060355040a130e44696769436572742c20496e632e3141303f060355040313384469676943657274205472757374656420473420436f6465205369676e696e6720525341343039362053484133383420323032312043413130820222300d06092a864886f70d01010105000382020f003082020a0282020100d5b42f42d028ad78b75dd539591bb18842f5338ceb3d819770c5bbc48526309fa48e68d85cf5eb342407e14b4fd37843f417d71edaf9d2d5671a524f0ea157fc8899c191cc81033e4d702464b38de2087d347d4c8057126b439a99f2c53b1ff2efcb475a13a64cb3012025f310d38bb2fb08f08ae09d09c065a7fa98804935873d5119e8902178452ea19f2ce118c21accc5ee93497042328ffbc6ea1cf3656891a24d4c8211485268de10bd14575de8181365c57fb24f852c48a4568435d6f92e9caa0015d137fe1a0694c27cc8ea1b32e6cac2f4a7a3030e74a5af39b6ab6012e3e8d6b9f731e1dcade418a0d8c1234747b3a10f6ea3ab6d9806831bb76a672dd2bd441a9210818fb03b09d7c79b325ac2ff6a60548b49c193ede1b45ce06feb26f98cd5b2f93810e6eace91f5bed3fb6f9361345cbc93452883362a66285fb073ce8b262506b283d45cf615194ced62e05e33f2e8e8ec0aa7b0032b91b23679bef7ad081e75a665ccbbe34850f377911afedb50a246c8615898f57c02163c8328ad3986ecd4b70d53d0f847e675308dec30937614a65b4b5d74614d3f129176debf58cb72102941f0d5c56d267668114113589adc262b01f4894d59db78cf814a3e40475fc98150738510232159608a6454c1cc211ae838197c661ccd78384530994fff634f4cbbaa0d0853417c583d47b3fab6ec8c320902cc6c3c0c56110203010001a38201593082015530120603551d130101ff040830060101ff020100301d0603551d0e041604146837e0ebb63bf85f1186fbfe617b088865f44e42301f0603551d23041830168014ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300e0603551d0f0101ff04040302018630130603551d25040c300a06082b06010505070303307706082b06010505070101046b3069302406082b060105050730018618687474703a2f2f6f6373702e64696769636572742e636f6d304106082b060105050730028635687474703a2f2f636163657274732e64696769636572742e636f6d2f446967694365727454727573746564526f6f7447342e63727430430603551d1f043c303a3038a036a0348632687474703a2f2f63726c332e64696769636572742e636f6d2f446967694365727454727573746564526f6f7447342e63726c301c0603551d20041530133007060567810c01033008060667810c010401300d06092a864886f70d01010c050003820201003a23443d8d0876ee8fbc3a99d356e0021aa5f84834f32cb6e67466f79472b100caaf6c302713129e90449f4bfd9ea37c26d537bc3a5d486d95d53f49f427bb16814550fd9cbdb685e0767e3771cb22f75aaa90cff5936ae3eb20d1d55079889a8a8ac1b6bda148187edcd8801a111918cd61998156f6c9e376e7c4e41b5f43f83e94ff76393d9ed499cf4add28eb5f26a1955848d51afed7273ffd90d17686dd1cb0605cf30da8eee089a1bd39e1384eda6ebb369dfbe521535ac3cae96af1a23edb43b833c84f38149299f5ddce546dd95d02141f40337c03e295b2c221757352cb46d8c4341ca2a54b8dcd6f76372c853f1ace26e918be9007b0437f9588208270f0cccaeffd29355c1f893855f7378a8b09a1cb0be9311aff2e195c3971e1be9ca70a06d62667b792e64e5fde7aac49cf2ea47492addb3ca49c861fe3c1561b2b23ff8fb5ea887b706be6a0bafd3a3f45a6c4e81691528b41c048844b964dab4440e38df01528ceedf11856072a2f10c40c08643c338fae288c3ccb8f880b0dbf3bf4ce1e7b8eefb5ebcbb7f07713e6e7283fac12aea52f226c41f9825c1566cc6c0ecac586c3f626330c074ba0d307026a6a4030484b34a85120bbad1b8508e2590d6dca05502bea4a1c9ea5fda0a71f0674e7f2d65290fdaf854821f9573bb49c03ed8645f4b4616ebf68e2266086eac8afa9fe941de7631b3a8656784e | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\0D44DD8C3C8C1A1A58756481E90F2E2AFFB3D26E | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\0D44DD8C3C8C1A1A58756481E90F2E2AFFB3D26E\Blob = 0300000001000000140000000d44dd8c3c8c1a1a58756481e90f2e2affb3d26e2000000001000000ba010000308201b63082015ba0030201020213066c9fd5749736663f3b0b9ad9e89e7603f24a300a06082a8648ce3d0403023039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412033301e170d3135303532363030303030305a170d3430303532363030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f7420434120333059301306072a8648ce3d020106082a8648ce3d030107034200042997a7c6417fc00d9be8011b56c6f252a5ba2db212e8d22ed7fac9c5d8aa6d1f73813b3b986b397c33a5c54e868e8017686245577d44581db337e56708eb66dea3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414abb6dbd7069e37ac3086079170c79cc419b178c0300a06082a8648ce3d0403020349003046022100e08592a317b78df92b06a593ac1a98686172fae1a1d0fb1c7860a64399c5b8c40221009c02eff1949cb396f9ebc62af8b62cfe3a901416d78c6324481cdf307dd5683b | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868\Blob = 5c00000001000000040000000008000019000000010000001000000045ed9bbc5e43d3b9ecd63c060db78e5c03000000010000001400000002faf3e291435468607857694df5e45b6885186868000000010000000800000000409120d035d9017e0000000100000008000000000063f58926d7011d000000010000001000000006f9583c00a763c23fb9e065a3366d55140000000100000014000000adbd987a34b426f7fac42654ef03bde024cb541a620000000100000020000000687fa451382278fff0c8b11f8d43d576671c6eb2bceab413fb83d965d06d2ff20b00000001000000260000005300650063007400690067006f0020002800410064006400540072007500730074002900000053000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000001400000009b9105c5bba24343ca7f341c624e183f6ee7c1b0400000001000000100000001d3554048578b03f42424dbf20730a3f20000000010000003a040000308204363082031ea003020102020101300d06092a864886f70d0101050500306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74301e170d3030303533303130343833385a170d3230303533303130343833385a306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100b7f71a33e6f200042d39e04e5bed1fbc6c0fcdb5fa23b6cede9b113397a4294c7d939fbd4abc93ed031ae38fcfe56d505ad69729945a80b0497adb2e95fdb8cabf37382d1e3e9141ad7056c7f04f3fe8329e74cac89054e9c65f0f789d9a403c0eac61aa5e148f9e87a16a50dcd79a4eaf05b3a671949c71b350600ac7139d38078602a8e9a869261890ab4cb04f23ab3a4f84d8dfce9fe1696fbbd742d76b44e4c7adee6d415f725a710837b37965a459a09437f7002f0dc29272dad03872db14a845c45d2a7db7b4d6c4eeaccd1344b7c92bdd430025fa61b9696a582311b7a7338f567559f5cd29d746b70a2b65b6d3426f15b2b87bfbefe95d53d5345a270203010001a381dc3081d9301d0603551d0e04160414adbd987a34b426f7fac42654ef03bde024cb541a300b0603551d0f040403020106300f0603551d130101ff040530030101ff3081990603551d2304819130818e8014adbd987a34b426f7fac42654ef03bde024cb541aa173a471306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74820101300d06092a864886f70d01010505000382010100b09be08525c2d623e20f9606929d41989cd9847981d91e5b14072336658fb0d877bbac416c47608351b0f9323de7fcf62613c78016a5bf5afc87cf787989219ae24c070a8635bcf2de51c4d296b7dc7e4eee70fd1c39eb0c0251142d8ebd16e0c1df4675e724adecf442b48593701067ba9d06354a18d32b7acc5142a17a63d1e6bba1c52bc236be130de6bd637e797ba7090d40ab6add8f8ac3f6f68c1a420551d445f59fa76221681520433c99e77cbd24d8a9911773883f561b313818b4710f9acdc80e9e8e2e1be18c9883cb1f31f1444cc604734976600fc7f8bd17806b2ee9cc4c0e5a9a790f200a2ed59e63261e559294d882175a7bd0bcc78f4e8604 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 0f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e42000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 04000000010000001000000078f2fcaa601f2fb4ebc937ba532e75490f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e4190000000100000010000000ffac207997bb2cfe865570179ee037b92000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\8DA7F965EC5EFC37910F1C6E59FDC1CC6A6EDE16 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 5c000000010000000400000000100000190000000100000010000000ffac207997bb2cfe865570179ee037b9030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e199604000000010000001000000078f2fcaa601f2fb4ebc937ba532e75492000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\8DA7F965EC5EFC37910F1C6E59FDC1CC6A6EDE16\Blob = 0300000001000000140000008da7f965ec5efc37910f1c6e59fdc1cc6a6ede162000000001000000450300003082034130820229a0030201020213066c9fcf99bf8c0a39e2f0788a43e696365bca300d06092a864886f70d01010b05003039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412031301e170d3135303532363030303030305a170d3338303131373030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f74204341203130820122300d06092a864886f70d01010105000382010f003082010a0282010100b2788071ca78d5e371af478050747d6ed8d78876f49968f7582160f97484012fac022d86d3a0437a4eb2a4d036ba01be8ddb48c80717364cf4ee8823c73eeb37f5b519f84968b0ded7b976381d619ea4fe8236a5e54a56e445e1f9fdb416fa74da9c9b35392ffab02050066c7ad080b2a6f9afec47198f503807dca2873958f8bad5a9f948673096ee94785e6f89a351c0308666a14566ba54eba3c391f948dcffd1e8302d7d2d747035d78824f79ec4596ebb738717f2324628b843fab71daacab4f29f240e2d4bf7715c5e69ffea9502cb388aae50386fdbfb2d621bc5c71e54e177e067c80f9c8723d63f40207f2080c4804c3e3b24268e04ae6c9ac8aa0d0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e041604148418cc8534ecbc0c94942e08599cc7b2104e0a08300d06092a864886f70d01010b0500038201010098f2375a4190a11ac57651282036230eaee628bbaaf894ae48a4307f1bfc248d4bb4c8a197f6b6f17a70c85393cc0828e39825cf23a4f9de21d37c8509ad4e9a753ac20b6a897876444718656c8d418e3b7f9acbf4b5a750d7052c37e8034bade961a0026ef5f2f0c5b2ed5bb7dcfa945c779e13a57f52ad95f2f8933bde8b5c5bca5a525b60af14f74befa3fb9f40956d3154fc42d3c7461f23add90f48709ad9757871d1724334756e5759c2025c266029cf2319168e8843a5d4e4cb08fb231143e843297262a1a95d5e08d490aeb8d8ce14c2d055f286f6c49343776661c0b9e841d7977860036e4a72aea5d17dba109e866c1b8ab95933f8ebc490bef1b9 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\5A8CEF45D7A69859767A8C8B4496B578CF474B1A\Blob = 0300000001000000140000005a8cef45d7a69859767a8c8b4496b578cf474b1a2000000001000000450500003082054130820329a0030201020213066c9fd29635869f0a0fe58678f85b26bb8a37300d06092a864886f70d01010c05003039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412032301e170d3135303532363030303030305a170d3430303532363030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f74204341203230820222300d06092a864886f70d01010105000382020f003082020a0282020100ad969f2d9c4a4c4a81795199ec8acb6b605113bc4d6d06fcb0088ddd19106ac7260c35d8c06f2084e994b19b8503c35bdb4ae8c8f89076d95b4fe34ce806364dcc9aac3d0c902b92d4061960ac374479858182ad5a37e00dcc9da64c5276ea439db704d150f655e0d5d2a64985e937e9ca7eae5c954d489a3fae205a6d8895d934b8521a4390b0bf6c05b9b678b7ead0e43a3c125362ff4af27bbe3505a91234e3f36474622c3d00495a28fe3244bb87dd652702713bda4af71fdacdf72155904f0fecae82e19f6bd945d3bbf05f87ed3c2c3986da3fdeec7255eb79a3addbdd7cb0ba1ccefcde4f3576cf0ff8781f6a36514627615be99ecff0a2557d7c258a6f2fb4c5cf842e2bfd0d51106cfb5f1bbc1b7ec5ae3b98013192ff0b57f49ab2b957e9abef0d76d1f0eef4ce86a7e06ee9b469a1df69f633c6692e97139ea587b057108137c953b3bb7ff692d19cd018f4926eda834fa663994ca5fb5eef21647a205f6c648515cb37e9620c0b2a16dc012e32da3e4bf59e3af6174094ef9e910886fabe63a85a33eccb744395f96c695236c7296ffc55035c1ffb9fbd47ebe74947950b4e89220949e0f5611ef1bf2e8a726e8059ff573af97532a34e5feced2862d94d73f2cc811760edcdebdcdba7cac57e02bdf2540854fdb42d092c17544a98d154e1516708d2ed6e7e6f3fd22d81592966cb903995111e7427feddebaf0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414b00cf04c30f405580248fd33e552af4b84e36652300d06092a864886f70d01010c05000382020100aaa8808f0e78a3e0a2d4cde6f5987a3bea0003b0970e93bc5aa8f62c8c7287a9b1fc7f73fd637178a58759cf30e10d10b2135a6d82f56ae6809fa0050b68e4476bc76adfb6fd773272e518fa09f4a0932c5dd28c75857665900c0379b7312363ad788309866884cafff9cf269a9279e7cd4bc5e761a717cbf3a91293936ba7e82f5392c46058b0cc0251185b858d625963b6adb4de9afb26f70027c05d55377499c9507fe3592e44e32c25eeec4c3277b49f1ae94b5d20c5dafd1c8716c643e8d4bb269a45705ea90b3753e2467b27fde046f289b7cc42b6cb28266ed9a5c93ac8411360f7508c15aeb26d1a151a5778e6922ad96590823f6c02afae123a27963604d71da28063a99bf1e5bab47c14b04ec9b11f745f38f651ea9bfa2ca211d4a92d271a45b1afb24e710dc05846d66906cb53cbb3fe6b41cd417e7d4c0f7c72797a59cd5e4a0eac9ba99873797cb4f4ccb9b8070cb2745cb8c76f88a190a7f4aaf9bf673af41a15621eb79fbe3db129af67a112f25810195303301bb81a89f69cbd97038ea309f31d8b21f1b4dfe41cd19f650206ea5cd613b384efa2a55c8c7729a768c06bae40d2a8b4eacdf08d4b389c199a1b2854b88990efca75813e1ef26424c718af4eff479e07f63565a4d30a56fff517646cefa822254993b6df0017da587e5deec51bb0d1d15f2110c7f9f3ba020a2707c5f1d6c7d3e0fb09606c | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F6108407D6F8BB67980CC2E244C2EBAE1CEF63BE\Blob = 030000000100000014000000f6108407d6f8bb67980cc2e244c2ebae1cef63be2000000001000000f6010000308201f230820178a0030201020213066c9fd7c1bb104c2943e5717b7b2cc81ac10e300a06082a8648ce3d0403033039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412034301e170d3135303532363030303030305a170d3430303532363030303030305a3039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f7420434120343076301006072a8648ce3d020106052b8104002203620004d2ab8a374fa3530dfec18a7b4ba87b464b63b062f62d1bdb087121d200e863bd9a27fbf0396e5dea3da5c981aaa35b2098455d16dbfde8106de39ce0e3bd5f8462f3706433a0cb242f70ba88a12aa075f881ae6206c481db396e29b01efa2e5ca3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414d3ecc73a656ecce1da769a56fb9cf3866d57e581300a06082a8648ce3d040303036800306502303a8b21f1bd7e11add0ef58962fd6eb9d7e908d2bcf6655c32ce328a9700a470ef0375912ff2d9994284e2a4f354d335a023100ea75004e3bc43a941291c958469d211372a7889c8ae44c4adb96d4ac8b6b6b49125333add7e4be24fcb50a76d4a5bc10 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868\Blob = 19000000010000001000000045ed9bbc5e43d3b9ecd63c060db78e5c03000000010000001400000002faf3e291435468607857694df5e45b6885186868000000010000000800000000409120d035d9017e0000000100000008000000000063f58926d7011d000000010000001000000006f9583c00a763c23fb9e065a3366d55140000000100000014000000adbd987a34b426f7fac42654ef03bde024cb541a620000000100000020000000687fa451382278fff0c8b11f8d43d576671c6eb2bceab413fb83d965d06d2ff20b00000001000000260000005300650063007400690067006f0020002800410064006400540072007500730074002900000053000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000001400000009b9105c5bba24343ca7f341c624e183f6ee7c1b20000000010000003a040000308204363082031ea003020102020101300d06092a864886f70d0101050500306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74301e170d3030303533303130343833385a170d3230303533303130343833385a306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100b7f71a33e6f200042d39e04e5bed1fbc6c0fcdb5fa23b6cede9b113397a4294c7d939fbd4abc93ed031ae38fcfe56d505ad69729945a80b0497adb2e95fdb8cabf37382d1e3e9141ad7056c7f04f3fe8329e74cac89054e9c65f0f789d9a403c0eac61aa5e148f9e87a16a50dcd79a4eaf05b3a671949c71b350600ac7139d38078602a8e9a869261890ab4cb04f23ab3a4f84d8dfce9fe1696fbbd742d76b44e4c7adee6d415f725a710837b37965a459a09437f7002f0dc29272dad03872db14a845c45d2a7db7b4d6c4eeaccd1344b7c92bdd430025fa61b9696a582311b7a7338f567559f5cd29d746b70a2b65b6d3426f15b2b87bfbefe95d53d5345a270203010001a381dc3081d9301d0603551d0e04160414adbd987a34b426f7fac42654ef03bde024cb541a300b0603551d0f040403020106300f0603551d130101ff040530030101ff3081990603551d2304819130818e8014adbd987a34b426f7fac42654ef03bde024cb541aa173a471306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74820101300d06092a864886f70d01010505000382010100b09be08525c2d623e20f9606929d41989cd9847981d91e5b14072336658fb0d877bbac416c47608351b0f9323de7fcf62613c78016a5bf5afc87cf787989219ae24c070a8635bcf2de51c4d296b7dc7e4eee70fd1c39eb0c0251142d8ebd16e0c1df4675e724adecf442b48593701067ba9d06354a18d32b7acc5142a17a63d1e6bba1c52bc236be130de6bd637e797ba7090d40ab6add8f8ac3f6f68c1a420551d445f59fa76221681520433c99e77cbd24d8a9911773883f561b313818b4710f9acdc80e9e8e2e1be18c9883cb1f31f1444cc604734976600fc7f8bd17806b2ee9cc4c0e5a9a790f200a2ed59e63261e559294d882175a7bd0bcc78f4e8604 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 5c000000010000000400000000080000190000000100000010000000ba4f3972e7aed9dccdc210db59da13c90300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc251d00000001000000100000008f76b981d528ad4770088245e2031b630b0000000100000012000000440069006700690043006500720074000000140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc36200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8040000000100000010000000d474de575c39b2d39c8583c5c065498a2000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae47420000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa22000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\D772DA0874059418FCDAACE3F4FF2AC964A852FF | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868\Blob = 0400000001000000100000001d3554048578b03f42424dbf20730a3f0f000000010000001400000009b9105c5bba24343ca7f341c624e183f6ee7c1b090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00b00000001000000260000005300650063007400690067006f00200028004100640064005400720075007300740029000000620000000100000020000000687fa451382278fff0c8b11f8d43d576671c6eb2bceab413fb83d965d06d2ff2140000000100000014000000adbd987a34b426f7fac42654ef03bde024cb541a1d000000010000001000000006f9583c00a763c23fb9e065a3366d557e0000000100000008000000000063f58926d70168000000010000000800000000409120d035d90103000000010000001400000002faf3e291435468607857694df5e45b6885186819000000010000001000000045ed9bbc5e43d3b9ecd63c060db78e5c20000000010000003a040000308204363082031ea003020102020101300d06092a864886f70d0101050500306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74301e170d3030303533303130343833385a170d3230303533303130343833385a306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100b7f71a33e6f200042d39e04e5bed1fbc6c0fcdb5fa23b6cede9b113397a4294c7d939fbd4abc93ed031ae38fcfe56d505ad69729945a80b0497adb2e95fdb8cabf37382d1e3e9141ad7056c7f04f3fe8329e74cac89054e9c65f0f789d9a403c0eac61aa5e148f9e87a16a50dcd79a4eaf05b3a671949c71b350600ac7139d38078602a8e9a869261890ab4cb04f23ab3a4f84d8dfce9fe1696fbbd742d76b44e4c7adee6d415f725a710837b37965a459a09437f7002f0dc29272dad03872db14a845c45d2a7db7b4d6c4eeaccd1344b7c92bdd430025fa61b9696a582311b7a7338f567559f5cd29d746b70a2b65b6d3426f15b2b87bfbefe95d53d5345a270203010001a381dc3081d9301d0603551d0e04160414adbd987a34b426f7fac42654ef03bde024cb541a300b0603551d0f040403020106300f0603551d130101ff040530030101ff3081990603551d2304819130818e8014adbd987a34b426f7fac42654ef03bde024cb541aa173a471306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74820101300d06092a864886f70d01010505000382010100b09be08525c2d623e20f9606929d41989cd9847981d91e5b14072336658fb0d877bbac416c47608351b0f9323de7fcf62613c78016a5bf5afc87cf787989219ae24c070a8635bcf2de51c4d296b7dc7e4eee70fd1c39eb0c0251142d8ebd16e0c1df4675e724adecf442b48593701067ba9d06354a18d32b7acc5142a17a63d1e6bba1c52bc236be130de6bd637e797ba7090d40ab6add8f8ac3f6f68c1a420551d445f59fa76221681520433c99e77cbd24d8a9911773883f561b313818b4710f9acdc80e9e8e2e1be18c9883cb1f31f1444cc604734976600fc7f8bd17806b2ee9cc4c0e5a9a790f200a2ed59e63261e559294d882175a7bd0bcc78f4e8604 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\7B0F360B775F76C94A12CA48445AA2D2A875701C | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\5A8CEF45D7A69859767A8C8B4496B578CF474B1A | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 040000000100000010000000be954f16012122448ca8bc279602acf5140000000100000014000000c87ed26a852a1bca1998040727cf50104f68a8a2030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa20f000000010000003000000041ce925678dfe0ccaa8089263c242b897ca582089d14e5eb685fca967f36dbd334e97e81fd0e64815f851f914ade1a1e1900000001000000100000009f687581f7ef744ecfc12b9cee6238f12000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\D772DA0874059418FCDAACE3F4FF2AC964A852FF\Blob = 030000000100000014000000d772da0874059418fcdaace3f4ff2ac964a852ff140000000100000014000000246593980801e84ed4d64cea6455e1c0fafbcfb3040000000100000010000000fe9ab1791f2f2a2a01fce48d6b2a093c0f000000010000003000000054de7e1f5b9b2c1834c8e4fedef7bec89e6e7117ef761a80d1bccec1d63888d0d4ad1b6c5c6a4ea556436ddd29aaf904190000000100000010000000ce4cfdd3ed415f0993c3c8bd5428ecbb5c0000000100000004000000000c0000180000000100000010000000ea6089055218053dd01e37e1d806eedf200000000100000048060000308206443082042ca0030201020211009e02b0e94aceb2109ca1e9836be0c2db300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3231303532353030303030305a170d3336303532343233353935395a304f310b300906035504061302474231183016060355040a130f5365637469676f204c696d69746564312630240603550403131d5365637469676f2052534120436f6465205369676e696e672043412032308201a2300d06092a864886f70d01010105000382018f003082018a0282018100bb7bff8fbf4b2d43b6f1661c00ff8d9d2a7840c4234c4349a709395a45510b16fdee6031f53470e363075bec932a725a16385216091d2f53efa83eec3aa07ba25348802d95959b14ddb213f617c13b2612049cde3d4c4a3d33c30c26256f3d6e0f9503b18433c690499ef9e636778f006324606f5d61e44d1b0df783548cbc4f8a7c20f42a20aa61a02d902877d351569c94cca6f421cad8be289a4a1e5486c3f6ec6c6ac10e69d339b273758ff0abf75b77391ea30672e23287f97fc61413e468911d33a9c7b3302db6a9c581ef21848aba96ec110364e5dfbaa9c18d4e7e2cdffbc380c1a8296a321225fa20451c29f5549adf8ae067f1310f0a11c63170afbc803b177ec3f23626be3c37cf37b85d795497b8bbc37f76056a359f8213194f2af37dc9b988166a4c38d82b61e5615b571a0ec7fd7bb76b0a42401ff30fe0ec70ba6a79571889c71df7309f430a0715067245a3575ebfa3ed584c62197566c21b0175a6560d1461b5765bf137b4040503c1c4a3ff5dcaf49dbae72f16f6b67b0203010001a382015f3082015b301f0603551d230418301680145379bf5aaa2b4acf5480e1d89bc09df2b20366cb301d0603551d0e04160414246593980801e84ed4d64cea6455e1c0fafbcfb3300e0603551d0f0101ff04040302018630120603551d130101ff040830060101ff02010030130603551d25040c300a06082b06010505070303301b0603551d200414301230060604551d20003008060667810c01040130500603551d1f044930473045a043a041863f687474703a2f2f63726c2e7573657274727573742e636f6d2f55534552547275737452534143657274696669636174696f6e417574686f726974792e63726c307106082b0601050507010104653063303a06082b06010505073002862e687474703a2f2f6372742e7573657274727573742e636f6d2f55534552547275737452534141414143412e637274302506082b060105050730018619687474703a2f2f6f6373702e7573657274727573742e636f6d300d06092a864886f70d01010c0500038202010055d1f2be5bc5485740e5ecd9faeffd6b92fca8754779e9cfc23d14f9a109e565b9ad9fbc4ef29da2e735cccfa2392b472bc0e0ba36902366d1126488d95751add00f6f5f8a90cf1bb17a6956fac2400a85bfe1bae0cd72337817684ef2eb0276135b8529532e1d3caf14b46c0333f437a1ed90453ff573bca9925017ebfe39ca4640eafba3b4179b585ac5004f6cd30cc05f6f867781a63d2516f62fa249f093bed557723cb3c8d21b129930221003f64a89e0928fa8c338600f2156d4ebab5733a777dd27e591539e2f671f4bc38bf4656392ce9512561e1daee2ed8074beec4dfeecc717d79493974c464cc54662e53b9d1a08c0630ad519cc0ab089cc8b2e084578d969ec7d0db7cf86a12ec3e0860e3709e44bc50c73c8f628dc9ed5959a235771ce406d9d5bea1bc3b2492444f41004caeda6925f54d6097b3ab992d310111499b6ce40ffe5c6a3776635adec33a03bc8c69e3ea19985587cb1a85a38e62e53ac7ffd133beb57d46dfdf21ce2f78cb42ef6d754ef23ed29b10ccb1f9a3cd82f9e0d66499f508786a0f1f9ca1cb01dc3f14c9efcd3a64feef466b642d170b95b948385bbd44479771188b1a071eafa4bf0ff8708cd8a8866ba87405c9488d8ad0a0742f7bee4cb993791318d9a6810fe9a03bc150226b79e70bd19804cecf00280fbff4ca2b76ebfe3d8e4dcf7c8856b986ed21371dceecac9ae317e7b05 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\02FAF3E291435468607857694DF5E45B68851868\Blob = 0f000000010000001400000009b9105c5bba24343ca7f341c624e183f6ee7c1b090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00b00000001000000260000005300650063007400690067006f00200028004100640064005400720075007300740029000000620000000100000020000000687fa451382278fff0c8b11f8d43d576671c6eb2bceab413fb83d965d06d2ff2140000000100000014000000adbd987a34b426f7fac42654ef03bde024cb541a1d000000010000001000000006f9583c00a763c23fb9e065a3366d557e0000000100000008000000000063f58926d70168000000010000000800000000409120d035d90103000000010000001400000002faf3e291435468607857694df5e45b6885186820000000010000003a040000308204363082031ea003020102020101300d06092a864886f70d0101050500306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74301e170d3030303533303130343833385a170d3230303533303130343833385a306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100b7f71a33e6f200042d39e04e5bed1fbc6c0fcdb5fa23b6cede9b113397a4294c7d939fbd4abc93ed031ae38fcfe56d505ad69729945a80b0497adb2e95fdb8cabf37382d1e3e9141ad7056c7f04f3fe8329e74cac89054e9c65f0f789d9a403c0eac61aa5e148f9e87a16a50dcd79a4eaf05b3a671949c71b350600ac7139d38078602a8e9a869261890ab4cb04f23ab3a4f84d8dfce9fe1696fbbd742d76b44e4c7adee6d415f725a710837b37965a459a09437f7002f0dc29272dad03872db14a845c45d2a7db7b4d6c4eeaccd1344b7c92bdd430025fa61b9696a582311b7a7338f567559f5cd29d746b70a2b65b6d3426f15b2b87bfbefe95d53d5345a270203010001a381dc3081d9301d0603551d0e04160414adbd987a34b426f7fac42654ef03bde024cb541a300b0603551d0f040403020106300f0603551d130101ff040530030101ff3081990603551d2304819130818e8014adbd987a34b426f7fac42654ef03bde024cb541aa173a471306f310b300906035504061302534531143012060355040a130b416464547275737420414231263024060355040b131d41646454727573742045787465726e616c20545450204e6574776f726b312230200603550403131941646454727573742045787465726e616c20434120526f6f74820101300d06092a864886f70d01010505000382010100b09be08525c2d623e20f9606929d41989cd9847981d91e5b14072336658fb0d877bbac416c47608351b0f9323de7fcf62613c78016a5bf5afc87cf787989219ae24c070a8635bcf2de51c4d296b7dc7e4eee70fd1c39eb0c0251142d8ebd16e0c1df4675e724adecf442b48593701067ba9d06354a18d32b7acc5142a17a63d1e6bba1c52bc236be130de6bd637e797ba7090d40ab6add8f8ac3f6f68c1a420551d445f59fa76221681520433c99e77cbd24d8a9911773883f561b313818b4710f9acdc80e9e8e2e1be18c9883cb1f31f1444cc604734976600fc7f8bd17806b2ee9cc4c0e5a9a790f200a2ed59e63261e559294d882175a7bd0bcc78f4e8604 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F6108407D6F8BB67980CC2E244C2EBAE1CEF63BE | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\1C58A3A8518E8759BF075B76B750D4F2DF264FCD | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\1C58A3A8518E8759BF075B76B750D4F2DF264FCD\Blob = 0300000001000000140000001c58a3a8518e8759bf075b76b750d4f2df264fcd2000000001000000c2040000308204be308203a6a003020102021006d8d904d5584346f68a2fa754227ec4300d06092a864886f70d01010b05003061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f74204341301e170d3231303431343030303030305a170d3331303431333233353935395a304f310b300906035504061302555331153013060355040a130c446967694365727420496e633129302706035504031320446967694365727420544c53205253412053484132353620323032302043413130820122300d06092a864886f70d01010105000382010f003082010a0282010100c14bb3654770bcdd4f58dbec9cedc366e51f311354ad4a66461f2c0aec6407e52edcdcb90a20eddfe3c4d09e9aa97a1d8288e51156db1e9f58c251e72c340d2ed292e156cbf1795fb3bb87ca25037b9a52416610604f571349f0e8376783dfe7d34b674c2251a6df0e9910ed57517426e27dc7ca622e131b7f238825536fc13458008b84fff8bea75849227b96ada2889b15bca07cdfe951a8d5b0ed37e236b4824b62b5499aecc767d6e33ef5e3d6125e44f1bf71427d58840380b18101faf9ca32bbb48e278727c52b74d4a8d697dec364f9cace53a256bc78178e490329aefb494fa415b9cef25c19576d6b79a72ba2272013b5d03d40d321300793ea99f50203010001a38201823082017e30120603551d130101ff040830060101ff020100301d0603551d0e04160414b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4301f0603551d2304183016801403de503556d14cbb66f0a3e21b1bc397b23dd155300e0603551d0f0101ff040403020186301d0603551d250416301406082b0601050507030106082b06010505070302307606082b06010505070101046a3068302406082b060105050730018618687474703a2f2f6f6373702e64696769636572742e636f6d304006082b060105050730028634687474703a2f2f636163657274732e64696769636572742e636f6d2f4469676943657274476c6f62616c526f6f7443412e63727430420603551d1f043b30393037a035a0338631687474703a2f2f63726c332e64696769636572742e636f6d2f4469676943657274476c6f62616c526f6f7443412e63726c303d0603551d2004363034300b06096086480186fd6c02013007060567810c01013008060667810c0102013008060667810c0102023008060667810c010203300d06092a864886f70d01010b050003820101008032ce5e0bdd6e5a0d0aafe1d684cbc08efa8570edda5db30cf72b7540fe850afaf33178b7704b1a8958ba80bdf36b1de97ecf0bba589c59d490d3fd6cfdd0986db771825bcf6d0b5a09d07bdec443d82aa4de9e41265fbb8f99cbddaee1a86f9f87fe74b71f1b20abb14fc6f5675d5d9b3ce9ff69f7616cd6d9f3fd36c6ab038876d24b2e7586e3fcd8557d26c21177df3e02b67cf3ab7b7a86366fb8f7d89371cf86df7330fa7babed2a59c842843b11171a52f3c90e147da25b7267ba71ed574766c5b8024a65345e8bd02a3c209c51994ce7529ef76b112b0d927e1de88aeb36164387ea2a63bf753febdec403bb0a3cf730efebaf4cfc8b3610733ef3a4 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\2AD974A775F73CBDBBD8F5AC3A49255FA8FB1F8C | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\2AD974A775F73CBDBBD8F5AC3A49255FA8FB1F8C\Blob = 0300000001000000140000002ad974a775f73cbdbbd8f5ac3a49255fa8fb1f8c2000000001000000620400003082045e30820346a0030201020213077312380b9d6688a33b1ed9bf9ccda68e0e0f300d06092a864886f70d01010b05003039310b3009060355040613025553310f300d060355040a1306416d617a6f6e3119301706035504031310416d617a6f6e20526f6f742043412031301e170d3232303832333232323132385a170d3330303832333232323132385a303c310b3009060355040613025553310f300d060355040a1306416d617a6f6e311c301a06035504031313416d617a6f6e205253412032303438204d303130820122300d06092a864886f70d01010105000382010f003082010a0282010100eb712ca9cb1f8828923230af8a570f78b73725955587ac675c97d322c8daa214676b7cf067dae2032ab356125dc6b547f96708a7937a9592180fb4f9f910369a7f2f80b64fba134ec75d531ee0dd96330720d396bc12e4745042a1051373b54f9b4424fe2d7fedbc2285ec362133977506ce271882dce3d9c582078d5e26012626671fd93f13cf32ba6bad7864fcaaff0e023c07df9c0578728cfdea75b7032884dae86e078cd05085ef8154b2716eec6d62ef8f94c35ee9c4a4d091c02e249198caeeba258ed4f671b6fb5b6b38064837478d86dcf2ea06fb76377d9eff424e4d588293cfe271c278b17aab4b5b94378881e4d9af24aef872c565fb4bb451e70203010001a382015a3082015630120603551d130101ff040830060101ff020100300e0603551d0f0101ff040403020186301d0603551d250416301406082b0601050507030106082b06010505070302301d0603551d0e0416041481b80e638a891218e5fa3b3b50959fe6e5901385301f0603551d230418301680148418cc8534ecbc0c94942e08599cc7b2104e0a08307b06082b06010505070101046f306d302f06082b060105050730018623687474703a2f2f6f6373702e726f6f746361312e616d617a6f6e74727573742e636f6d303a06082b06010505073002862e687474703a2f2f6372742e726f6f746361312e616d617a6f6e74727573742e636f6d2f726f6f746361312e636572303f0603551d1f043830363034a032a030862e687474703a2f2f63726c2e726f6f746361312e616d617a6f6e74727573742e636f6d2f726f6f746361312e63726c30130603551d20040c300a3008060667810c010201300d06092a864886f70d01010b05000382010100ad00de0205232e063262b46bb19416e41140de2bfa59c135efe0aa8f2b41b9d1f38739001df23db5a7470c0606c691f3075702d4edbd17c1909abf4875a2074f30dd4a6a42b50d3d15c00ffe845bc63c99cc5752b1d86e12d59692934b94e507e88982086a7a34d49e64e13d876a92909a63a14bf88fb6ea34d305be20c2de06e28c9f738b9f4d3985cace19369d85c99ec9f8503fb67e88a1efca84068b50b40a5ca61c44f1fdc8614060f26125aa07f4c7c27375e40c0b428d04e55f4448995b7b898196a7889d4b0d62e804c4d7feb4e8b26dcaecc01cbc385b1ddf85ce5b7ae3494b6cb9a7ddf405b249ade1c5146bc2ccebcd7fd65869bac3207e7fb0b8 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5\Blob = 040000000100000010000000cb17e431673ee209fe455793f30afa1c0f0000000100000014000000e91e1e972b8f467ab4e0598fa92285387dee94c953000000010000006300000030613021060b6086480186f8450107170630123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c07f000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030109000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b060105050703016200000001000000200000009acfab7e43c8d880d06b262a94deeee4b4659989c3d0caf19baf6405e41ab7df1400000001000000140000007fd365a7c2ddecbbf03009f34339fa02af3331330b000000010000001200000056006500720069005300690067006e0000001d0000000100000010000000c6cbcafa17955c4cfd41eca0c654c3617e000000010000000800000000c0032f2df8d6016800000001000000000000000300000001000000140000004eb6d578499b1ccf5f581ead56be3d9b6744a5e5190000000100000010000000d8b5fb368468620275d142ffd2aade372000000001000000d7040000308204d3308203bba003020102021018dad19e267de8bb4a2158cdcc6b3b4a300d06092a864886f70d01010505003081ca310b300906035504061302555331173015060355040a130e566572695369676e2c20496e632e311f301d060355040b1316566572695369676e205472757374204e6574776f726b313a3038060355040b1331286329203230303620566572695369676e2c20496e632e202d20466f7220617574686f72697a656420757365206f6e6c79314530430603550403133c566572695369676e20436c6173732033205075626c6963205072696d6172792043657274696669636174696f6e20417574686f72697479202d204735301e170d3036313130383030303030305a170d3336303731363233353935395a3081ca310b300906035504061302555331173015060355040a130e566572695369676e2c20496e632e311f301d060355040b1316566572695369676e205472757374204e6574776f726b313a3038060355040b1331286329203230303620566572695369676e2c20496e632e202d20466f7220617574686f72697a656420757365206f6e6c79314530430603550403133c566572695369676e20436c6173732033205075626c6963205072696d6172792043657274696669636174696f6e20417574686f72697479202d20473530820122300d06092a864886f70d01010105000382010f003082010a0282010100af240808297a359e600caae74b3b4edc7cbc3c451cbb2be0fe2902f95708a364851527f5f1adc831895d22e82aaaa642b38ff8b955b7b1b74bb3fe8f7e0757ecef43db66621561cf600da4d8def8e0c362083d5413eb49ca59548526e52b8f1b9febf5a191c23349d843636a524bd28fe870514dd189697bc770f6b3dc1274db7b5d4b56d396bf1577a1b0f4a225f2af1c926718e5f40604ef90b9e400e4dd3ab519ff02baf43ceee08beb378becf4d7acf2f6f03dafdd759133191d1c40cb7424192193d914feac2a52c78fd50449e48d6347883c6983cbfe47bd2b7e4fc595ae0e9dd4d143c06773e314087ee53f9f73b8330acf5d3f3487968aee53e825150203010001a381b23081af300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106306d06082b0601050507010c0461305fa15da05b3059305730551609696d6167652f6769663021301f300706052b0e03021a04148fe5d31a86ac8d8e6bc3cf806ad448182c7b192e30251623687474703a2f2f6c6f676f2e766572697369676e2e636f6d2f76736c6f676f2e676966301d0603551d0e041604147fd365a7c2ddecbbf03009f34339fa02af333133300d06092a864886f70d0101050500038201010093244a305f62cfd81a982f3deadc992dbd77f6a5792238ecc4a7a07812ad620e457064c5e797662d98097e5fafd6cc2865f201aa081a47def9f97c925a0869200dd93e6d6e3c0d6ed8e606914018b9f8c1eddfdb41aae09620c9cd64153881c994eea284290b136f8edb0cdd2502dba48b1944d2417a05694a584f60ca7e826a0b02aa251739b5db7fe784652a958abd86de5e8116832d10ccdefda8822a6d281f0d0bc4e5e71a2619e1f4116f10b595fce7420532dbce9d515e28b69e85d35befa57d4540728eb70e6b0e06fb33354871b89d278bc4655f0d86769c447af6955cf65d320833a454b6183f685cf2424a853854835fd1e82cf2ac11d6a8ed636a | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E\Blob = 030000000100000014000000b51c067cee2b0c3df855ab2d92f4fe39d4e70f0e2000000001000000e1030000308203dd308202c5a003020102020100300d06092a864886f70d01010b050030818f310b30090603550406130255533110300e060355040813074172697a6f6e61311330110603550407130a53636f74747364616c6531253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e3132303006035504031329537461726669656c6420526f6f7420436572746966696361746520417574686f72697479202d204732301e170d3039303930313030303030305a170d3337313233313233353935395a30818f310b30090603550406130255533110300e060355040813074172697a6f6e61311330110603550407130a53636f74747364616c6531253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e3132303006035504031329537461726669656c6420526f6f7420436572746966696361746520417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100bdedc103fcf68ffc02b16f5b9f48d99d79e2a2b703615618c347b6d7ca3d352e8943f7a1699bde8a1afd13209cb44977322956fdb9ec8cdd22fa72dc276197eef65a84ec6e19b9892cdc845bd574fb6b5fc589a51052894655f4b8751ce67fe454ae4bf85572570219f8177159eb1e280774c59d48be6cb4f4a4b0f364377992c0ec465e7fe16d534c62afcd1f0b63bb3a9dfbfc7900986174cf26824063f3b2726a190d99cad40e75cc37fb8b89c159f1627f5fb35f6530f8a7b74d765a1e765e34c0e89656998ab3f07fa4cdbddc32317c91cfe05f11f86baa495cd19994d1a2e3635b0976b55662e14b741d96d426d4080459d0980e0ee6defcc3ec1f90f10203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106301d0603551d0e041604147c0c321fa7d9307fc47d68a362a8a1ceab075b27300d06092a864886f70d01010b050003820101001159fa254f036f94993b9a1f828539d47605945ee128936d625d09c2a0a8d4b07538f1346a9de49f8a862651e62cd1c62d6e95204a9201ecb88a677b31e2672e8c9503262e439d4a31f60eb50cbbb7e2377f22ba00a30e7b52fb6bbb3bc4d379514ecd90f4670719c83c467a0d017dc558e76de68530179a24c410e004f7e0f27fd4aa0aff421d37ed94e5645912207738d3323e3881759673fa688fb1cbce1fc5ecfa9c7ecf7eb1f1072db6fcbfcaa4bfd097054abcea18280290bd5478092171d3d17d1dd916b0a9613dd00a0022fcc77bcb0964450b3b4081f77d7c32f598ca588e7d2aee90597364f936745e25a1f566052e7f3915a92afb508b8e8569f4 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5\Blob = 5c000000010000000400000000080000190000000100000010000000d8b5fb368468620275d142ffd2aade370300000001000000140000004eb6d578499b1ccf5f581ead56be3d9b6744a5e56800000001000000000000007e000000010000000800000000c0032f2df8d6011d0000000100000010000000c6cbcafa17955c4cfd41eca0c654c3610b000000010000001200000056006500720069005300690067006e0000001400000001000000140000007fd365a7c2ddecbbf03009f34339fa02af3331336200000001000000200000009acfab7e43c8d880d06b262a94deeee4b4659989c3d0caf19baf6405e41ab7df09000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b060105050703017f000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030153000000010000006300000030613021060b6086480186f8450107170630123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e91e1e972b8f467ab4e0598fa92285387dee94c9040000000100000010000000cb17e431673ee209fe455793f30afa1c2000000001000000d7040000308204d3308203bba003020102021018dad19e267de8bb4a2158cdcc6b3b4a300d06092a864886f70d01010505003081ca310b300906035504061302555331173015060355040a130e566572695369676e2c20496e632e311f301d060355040b1316566572695369676e205472757374204e6574776f726b313a3038060355040b1331286329203230303620566572695369676e2c20496e632e202d20466f7220617574686f72697a656420757365206f6e6c79314530430603550403133c566572695369676e20436c6173732033205075626c6963205072696d6172792043657274696669636174696f6e20417574686f72697479202d204735301e170d3036313130383030303030305a170d3336303731363233353935395a3081ca310b300906035504061302555331173015060355040a130e566572695369676e2c20496e632e311f301d060355040b1316566572695369676e205472757374204e6574776f726b313a3038060355040b1331286329203230303620566572695369676e2c20496e632e202d20466f7220617574686f72697a656420757365206f6e6c79314530430603550403133c566572695369676e20436c6173732033205075626c6963205072696d6172792043657274696669636174696f6e20417574686f72697479202d20473530820122300d06092a864886f70d01010105000382010f003082010a0282010100af240808297a359e600caae74b3b4edc7cbc3c451cbb2be0fe2902f95708a364851527f5f1adc831895d22e82aaaa642b38ff8b955b7b1b74bb3fe8f7e0757ecef43db66621561cf600da4d8def8e0c362083d5413eb49ca59548526e52b8f1b9febf5a191c23349d843636a524bd28fe870514dd189697bc770f6b3dc1274db7b5d4b56d396bf1577a1b0f4a225f2af1c926718e5f40604ef90b9e400e4dd3ab519ff02baf43ceee08beb378becf4d7acf2f6f03dafdd759133191d1c40cb7424192193d914feac2a52c78fd50449e48d6347883c6983cbfe47bd2b7e4fc595ae0e9dd4d143c06773e314087ee53f9f73b8330acf5d3f3487968aee53e825150203010001a381b23081af300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106306d06082b0601050507010c0461305fa15da05b3059305730551609696d6167652f6769663021301f300706052b0e03021a04148fe5d31a86ac8d8e6bc3cf806ad448182c7b192e30251623687474703a2f2f6c6f676f2e766572697369676e2e636f6d2f76736c6f676f2e676966301d0603551d0e041604147fd365a7c2ddecbbf03009f34339fa02af333133300d06092a864886f70d0101050500038201010093244a305f62cfd81a982f3deadc992dbd77f6a5792238ecc4a7a07812ad620e457064c5e797662d98097e5fafd6cc2865f201aa081a47def9f97c925a0869200dd93e6d6e3c0d6ed8e606914018b9f8c1eddfdb41aae09620c9cd64153881c994eea284290b136f8edb0cdd2502dba48b1944d2417a05694a584f60ca7e826a0b02aa251739b5db7fe784652a958abd86de5e8116832d10ccdefda8822a6d281f0d0bc4e5e71a2619e1f4116f10b595fce7420532dbce9d515e28b69e85d35befa57d4540728eb70e6b0e06fb33354871b89d278bc4655f0d86769c447af6955cf65d320833a454b6183f685cf2424a853854835fd1e82cf2ac11d6a8ed636a | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 5c0000000100000004000000001000001900000001000000100000009f687581f7ef744ecfc12b9cee6238f10f000000010000003000000041ce925678dfe0ccaa8089263c242b897ca582089d14e5eb685fca967f36dbd334e97e81fd0e64815f851f914ade1a1e030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa2140000000100000014000000c87ed26a852a1bca1998040727cf50104f68a8a2040000000100000010000000be954f16012122448ca8bc279602acf52000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 190000000100000010000000ffac207997bb2cfe865570179ee037b9030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e19962000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 508823.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\mbuns.exe\:SmartScreen:$DATA | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 10994.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 607806.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 686503.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Scheduled Task/Job: Scheduled Task
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
Script User-Agent
| Description | Indicator | Process | Target |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| N/A | N/A | C:\Program Files\Counter-Strike Global Offensive\Run_CS2.exe | N/A |
| N/A | N/A | C:\Program Files\Counter-Strike Global Offensive\Run_CS2.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Windows\Explorer.EXE
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://veruscheats.site/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9e48d46f8,0x7ff9e48d4708,0x7ff9e48d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2684 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4628 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5968 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5968 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5820 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4840 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4852 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6808 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Verusloader\" -ad -an -ai#7zMap5755:84:7zEvent25919
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Verusloader\" -ad -an -ai#7zMap8542:84:7zEvent17293
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Temp1_Verusloader.zip\Vеrus\HowUse.txt
C:\Users\Admin\AppData\Local\Temp\Temp1_Verusloader.zip\Vеrus\Verus.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_Verusloader.zip\Vеrus\Verus.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4708 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7224 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6064 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6428 /prefetch:8
C:\Users\Admin\Downloads\MBSetup.exe
"C:\Users\Admin\Downloads\MBSetup.exe"
C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe"
C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe" /installmbtun
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
C:\Windows\system32\DrvInst.exe
DrvInst.exe "4" "9" "C:\Program Files\Malwarebytes\Anti-Malware\mbtun\mbtun.inf" "9" "4ba9030c7" "0000000000000160" "Service-0x0-3e7$\Default" "0000000000000170" "208" "C:\Program Files\Malwarebytes\Anti-Malware\mbtun"
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" /Service /Protected
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe"
C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
"C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe" nowindow
C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
"C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe"
C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
"C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe"
C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe" /wac 0 /status on true /updatesubstatus none /scansubstatus none /settingssubstatus none
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe
"C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\updatrpkg\mbupdatrV5.exe" "C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE" "C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\config\UpdateControllerConfig.json" "C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE" "C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbclsupdate\staging" /db:dbupdate /su:no
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\Users\Admin\AppData\LocalLow\IGDump\X86_00\ig.exe
ig.exe timer 4000 17293800040.ext
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6864 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3a4 0x4f4
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7112 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7032 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5540 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5980 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7860 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7852 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8796 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10076 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10796 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11172 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11112 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12168 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12840 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13112 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9964 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10664 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11852 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15452 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15836 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16676 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16948 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=17108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15752 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15644 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=150 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6836 /prefetch:8
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Temp1_Smurf-Wrecker-CS2-1.zip\Smurf Wrecker CS2\Please Read.txt
C:\Users\Admin\AppData\Local\Temp\Temp1_Smurf-Wrecker-CS2-1.zip\Smurf Wrecker CS2\SmurfWrecker.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_Smurf-Wrecker-CS2-1.zip\Smurf Wrecker CS2\SmurfWrecker.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=152 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=154 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=155 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=156 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=157 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=6456 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=8508 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=160 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=162 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2664 /prefetch:8
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Temp1_undetek-v6.9.6.9.4.2.zip\undetek-v6.9.6.9.4.2\Install Guide.txt
C:\Users\Admin\Downloads\undetek-v6.9.6.9.4.2\undetek-v6.9.6.9.4.2\undetek-v6.9.6.9.4.2.exe
"C:\Users\Admin\Downloads\undetek-v6.9.6.9.4.2\undetek-v6.9.6.9.4.2\undetek-v6.9.6.9.4.2.exe"
C:\Users\Admin\Downloads\MBSetup.exe
"C:\Users\Admin\Downloads\MBSetup.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=164 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=165 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=166 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=167 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=168 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=169 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=170 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7180 /prefetch:1
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=171 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=7432 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=173 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=175 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=17204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=16556 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=177 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=178 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=179 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=180 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=14904 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=182 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=183 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=184 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=185 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=186 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16684 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=187 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=188 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14752 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=189 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=190 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=191 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7176 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=193 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=194 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=195 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13172 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=196 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=197 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=198 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=199 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=200 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=201 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=202 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=203 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=204 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=205 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=206 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=207 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=208 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9076 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=209 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=210 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=211 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9100 /prefetch:1
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k wusvcs -p -s WaaSMedicSvc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=212 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=213 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=214 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=215 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=216 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13208 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=218 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=17308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7860 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=13904 /prefetch:8
C:\Users\Admin\Downloads\7l_csgo_latest_setup.exe
"C:\Users\Admin\Downloads\7l_csgo_latest_setup.exe"
C:\Users\Admin\AppData\Local\Temp\is-AVTAM.tmp\7l_csgo_latest_setup.tmp
"C:\Users\Admin\AppData\Local\Temp\is-AVTAM.tmp\7l_csgo_latest_setup.tmp" /SL5="$70428,2260663,928256,C:\Users\Admin\Downloads\7l_csgo_latest_setup.exe"
C:\Windows\SYSTEM32\taskkill.exe
"taskkill.exe" /f /im "Run_CS2.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=221 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=222 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=17108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=223 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=225 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=14724 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6836 /prefetch:8
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe"
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /main
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe" \note.txt
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=228 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=229 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15644 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=230 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=231 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11152 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=virus.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9e48d46f8,0x7ff9e48d4708,0x7ff9e48d4718
C:\Program Files\Counter-Strike Global Offensive\Run_CS2.exe
"C:\Program Files\Counter-Strike Global Offensive\Run_CS2.exe" - forceupdate installp2p
C:\Windows\system32\cmd.exe
"cmd.exe" /c netsh advfirewall firewall add rule name="7Launcher P2P In" dir=in action=allow program="C:\Program Files\Counter-Strike Global Offensive\7launcher\tools\aria2\aria2c.exe" description="7Launcher P2P In" enable=yes profile=any edge=yes interfacetype=any & netsh advfirewall firewall add rule name="7Launcher P2P Out" dir=out action=allow program="C:\Program Files\Counter-Strike Global Offensive\7launcher\tools\aria2\aria2c.exe" description="7Launcher P2P Out" enable=yes profile=any interfacetype=any & netsh advfirewall firewall add rule name="7Launcher - CS:GO In" dir=in action=allow program="C:\Program Files\Counter-Strike Global Offensive\Run_CS2.exe" description="7Launcher - CS:GO In" enable=yes profile=any edge=yes interfacetype=any & netsh advfirewall firewall add rule name="7Launcher - CS:GO Out" dir=out action=allow program="C:\Program Files\Counter-Strike Global Offensive\Run_CS2.exe" description="7Launcher - CS:GO Out" enable=yes profile=any interfacetype=any
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=232 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=233 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13212 /prefetch:1
C:\Windows\system32\netsh.exe
netsh advfirewall firewall add rule name="7Launcher P2P In" dir=in action=allow program="C:\Program Files\Counter-Strike Global Offensive\7launcher\tools\aria2\aria2c.exe" description="7Launcher P2P In" enable=yes profile=any edge=yes interfacetype=any
C:\Windows\system32\netsh.exe
netsh advfirewall firewall add rule name="7Launcher P2P Out" dir=out action=allow program="C:\Program Files\Counter-Strike Global Offensive\7launcher\tools\aria2\aria2c.exe" description="7Launcher P2P Out" enable=yes profile=any interfacetype=any
C:\Windows\system32\netsh.exe
netsh advfirewall firewall add rule name="7Launcher - CS:GO In" dir=in action=allow program="C:\Program Files\Counter-Strike Global Offensive\Run_CS2.exe" description="7Launcher - CS:GO In" enable=yes profile=any edge=yes interfacetype=any
C:\Windows\system32\netsh.exe
netsh advfirewall firewall add rule name="7Launcher - CS:GO Out" dir=out action=allow program="C:\Program Files\Counter-Strike Global Offensive\Run_CS2.exe" description="7Launcher - CS:GO Out" enable=yes profile=any interfacetype=any
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=mcafee+vs+norton
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9e48d46f8,0x7ff9e48d4708,0x7ff9e48d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=235 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=234 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=236 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=237 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6240 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=238 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=17028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=239 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=240 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7332 /prefetch:1
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=242 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=243 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6032 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1396 /prefetch:8
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe"
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /main
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe" \note.txt
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=245 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=246 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=247 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=249 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=15180 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=minecraft+hax+download+no+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xd8,0x100,0x104,0xfc,0x108,0x7ff9e48d46f8,0x7ff9e48d4708,0x7ff9e48d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=251 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=252 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6780 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=g3t+r3kt
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9e48d46f8,0x7ff9e48d4708,0x7ff9e48d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=253 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=254 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=256 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3932 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4700 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=259 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=260 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=261 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=262 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1780 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=virus.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9e48d46f8,0x7ff9e48d4708,0x7ff9e48d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=263 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=264 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=266 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9760 /prefetch:8
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe"
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3a4 0x4f4
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+get+money
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9e48d46f8,0x7ff9e48d4708,0x7ff9e48d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=268 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8892 /prefetch:1
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=270 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=271 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7776 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=274 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=16464 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=276 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=277 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=278 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=279 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=280 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=17164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=281 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=282 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1712 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=284 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=15204 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5476 /prefetch:8
C:\Users\Admin\Downloads\Mantas.exe
"C:\Users\Admin\Downloads\Mantas.exe"
C:\Users\Admin\Downloads\Mantas.exe
"C:\Users\Admin\Downloads\Mantas.exe"
C:\Users\Admin\Downloads\Mantas.exe
"C:\Users\Admin\Downloads\Mantas.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=288 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11864 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=16988 /prefetch:8
C:\Users\Admin\Downloads\BadRabbit.exe
"C:\Users\Admin\Downloads\BadRabbit.exe"
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\rundll32.exe C:\Windows\infpub.dat,#1 15
C:\Windows\SysWOW64\cmd.exe
/c schtasks /Delete /F /TN rhaegal
C:\Windows\SysWOW64\schtasks.exe
schtasks /Delete /F /TN rhaegal
C:\Windows\SysWOW64\cmd.exe
/c schtasks /Create /RU SYSTEM /SC ONSTART /TN rhaegal /TR "C:\Windows\system32\cmd.exe /C Start \"\" \"C:\Windows\dispci.exe\" -id 2496436842 && exit"
C:\Windows\SysWOW64\cmd.exe
/c schtasks /Create /SC once /TN drogon /RU SYSTEM /TR "C:\Windows\system32\shutdown.exe /r /t 0 /f" /ST 23:55:00
C:\Windows\38EC.tmp
"C:\Windows\38EC.tmp" \\.\pipe\{320A201D-2B7C-4DAF-9CBB-3A887DDFB623}
C:\Windows\SysWOW64\schtasks.exe
schtasks /Create /SC once /TN drogon /RU SYSTEM /TR "C:\Windows\system32\shutdown.exe /r /t 0 /f" /ST 23:55:00
C:\Windows\SysWOW64\schtasks.exe
schtasks /Create /RU SYSTEM /SC ONSTART /TN rhaegal /TR "C:\Windows\system32\cmd.exe /C Start \"\" \"C:\Windows\dispci.exe\" -id 2496436842 && exit"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=292 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=13868 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10524 /prefetch:8
C:\Users\Admin\Downloads\WannaCry.exe
"C:\Users\Admin\Downloads\WannaCry.exe"
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c 52311729381084.bat
C:\Windows\SysWOW64\cscript.exe
cscript //nologo c.vbs
C:\Users\Admin\Downloads\!WannaDecryptor!.exe
!WannaDecryptor!.exe f
C:\Windows\SysWOW64\taskkill.exe
taskkill /f /im MSExchange*
C:\Windows\SysWOW64\taskkill.exe
taskkill /f /im Microsoft.Exchange.*
C:\Windows\SysWOW64\taskkill.exe
taskkill /f /im sqlserver.exe
C:\Windows\SysWOW64\taskkill.exe
taskkill /f /im sqlwriter.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=296 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6940 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9224 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10456 /prefetch:8
C:\Users\Admin\Downloads\CryptoLocker.exe
"C:\Users\Admin\Downloads\CryptoLocker.exe"
C:\Users\Admin\AppData\Roaming\{34184A33-0407-212E-3320-09040709E2C2}.exe
"C:\Users\Admin\AppData\Roaming\{34184A33-0407-212E-3320-09040709E2C2}.exe" "/rC:\Users\Admin\Downloads\CryptoLocker.exe"
C:\Users\Admin\AppData\Roaming\{34184A33-0407-212E-3320-09040709E2C2}.exe
"C:\Users\Admin\AppData\Roaming\{34184A33-0407-212E-3320-09040709E2C2}.exe" /w00000230
C:\Users\Admin\Downloads\!WannaDecryptor!.exe
!WannaDecryptor!.exe c
C:\Windows\SysWOW64\cmd.exe
cmd.exe /c start /b !WannaDecryptor!.exe v
C:\Users\Admin\Downloads\!WannaDecryptor!.exe
!WannaDecryptor!.exe v
C:\Users\Admin\Downloads\!WannaDecryptor!.exe
!WannaDecryptor!.exe
C:\Windows\SysWOW64\cmd.exe
cmd.exe /c vssadmin delete shadows /all /quiet & wmic shadowcopy delete & bcdedit /set {default} bootstatuspolicy ignoreallfailures & bcdedit /set {default} recoveryenabled no & wbadmin delete catalog -quiet
C:\Windows\SysWOW64\Wbem\WMIC.exe
wmic shadowcopy delete
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=299 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=300 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10464 /prefetch:1
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=16032 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=304 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=305 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8780 /prefetch:8
C:\Users\Admin\Downloads\Mabezat.exe
"C:\Users\Admin\Downloads\Mabezat.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=308 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=309 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=12556 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10456 /prefetch:8
C:\Users\Admin\Downloads\Fagot.a.exe
"C:\Users\Admin\Downloads\Fagot.a.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,6924415603078865481,14665792130426054371,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4064 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | veruscheats.site | udp |
| US | 172.67.155.221:443 | veruscheats.site | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.155.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.94.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 150.171.27.10:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 172.217.169.78:443 | www.youtube.com | tcp |
| GB | 172.217.169.78:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | udp | |
| GB | 216.58.213.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 78.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.213.10:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 216.58.213.10:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| GB | 142.250.178.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.200.38:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.87.175.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | kneelyopkr.cfd | udp |
| US | 172.67.193.176:443 | kneelyopkr.cfd | tcp |
| US | 172.67.193.176:443 | kneelyopkr.cfd | tcp |
| US | 172.67.193.176:443 | kneelyopkr.cfd | tcp |
| US | 8.8.8.8:53 | 176.193.67.172.in-addr.arpa | udp |
| US | 172.67.193.176:443 | kneelyopkr.cfd | tcp |
| US | 172.67.193.176:443 | kneelyopkr.cfd | tcp |
| US | 172.67.193.176:443 | kneelyopkr.cfd | tcp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| GB | 92.123.128.192:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 192.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 92.123.128.169:443 | th.bing.com | tcp |
| GB | 92.123.128.185:443 | r.bing.com | tcp |
| GB | 92.123.128.185:443 | r.bing.com | tcp |
| GB | 92.123.128.169:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 169.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 40.126.31.69:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 69.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | storage.googleapis.com | udp |
| GB | 172.217.169.91:443 | storage.googleapis.com | tcp |
| GB | 172.217.169.91:443 | storage.googleapis.com | tcp |
| US | 8.8.8.8:53 | prf.hn | udp |
| GB | 172.217.169.91:443 | storage.googleapis.com | udp |
| GB | 5.150.170.4:443 | prf.hn | tcp |
| GB | 5.150.170.4:443 | prf.hn | tcp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.170.150.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.malwarebytes.com | udp |
| US | 192.0.66.233:443 | www.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | dev.visualwebsiteoptimizer.com | udp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | tcp |
| US | 192.0.76.3:443 | stats.wp.com | tcp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | udp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | udp |
| US | 8.8.8.8:53 | plausible.io | udp |
| GB | 143.244.38.136:443 | plausible.io | tcp |
| US | 8.8.8.8:53 | genesis.malwarebytes.com | udp |
| US | 8.8.8.8:53 | 233.66.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.102.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.76.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.38.244.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.16.217.172.in-addr.arpa | udp |
| US | 34.234.57.149:443 | genesis.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | cdn.weglot.com | udp |
| US | 172.64.149.114:443 | cdn.weglot.com | tcp |
| US | 8.8.8.8:53 | api.weglot.com | udp |
| US | 172.64.149.114:443 | api.weglot.com | tcp |
| US | 8.8.8.8:53 | pixel.wp.com | udp |
| GB | 143.244.38.136:443 | plausible.io | tcp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | 149.57.234.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.86.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | privacyportal.onetrust.com | udp |
| US | 172.64.155.119:443 | privacyportal.onetrust.com | tcp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | downloads.malwarebytes.com | udp |
| US | 3.165.148.30:443 | downloads.malwarebytes.com | tcp |
| US | 3.165.148.30:443 | downloads.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | data-cdn.mbamupdates.com | udp |
| CZ | 65.9.95.66:443 | data-cdn.mbamupdates.com | tcp |
| US | 8.8.8.8:53 | 30.148.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api2.amplitude.com | udp |
| US | 54.213.64.58:443 | api2.amplitude.com | tcp |
| US | 8.8.8.8:53 | 58.64.213.54.in-addr.arpa | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ark.mwbsys.com | udp |
| US | 34.193.66.127:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| CZ | 65.9.95.34:443 | cdn.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 34.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.66.193.34.in-addr.arpa | udp |
| US | 34.193.66.127:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| CZ | 65.9.95.34:443 | cdn.mwbsys.com | tcp |
| US | 34.193.66.127:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| GB | 18.172.88.89:443 | cdn.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 89.88.172.18.in-addr.arpa | udp |
| US | 34.193.66.127:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| GB | 18.172.88.94:443 | cdn.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 94.88.172.18.in-addr.arpa | udp |
| US | 34.193.66.127:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| GB | 18.172.88.52:443 | cdn.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 52.88.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ipv4.am.i.mullvad.net | udp |
| US | 8.8.8.8:53 | holocron.mwbsys.com | udp |
| SE | 45.83.223.233:443 | ipv4.am.i.mullvad.net | tcp |
| US | 3.221.184.241:443 | holocron.mwbsys.com | tcp |
| US | 3.221.184.241:443 | holocron.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 233.223.83.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.184.221.3.in-addr.arpa | udp |
| US | 3.221.184.241:443 | holocron.mwbsys.com | tcp |
| US | 8.8.8.8:53 | iris.mwbsys.com | udp |
| US | 18.213.47.54:443 | iris.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 54.47.213.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 216.58.212.206:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 206.212.58.216.in-addr.arpa | udp |
| US | 3.221.184.241:443 | holocron.mwbsys.com | tcp |
| US | 3.221.184.241:443 | holocron.mwbsys.com | tcp |
| US | 3.221.184.241:443 | holocron.mwbsys.com | tcp |
| US | 3.221.184.241:443 | holocron.mwbsys.com | tcp |
| US | 3.221.184.241:443 | holocron.mwbsys.com | tcp |
| US | 3.221.184.241:443 | holocron.mwbsys.com | tcp |
| US | 8.8.8.8:53 | sirius.mwbsys.com | udp |
| US | 52.45.5.20:443 | sirius.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| CZ | 65.9.95.5:443 | cdn.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| US | 8.8.8.8:53 | 5.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.5.45.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | crl.comodoca.com | udp |
| US | 104.18.38.233:80 | crl.comodoca.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 92.123.241.137:80 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | 137.241.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ocsp.trust-provider.com | udp |
| US | 172.64.149.23:80 | ocsp.trust-provider.com | tcp |
| US | 8.8.8.8:53 | crl.trust-provider.com | udp |
| US | 172.64.149.23:80 | crl.trust-provider.com | tcp |
| US | 8.8.8.8:53 | www.intel.com | udp |
| GB | 23.194.11.2:80 | www.intel.com | tcp |
| US | 8.8.8.8:53 | certificates.intel.com | udp |
| GB | 2.19.117.34:80 | certificates.intel.com | tcp |
| US | 8.8.8.8:53 | 2.11.194.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ocsp.thawte.com | udp |
| DE | 152.199.19.74:80 | ocsp.thawte.com | tcp |
| US | 8.8.8.8:53 | 74.19.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | crl.thawte.com | udp |
| SE | 192.229.221.95:80 | crl.thawte.com | tcp |
| US | 8.8.8.8:53 | csc3-2010-crl.verisign.com | udp |
| SE | 192.229.221.95:80 | csc3-2010-crl.verisign.com | tcp |
| US | 8.8.8.8:53 | crt.sectigo.com | udp |
| US | 172.64.149.23:80 | crt.sectigo.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 92.123.241.137:80 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | hubble.mb-cosmos.com | udp |
| GB | 18.165.160.15:443 | hubble.mb-cosmos.com | tcp |
| US | 8.8.8.8:53 | 15.160.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | blitz.mb-cosmos.com | udp |
| US | 34.227.140.142:443 | blitz.mb-cosmos.com | tcp |
| US | 8.8.8.8:53 | 142.140.227.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 44.225.40.78:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 78.40.225.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 44.225.40.78:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 26.73.42.20.in-addr.arpa | udp |
| GB | 92.123.128.161:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 92.123.128.169:443 | th.bing.com | tcp |
| GB | 92.123.128.169:443 | th.bing.com | tcp |
| GB | 92.123.128.133:443 | th.bing.com | tcp |
| GB | 92.123.128.133:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 161.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.128.123.92.in-addr.arpa | udp |
| GB | 216.58.212.206:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| GB | 92.123.128.169:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | goowned.com | udp |
| US | 148.72.177.61:443 | goowned.com | tcp |
| US | 148.72.177.61:443 | goowned.com | tcp |
| US | 148.72.177.61:443 | goowned.com | tcp |
| US | 8.8.8.8:53 | sirius.mwbsys.com | udp |
| US | 52.45.5.20:443 | sirius.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 61.177.72.148.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | 229.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| GB | 172.217.169.78:443 | translate.google.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | s.w.org | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 192.0.77.48:443 | s.w.org | tcp |
| US | 192.0.77.48:443 | s.w.org | tcp |
| US | 192.0.77.48:443 | s.w.org | tcp |
| US | 192.0.77.48:443 | s.w.org | tcp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| GB | 142.250.200.10:443 | translate.googleapis.com | tcp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.77.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| GB | 142.250.200.10:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | assets5.lottiefiles.com | udp |
| CZ | 65.9.95.109:443 | assets5.lottiefiles.com | tcp |
| US | 8.8.8.8:53 | 109.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | 22.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.200.38:443 | static.doubleclick.net | udp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.178.1:443 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.117.148:443 | aefd.nelreports.net | tcp |
| US | 8.8.8.8:53 | 148.117.19.2.in-addr.arpa | udp |
| GB | 216.58.212.206:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | rr4---sn-aigl6nzs.googlevideo.com | udp |
| GB | 74.125.175.73:443 | rr4---sn-aigl6nzs.googlevideo.com | tcp |
| GB | 74.125.175.73:443 | rr4---sn-aigl6nzs.googlevideo.com | tcp |
| US | 8.8.8.8:53 | 73.175.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | rr3---sn-aigl6nz7.googlevideo.com | udp |
| BE | 64.233.184.84:443 | accounts.google.com | tcp |
| GB | 74.125.168.104:443 | rr3---sn-aigl6nz7.googlevideo.com | udp |
| BE | 64.233.184.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 104.168.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.184.233.64.in-addr.arpa | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | rr4---sn-q4fl6nsk.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr5---sn-5hnekn7l.googlevideo.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| NL | 74.125.100.10:443 | rr5---sn-5hnekn7l.googlevideo.com | udp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| US | 74.125.3.201:443 | rr4---sn-q4fl6nsk.googlevideo.com | udp |
| US | 8.8.8.8:53 | 10.100.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.3.125.74.in-addr.arpa | udp |
| GB | 142.250.178.1:443 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.200.46:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| GB | 142.250.178.14:443 | consent.youtube.com | tcp |
| GB | 142.250.178.14:443 | consent.youtube.com | tcp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| GB | 142.250.178.14:443 | consent.youtube.com | udp |
| GB | 74.125.175.73:443 | rr4---sn-aigl6nzs.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr1---sn-5hneknee.googlevideo.com | udp |
| NL | 74.125.8.70:443 | rr1---sn-5hneknee.googlevideo.com | udp |
| US | 8.8.8.8:53 | 70.8.125.74.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | www.unknowncheats.me | udp |
| US | 104.26.13.251:443 | www.unknowncheats.me | tcp |
| US | 104.26.13.251:443 | www.unknowncheats.me | tcp |
| US | 8.8.8.8:53 | cdn.adligature.com | udp |
| US | 172.67.199.100:443 | cdn.adligature.com | tcp |
| US | 172.67.199.100:443 | cdn.adligature.com | tcp |
| US | 8.8.8.8:53 | i.imgur.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cmp.inmobi.com | udp |
| US | 8.8.8.8:53 | 251.13.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.199.67.172.in-addr.arpa | udp |
| US | 199.232.196.193:443 | i.imgur.com | tcp |
| US | 199.232.196.193:443 | i.imgur.com | tcp |
| US | 199.232.196.193:443 | i.imgur.com | tcp |
| US | 199.232.196.193:443 | i.imgur.com | tcp |
| US | 199.232.196.193:443 | i.imgur.com | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| CZ | 65.9.95.50:443 | cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | pro.ip-api.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 208.95.112.2:443 | pro.ip-api.com | tcp |
| GB | 3.162.21.19:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| GB | 142.250.187.202:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | 193.196.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.112.95.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.21.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.cmp.inmobi.com | udp |
| DE | 3.122.71.66:443 | api.cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | us-central1-wrapper-analytics-prod.cloudfunctions.net | udp |
| US | 8.8.8.8:53 | capi.connatix.com | udp |
| US | 8.8.8.8:53 | tagan.adlightning.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cd.connatix.com | udp |
| GB | 18.165.160.129:443 | config.aps.amazon-adsystem.com | tcp |
| US | 104.18.41.104:443 | cd.connatix.com | tcp |
| CZ | 65.9.95.20:443 | tagan.adlightning.com | tcp |
| US | 216.239.36.54:443 | us-central1-wrapper-analytics-prod.cloudfunctions.net | tcp |
| US | 172.64.146.152:443 | cd.connatix.com | tcp |
| GB | 3.162.16.219:443 | aax.amazon-adsystem.com | tcp |
| GB | 3.162.16.219:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cds.connatix.com | udp |
| US | 216.239.36.54:443 | us-central1-wrapper-analytics-prod.cloudfunctions.net | udp |
| US | 8.8.8.8:53 | 66.71.122.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.160.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.41.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.36.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.146.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 219.16.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ins.connatix.com | udp |
| US | 8.8.8.8:53 | vid.connatix.com | udp |
| US | 8.8.8.8:53 | lit.connatix.com | udp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | img.connatix.com | udp |
| GB | 172.217.16.234:443 | imasdk.googleapis.com | tcp |
| US | 8.8.8.8:53 | idrs.adtelligent.com | udp |
| UA | 62.149.0.74:443 | idrs.adtelligent.com | tcp |
| US | 8.8.8.8:53 | ddc04925603aedfa9aaf1a12d187c8a0.safeframe.googlesyndication.com | udp |
| GB | 142.250.187.193:443 | ddc04925603aedfa9aaf1a12d187c8a0.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| CZ | 65.9.95.6:443 | tags.crwdcntrl.net | tcp |
| US | 172.64.152.89:443 | cdn-ima.33across.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | web.hb.ad.cpe.dotomi.com | udp |
| US | 8.8.8.8:53 | exchange.cootlogix.com | udp |
| US | 8.8.8.8:53 | ads.servenobid.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | prebid.dblks.net | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| DE | 162.19.138.120:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | g2.gumgum.com | udp |
| NL | 79.127.227.46:443 | id.a-mx.com | tcp |
| NL | 185.89.210.212:443 | ib.adnxs.com | tcp |
| UA | 62.149.0.74:443 | idrs.adtelligent.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| CA | 199.212.255.179:443 | prebid.dblks.net | tcp |
| NL | 63.215.202.146:443 | web.hb.ad.cpe.dotomi.com | tcp |
| IE | 52.208.195.214:443 | g2.gumgum.com | tcp |
| IE | 52.208.240.95:443 | ads.servenobid.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| GB | 172.217.16.234:443 | imasdk.googleapis.com | udp |
| US | 157.230.234.29:443 | exchange.cootlogix.com | tcp |
| US | 157.230.234.29:443 | exchange.cootlogix.com | tcp |
| US | 157.230.234.29:443 | exchange.cootlogix.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| CZ | 65.9.95.56:80 | crt.rootg2.amazontrust.com | tcp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 216.58.201.102:443 | s0.2mdn.net | tcp |
| US | 104.22.52.173:443 | cdn.hadronid.net | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| IE | 52.95.115.255:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.152.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.227.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.195.208.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.240.208.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 179.255.212.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 255.115.95.52.in-addr.arpa | udp |
| IE | 52.213.178.209:443 | bcp.crwdcntrl.net | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| GB | 142.250.200.34:443 | pubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 104.22.5.69:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 216.239.32.3:443 | csi.gstatic.com | tcp |
| US | 216.239.32.3:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | advally-mcm-tagan.adlightning.com | udp |
| CZ | 65.9.95.42:443 | advally-mcm-tagan.adlightning.com | tcp |
| CZ | 65.9.95.42:443 | advally-mcm-tagan.adlightning.com | tcp |
| CZ | 65.9.95.42:443 | advally-mcm-tagan.adlightning.com | tcp |
| CZ | 65.9.95.42:443 | advally-mcm-tagan.adlightning.com | tcp |
| CZ | 65.9.95.42:443 | advally-mcm-tagan.adlightning.com | tcp |
| CZ | 65.9.95.42:443 | advally-mcm-tagan.adlightning.com | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 104.22.5.69:443 | a.ad.gt | tcp |
| GB | 172.217.169.33:443 | cdn.ampproject.org | tcp |
| GB | 172.217.169.33:443 | cdn.ampproject.org | tcp |
| GB | 172.217.169.33:443 | cdn.ampproject.org | tcp |
| GB | 172.217.169.33:443 | cdn.ampproject.org | tcp |
| GB | 172.217.169.33:443 | cdn.ampproject.org | tcp |
| US | 8.8.8.8:53 | 209.178.213.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.95.9.65.in-addr.arpa | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | p.ad.gt | udp |
| US | 104.22.4.69:443 | p.ad.gt | tcp |
| US | 8.8.8.8:53 | ids.ad.gt | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 44.238.160.234:443 | ids.ad.gt | tcp |
| US | 44.238.160.234:443 | ids.ad.gt | tcp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| DE | 37.252.171.149:443 | secure.adnxs.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| NL | 198.47.127.205:443 | image2.pubmatic.com | tcp |
| IE | 18.203.183.110:443 | dpm.demdex.net | tcp |
| GB | 172.217.169.66:443 | cm.g.doubleclick.net | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 34.98.64.218:443 | u.openx.net | tcp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 44.238.160.234:443 | ids.ad.gt | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| GB | 172.217.169.66:443 | cm.g.doubleclick.net | udp |
| US | 104.22.4.69:443 | p.ad.gt | tcp |
| US | 44.238.160.234:443 | ids.ad.gt | tcp |
| US | 8.8.8.8:53 | pixels.ad.gt | udp |
| US | 104.22.5.69:443 | pixels.ad.gt | tcp |
| US | 44.238.160.234:443 | ids.ad.gt | tcp |
| US | 8.8.8.8:53 | 33.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.4.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.131.71.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.183.203.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.160.238.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | s.0cf.io | udp |
| US | 8.8.8.8:53 | public.servenobid.com | udp |
| US | 151.101.129.108:443 | acdn.adnxs.com | tcp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | sync.cootlogix.com | udp |
| CZ | 65.9.95.36:443 | public.servenobid.com | tcp |
| GB | 92.123.240.21:443 | contextual.media.net | tcp |
| GB | 23.219.196.188:443 | ads.pubmatic.com | tcp |
| US | 137.184.159.133:443 | sync.cootlogix.com | tcp |
| GB | 92.123.242.2:443 | eus.rubiconproject.com | tcp |
| US | 104.21.22.242:443 | s.0cf.io | tcp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | prebid-match.dotomi.com | udp |
| NL | 63.215.202.172:443 | prebid-match.dotomi.com | tcp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| US | 8.8.8.8:53 | ssum.casalemedia.com | udp |
| US | 172.64.151.101:443 | ssum.casalemedia.com | tcp |
| US | 8.8.8.8:53 | 108.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.240.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 188.196.219.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.242.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 242.22.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.159.184.137.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.245.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | sync.go.sonobi.com | udp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| IE | 52.49.76.189:443 | ap.lijit.com | tcp |
| US | 69.166.1.35:443 | sync.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| GB | 87.248.114.11:443 | ups.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| FR | 163.5.194.32:443 | prebid.a-mo.net | tcp |
| GB | 2.19.117.148:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| GB | 142.250.180.17:443 | csp.withgoogle.com | tcp |
| GB | 142.250.180.17:443 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 67.202.105.24:443 | ssc-cms.33across.com | tcp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| DE | 18.197.30.174:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| FR | 178.32.197.53:443 | ssbsync-global.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.253.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 189.76.49.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.114.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.120.38.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.30.197.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 216.200.232.249:443 | sync.mathtag.com | tcp |
| US | 8.8.8.8:53 | hbx.media.net | udp |
| GB | 2.23.220.28:443 | hbx.media.net | tcp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | d.turn.com | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| IE | 52.208.46.191:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | cm.rtbsystem.com | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| US | 104.21.68.74:443 | cm.rtbsystem.com | tcp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| US | 52.202.216.195:443 | sync.ipredictive.com | tcp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| US | 8.8.8.8:53 | cm.ctnsnet.com | udp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| US | 35.186.193.173:443 | cm.ctnsnet.com | tcp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| IE | 34.254.135.99:443 | ice.360yield.com | tcp |
| US | 8.8.8.8:53 | rtb.adentifi.com | udp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| US | 44.207.241.162:443 | rtb.adentifi.com | tcp |
| DK | 37.157.5.84:443 | cm.adform.net | tcp |
| US | 8.8.8.8:53 | 53.197.32.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.232.200.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.220.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.46.208.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.136.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.68.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.216.202.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.193.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.135.254.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prebid-server.rubiconproject.com | udp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 8.8.8.8:53 | tg.socdm.com | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| DK | 37.157.6.232:443 | c1.adform.net | tcp |
| GB | 23.215.239.190:443 | secure-assets.rubiconproject.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| JP | 124.146.153.167:443 | tg.socdm.com | tcp |
| JP | 124.146.153.167:443 | tg.socdm.com | tcp |
| US | 8.8.8.8:53 | pixel.33across.com | udp |
| US | 67.202.105.22:443 | pixel.33across.com | tcp |
| DE | 51.38.120.206:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | 84.5.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.241.207.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.239.215.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.153.146.124.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 54.157.228.161:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| US | 69.166.1.35:443 | sync.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | ssp.disqus.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| IE | 34.251.27.227:443 | ce.lijit.com | tcp |
| US | 34.228.137.141:443 | ssp.disqus.com | tcp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | match.deepintent.com | udp |
| US | 54.196.229.231:443 | sync.srv.stackadapt.com | tcp |
| IE | 54.72.46.5:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 70.42.32.223:443 | b1sync.zemanta.com | tcp |
| US | 169.197.150.7:443 | match.deepintent.com | tcp |
| US | 8.8.8.8:53 | usersync.gumgum.com | udp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| US | 8.8.8.8:53 | eexsync.com | udp |
| US | 35.244.159.8:443 | us-u.openx.net | udp |
| US | 80.77.87.108:443 | eexsync.com | tcp |
| US | 70.42.32.223:443 | b1sync.zemanta.com | tcp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| US | 8.8.8.8:53 | 161.228.157.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.27.251.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.137.228.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.46.72.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.32.42.70.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.229.196.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.205.247.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.150.197.169.in-addr.arpa | udp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| US | 8.8.8.8:53 | pool.admedo.com | udp |
| US | 8.8.8.8:53 | gw-iad-bid.ymmobi.com | udp |
| BE | 35.206.140.87:443 | pool.admedo.com | tcp |
| US | 47.253.61.56:443 | gw-iad-bid.ymmobi.com | tcp |
| US | 8.8.8.8:53 | s.company-target.com | udp |
| US | 34.96.71.22:443 | s.company-target.com | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| FR | 51.178.195.216:443 | rtb-csync.smartadserver.com | tcp |
| FR | 51.178.195.216:443 | rtb-csync.smartadserver.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| FR | 154.54.250.81:443 | ads.stickyadstv.com | tcp |
| FR | 51.178.195.216:443 | rtb-csync.smartadserver.com | tcp |
| BE | 35.206.140.87:443 | pool.admedo.com | udp |
| US | 8.8.8.8:53 | dblksync.dblks.net | udp |
| US | 104.21.49.210:443 | dblksync.dblks.net | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 98.82.156.207:443 | s.amazon-adsystem.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| US | 69.166.1.35:443 | sync.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | 87.140.206.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.61.253.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.71.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.195.178.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.250.54.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.49.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.156.82.98.in-addr.arpa | udp |
| US | 35.186.193.173:443 | cm.ctnsnet.com | udp |
| GB | 3.162.21.19:443 | c.amazon-adsystem.com | tcp |
| DK | 37.157.6.232:443 | c1.adform.net | tcp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| JP | 124.146.153.167:443 | tg.socdm.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| DE | 37.252.171.149:443 | secure.adnxs.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | assets.a-mo.net | udp |
| JP | 124.146.153.167:443 | tg.socdm.com | tcp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| US | 104.19.159.19:443 | assets.a-mo.net | tcp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| DE | 91.228.74.166:443 | cms.quantserve.com | tcp |
| US | 104.18.41.104:443 | img.connatix.com | tcp |
| US | 104.21.22.242:443 | s.0cf.io | tcp |
| US | 54.196.229.231:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | 19.159.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.74.228.91.in-addr.arpa | udp |
| NL | 79.127.227.46:443 | c3.a-mo.net | tcp |
| IE | 54.72.46.5:443 | pr-bh.ybp.yahoo.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| FR | 163.5.194.32:443 | prebid.a-mo.net | tcp |
| US | 52.202.216.195:443 | sync.ipredictive.com | tcp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| FR | 163.5.194.32:443 | sync.a-mo.net | tcp |
| US | 169.197.150.7:443 | match.deepintent.com | tcp |
| US | 8.8.8.8:53 | id.rtb.mx | udp |
| US | 8.8.8.8:53 | prebid.adnxs.com | udp |
| US | 8.8.8.8:53 | ow.pubmatic.com | udp |
| US | 70.42.32.223:443 | b1sync.zemanta.com | tcp |
| NL | 185.89.208.11:443 | prebid.adnxs.com | tcp |
| NL | 79.127.227.46:443 | id.rtb.mx | tcp |
| NL | 185.64.189.116:443 | ow.pubmatic.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 208.95.112.2:443 | pro.ip-api.com | tcp |
| US | 8.8.8.8:53 | 11.208.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.189.64.185.in-addr.arpa | udp |
| CZ | 65.9.95.50:443 | cmp.inmobi.com | tcp |
| FR | 164.132.25.181:443 | ssbsync.smartadserver.com | tcp |
| IE | 52.18.29.125:443 | rtb.gumgum.com | tcp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| UA | 62.149.0.74:443 | idrs.adtelligent.com | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| GB | 3.162.16.219:443 | aax.amazon-adsystem.com | tcp |
| NL | 79.127.227.46:443 | id.rtb.mx | tcp |
| NL | 185.89.210.212:443 | ib.adnxs.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| UA | 62.149.0.74:443 | idrs.adtelligent.com | tcp |
| NL | 63.215.202.146:443 | web.hb.ad.cpe.dotomi.com | tcp |
| IE | 52.208.240.95:443 | ads.servenobid.com | tcp |
| US | 157.230.234.29:443 | exchange.cootlogix.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| CA | 199.212.255.179:443 | prebid.dblks.net | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| IE | 52.95.115.255:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 181.25.132.164.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.29.18.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3cff3d7bfdab48e4837badc6549ec414.safeframe.googlesyndication.com | udp |
| GB | 142.250.187.193:443 | 3cff3d7bfdab48e4837badc6549ec414.safeframe.googlesyndication.com | tcp |
| GB | 3.162.21.19:443 | c.amazon-adsystem.com | tcp |
| IE | 52.95.115.255:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| US | 8.8.8.8:53 | ts.amazon-adsystem.com | udp |
| US | 151.101.1.16:443 | m.media-amazon.com | tcp |
| US | 151.101.1.16:443 | m.media-amazon.com | tcp |
| US | 151.101.1.16:443 | m.media-amazon.com | tcp |
| US | 151.101.1.16:443 | m.media-amazon.com | tcp |
| US | 151.101.1.16:443 | m.media-amazon.com | tcp |
| US | 151.101.1.16:443 | m.media-amazon.com | tcp |
| GB | 18.172.88.54:443 | ts.amazon-adsystem.com | tcp |
| US | 151.101.1.16:443 | m.media-amazon.com | tcp |
| US | 151.101.1.16:443 | m.media-amazon.com | tcp |
| US | 151.101.1.16:443 | m.media-amazon.com | tcp |
| US | 151.101.1.16:443 | m.media-amazon.com | udp |
| US | 151.101.1.16:443 | m.media-amazon.com | udp |
| US | 8.8.8.8:53 | aan.amazon.co.uk | udp |
| IE | 3.254.237.161:443 | aan.amazon.co.uk | tcp |
| IE | 3.254.237.161:443 | aan.amazon.co.uk | tcp |
| GB | 18.172.88.54:443 | ts.amazon-adsystem.com | tcp |
| IE | 3.254.237.161:443 | aan.amazon.co.uk | tcp |
| US | 8.8.8.8:53 | sq-tungsten-ts-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | 16.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.88.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | udp |
| IE | 3.251.217.202:443 | sq-tungsten-ts-eu.amazon-adsystem.com | tcp |
| CZ | 65.9.95.71:443 | tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev | tcp |
| US | 8.8.8.8:53 | 71.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.217.251.3.in-addr.arpa | udp |
| GB | 92.123.240.21:443 | contextual.media.net | tcp |
| US | 137.184.159.133:443 | sync.cootlogix.com | tcp |
| US | 67.202.105.22:443 | pixel.33across.com | tcp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| US | 104.18.36.155:443 | ssum-sec.casalemedia.com | tcp |
| US | 54.157.228.161:443 | cs-server-s2s.yellowblue.io | tcp |
| FR | 51.178.195.216:443 | rtb-csync.smartadserver.com | tcp |
| FR | 51.178.195.216:443 | rtb-csync.smartadserver.com | tcp |
| FR | 51.178.195.216:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | wt.rqtrk.eu | udp |
| US | 98.82.156.207:443 | s.amazon-adsystem.com | tcp |
| DE | 57.129.18.109:443 | wt.rqtrk.eu | tcp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.18.129.57.in-addr.arpa | udp |
| NL | 63.215.202.172:443 | prebid-match.dotomi.com | tcp |
| IE | 52.49.76.189:443 | ap.lijit.com | tcp |
| US | 69.166.1.35:443 | sync.go.sonobi.com | tcp |
| GB | 87.248.114.11:443 | ups.analytics.yahoo.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| US | 69.166.1.35:443 | sync.go.sonobi.com | tcp |
| DE | 18.197.30.174:443 | match.sharethrough.com | tcp |
| IE | 52.208.46.191:443 | match.prod.bidr.io | tcp |
| IE | 34.254.135.99:443 | ice.360yield.com | tcp |
| US | 44.207.241.162:443 | rtb.adentifi.com | tcp |
| DK | 37.157.5.84:443 | cm.adform.net | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| IE | 34.251.27.227:443 | ce.lijit.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| US | 34.228.137.141:443 | ssp.disqus.com | tcp |
| GB | 2.23.220.28:443 | hbx.media.net | tcp |
| US | 54.196.229.231:443 | sync.srv.stackadapt.com | tcp |
| US | 52.202.216.195:443 | sync.ipredictive.com | tcp |
| US | 47.253.61.56:443 | gw-iad-bid.ymmobi.com | tcp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| US | 8.8.8.8:53 | odr.mookie1.com | udp |
| US | 34.160.236.64:443 | odr.mookie1.com | tcp |
| US | 8.8.8.8:53 | 64.236.160.34.in-addr.arpa | udp |
| US | 172.67.199.100:443 | cdn.adligature.com | tcp |
| GB | 3.162.21.19:443 | c.amazon-adsystem.com | tcp |
| UA | 62.149.0.74:443 | idrs.adtelligent.com | tcp |
| NL | 79.127.227.46:443 | id.rtb.mx | tcp |
| NL | 79.127.227.46:443 | id.rtb.mx | tcp |
| UA | 62.149.0.74:443 | idrs.adtelligent.com | tcp |
| US | 8.8.8.8:53 | e97a5137abe5a520d93594acbae333ab.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cdn.vuukle.com | udp |
| US | 104.22.61.168:443 | cdn.vuukle.com | tcp |
| US | 8.8.8.8:53 | 168.61.22.104.in-addr.arpa | udp |
| US | 104.22.61.168:443 | cdn.vuukle.com | tcp |
| US | 8.8.8.8:53 | get.geojs.io | udp |
| US | 104.26.0.100:443 | get.geojs.io | tcp |
| US | 8.8.8.8:53 | wrappers.geoedge.be | udp |
| US | 8.8.8.8:53 | prebid.smilewanted.com | udp |
| CZ | 65.9.95.22:443 | wrappers.geoedge.be | tcp |
| US | 8.8.8.8:53 | cpm.vuukle.net | udp |
| US | 8.8.8.8:53 | rumcdn.geoedge.be | udp |
| GB | 18.165.160.129:443 | config.aps.amazon-adsystem.com | tcp |
| US | 104.22.31.209:443 | prebid.smilewanted.com | tcp |
| NL | 103.67.200.72:443 | cpm.vuukle.net | tcp |
| US | 8.8.8.8:53 | 100.0.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.95.9.65.in-addr.arpa | udp |
| CZ | 65.9.95.25:443 | rumcdn.geoedge.be | tcp |
| GB | 104.78.175.230:443 | secure.cdn.fastclick.net | tcp |
| GB | 104.78.175.230:443 | secure.cdn.fastclick.net | tcp |
| US | 8.8.8.8:53 | 6a1d1fdcec7a028bb2d0e8925443652e.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | proc.ad.cpe.dotomi.com | udp |
| US | 8.8.8.8:53 | publish.vuukle.com | udp |
| US | 8.8.8.8:53 | adsdk.microsoft.com | udp |
| US | 8.8.8.8:53 | cdn.adnxs.com | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| GB | 2.19.117.29:443 | cdn.adnxs.com | tcp |
| US | 13.107.246.64:443 | adsdk.microsoft.com | tcp |
| US | 8.8.8.8:53 | 209.31.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.200.67.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.175.78.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| GB | 92.123.128.134:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | cdn.adnxs-simple.com | udp |
| GB | 2.19.117.38:443 | cdn.adnxs-simple.com | tcp |
| US | 8.8.8.8:53 | 134.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| GB | 23.219.196.188:443 | ads.pubmatic.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 69.166.1.35:443 | sync.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | static.smilewanted.com | udp |
| US | 104.22.30.209:443 | static.smilewanted.com | tcp |
| FR | 163.5.194.32:443 | sync.a-mo.net | tcp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| US | 67.202.105.24:443 | ssc-cms.33across.com | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| DE | 18.197.30.174:443 | match.sharethrough.com | tcp |
| US | 34.228.137.141:443 | ssp.disqus.com | tcp |
| US | 104.21.22.242:443 | s.0cf.io | tcp |
| IE | 52.208.46.191:443 | match.prod.bidr.io | tcp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| IE | 34.254.135.99:443 | ice.360yield.com | tcp |
| US | 44.207.241.162:443 | rtb.adentifi.com | tcp |
| GB | 2.23.220.28:443 | hbx.media.net | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| DK | 37.157.5.84:443 | cm.adform.net | tcp |
| DK | 37.157.6.232:443 | c1.adform.net | tcp |
| US | 8.8.8.8:53 | 209.30.22.104.in-addr.arpa | udp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| JP | 124.146.153.167:443 | tg.socdm.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| DE | 37.252.171.149:443 | secure.adnxs.com | tcp |
| JP | 124.146.153.167:443 | tg.socdm.com | tcp |
| DE | 91.228.74.166:443 | cms.quantserve.com | tcp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| NL | 89.149.193.121:443 | sync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | dsp-cookie.adfarm1.adition.com | udp |
| US | 8.8.8.8:53 | sync.adkernel.com | udp |
| NL | 103.67.200.72:443 | sync.adkernel.com | tcp |
| US | 8.8.8.8:53 | sync.adotmob.com | udp |
| DE | 80.82.210.217:443 | dsp-cookie.adfarm1.adition.com | tcp |
| FR | 45.137.176.88:443 | sync.adotmob.com | tcp |
| US | 8.8.8.8:53 | 121.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.210.82.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.176.137.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ads.creative-serving.com | udp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 35.214.241.248:443 | ads.creative-serving.com | tcp |
| NL | 35.214.241.248:443 | ads.creative-serving.com | udp |
| FR | 51.178.195.216:443 | rtb-csync.smartadserver.com | tcp |
| FR | 51.178.195.216:443 | rtb-csync.smartadserver.com | tcp |
| US | 54.196.229.231:443 | sync.srv.stackadapt.com | tcp |
| IE | 54.72.46.5:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 8.8.8.8:53 | ssp-sync.criteo.com | udp |
| GB | 23.219.196.188:443 | ads.pubmatic.com | tcp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| IE | 52.49.76.189:443 | ap.lijit.com | tcp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 52.202.216.195:443 | sync.ipredictive.com | tcp |
| US | 169.197.150.7:443 | match.deepintent.com | tcp |
| US | 8.8.8.8:53 | 248.241.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.1.250.178.in-addr.arpa | udp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| NL | 35.214.243.78:443 | csync.loopme.me | tcp |
| NL | 185.89.210.122:443 | ams3-ib.adnxs.com | tcp |
| NL | 185.89.210.212:443 | ams3-ib.adnxs.com | tcp |
| US | 70.42.32.223:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | 78.243.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.210.89.185.in-addr.arpa | udp |
| GB | 92.123.128.134:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 92.123.128.194:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 194.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | static-ware.com | udp |
| US | 104.21.39.80:443 | static-ware.com | tcp |
| US | 104.21.39.80:443 | static-ware.com | tcp |
| US | 8.8.8.8:53 | api2.amplitude.com | udp |
| US | 44.236.201.63:443 | api2.amplitude.com | tcp |
| US | 8.8.8.8:53 | 63.201.236.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 2.19.117.148:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | www.smurfwrecker.com | udp |
| US | 172.67.171.37:443 | www.smurfwrecker.com | tcp |
| US | 172.67.171.37:443 | www.smurfwrecker.com | tcp |
| US | 8.8.8.8:53 | 37.171.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aimware.net | udp |
| US | 104.22.50.177:443 | aimware.net | tcp |
| US | 104.22.50.177:443 | aimware.net | tcp |
| US | 8.8.8.8:53 | cdn.aimware.net | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | vjs.zencdn.net | udp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | ssl.google-analytics.com | udp |
| US | 151.101.194.217:443 | vjs.zencdn.net | tcp |
| US | 151.101.194.217:443 | vjs.zencdn.net | tcp |
| US | 8.8.8.8:53 | i.imgur.com | udp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | udp |
| US | 199.232.192.193:443 | i.imgur.com | tcp |
| US | 8.8.8.8:53 | 177.50.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 142.250.180.3:443 | www.google.co.uk | tcp |
| BE | 74.125.206.155:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 193.192.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.206.125.74.in-addr.arpa | udp |
| GB | 2.19.117.148:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 92.123.128.169:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | 154.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.110.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | 22.112.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 8.8.8.8:53 | icheat.io | udp |
| US | 104.21.25.33:443 | icheat.io | tcp |
| US | 104.21.25.33:443 | icheat.io | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | 33.25.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | embed.tawk.to | udp |
| US | 104.22.45.142:443 | embed.tawk.to | tcp |
| US | 8.8.8.8:53 | va.tawk.to | udp |
| US | 104.22.45.142:443 | va.tawk.to | tcp |
| US | 104.22.45.142:443 | va.tawk.to | tcp |
| US | 8.8.8.8:53 | 142.45.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | vsa46.tawk.to | udp |
| US | 104.22.45.142:443 | vsa46.tawk.to | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | www.premiumvertising.com | udp |
| FR | 185.93.2.11:443 | www.premiumvertising.com | tcp |
| US | 8.8.8.8:53 | premiumvertising.com | udp |
| US | 8.8.8.8:53 | c.adsco.re | udp |
| US | 162.252.214.11:443 | premiumvertising.com | tcp |
| US | 104.17.167.186:443 | c.adsco.re | tcp |
| US | 8.8.8.8:53 | adsco.re | udp |
| US | 8.8.8.8:53 | 4.adsco.re | udp |
| US | 8.8.8.8:53 | 6.adsco.re | udp |
| US | 162.252.214.5:443 | 4.adsco.re | tcp |
| US | 162.252.214.5:443 | 4.adsco.re | tcp |
| US | 104.17.166.186:443 | 6.adsco.re | tcp |
| US | 8.8.8.8:53 | 11.2.93.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.214.252.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.167.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.214.252.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.166.17.104.in-addr.arpa | udp |
| US | 162.252.214.5:2087 | 4.adsco.re | tcp |
| US | 104.17.166.186:2087 | 6.adsco.re | tcp |
| US | 8.8.8.8:53 | eufcsb33gfm2.l4.adsco.re | udp |
| GB | 185.200.118.62:443 | eufcsb33gfm2.l4.adsco.re | tcp |
| US | 8.8.8.8:53 | eufcsb33gfm2.n4.adsco.re | udp |
| US | 8.8.8.8:53 | eufcsb33gfm2.s4.adsco.re | udp |
| US | 162.252.214.5:443 | 4.adsco.re | tcp |
| US | 38.132.109.126:443 | eufcsb33gfm2.n4.adsco.re | tcp |
| SG | 185.200.116.60:443 | eufcsb33gfm2.s4.adsco.re | tcp |
| US | 8.8.8.8:53 | 62.118.200.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.109.132.38.in-addr.arpa | udp |
| US | 172.67.206.98:80 | vip.timezonedb.com | tcp |
| US | 8.8.8.8:53 | 98.206.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sirius.mwbsys.com | udp |
| US | 52.45.5.20:443 | sirius.mwbsys.com | tcp |
| US | 8.8.8.8:53 | iniquus.io | udp |
| US | 104.21.5.250:443 | iniquus.io | tcp |
| US | 104.21.5.250:443 | iniquus.io | tcp |
| US | 8.8.8.8:53 | 250.5.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | vsa88.tawk.to | udp |
| US | 104.22.44.142:443 | vsa88.tawk.to | tcp |
| US | 8.8.8.8:53 | 142.44.22.104.in-addr.arpa | udp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | udp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | api2.amplitude.com | udp |
| US | 34.217.243.4:443 | api2.amplitude.com | tcp |
| US | 8.8.8.8:53 | 4.243.217.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | insanitycheats.com | udp |
| US | 172.67.152.249:443 | insanitycheats.com | tcp |
| US | 8.8.8.8:53 | hubble.mb-cosmos.com | udp |
| US | 8.8.8.8:53 | 249.152.67.172.in-addr.arpa | udp |
| CZ | 65.9.95.10:443 | hubble.mb-cosmos.com | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 10.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 44.225.40.78:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 2.19.117.148:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | udp |
| US | 162.252.214.5:443 | 4.adsco.re | tcp |
| US | 162.252.214.5:443 | 4.adsco.re | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| GB | 142.250.180.3:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | rjd063dgozxo.l4.adsco.re | udp |
| US | 162.252.214.5:2087 | 4.adsco.re | tcp |
| GB | 185.200.118.62:443 | rjd063dgozxo.l4.adsco.re | tcp |
| US | 8.8.8.8:53 | rjd063dgozxo.s4.adsco.re | udp |
| US | 8.8.8.8:53 | rjd063dgozxo.n4.adsco.re | udp |
| US | 162.252.214.5:443 | 4.adsco.re | tcp |
| US | 38.132.109.126:443 | rjd063dgozxo.n4.adsco.re | tcp |
| SG | 185.200.116.60:443 | rjd063dgozxo.s4.adsco.re | tcp |
| SG | 185.200.116.60:443 | rjd063dgozxo.s4.adsco.re | tcp |
| US | 8.8.8.8:53 | battlelog.co | udp |
| US | 172.67.20.211:443 | battlelog.co | tcp |
| US | 172.67.20.211:443 | battlelog.co | tcp |
| US | 8.8.8.8:53 | static.zdassets.com | udp |
| US | 104.18.70.113:443 | static.zdassets.com | tcp |
| US | 8.8.8.8:53 | ekr.zdassets.com | udp |
| US | 104.18.70.113:443 | ekr.zdassets.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| BE | 74.125.206.155:443 | stats.g.doubleclick.net | udp |
| US | 172.67.20.211:443 | battlelog.co | tcp |
| US | 8.8.8.8:53 | 211.20.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.70.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | betteraimtechnologies.zendesk.com | udp |
| US | 216.198.53.1:443 | betteraimtechnologies.zendesk.com | tcp |
| US | 8.8.8.8:53 | widget-mediator.zopim.com | udp |
| IE | 54.171.135.154:443 | widget-mediator.zopim.com | tcp |
| US | 8.8.8.8:53 | 1.53.198.216.in-addr.arpa | udp |
| IE | 54.171.135.154:443 | widget-mediator.zopim.com | tcp |
| US | 8.8.8.8:53 | cheater.fun | udp |
| US | 104.26.14.166:443 | cheater.fun | tcp |
| US | 104.26.14.166:443 | cheater.fun | tcp |
| US | 8.8.8.8:53 | 166.14.26.104.in-addr.arpa | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | offers.pchelpsoft.com | udp |
| US | 104.18.23.170:443 | offers.pchelpsoft.com | tcp |
| US | 104.18.23.170:443 | offers.pchelpsoft.com | tcp |
| US | 8.8.8.8:53 | 170.23.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cloud.pchelpsoft.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.pchelpsoft.com | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| CA | 64.18.87.10:443 | store.pchelpsoft.com | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | 42.87.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.87.18.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | privacyportal-eu.onetrust.com | udp |
| US | 172.64.155.119:443 | privacyportal-eu.onetrust.com | tcp |
| US | 8.8.8.8:53 | p4-e6aw6nfhkkxh4-76k5ihw33nab7uvv-if-v6exp3-v4.metric.gstatic.com | udp |
| GB | 172.217.169.67:443 | p4-e6aw6nfhkkxh4-76k5ihw33nab7uvv-if-v6exp3-v4.metric.gstatic.com | tcp |
| GB | 172.217.169.67:443 | p4-e6aw6nfhkkxh4-76k5ihw33nab7uvv-if-v6exp3-v4.metric.gstatic.com | udp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cheater.ninja | udp |
| US | 104.21.58.89:443 | cheater.ninja | tcp |
| US | 104.21.58.89:443 | cheater.ninja | tcp |
| US | 8.8.8.8:53 | 360playvid.info | udp |
| US | 104.21.50.50:443 | 360playvid.info | tcp |
| US | 8.8.8.8:53 | logos-world.net | udp |
| US | 104.26.3.6:443 | logos-world.net | tcp |
| US | 8.8.8.8:53 | 89.58.21.104.in-addr.arpa | udp |
| US | 104.26.3.6:443 | logos-world.net | tcp |
| US | 8.8.8.8:53 | serve.360playvid.info | udp |
| US | 44.209.174.246:443 | serve.360playvid.info | tcp |
| US | 8.8.8.8:53 | 6.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.174.209.44.in-addr.arpa | udp |
| GB | 3.162.21.19:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | t.360playvid.info | udp |
| US | 3.208.46.52:443 | t.360playvid.info | tcp |
| GB | 172.217.16.234:443 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| CZ | 65.9.95.3:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| GB | 216.58.201.102:443 | s0.2mdn.net | udp |
| CZ | 65.9.9.197:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 52.46.208.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.9.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| GB | 142.250.200.34:443 | pubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| ZA | 142.251.47.67:443 | csi.gstatic.com | udp |
| ZA | 142.251.47.67:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | 67.47.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 92.123.128.187:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 187.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.prosettings.com | udp |
| US | 104.21.27.206:443 | www.prosettings.com | tcp |
| US | 104.21.27.206:443 | www.prosettings.com | tcp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| BE | 74.125.206.155:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 142.250.180.3:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 206.27.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | api2.amplitude.com | udp |
| US | 44.239.82.163:443 | api2.amplitude.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 2.19.117.148:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | 163.82.239.44.in-addr.arpa | udp |
| GB | 92.123.128.187:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 92.123.128.161:443 | r.bing.com | tcp |
| GB | 92.123.128.161:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | fpt.microsoft.com | udp |
| US | 52.167.30.171:443 | fpt.microsoft.com | tcp |
| US | 8.8.8.8:53 | 171.30.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7launcher.com | udp |
| US | 104.26.1.175:443 | 7launcher.com | tcp |
| US | 104.26.1.175:443 | 7launcher.com | tcp |
| US | 8.8.8.8:53 | 175.1.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cackle.me | udp |
| RU | 95.213.129.125:443 | cackle.me | tcp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| RU | 87.250.250.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | onesignal.com | udp |
| US | 104.17.111.223:443 | onesignal.com | tcp |
| US | 8.8.8.8:53 | 145.160.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.129.213.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.250.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.111.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| GB | 92.123.128.161:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 21.112.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sirius.mwbsys.com | udp |
| US | 52.45.5.20:443 | sirius.mwbsys.com | tcp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 142.250.200.36:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | 228.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | support.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | updater.se7enkills.net | udp |
| US | 172.67.15.208:80 | updater.se7enkills.net | tcp |
| GB | 142.250.200.36:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | 208.15.67.172.in-addr.arpa | udp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 44.225.40.78:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.117.143:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | 143.117.19.2.in-addr.arpa | udp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| US | 44.225.40.78:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 92.123.128.174:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 174.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| GB | 142.250.180.3:443 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | sirius.mwbsys.com | udp |
| US | 52.45.5.20:443 | sirius.mwbsys.com | tcp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 92.123.128.194:443 | r.bing.com | tcp |
| GB | 92.123.128.194:443 | r.bing.com | tcp |
| GB | 92.123.128.169:443 | th.bing.com | tcp |
| GB | 92.123.128.169:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 44.225.40.78:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 92.123.128.194:443 | www.bing.com | tcp |
| GB | 92.123.128.194:443 | www.bing.com | tcp |
| GB | 92.123.128.169:443 | www.bing.com | tcp |
| GB | 92.123.128.169:443 | www.bing.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 142.250.200.36:80 | www.google.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | api2.amplitude.com | udp |
| US | 35.82.99.82:443 | api2.amplitude.com | tcp |
| US | 8.8.8.8:53 | 82.99.82.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 44.225.40.78:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | sirius.mwbsys.com | udp |
| US | 52.45.5.20:443 | sirius.mwbsys.com | tcp |
| US | 8.8.8.8:53 | hubble.mb-cosmos.com | udp |
| GB | 18.165.160.15:443 | hubble.mb-cosmos.com | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| GB | 172.217.16.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.200.36:80 | www.google.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 44.225.40.78:443 | telemetry.malwarebytes.com | tcp |
| US | 44.225.40.78:443 | telemetry.malwarebytes.com | tcp |
| GB | 92.123.128.146:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 146.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 22.114.82.140.in-addr.arpa | udp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 92.123.128.133:443 | th.bing.com | tcp |
| GB | 92.123.128.133:443 | th.bing.com | tcp |
| GB | 92.123.128.164:443 | th.bing.com | tcp |
| GB | 92.123.128.164:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 164.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| GB | 92.123.128.164:443 | th.bing.com | tcp |
| GB | 92.123.128.164:443 | th.bing.com | tcp |
| GB | 92.123.128.133:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.117.143:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 151.101.65.91:443 | en.softonic.com | tcp |
| US | 151.101.65.91:443 | en.softonic.com | tcp |
| US | 8.8.8.8:53 | 91.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 21.114.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 185.199.109.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | sf.symcd.com | udp |
| DE | 152.199.19.74:80 | sf.symcd.com | tcp |
| US | 8.8.8.8:53 | sf.symcb.com | udp |
| SE | 192.229.221.95:80 | sf.symcb.com | tcp |
| US | 8.8.8.8:53 | rb.symcd.com | udp |
| DE | 152.199.19.74:80 | rb.symcd.com | tcp |
| US | 8.8.8.8:53 | rb.symcb.com | udp |
| SE | 192.229.221.95:80 | rb.symcb.com | tcp |
| US | 204.79.197.203:445 | api.msn.com | tcp |
| N/A | 10.127.0.1:445 | tcp | |
| DE | 136.243.69.123:445 | tcp | |
| SE | 192.229.221.95:445 | rb.symcb.com | tcp |
| GB | 18.165.160.15:445 | hubble.mb-cosmos.com | tcp |
| DE | 152.199.19.74:445 | rb.symcd.com | tcp |
| N/A | 10.127.0.0:445 | tcp | |
| N/A | 10.127.0.1:139 | tcp | |
| US | 204.79.197.203:139 | api.msn.com | tcp |
| DE | 136.243.69.123:139 | tcp | |
| GB | 18.165.160.15:139 | hubble.mb-cosmos.com | tcp |
| DE | 152.199.19.74:139 | rb.symcd.com | tcp |
| SE | 192.229.221.95:139 | rb.symcb.com | tcp |
| N/A | 10.127.0.0:139 | tcp | |
| N/A | 10.127.0.1:445 | tcp | |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| N/A | 10.127.0.1:139 | tcp | |
| US | 185.199.109.133:443 | avatars.githubusercontent.com | tcp |
| N/A | 10.127.0.2:445 | tcp | |
| N/A | 10.127.0.2:139 | tcp | |
| N/A | 10.127.0.3:445 | tcp | |
| N/A | 10.127.0.3:139 | tcp | |
| N/A | 10.127.0.4:445 | tcp | |
| N/A | 10.127.0.4:139 | tcp | |
| N/A | 10.127.0.5:445 | tcp | |
| N/A | 10.127.0.5:139 | tcp | |
| N/A | 10.127.0.6:445 | tcp | |
| N/A | 10.127.0.6:139 | tcp | |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| N/A | 10.127.0.7:445 | tcp | |
| N/A | 10.127.0.7:139 | tcp | |
| N/A | 10.127.0.8:445 | tcp | |
| N/A | 10.127.0.8:139 | tcp | |
| N/A | 10.127.0.9:445 | tcp | |
| N/A | 10.127.0.9:139 | tcp | |
| US | 8.8.8.8:53 | api2.amplitude.com | udp |
| US | 44.239.82.163:443 | api2.amplitude.com | tcp |
| N/A | 10.127.0.10:445 | tcp | |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.117.148:443 | aefd.nelreports.net | udp |
| N/A | 10.127.0.10:139 | tcp | |
| N/A | 10.127.0.11:445 | tcp | |
| US | 184.164.136.134:80 | tcp | |
| N/A | 10.127.0.11:139 | tcp | |
| N/A | 10.127.0.12:445 | tcp | |
| N/A | 10.127.0.12:139 | tcp | |
| N/A | 10.127.0.13:445 | tcp | |
| N/A | 10.127.0.13:139 | tcp | |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| N/A | 10.127.0.14:445 | tcp | |
| N/A | 10.127.0.14:139 | tcp | |
| N/A | 10.127.0.15:445 | tcp | |
| N/A | 10.127.0.15:139 | tcp | |
| GB | 92.123.128.194:443 | www.bing.com | tcp |
| N/A | 10.127.0.16:445 | tcp | |
| N/A | 10.127.0.16:139 | tcp | |
| N/A | 10.127.0.17:445 | tcp | |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| N/A | 10.127.0.17:139 | tcp | |
| US | 8.8.8.8:53 | tgjciypemslun.com | udp |
| N/A | 10.127.0.18:445 | tcp | |
| US | 8.8.8.8:53 | agctfdlsvucfb.net | udp |
| US | 8.8.8.8:53 | niddflxnoicrj.biz | udp |
| N/A | 10.127.0.18:139 | tcp | |
| US | 8.8.8.8:53 | chmvqmgdnaosd.ru | udp |
| US | 8.8.8.8:53 | pjnfqusxgnofc.org | udp |
| N/A | 10.127.0.19:445 | tcp | |
| US | 8.8.8.8:53 | xxgvuxbntookf.co.uk | udp |
| US | 8.8.8.8:53 | lahfugnimcown.info | udp |
| N/A | 10.127.0.19:139 | tcp | |
| US | 8.8.8.8:53 | ayqxghvxltbxo.com | udp |
| US | 8.8.8.8:53 | nbrhgpisehbkn.net | udp |
| N/A | 10.127.0.20:445 | tcp | |
| US | 8.8.8.8:53 | iykqwolqyidbm.biz | udp |
| N/A | 10.127.0.20:139 | tcp | |
| US | 8.8.8.8:53 | jmlshwvtrxafm.ru | udp |
| US | 8.8.8.8:53 | kausixgbqnpoo.org | udp |
| US | 8.8.8.8:53 | lnvusgqejdmsf.co.uk | udp |
| N/A | 10.127.0.21:445 | tcp | |
| US | 8.8.8.8:53 | gqosmjblwcpgf.info | udp |
| N/A | 10.127.0.21:139 | tcp | |
| US | 185.199.109.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | hepuwrloprmkf.com | udp |
| US | 8.8.8.8:53 | iryuxsvvohcto.net | udp |
| US | 8.8.8.8:53 | jfawibgyhwyxf.biz | udp |
| N/A | 10.127.0.22:445 | tcp | |
| N/A | 10.127.0.22:139 | tcp | |
| US | 8.8.8.8:53 | mqitacnobqohf.org | udp |
| US | 8.8.8.8:53 | asrltmffkpfmg.co.uk | udp |
| N/A | 10.127.0.23:445 | tcp | |
| US | 8.8.8.8:53 | nusutrbgcxjqo.info | udp |
| US | 8.8.8.8:53 | umloarjhlsgbr.com | udp |
| N/A | 10.127.0.23:139 | tcp | |
| US | 8.8.8.8:53 | iomxawfidbkfq.net | udp |
| US | 8.8.8.8:53 | vqvpthwymabkk.biz | udp |
| N/A | 10.127.0.24:445 | tcp | |
| US | 8.8.8.8:53 | jswytmsaeifos.ru | udp |
| N/A | 10.127.0.24:139 | tcp | |
| US | 8.8.8.8:53 | hhphriramvpqo.org | udp |
| US | 8.8.8.8:53 | iuqjcnlgegidf.co.uk | udp |
| N/A | 10.127.0.25:445 | tcp | |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | ilailxfrndkao.info | udp |
| N/A | 10.127.0.25:139 | tcp | |
| US | 8.8.8.8:53 | jybkvdyxfndmo.com | udp |
| US | 8.8.8.8:53 | dftlrdjtogloo.net | udp |
| US | 8.8.8.8:53 | esuncidagqebf.biz | udp |
| N/A | 10.127.0.26:445 | tcp | |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | ejemlswlpngxh.ru | udp |
| N/A | 10.127.0.26:139 | tcp | |
| US | 8.8.8.8:53 | fwfovxqrhxykh.org | udp |
| US | 8.8.8.8:53 | nqxeivrqfwgew.co.uk | udp |
| N/A | 10.127.0.27:445 | tcp | |
| US | 8.8.8.8:53 | bsynieelxkgqf.info | udp |
| N/A | 10.127.0.27:139 | tcp | |
| US | 8.8.8.8:53 | prigtlfoemjjg.com | udp |
| US | 185.199.109.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | dtjpttrjwajvf.net | udp |
| N/A | 10.127.0.28:445 | tcp | |
| US | 8.8.8.8:53 | jociiqjkhhcci.biz | udp |
| US | 8.8.8.8:53 | wqdriyvfaucoq.ru | udp |
| N/A | 10.127.0.28:139 | tcp | |
| US | 8.8.8.8:53 | lpmktgwigwfhk.org | udp |
| US | 8.8.8.8:53 | yrnttojdykftj.co.uk | udp |
| N/A | 10.127.0.29:445 | tcp | |
| US | 8.8.8.8:53 | vjgbahroikhai.info | udp |
| US | 8.8.8.8:53 | wwhdkpcrbaeei.com | udp |
| N/A | 10.127.0.29:139 | tcp | |
| US | 8.8.8.8:53 | xkqdlwfmhakfr.net | udp |
| US | 8.8.8.8:53 | yxrfvfppaphji.biz | udp |
| N/A | 10.127.0.30:445 | tcp | |
| US | 8.8.8.8:53 | rhkfacjikudxi.ru | udp |
| N/A | 10.127.0.30:139 | tcp | |
| US | 8.8.8.8:53 | sulhkktldkaci.org | udp |
| US | 8.8.8.8:53 | tiuhlrwgjkgdk.co.uk | udp |
| N/A | 10.127.0.31:445 | tcp | |
| US | 8.8.8.8:53 | uvvjvahjcadhb.info | udp |
| US | 8.8.8.8:53 | vqjujejegpdwa.com | udp |
| N/A | 10.127.0.31:139 | tcp | |
| US | 8.8.8.8:53 | juegvjffuiofy.net | udp |
| US | 8.8.8.8:53 | wutvdnecaioxs.biz | udp |
| N/A | 10.127.0.32:445 | tcp | |
| US | 8.8.8.8:53 | kyohpsadobagb.ru | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| N/A | 10.127.0.32:139 | tcp | |
| N/A | 10.127.0.33:445 | tcp | |
| N/A | 10.127.0.33:139 | tcp | |
| N/A | 10.127.0.34:445 | tcp | |
| N/A | 10.127.0.34:139 | tcp | |
| N/A | 10.127.0.35:445 | tcp | |
| N/A | 10.127.0.35:139 | tcp | |
| N/A | 10.127.0.36:445 | tcp | |
| N/A | 10.127.0.36:139 | tcp | |
| N/A | 10.127.0.37:445 | tcp | |
| N/A | 10.127.0.37:139 | tcp | |
| N/A | 10.127.0.38:445 | tcp | |
| N/A | 10.127.0.38:139 | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 36988ca14952e1848e81a959880ea217 |
| SHA1 | a0482ef725657760502c2d1a5abe0bb37aebaadb |
| SHA256 | d7e96088b37cec1bde202ae8ec2d2f3c3aafc368b6ebd91b3e2985846facf2e6 |
| SHA512 | d04b2f5afec92eb3d9f9cdc148a3eddd1b615e0dfb270566a7969576f50881d1f8572bccb8b9fd7993724bdfe36fc7633a33381d43e0b96c4e9bbd53fc010173 |
\??\pipe\LOCAL\crashpad_1704_CMZNWWZLTKQBIVPL
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | fab8d8d865e33fe195732aa7dcb91c30 |
| SHA1 | 2637e832f38acc70af3e511f5eba80fbd7461f2c |
| SHA256 | 1b034ffe38e534e2b7a21be7c1f207ff84a1d5f3893207d0b4bb1a509b4185ea |
| SHA512 | 39a3d43ef7e28fea2cb247a5d09576a4904a43680db8c32139f22a03d80f6ede98708a2452f3f82232b868501340f79c0b3f810f597bcaf5267c3ccfb1704b43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e8354cf33a99020758c0362deb69eafd |
| SHA1 | fb12875c3d17675d7fbc04719e6395df3ef95dbf |
| SHA256 | c02b9ae1cff24a65947dff27b3c65c3a835747866edb95ef8f077f1adc8545cb |
| SHA512 | 57c9953f2f3283519c1f3a182f80e366ba75b83ec52e64779547eead003af9489852e07a799bb4de3c965df301e00eb38d175bf87f6ddb616ddbf39a6d83faeb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ce2b0edbfd963d1aa1c45ef50f7b70c3 |
| SHA1 | 6581d55b4abeb5f4cfdb3af45d537858584b624e |
| SHA256 | a0a119a368fa30406e9e5897c531240ba2b41c88df5aa5a6a6ea8d063963c37c |
| SHA512 | db9119a0ba153e07fcc161df24146acd737b7a8c89a749927c86ea46168d38fba1b02084ed048ae29c2c0a59931cdd6cdacb3435c03ab19dcccbda730af4e33b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7568f187fe68bcee9e53e570eeb08883 |
| SHA1 | fc7a6dba9201b35d78d1dbd490ba19878d2ccb4e |
| SHA256 | 80e007dd7aa514cbc36f86e42ca00294c8a02d88207647171494ee96d1448488 |
| SHA512 | 9d390ee16975939ba29c027b8280512a188acef1323f2c88588d99a283ed2b7815c1d0b1e4af3307a6633bae2faf945622eb3c1add5e83124d19a8434e74d6c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f70dc0f2e75e01bbb5aff1c741296460 |
| SHA1 | b9ad354bd03fa41c790f65b53c89f3d107a79aba |
| SHA256 | bfbdffff5e39951195f3e9f719f6094c5903748cce0c7a0a3a712c33ad7865cb |
| SHA512 | 040253de38d45bff70b2cd702adc34a550ad0f9daa453aebb88ce048826bd71811d9af9aab35a9723738121f1f419b86978d480b11f64d46bd21388deada9d7b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | dd056aa187ebf19a6da0abc48f424ef7 |
| SHA1 | 9dd78e11b57ef8b1b2b18892b01ae1746800f5a1 |
| SHA256 | 4ef3ff3ca190f08e3895980331278dde1d488375dff8751c4cbd90f6e373a6d3 |
| SHA512 | 2e9818398183c9aad82aa6e329fcce9c48656d2f490bb385a14c998fc16a5be4ea41c68fb23aaafef6c98fbd87a8c421bb47bb9491c87a6639d0234f584a9816 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ad0e0972e4b4c705270ae6e78f03f2df |
| SHA1 | c79237ae23b01b88122c41635aa1521f0bb76d68 |
| SHA256 | 7b2896563f006de1a939de3439e1f47c326241707a7ae2ab57e8d1a20a731f0c |
| SHA512 | baa0502a906300a7dfd98b2adea825c11e2cb52f2244b65ec5c884e2e2a60623a42d591e378f689134fecfe939ae52afebffe46abd120855c11ecf9af123c5e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 1b47834e689579254542438f12ea425f |
| SHA1 | 7afd4a4d5f9387f428b1f0db7acc91fb2974ec61 |
| SHA256 | 5a3f1029b774ef592f4f399f132a2d65af3a4184dcde12797b0afa2dde079097 |
| SHA512 | 05052d877644e1de6bf8f9e35089a3d64615358b2cfdfb93e82b30b360d3cca88e2739de1d1bb034417bd6726421af52226b66c988bce79ae36a3bc55f305b2b |
memory/2704-236-0x0000000002640000-0x0000000002699000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | 838a7b32aefb618130392bc7d006aa2e |
| SHA1 | 5159e0f18c9e68f0e75e2239875aa994847b8290 |
| SHA256 | ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa |
| SHA512 | 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8a9c797b651c04437ce317b488230969 |
| SHA1 | 7716dbab6f237dff5184e87a4b0313ed82359bf5 |
| SHA256 | 7a1b8a1328e053797c61d2d5c4fde591fe895274900df9f68c6198cc8ab622e6 |
| SHA512 | 8d16abc8eea18280dd85a97a17a3c966d45149b16465a4baa63f82d261a066f54593a6c93f636997d98821accb3ee8b400ac374558836b51c21cbdd0515dbe37 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | dfe6a98683f4baf1cd0dc98ab015bcf8 |
| SHA1 | 81ca00581ce9d6c52a32065d8d29c4542ed39a3c |
| SHA256 | 07960ff3e7cb64cb71132ecab65ce2a9dd32104a1208978c48e4062f2e3b317e |
| SHA512 | a9526de6ceda2cb7d602b309701020942759ea2ab9acae31ffe691de02263f09f3d11663cf5c2d8e6c4007cc2e1a597c0ca94f23204f112e959d243e7e53bd61 |
memory/2704-243-0x0000000000400000-0x0000000000795000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2143f648977fc8602c0985e8aee76c05 |
| SHA1 | 223adae1c9af1505846a3cbe81c45e957cff5be7 |
| SHA256 | c11d44f68a21321ae8b3ef5f18b1df2a17e2806b800e10766c1af9b2a663ecf2 |
| SHA512 | 559b55b312362f5f24a6b17fe3093fecc01c298c37dc5518b40e877e2c837162333ca548460ced85339ccbb3fcc80a69da70d47c1e5bbba6b64e4d31c5c89c22 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d9698cd1dedfbc6027ebb371dcc4352e |
| SHA1 | 0c672345bbcfeb9521acdce4fc495d9b1035148c |
| SHA256 | 2ec910325bca0eec86cff5b6b4c22482e327a27d20ff994cf9deb8e0e2e428fa |
| SHA512 | 1fb3f6fcf98ec760de5de181a5c810dc3da6f5acd3672ce9162bf0a5b7edca507e840cb6f2ca6042ca01e4a6ad4fe6a9d3606e6eb1b1b4412aeaf25c198997e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe598330.TMP
| MD5 | cf00f2110fb3d594634cace8f6b091d1 |
| SHA1 | 4285b06a98820df1a4cdfd357d14c3be0ffb70b4 |
| SHA256 | b5c1e16c87507cdc15c1fcea44f046db62411c3070842c5f46bff5040d47c93a |
| SHA512 | c4f03e8f9696df92666e2d0a30893cba406021cf230f8e7561934ed3f7f933eaa136caa05cf70da54ceedf4af2207fb1ab062686250e9212acf38e8d5076a893 |
C:\Users\Admin\Downloads\Unconfirmed 508823.crdownload
| MD5 | 045e35761527c65b5530ef3d5c2e6401 |
| SHA1 | 15723ed7d69c49febe85a59b7ae9034c36581404 |
| SHA256 | 3e4666516e41b5509d8626dc832c646155a96b918da0e8c862d659aa3b31ed17 |
| SHA512 | 35464818b224caa2fefcae477e52821df7a6cd5ebefe38be2030d911ca599bb3f79a29c870ff94aff469bbc39ffe91a1a9f2e316aaa4111377a2ad8d7af2a219 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6119d21bcf782cb9c70cc1abda9220c6 |
| SHA1 | 31e601e7c3891f9392a075e1111df74363226429 |
| SHA256 | d6404cfd1436a5ce3d91b9f9144fc4614d77de280ca85b10d3d3c43f33e37f49 |
| SHA512 | 8ff49453fcc096c08305f60f55ebd238d0a24818d5288f5af3a494c996eaa6fa55ae598f42eb2808e92e1ec760847187f350518cf359979403c51bf1cf55c302 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 93d7d441571fe3e34a82f55d2735d22e |
| SHA1 | 8c3a7da668614826c62e7292936c48a1f174f721 |
| SHA256 | 0fd543b1f9b578487708f848ab122f3e3a96ffe05c18eca9d1bbae7e84196cd8 |
| SHA512 | 64eb49ef1587d7da4a3d75ebe891253f377f32c2cda74fcd6f6ef62462c2a73fa7028bac7060ad46dba75c0763ec0a9a3534d25ad8c140009bb77144755574c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4dbeeb3ebe1ae22b1963e31073b08b0c |
| SHA1 | 0e934ff9af33b6d2af080bb194e281dc79b8070a |
| SHA256 | 80eb928696bba144c20b5f336c81a3731f5438dfa7451c5b10db2991311123dd |
| SHA512 | 86071caaf4af3514e5ea68350e224b8841c0acddff453d41d45be8001585814888c8efb9e429c8db9378a5e7814cd449d1fd97b1481b1d11f9c50f331c9a7f40 |
C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe
| MD5 | f35a6782aea69cda718cc378504db826 |
| SHA1 | 5fc4028de1c51089d9f487caa02a78d4d42266fd |
| SHA256 | 20f89ddb4dd26f98ce006ae2034a87e1c2347788697e0fdb68b87c95af0b680c |
| SHA512 | 5a5dcf1ecb32addf5fa9ffbce583fbdb4714e5b87553abd57723cb1b199c54bbaf038db1a7ee1cb095b1aad878f8d17919b55cb093c4a869d7356aaf28fb3a4f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | bebbb63b384c6d8de8fd99d732db922b |
| SHA1 | 3d0df34379e195ba28810102ecdfcaa04e568af8 |
| SHA256 | b335b66e1e20c8d7612a62bd912cec9a5f861349d7ba1f843e5e662b766ce9ac |
| SHA512 | fec5bb45fd85f1ce40f1ab11a1da4dc3e011c092e7137d410611157f3c3fecf79db412aeb13a975a058ade9f7968d6beba7c5aadd02a5bf1099b641eb3e1df9f |
C:\Windows\Temp\MBInstallTemp58dccdc78e7011ef80f1fa9f886f8d04\7z.dll
| MD5 | 3430e2544637cebf8ba1f509ed5a27b1 |
| SHA1 | 7e5bd7af223436081601413fb501b8bd20b67a1e |
| SHA256 | bb01c6fbb29590d6d144a9038c2a7736d6925a6dbd31889538af033e03e4f5fa |
| SHA512 | 91c4eb3d341a8b30594ee4c08a638c3fb7f3a05248b459bcf07ca9f4c2a185959313a68741bdcec1d76014009875fa7cbfa47217fb45d57df3b9b1c580bc889d |
C:\Windows\Temp\MBInstallTemp58dccdc78e7011ef80f1fa9f886f8d04\dotnetpkgtmp\shared\Microsoft.NETCore.App\6.0.33\mscordaccore.dll
| MD5 | 0377b6eb6be497cdf761b7e658637263 |
| SHA1 | b8a1e82a3cb7ca0642c6b66869ee92ce90465b2a |
| SHA256 | 4b7247323c45262bbb77f0ef55c177a2211040fa77d410513a667488bf1bc882 |
| SHA512 | ff3f6f6d1535e7aab448590fdbdf60d37e64e00d4081853f201c0103d7b7918f388db5469774f32af211e0990bc103bc9ff3708fa44efd868aa312c76ea65600 |
C:\Windows\Temp\MBInstallTemp58dccdc78e7011ef80f1fa9f886f8d04\ctlrpkg\Malwarebytes_Assistant.runtimeconfig.json
| MD5 | d94cf983fba9ab1bb8a6cb3ad4a48f50 |
| SHA1 | 04855d8b7a76b7ec74633043ef9986d4500ca63c |
| SHA256 | 1eca0f0c70070aa83bb609e4b749b26dcb4409784326032726394722224a098a |
| SHA512 | 09a9667d4f4622817116c8bc27d3d481d5d160380a2e19b8944bdd1271a83f718415ce5e6d66e82e36819e575ec1b55f19c45213e0013b877b8d61e6feb9d998 |
C:\Windows\Temp\MBInstallTemp58dccdc78e7011ef80f1fa9f886f8d04\servicepkg\MBAMService.exe
| MD5 | e807869f4a76f0ae466fff66756b4f86 |
| SHA1 | 17ea39a557a0b4c3bd1e02371e4a1db1f87081b1 |
| SHA256 | 1b05197713872249ddf575554baaa29bd7659a696992c45bc7db2b68407ddeae |
| SHA512 | 3bd5349ae7f8de024d4addae1cf474b93aced0812948d88de201896ac71626747d0fe2f779c5b5914e8a1768c56decf754288df6c34701fe6355698071b76701 |
C:\Windows\Temp\MBInstallTemp58dccdc78e7011ef80f1fa9f886f8d04\dbclspkg\MBAMCoreV5.dll
| MD5 | 5e84b24b7d4e5d5a161074da559a1b49 |
| SHA1 | c5dea018ff9ce1c9a3e0cc90d1363fff57ab10f4 |
| SHA256 | b1fdd023dd927099a2991b44f17cf2845cd70e7869c3bdb95fca52424d9a6eb1 |
| SHA512 | f962b0022e544dffb722456409e90b3046df07262f7a493188f6e17b26fd8ed16363acb89729615a01361fceea792ad640e51606443a007653c1f269aa805774 |
C:\Windows\Temp\MBInstallTemp58dccdc78e7011ef80f1fa9f886f8d04\servicepkg\mbamelam.cat
| MD5 | 60608328775d6acf03eaab38407e5b7c |
| SHA1 | 9f63644893517286753f63ad6d01bc8bfacf79b1 |
| SHA256 | 3ed5a1668713ef80c2b5599b599f1434ad6648999f335cf69757ea3183c70c59 |
| SHA512 | 9f65212121b8a5d1a0625c3baa14ef04a33b091d26f543324333e38dcdb903e02ccc4d009e22c2e85d2f61d954e0b994c2896e52f685003a6ef34758f8a650c7 |
C:\Windows\Temp\MBInstallTemp58dccdc78e7011ef80f1fa9f886f8d04\servicepkg\mbamelam.sys
| MD5 | 9e77c51e14fa9a323ee1635dc74ecc07 |
| SHA1 | a78bde0bd73260ce7af9cdc441af9db54d1637c2 |
| SHA256 | b5619d758ae6a65c1663f065e53e6b68a00511e7d7accb3e07ed94bfd0b1ede0 |
| SHA512 | a12ccf92bead694f5d3cba7ff7e731a2f862198efc338efc7f33a882fe0eb7499fb3fb533538d0a823e80631a7ca162962fbdfd78e401e3255672910b7140186 |
C:\Windows\Temp\MBInstallTemp58dccdc78e7011ef80f1fa9f886f8d04\servicepkg\mbamelam.inf
| MD5 | c481ad4dd1d91860335787aa61177932 |
| SHA1 | 81633414c5bf5832a8584fb0740bc09596b9b66d |
| SHA256 | 793626d240fd8eefc81b78a57c8dfe12ea247889b6f07918e9fd32a7411aa1c3 |
| SHA512 | d292e028936412f07264837d4a321ecfa2f5754d4048c8bcf774a0e076e535b361c411301558609d64c71c1ce9b19e6041efa44d201237a7010c553751e1e830 |
C:\Program Files\Malwarebytes\Anti-Malware\srvversion.dat
| MD5 | ca37fab7c4861d85d471cd55870d44c8 |
| SHA1 | e7d11e482b50bb502453cb50e1bb80e5fa9c4e7b |
| SHA256 | 6a5ef3a9ef8c16383986def5d9f717baf82c9930a49c0ea0f158d8c3e631b271 |
| SHA512 | 6cb5f77105f47d45d6591cb835e3fe4f96532ff81f9715dc93f77a4a61bf84d124f95b37130d9fef82d47d19087748a36500bc441a0a4bb810d1c011f520f32e |
C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
| MD5 | dc15c5f0f8f49d5651d1136895123f73 |
| SHA1 | 5077abbd99f5538a3229c9503eb7eec3438a7cb2 |
| SHA256 | 580e23a55975bd52388bfdd1a8896c02b3e78033a1a92ba58a4ac2a7ff6db6f1 |
| SHA512 | ccc08b2405f870490bb6f1b2545d1afad984c38b2de30538b99d2e79f065f998ddc08f2a9a102c12f52c94f377507567ae589018124cc887b02661fb4f1c3183 |
C:\Windows\Temp\MBInstallTemp58dccdc78e7011ef80f1fa9f886f8d04\ctlrpkg\mbae64.sys
| MD5 | 95515708f41a7e283d6725506f56f6f2 |
| SHA1 | 9afc20a19db3d2a75b6915d8d9af602c5218735e |
| SHA256 | 321058a27d7462e55e39d253ad5d8b19a9acf754666400f82fe0542f33e733c6 |
| SHA512 | d9230901adeecb13b1f92287abe9317cdac458348885b96ef6500960793a7586c76ae374df053be948a35b44abe934aa853975a6ccd3788f93909903cc718c08 |
C:\Program Files\Malwarebytes\Anti-Malware\ctlrvers.dat
| MD5 | c01684d19eb2e8999976e568da9e2c5a |
| SHA1 | 1b839e9cbe7182880ec1afd0be5c3735b2b94a07 |
| SHA256 | 807bc610e87149f667bb64433e8dfc9b42f521cdb43185746cb01b61254ff8a4 |
| SHA512 | 51640f9ec8bb0a7289636a24de3521b56ac597722cbab9d6cd4081d3f5d7da3ad3a59a368843ce561c2a019fcda93406cc5114a47da7879da6cae58ee099046d |
C:\Program Files\Malwarebytes\Anti-Malware\version.dat
| MD5 | 6a4d4234f27718ded03e33abcf7d31af |
| SHA1 | a9602491b99e2637f6356534fbed8927b9a5065c |
| SHA256 | 704d4fb0658061554d1c7a1c2c5a744b2a14353c1b9e0ce4ec62c2537d4b0046 |
| SHA512 | 755bd0c3936b83c17c230432b14cafca5fadbbd4869f6d6fb65a605b92c94e4dc4e1ed2ebade979adca8a607ecde4e6682962890c725a262b1d13d2d32cfc52e |
C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json
| MD5 | c13ccc11430ec41fe8d1f9a8cbe4504f |
| SHA1 | 94eec35c85cc951a84d12e5075c0c91f2de6dc52 |
| SHA256 | 45eda3eb6a35e46a8856d52f34d1263a69c3e635054d29f9cbae0ed44f26b56f |
| SHA512 | b17e806c0575a72b190296458b7a5d6b522fb8318df8a0c33e270a45275da7b440af6be7cdabbe5e8c5b3e26d4327b98335610741ef201a5a7d33f64d0c452c0 |
C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe
| MD5 | 46f875f1fe3d6063b390e3a170c90e50 |
| SHA1 | 62b901749a6e3964040f9af5ddb9a684936f6c30 |
| SHA256 | 1cf9d3512efffaa2290c105ac8b7534026604067c9b533e7b7df2e017569a4ec |
| SHA512 | fdfb348061158f8133380e9a94215f4bfc0f6ce643a129d623cb8034c49144f1489de56cd076da645478506d9fbddc7590fe3d643622210084b15fdf0d16b557 |
C:\Program Files\Malwarebytes\Anti-Malware\mbtun.dll
| MD5 | 2bbf63f1dab335f5caf431dbd4f38494 |
| SHA1 | 90f1d818ac8a4881bf770c1ff474f35cdaa4fcd0 |
| SHA256 | f21a980316bd4c57c70e00840ab76d9ad412092d7d2d6a2cff4f1311f7c05364 |
| SHA512 | ebb9834323329dc01ba2c87e5fad1083a4cb86f5ed761cb63299ac5336a9843a1aadd42fbed706797c2295117af1c00f96806422338352653c8e0255fecc2fd5 |
C:\Program Files\Malwarebytes\Anti-Malware\mbtun\mbtun.inf
| MD5 | 5d1917024b228efbeab3c696e663873e |
| SHA1 | cec5e88c2481d323ec366c18024d61a117f01b21 |
| SHA256 | 4a350fc20834a579c5a58352b7a3aa02a454abbbd9eecd3cd6d2a14864a49cd8 |
| SHA512 | 14b345f03284b8c1d97219e3dd1a3910c1e453f93f51753f417e643f50922e55c0e23aab1d437300e6c196c7017d7b7538de4850df74b3599e90f3941b40ab4a |
C:\PROGRA~1\MALWAR~1\ANTI-M~1\mbtun\mbtun.sys
| MD5 | 83d4fba999eb8b34047c38fabef60243 |
| SHA1 | 25731b57e9968282610f337bc6d769aa26af4938 |
| SHA256 | 6903e60784b9fa5d8b417f93f19665c59946a4de099bd1011ab36271b267261c |
| SHA512 | 47faab5fff3e3e2d2aea0a425444aa2e215f1d5bf97edee2a3bb773468e1092919036bcd5002357594b62519bf3a8980749d8d0f6402de0e73c2125d26e78f1e |
C:\PROGRA~1\MALWAR~1\ANTI-M~1\mbtun\mbtun.cat
| MD5 | 8abff1fbf08d70c1681a9b20384dbbf9 |
| SHA1 | c9762e121e4f8a7ad931eee58ee60c8e9fc3ecb6 |
| SHA256 | 9ceb410494b95397ec1f8fa505d071672bf61f81cc596b8eccd167a77893c658 |
| SHA512 | 37998e0aee93ff47fe5b1636fce755966debe417a790e1aebd7674c86c1583feef04648a7bc79e4dedaabb731051f4f803932ac49ea0be05776c0f4d218b076f |
C:\Windows\System32\CatRoot2\dberr.txt
| MD5 | ce2a3f2acf2e16b76dee59b4cd082d93 |
| SHA1 | 023d6233a4e55c28c1e95f880a660cd8439f8da8 |
| SHA256 | 7b3926e218c1d88297240ce9c5a1a943553b0fc7461ff492bb8050372516616c |
| SHA512 | 9e2f199ca24dce05f8e99e90f01b5f94480af0a6dd47fff7ec8f321e70e71dd5a2d07f54f67d3da17f50b54608ec14a1992fe926564a04fe85e2ac7dc77b03bd |
C:\Program Files\Malwarebytes\Anti-Malware\offreg.dll
| MD5 | 2ccb84bed084f27ca22bdd1e170a6851 |
| SHA1 | 16608b35c136813bb565fe9c916cb7b01f0b20af |
| SHA256 | a538caf4ac94708ddb4240d38b1b99914ca3e82283f0d8a2290be28fc05eaccb |
| SHA512 | 0fd66d241bdebd0052f4972e85b42639e3c5a40affe23170b84bc4068dff8e84446898a77ebf7cc0bef97454abb788faccce508a68bc5e717980ef26d8436986 |
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
| MD5 | 03d6455dc6934a409082bf8d2ce119d5 |
| SHA1 | 995963c33a268a7ed6408c2e6de1281e52091be2 |
| SHA256 | 82ca2aec64fe151efd59a838c1845111bfb9f94ff277be3afae4e3f684ef3a62 |
| SHA512 | a0ff71bc01a11c9a95c1a0186a7bbfec9c3f84d7e600d0bca877934fa5f84053627bc59bb355f53ce9e3c9e4c6a841b8f5cb7436fe7f43b63426a8a851392c6d |
C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
| MD5 | b7e5071b317550d93258f7e1e13e7b6f |
| SHA1 | 2d08d78a5c29cf724bc523530d1a9014642bbc60 |
| SHA256 | 467de01d7cee7ec54166b80658ff22f9feebdb1c24eaf1629cf40e4124508064 |
| SHA512 | 9c35293c95c1a9141740ac99315605964aa37c4a42d3a11cae9e5649ff1427a9480d3d5e7f763212cf13db3511c5ea3c84e68f95f0067fe6339a9d3fb7b27c54 |
C:\ProgramData\Malwarebytes\MBAMService\config\PoliciesConfig.json
| MD5 | a9e1299b984d25c878fc28635c1ff0bf |
| SHA1 | adf5a6007291c13840a8a76434619e0f4f0e9b91 |
| SHA256 | 18d99a7a2913ceda9836197377a98b5f3fc09277e5012336dc82ee80b8ecbb5e |
| SHA512 | d7bc38778be6efec546ab3ae745bf268e99c7294f25cd3350525b515fc564811e77dc4248dbacd006c0ee21955114b49d46bd1c714e0e838c8eaf57cf47714a3 |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | ac305892ac51c713a27356680ed4aa48 |
| SHA1 | 64942155da098c6b928eff92e5e7bacd29cd42fe |
| SHA256 | e9bf110530c8ce8059eafaef824509a7f5bef91f7395fec5c2567f2ffbb7cccc |
| SHA512 | 9b543e63e8843286472cb4929c16d5a1ecb513c2a1e7b9484b160d1d54478c281241bbe4c05b7ec484bd0149e5372449818c51942e28ee64a461f0ae1caaf538 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 62b720eeca3c8b1809f7bc2dc6683607 |
| SHA1 | 3a4c72456a9b8de8c6ec3d731e155e5ba0c3b980 |
| SHA256 | 6fbcc54c2e9c26a2053ba772673ec3e711502afe9598de4b6f865bd85b474848 |
| SHA512 | a4adc4377f7a1ff4ac8d28f8124a59be7accf549c83f592bfd357a64ffc8ba58b7ffdabeb005110fe32a1c75499de303cea9d1bf2eae7f97a16b86a366598eba |
C:\ProgramData\Malwarebytes\MBAMService\pkgvers.dat
| MD5 | 56516aa022e765c689075d9919980f53 |
| SHA1 | 7cc19fb59ed59d6d58335553f079e5e0edb1e307 |
| SHA256 | 971c87bab52f3c136dc693f2b2caa0b283e42484e0d6f8a7d3ed4a445edda9c9 |
| SHA512 | ee70f1a4ae69f3ddc954f381b69d16c32ef2769c5bd27c7c2e6167a1509b47f1b782566a363cf0b15f0653c4d8023bc2c4e7d45635a8e5cda53c156ffd1b9edf |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 6fd682e07b166f518063a54460e1a109 |
| SHA1 | 1af0382dc9a7cbbf8e1ed81169efc4716d3dfe2f |
| SHA256 | 34e812723c6680d1723c165d4449c24e4a5098aad68ccc34b24d67cd2217b5fe |
| SHA512 | 30b0112c9d11acb0c42470b1b093b2049ea9aa2cc9d8547051cc8a996289575538f5e2917569ac672ac86cb6537dd6f0bd80d884e117244bb17790fc86378427 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json.bak
| MD5 | 1503e769317e6cc56fbcb4a392834404 |
| SHA1 | 9ae741a306231bc5314db6451171799ab781cdc4 |
| SHA256 | ee945db058ee3170648e87d553145b8bb29c2b796f1037ff28997a6a3746833a |
| SHA512 | 67538aee52d34e780144041e155c9b99a8ef58e838cd13b8692bdcd056c6476a0e29344a71ed0bac4d0a8846b0a48f6f337b5c2f264748dcbfb2dedbddfd0cde |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 4c09b658ffbc6c775ce477b5139230e2 |
| SHA1 | fc4a27143ac5dc493818b4dae5709dfc2786799c |
| SHA256 | 707e4f999414d134a002d91ca73ad3d0e43e7ab513d1a76422fd2ac1d803feab |
| SHA512 | 5c3e32e2902b853f2d06e9161b923333d2b22d47c6f053943526aff51bd71be40ecab522e9709a59b781157bd836c3b8d48f14fb5854c93d726f7cee214aebc9 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 6d860e527d209c224f4fe76d92c79073 |
| SHA1 | 50d0e9f114e13dce55c1d418241111f95d94755c |
| SHA256 | 9758584e1ff2f5afe5a19fd2542d29b853e65bc89b72da51b036f5d8fa5357fb |
| SHA512 | 44010e7dccc27364a8462d2de81925da40b02a31e179132fdb1bac23783dc0c76736aea7f46ec4f7f415e2ada1a26fac668b5a578826bc0adc242cc872311274 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 96ee387750064ef9bd236c2d85200ab7 |
| SHA1 | 1ae40741c6432828eccec67678f62def51288f2e |
| SHA256 | 2230c006fb23106dd3dd10b7c86fdc37b0b56781026e19879ffe35043f6c6969 |
| SHA512 | 5105b5871cb148102c73c6515af12b35c4d9fcf6648529c36726520b5a68b30fb69928e8069b9eb9b41dde5aaa250b968799f15d594b4f27aa53d3e494ab9062 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 8f1ac7192ff3182f8c0fe0308e7533e8 |
| SHA1 | 1f3bfb52056a146e7f21a90b89ba5db4a42e1f13 |
| SHA256 | bbd8dacb5f88c71fa086ad579578bbae4e2297608e372b582acbe7b65e716896 |
| SHA512 | fe786aa53c644e4d540adcc4f9f4eaacc9578128d690d69c0514efece1b035f1265284a565e13c611b762fbabb4f72729e163812f09c9807e4cfe6fe33ff9f10 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\tids.mbdb
| MD5 | ccad88bef857b6ee484a7edd4a3fc631 |
| SHA1 | bc5b08d6715c3f60218d01f7ec0c0ce720044f62 |
| SHA256 | fb83daed666a25b5b6d645be8283216aaa09f33993662357ce63e97234330d1f |
| SHA512 | 1a2dbd270af27caf97efd0f226ed421b59ee1e97b12e469ca64dc94b0ad4609b84948160bd465290d835546de1c72be5d6f95653e0282624c1037d821709813a |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\sample.dll
| MD5 | 16a6aad848aca7c684b68f94916089ff |
| SHA1 | dc3a936948599dab48b7c27c979a4bb69e8c975b |
| SHA256 | 99becb68768c0370ca8f49fec4e1e6bd8fcc9981d928ecab27bee1ba24dd691d |
| SHA512 | d27236da41122881e29e16b257807639c1c74c1bb243684c7411ffd25f54edf093e9caa1e38052a9e665039fef579adde4080bcee816e7b3d571930006f4f508 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\ig.exe
| MD5 | 995174301f78f82ae249e0ca88ab3580 |
| SHA1 | 9243e263e4ed877eca7fada22f57806ef0517ce7 |
| SHA256 | 62bfcd9b875621912a572abf99b8203bb5ea93aa42168d44dbe546cf15229d2b |
| SHA512 | 97d71741c718a2d344affef21628c380337ce05cf2f37392e6c6e3e696e44810d1f7eb07eab8849fd2a0125acdb4ad08f72cec41744c4948806c28230aaa5932 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\BrowserSDKDLL.dll
| MD5 | 956b145931bec84ebc422b5d1d333c49 |
| SHA1 | 9264cc2ae8c856f84f1d0888f67aea01cdc3e056 |
| SHA256 | c726b443321a75311e22b53417556d60aa479bbd11deb2308f38b5ad6542d8d3 |
| SHA512 | fb9632e708cdae81f4b8c0e39fed2309ef810ca3e7e1045cf51e358d7fdb5f77d4888e95bdd627bfa525a8014f4bd6e1fbc74a7d50e6a91a970021bf1491c57c |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Actions.dll
| MD5 | f802ae578c7837e45a8bbdca7e957496 |
| SHA1 | 38754970ba2ef287b6fdf79827795b947a9b6b4d |
| SHA256 | 5582e488d79a39cb9309ae47a5aa5ecc5a1ea0c238b2b2d06c86232d6ce5547b |
| SHA512 | 9b097abeafe0d59ed9650f18e877b408eda63c7ec7c28741498f142b10000b2ea5d5f393361886ba98359169195f2aceeee45ff752aa3c334d0b0cc8b6811395 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\dynconfig.dat
| MD5 | 10f23e7c8c791b91c86cd966d67b7bc7 |
| SHA1 | 3f596093b2bc33f7a2554818f8e41adbbd101961 |
| SHA256 | 008254ca1f4d6415da89d01a4292911de6135b42833156720a841a22685765dc |
| SHA512 | 2d1b21371ada038323be412945994d030ee8a9007db072484724616c8597c6998a560bc28886ebf89e2c8919fb70d76c98338d88832351823027491c98d48118 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\exclusions.txt
| MD5 | aef4eca7ee01bb1a146751c4d0510d2d |
| SHA1 | 5cf2273da41147126e5e1eabd3182f19304eea25 |
| SHA256 | 9e87e4c9da3337c63b7f0e6ed0eb71696121c74e18a5da577215e18097715e2f |
| SHA512 | d31d21e37b0048050b19600f8904354cff3f3ec8291c5a7a54267e14af9fb88dfb6d11e74a037cc0369ade8a8fb9b753861f3b3fb2219563e8ec359f66c042db |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\mbdigsig2.dat
| MD5 | ad1373fed4606c353518b1f85a02f376 |
| SHA1 | 66006a7911f37ce8630ec94247d6b38dbb5de250 |
| SHA256 | d0cc4f88de6f72d9f8ca1463a1260ed7f241254919ecf0b6a17c8abf29e00801 |
| SHA512 | 4160fc3708be12c45ef8f4773f655f48e3969b2da09c4b4d188d5fd17441cf55c2d56f364da9f7b560a4b9108ec50a4327be4a59cd93be522918faa975af0c60 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\dbmanifest2.dat
| MD5 | ab7465ec104de274518b4044540ef4e2 |
| SHA1 | 42e6d1f01a4c89848ba48a5e835393fdb4048b2e |
| SHA256 | f7f53d9227da6e430de1503aed512438ba36b1c2e5c3fbe954355a61a74aee2a |
| SHA512 | 65c51c013391a193eb1c5137c0813b991cec15c588097183b55ef4d43d0c0bde6908c966afd7c9a54758ddcfa2d17107d96474f3a55b8be734409d1db52d34e6 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\cfg.bin
| MD5 | de80d1d2eea188b5d91173ad89c619cd |
| SHA1 | 97db4df41d09b4c5cdc50069b896445e91ae0010 |
| SHA256 | 2b68990875509200b2cf5df9f6bdfcda21516e629cab58951aac3be6a1dd470c |
| SHA512 | 7a8f5f83552dbff21be515c66c66f72753305160606c22b9d8a552ab02943a2c4e371d17dce833020d2779c6d9fe184a1e9ef3d1b8285c77aeb17b2bba154b3f |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Global.nm
| MD5 | 3f4a2a51c4d17b9d22196e25665e1643 |
| SHA1 | caf7b5137e7ac9f9ba57fd1b8e923433a6e99f9c |
| SHA256 | 2bf8ad8be723aa9a38acc41342145fc36934ca7267abb4014c8893232b7d7cd1 |
| SHA512 | f6aad4019a31b5e6be5ea5a563b38f6f2519d7b900dfcc023b07dd122bd0db7a7baacd7b67c5c7207a5a7858e4bf48fc319cf6ebc803ce892068480108db24d9 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Global.sr
| MD5 | 76ad25209c1e25e915cbafd89de7e2db |
| SHA1 | 142134040a23ec7dd6f486560118ac0d63ab75f1 |
| SHA256 | 60a0474426a7b0ebf9b23f87ff596edd6c0bdcec4892e3dc3f5f1075d8e1e538 |
| SHA512 | 586e9611da5daec2ca766c3e9cb10efc2b118baa93d6ede08522a70f2f85a458e53f1c9cc78049092bc96d8bd792dbce0039658845b4fba60940eeaf0795f8bf |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\clean.mbdb
| MD5 | 3746d9d7e4f132d05b2b5acba1d0268f |
| SHA1 | 7ffe6945875ac2ab66045fe1f23a3780acf482e1 |
| SHA256 | ede3ea704d65af945bfad2e2138ab0f342791ffe51ed0cfae599c47ad81513e2 |
| SHA512 | 5fa3ac52ca760860e5489576097c0161091445bb5ceccd64b0dc215f80971f0c1485301e231abda56d978dad8253814b47a6e431a15b82c138a2ae3c3332f150 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\wprot2.mbdb
| MD5 | aa79ed13a74f94ddd1571b3cdbcc1751 |
| SHA1 | e1ab59c2604c697bdf93534e0c70420f1867984c |
| SHA256 | b516a9768a76458ef3f78bcf6715de776957c688db0e2b3dd79773c05f6d52d5 |
| SHA512 | 0818843287a5400a21e08bfce96b7d182a402b4e7e8cd3a38238992d4804cbbb0724753883b9bc90bcf8ee2d8f884c4416abbe719e5f0b8fa53e3b058c11c37a |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\scan.mbdb
| MD5 | 9b773db1d852d813908bd09a017de70c |
| SHA1 | 4d917cbe2ee7b4df5750664bb1ab504c40ea5a2f |
| SHA256 | d1af1afc7c9c6644bc4353d66a577336a2048417250adf4f35cbc905c09c461e |
| SHA512 | 531a55b947e09b7897f917c88975262c985b4f104be7c8576a9c77f49290b465efdc4c580d5b9b95aa7b482105c95c283c4cccb80e1dc9be594ee3d5415624d2 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\rules.mbdb
| MD5 | 465c4a02662ec31bf1728f8422771bd0 |
| SHA1 | 103b5ab5a772b596768b5700efa00a33d1254908 |
| SHA256 | 0a189aa05d10c29867c1581fff1adb8420433c944ff5c313ced2b24415fc9373 |
| SHA512 | ba426d02f86c2e076f00ca3a10c735132d73bb7f5db418cdf64f2d73387832b80880ae4c54ed9a5fba87a704c236bf225165351966a18943b58b92f67f34225a |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\rdefs.mbdb
| MD5 | 2f7423ca7c6a0f1339980f3c8c7de9f8 |
| SHA1 | 102c77faa28885354cfe6725d987bc23bc7108ba |
| SHA256 | 850a4ea37a0fd6f68bf95422d502b2d1257264eb90cc38c0a3b1b95aa375be55 |
| SHA512 | e922ac8a7a2cde6d387f8698207cf5efbd45b646986a090e3549d97a7d552dd74179bd7ac20b7d246ca49d340c4c168982c65b4749df760857810b2358e7eb69 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\prot.mbdb
| MD5 | 546d9e30eadad8b22f5b3ffa875144bf |
| SHA1 | 3b323ffef009bfe0662c2bd30bb06af6dfc68e4d |
| SHA256 | 6089fbf0c0c1413f62e91dc9497bedc6d8a271e9dc761e20adc0dccf6f4a0c1f |
| SHA512 | 3478f5dcf7af549dd6fe48ad714604200de84a90120b16a32233b6d44fa7240f5f4e5fe803f54b86bbdfd10fa1bfdd88fb85eb6a78e23e426933f98d0a2565ec |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 0ece2b6abfc8f3530378ad0a1b84fa19 |
| SHA1 | f3a5c036ae0fb1d097b1150b7162a989c7c28b06 |
| SHA256 | 82d469f5b241935b853fa1ffeb502359269ff1b15687ff3a3f735f3099fc431a |
| SHA512 | 354c4c34979a791cf50ba1b261121da98b52c50f78443d416ed2a435bca9e83964c0423f11be532731d64ddb8bc09985407dee94114d9fb80308998eed33e7a9 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 2e615ea0ecf9e29c379b0a6e6d80eaec |
| SHA1 | 0b9e46553c0aa5a0cbe5fa4819f44305ab412546 |
| SHA256 | df578a4f97bd9b4320ce078d5e47af53e4542eb7dfc749175e355c203d71af91 |
| SHA512 | 3dff55b7c7ee2c10b45ac24aad041d512b6bdd1139e6c328befe28ec63128f29f5eda7f9e87c9ab66505558ea492a70feffabd2cce73963e28978db2f11e5e53 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 7c8424d8f3c5c42e3add96cefd410095 |
| SHA1 | 91bdf31c57abb3f89e03cabe8ad10efd9031b046 |
| SHA256 | 394c4f66b81f1ea5bc8712989f86d34e3912b30a4e46dcbbd8d2bf67905ddddc |
| SHA512 | a9d9cac366f7b399b88ba20e77089f6f31aca93da301d79374dd20be233874a61a86f2d9dab55c2d2436f974c81d981c555f5a2e20d7a132c72ed0ea54ee3dbc |
C:\ProgramData\Malwarebytes\MBAMService\config\CleanControllerConfig.json
| MD5 | efedee2a3582ea5555aa78c3a7122ab5 |
| SHA1 | f8ac3c8a05c5f304d38c9ca1daf7eb5026f41ba5 |
| SHA256 | 2ea4c650441294043139f66ba4d18af1ced8624bf689eb47e30a7555b0a9ef57 |
| SHA512 | 47b05a3633218c58b21658d9677993c48f37fa65564ec674f2e4e7038d5b3caf16163d905a33f1eb6ea396472ae5bb977abffc888aa232941c053dd6def1b2eb |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | b38258d9b6b8cc4c80021057e82262a2 |
| SHA1 | a4abe9fbd0c80d53caced361af7d90af0d225c14 |
| SHA256 | 88c7e7bca8e9edb0c95ef6c2da47e820bb94d80da12383f63d2bc4ca18c84941 |
| SHA512 | 225a9a94073a81ec4fc90da25cc2254baed7a2c0c2cc87335b1104ea1e54b161a6229187ad8fd3803f57f59d61901e284d0b3e3943d77cf1530ca412867db8cf |
C:\Windows\System32\drivers\mbamswissarmy.sys
| MD5 | 246a1d7980f7d45c2456574ec3f32cbe |
| SHA1 | c5fad4598c3698fdaa4aa42a74fb8fa170ffe413 |
| SHA256 | 45948a1715f0420c66a22518a1a45a0f20463b342ce05d36c18b8c53b4d78147 |
| SHA512 | 265e6da7c9eede8ea61f204b3524893cf9bd1ed11b338eb95c4a841428927cccbed02b7d8757a4153ce02863e8be830ea744981f800351b1e383e71ddaad36ad |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 5166d673643596046efafe25b230c870 |
| SHA1 | e6180cabccbb10272d63ba560c750457c9e98fbb |
| SHA256 | 515050e5f0721fda40b0a5b6d7563619ea573c6b2e5e92f7e99dc70984027d95 |
| SHA512 | c9afbcb232f233e2094b9dae1512816c7a8d8faf93cd77c4e5bf034081621fb57cd981b03032c09fc4d7008ba32a25bff1ec6fea91ec606af5def5e08fcfec2c |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json.bak
| MD5 | 6a7bfbbc9a76e69f3c4f9d05f38164d0 |
| SHA1 | 67157b8646a096fb2f53763013976a56a80c6f84 |
| SHA256 | 3bc072ed44bb08f10a6ba8d4312efed08c6306e64399e492a0a841d52a60ed1b |
| SHA512 | 4e04ba9e2aca14a79f6d1016f8f17fcb163577a01f39b87aceb05c08a0aa7da0a10ed673089f5631ae542516f39d97f1d7b38ba0bcee27ef3e9c0a2d18fad693 |
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
| MD5 | c85697ddbab6e646f301b820271278c1 |
| SHA1 | 6df5778d21d629393021f003bb08d310d6a64cb1 |
| SHA256 | 837b827106feedfb40446d633d0e00ed5ec9512785bcba9285c6a5c7e4264d0e |
| SHA512 | 71838548deb0dbd0c2ce4d025e9d4d56f1aace5b3a6aa8e0cc88b8805b645a3b1b689de2a183f725b60be52ff3b20fe59ca107b781bda4c735a629b3412e3737 |
C:\ProgramData\Malwarebytes\MBAMService\config\MwacControllerConfig.json
| MD5 | 5acdf9980f01fc050c1bbc4c00e590bf |
| SHA1 | 7479da0437999ddf48a66ccd76298bf9980db8ee |
| SHA256 | 4d032f38c796388a1a23c4e9b1efbe1e7aaabeb8ec6f2f7ff1747dcf2591c073 |
| SHA512 | 96c82980ab0ec625e89fcc3fc879d616c784f9a923b2c6fb942c3b03a8830182052972d96bdd3360d18067cd0351275451c75dfdb14174e07fe0458a3fb94778 |
C:\ProgramData\Malwarebytes\MBAMService\config\MwacControllerConfig.json
| MD5 | 10c218a08fc14c818acbceee2d5507c7 |
| SHA1 | ad513f45cdacc51c4abeb887a340ecba700b89d7 |
| SHA256 | 40960660f1fe37b84a73131128efe2983fd2c79baccf2273a17b3dd2584f2a06 |
| SHA512 | a4290f25965cdc4826ef404e0d567c311df14e14b6bd06741c5708f1ee35c3c9684da96ca9c2faeefbe506b90507d86ab0fe84316fcec152e1d863e9e0ed812f |
C:\ProgramData\Malwarebytes\MBAMService\config\ArwControllerConfig.json
| MD5 | b80d114032d61f88912b1c5a182604bb |
| SHA1 | 16892c3f3e2368e5fee8a72b42c5cbe17ccae7b9 |
| SHA256 | b1b31d7b391ace153dd6f257a8ec8b72c01619e4dcc25a787f3ee7790eadf46b |
| SHA512 | c12c318bf21aed5a94605af2da907dbe9788f341cfb4dd2d807a30b031d4a4de7f88b01d1877de67b42f4fff1e81637ef8ea44fcd6bffdd22bf014f2010b806e |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | 92cc08ddc1553aef474f6d65710b9df3 |
| SHA1 | cb4fbebf5c07c45e54a9f060007f5633ee5f4738 |
| SHA256 | b5961fb1450d90890363da03bd3c09207f9f70f52eedadf74af2b705e7ff3f05 |
| SHA512 | 5160e7a5042f8d037c4389cfc65c28392ecea55729c02ae9a7618f4a980c2ae39fd71fa6c67f13035afff70469f3316f846e4ae24295b94a1d74cca2b180c70a |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | b5cdac46c76a2124989b8d9ea50671b9 |
| SHA1 | b9008fba1d59b2331a0eff85755ff2ce633e3f4a |
| SHA256 | 9b8e845930cbb88d86146eee5a4a68e99dc961c4414a62a0b65f194f91111568 |
| SHA512 | 75fa010bab232a3f2160decd8a14ffb6af91cd3f8006e7c4114cc119a402413e167773d753a168b049ca3e233e8ada8b048b33a63831cff49712465edfacd4ad |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | e3575e20038afe2d80b7407bc35e3ce0 |
| SHA1 | 9ebcbdf1d89e97bb842fdaa96b41cd1cb7dce6d3 |
| SHA256 | 80e22df23509393f054eba669a6fe9417ebe93617d5a6e93afb5bfdcefbd2ae7 |
| SHA512 | 2bc5d364655710a781595d6f5a126ca6580d3e5fdef224fda7cf95e17bdf8553c6f404409ed115764a24acc7fc6bce4b1c1d2d0fcd6c3b0f8eba5a335b20a545 |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | 45992e6eae8494519e3693f13400eb28 |
| SHA1 | a23e355de1870dc482e124b50f77d5dc722a9889 |
| SHA256 | 879321636a217e6cebfdec7b5ce22a4b415e6fbb9d585c6c9ccbd9640b4bf8bb |
| SHA512 | 54fee2c0cc6e1a9809a0efa030317e97ec2f5bb2f2c34a6a9b4dadaf6bd90f88b465c9beb349b8252e93576fe4ef18e8f1ef1dd067b7992298c4cd19dc539e97 |
C:\ProgramData\Malwarebytes\MBAMService\config\SpConfigFile.json
| MD5 | 1adfedf32662ef984d5d78c2bba9bc51 |
| SHA1 | d5779dc0c921e352c4fb93b3315947edb879882c |
| SHA256 | 25a42bff897b0a77c5735d21687754979785f1b241ddcda7eba7b796824425ef |
| SHA512 | d5add175bd08c1cd932f5865a9d6f28c438a3aac6a62b597eec82c6cc00354b060552e7ff61c2f688ae4ef743f0605294533bbbe9f20c65add90090b07f8edb1 |
C:\ProgramData\Malwarebytes\MBAMService\config\VPNServerListConfig.json
| MD5 | 2cda2548a96eb7bcf7719db63e48aea4 |
| SHA1 | 7adc0b5ad82dc9b6e9f55c36e5e920c4d0cdfc9e |
| SHA256 | 2a6359bb4e5e19f28580d7769b3c6ec442606f2bdcf88d126f0ccf3b558f37a1 |
| SHA512 | 568279183bc1f88b8c4df233f4ed8d6b673567a442e524e0e928d64a2987da24d69af702664fee225868baae5376a4ef23235fb854be9bd3073210527cfc855a |
C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json
| MD5 | bbd5f2aa6d4f73ce2d6f784280513a80 |
| SHA1 | 0d1eb165c1c62a8243d789a238d3de4d2aae134a |
| SHA256 | ad63660da0dac6be85529e883fd9729df40771cae93f7725eb2de85024621838 |
| SHA512 | dfc8f64b6f1cb937c022ba6702029023500715fc01b51201503467a15dbaf89ef11612cae3775463ee062a126a0cc080bea525e32bf5acb82183488da45d82cb |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | ed99b820438272f1a0b8a73b403a00fb |
| SHA1 | c0d2d4bf50a3be3652575e0d56fe98ac9427f7e8 |
| SHA256 | 391866b89708eade2a56788b2fb30ff77135bf1c77466350283619ef566f6334 |
| SHA512 | e4dccdec953d9156bfcb0469ae25314f9a89d294e34c434561da6a98108a0a9587767ea886f5766a4eae67e1be27745949b5a41ec9cf1205bcdf9ba516c3d018 |
C:\ProgramData\Malwarebytes\MBAMService\config\VPNControllerConfig.json
| MD5 | fff97d87aeab43984fd661b2001dab2b |
| SHA1 | 95a7d1c9267eeb21d8f7b65eb6c6052ae60c4049 |
| SHA256 | 00633d3f24d1d6062609929363438d80298318f443a3f806c46f55ad779e5f51 |
| SHA512 | 3b3cc1d0d3fca1f7389c596205cd008c22d1cec578fd163139536fedf9aff26574c1168e991226d014b85950100f97dca155a6fb9ed93028ee3399e4cdb40b26 |
C:\ProgramData\Malwarebytes\MBAMService\config\VPNControllerConfig.json
| MD5 | 90fb8712a2347a6392470e4e10369614 |
| SHA1 | 03503a1c83def1e3018bd29a5ac8ed15082074ff |
| SHA256 | e7307778c1870d9ca3d37f80dd49bb39ad586adef3915ac1a1e0b88f32f5751a |
| SHA512 | db8d53c270f52f0dbdc9b70bc3601f637597449c8db15e0fff80ed72ff7cfdff1d460b672a88f38a1d5ce59932e71bfc438e52dc6e22c8174557b65c28da9e97 |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | 68a40d95c4fd9157a34680ecbfad267f |
| SHA1 | 7271887c6c84301738a73f9e300af6e50c42bcc9 |
| SHA256 | 443e0830f40188d701ba0d2b457ff09aa2810e4f80bd1b81c738ec4d7a4ad2df |
| SHA512 | e5446a419fa687001f128e7a2e7408dabbf2218e4587542c5d077d42b0bd7500fef7b743e5cc8b67c36f5fcf46538d0e5794287a5352171d0d72ba33510a2825 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 16f11f23e73efe57382eb89d67abd689 |
| SHA1 | 5c5fcba3ebbb238a8063ffdba999c58fd0cc5882 |
| SHA256 | c8bb2d109cb81ffdd8e8a3ecdd280723d7f2f66193b5447447663e5e2519bbf5 |
| SHA512 | 5e6a9a82f5e72e0516cfc03424b29d8052f1cea4d483bb4c73e4f2463e3e3829d9ae308b987be8859474563d2814cbd68c6882c2601bf1affe1668fc1020a446 |
C:\Program Files\Malwarebytes\Anti-Malware\mb5uns.exe
| MD5 | b672a064c3cfdf56ce0d6091edc19f36 |
| SHA1 | 1d21d4ca7a265c3eafaae8b6121be0260252e473 |
| SHA256 | 04fdd99a4e8ded496a99c9d3c8c0b6a9a9bde9c4187d07342260f63852ef6273 |
| SHA512 | 53e6c4bd68a0cf36160b21d63e7a6152ca78f17c76ccee9e185c1cf3f5a254c05f401f91501ad3d6806d5085b1f58322e6b7ad483fb813b86cb8570519410680 |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | 163392b7cd23d6e6f0a903534d087abe |
| SHA1 | 13fa825c3bd85c236291d1ed92c8894dac3eb633 |
| SHA256 | 60ec4ac74ab892655deb8cf1b14eb176a68c3e7c2aa546a8ad51302b8b427ee7 |
| SHA512 | a909b4e7d02f8d1cfc1809db003bf9df878a6dcb003a801a2f14bc03f39e04b90db0dfd02c85b08fdfc42bed678a93449164231dbb0f3ab93c8fe90265832192 |
C:\ProgramData\Malwarebytes\MBAMService\config\CleanControllerConfig.json
| MD5 | ea758b91906b857e7976138439f356bd |
| SHA1 | d7d30380c2ff535bac8d06164c054fb355655180 |
| SHA256 | 4ecff7ab970704fc47586782216f92c752a82a13b84d6af7bc1ce20c82d4685f |
| SHA512 | f7f4cb65f535e2d045328573afffdfc78a029f07859d16c2c856ba83bf4d74f36f93ca84b2dd61149c49c80b98c7f3276219e9c8f37436c26e2d7c1ddebef3c2 |
C:\ProgramData\Malwarebytes\MBAMService\config\PoliciesConfig.json
| MD5 | 30a11702d17b1c2d34d89a235d113239 |
| SHA1 | 85244847cccc6d8cc068eb7bc0bcae93a0c2599e |
| SHA256 | e64615e6c16274d5198694601678f71d2e09dca4a669db483251d410afa02fca |
| SHA512 | 1bb9a27f6040075c438028a3af979c6c5ff3297bd8771a20fb7e5f16e81fae9226d781273a142f36320b5cd2ec15c22775a616b2ba65e47105d166228fa614d9 |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | 845f31c8ecedb9a97d555758fd89d186 |
| SHA1 | e089c4aa2f55a2624ffc7b101e92c0e20310d2d0 |
| SHA256 | f107518de029726590ed2975abebd6dcd1ec33b708151ef51ad4369b33119531 |
| SHA512 | afbe5a4052af072892d60db2d8e532c7f611b01a289c2fe4077df3c112b9668b53b6aa20ff01dba76b46db970547a886906fc7c3a641fb567a261ec068af2247 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 20e904f8249caef9a6a18842d2e960fb |
| SHA1 | e978d3023bb1d863e64a678136342779a2a4067e |
| SHA256 | 12f14c582afa4e0f0b3ec6cce128f46fca2ce07878c7605b9b65953209d450d3 |
| SHA512 | 13fe051b7121820bfaaf745fbb8c68fbc856843a775f38df770a8d1526b5dec77641c71f90525c9c2d3ba4df01059439232f2c02ab720aec74be2f1826cef3c7 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 9fc5c8ac6e38aa6782df7f25ddba5d12 |
| SHA1 | 6481ae00a918ff69065823ddd7a27d69ee59bef3 |
| SHA256 | 5abe4da3b0652bd10f386f395c08038c0c076c83ce1d94cc031609f97c62bfda |
| SHA512 | 8efe8e01e13230c1b97784aff26c5bba66822db21ec45ed990ffb7aacbdb9e16d9b0dd1f25a815235c2c04dacfbac40c7733318729f415ed1d50f54950dcb834 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.inf
| MD5 | 5a9717e1385703e8f06b27aa10a69e87 |
| SHA1 | 84ee67a9167b5eb6560711b9871de98898ad07a5 |
| SHA256 | 47b7c516bb57c612de19f0ca865590af95b6e32bf873a0fef9e011b2c5b483d4 |
| SHA512 | dd3c7278c2c11ad15a55fae6d19b96dadd92f85b7f0c8ce934298258af00bb5c052a84a98499b8867b0f43704fb307c67d03692ca69dda4d814c6c17dd73df44 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.sys
| MD5 | 817666fab17e9932f6dc3384b6df634f |
| SHA1 | 47312962cedadcacc119e0008fb1ee799cd8011a |
| SHA256 | 0fcaebe94f31fa6e4d905b5374733d72808f685fa3bcc9db9a8a79bd4a83084f |
| SHA512 | addc9a5b13da4040a44d4264cbfe27656b7d7971029a0ad53c58e99267532866f302ca8831a3f4585bbe68d26ec2d11a6b43de9bf147b212ab1f05eb4ed37817 |
C:\ProgramData\Malwarebytes\MBAMService\config\SpConfigFile.json
| MD5 | 7a1e7c2b8ec1f77c6cad92e4c19e68f8 |
| SHA1 | 1807e8ef7ec1fc3f6882e4c222332c3dafe91cc6 |
| SHA256 | adffc66f5383b052689f96b0e3d1d3596afaf53b49003925c8927fa154a7dde0 |
| SHA512 | e2532eff33ee789403fd163063f6cf9343791ca857216e49060fb54c3143b4f9c1ea5f9bad083a4ba89d61af340e842c60bf3199a850c243b2276407bc352b8f |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 8186826706d3b51edf2dc7ccf295e338 |
| SHA1 | 801ca6b168c4cbdfd534df53d2c1462bdfd49725 |
| SHA256 | a4a112131cc87092127075ae18d53f0b383b2aced92034f1405fa4bda9a99895 |
| SHA512 | 0fe4d18bc7973da84b9dfc3788eb833590206bc971f95ab357ca7525d51e461fed358231db3056acebd641ad618a780a9c8c5f18c5304fa17e3831c2ea91238a |
C:\Windows\System32\catroot2\dberr.txt
| MD5 | 3ce682d3fd4b38e93e65167ecf455150 |
| SHA1 | f43e4d6c8556b27b5d772282f23e49e35c6fc2ba |
| SHA256 | f8e8075041d397fc7d1ead81e726d112cd3a41ab8ebb4879f4df95fcd4cfca37 |
| SHA512 | 018340cf9afafb1aa373d5a3b89080a8781fb3cb6bed8c63f70fc354eb99aca3dca4889c95d6f0498fb7ba937d9de2fe39eadc64afc68134da6abdb70cead023 |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | 176471506e8539a026f293c9f7d9e168 |
| SHA1 | dd80642489c7fc447cac0de1a988f18d387eab27 |
| SHA256 | 11db75d7f29ec989c251a6b1d45914ae15a838e5d82a96205eec0790dcb3a54d |
| SHA512 | b2e9ad2f8ce0733b99f07a7ca918f6b3183ef104dfb9ae88851b00d5a0e9d2bce8b93a2b52d48a9c29e2dfec9ae3bf60607f08bd73262e36f2a221b9a8aeb3f7 |
C:\ProgramData\Malwarebytes\MBAMService\LOGS\mbae-default.log
| MD5 | 8ee698f3033e7f7e8a5c4049981dffe9 |
| SHA1 | 9c8d1468fd418598705bf1020ade2c7808c043ff |
| SHA256 | 43732646ebace92a8d7252e3ffc110bc3b1ff7d837c122ee98ef72035e57b5ea |
| SHA512 | 58bb9302ceed4389dab180f8c72512739302cd78bc3c939d09dd1c3c3deac26f2333eb46e4f89d6318a15ce7505f1ae9fabf99f98e97bd9c9b89b2b89434493e |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.sys
| MD5 | 954e9bf0db3b70d3703e27acff48603d |
| SHA1 | d475a42100f6bb2264df727f859d83c72829f48b |
| SHA256 | 8f7ae468dba822a4968edbd0a732b806e453caaff28a73510f90cb5e40c4958a |
| SHA512 | 0e367ce106820d76994e7a8221aaaab76fda21d40aede17a8fe7dedaca8f691b345b95cf7333eb348419bc5f8ea8618949783717100b38ed92544b9199f847f0 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.inf
| MD5 | 358bb9bf66f2e514310dc22e4e3a4dc5 |
| SHA1 | 87bfc1398e6756273eee909a0dfb4ef18b38d17c |
| SHA256 | ff51780a5a854b2c18f71ae426cb066a13723ef6155e24f4910137c9e8dfdc17 |
| SHA512 | 301ec5ec5c0813951843011f2204924240235494999136ea30a557cbf58146fc6043a8866b344fa7deb927d7c83d44e2aaf45adca7d221aba5d36715b9a63e09 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.cat
| MD5 | 1c69ac8db00c3cae244dd8e0ac5c880e |
| SHA1 | 9c059298d09e63897a06d0d161048bdadfa4c28a |
| SHA256 | 02d57ac673352e642f111c71edbb18b9546b0b29f6c6e948e7f1c59bd4c36410 |
| SHA512 | d2ec2ff9fea86d7074998c53913373c05b84ddd8aa277f6e7cda5a4dfffd03273d271595a2f0bf432b891775bdd2e8f984c733998411cfc71aff2255511b29c9 |
C:\ProgramData\Malwarebytes\MBAMService\config\ArwControllerConfig.json
| MD5 | e97123959dfee73a0335c95eeb2ef832 |
| SHA1 | 3a3bfb6e8ba8d816154cce411a1d828e44ad16dd |
| SHA256 | b9a23861433c1f5162cbc8d56d91fad2e0e22bdc0a4378fe72d75d988f9b2eb3 |
| SHA512 | 43b40411a3d07237b3606397cf5ca79722f95a7286091d943f818dcfcbcd40f16a648adfcce04c3f22f3462b1ec5c8f27b4a016ecdc1e86e6cddc8127413d05e |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 975adc412863c75d554daf658a43d5b3 |
| SHA1 | 0a35403337faa9acfcbd5f92edb934fe85ab3f4f |
| SHA256 | b93bc2f685608803f640bd02e7c0f24459f489dcf9e7c86b15c822fac8febc0d |
| SHA512 | 37a83cd77bb4ad9902fd675d01889d00b97a98c68cdd4d9aed7c7115b8004bf93782f85af6cd5b9397b3ab8bae3086ce1bb82253979a4afe1e5d2e6b8daa5329 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 3a0cf440e9f31aa2802a8c574322442e |
| SHA1 | 5ca06b68889810398bfd15e014daa485ccb4a75e |
| SHA256 | 72533c5ad832a9378990fa675c67089e76cdabcd42da640a1546b76a924c2e4d |
| SHA512 | 7ea1dabf023074b52dc1e47b7c13e9beea96f5aa4eb5cdcb4562c2756950260137e6208746c6c98957bc36c269ec1a0fa537d0244042d0083f190dd3fcaf6979 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 9cf690382aedc54f2de3ed33e673f9a9 |
| SHA1 | 31bf3ffe99547d18f5c66e713577f6fcc568a3fd |
| SHA256 | 221f535c9c048fc16cb68d5efa903a738e77b4bc16089452d1b48202474fb674 |
| SHA512 | f79006b035544903e10b73c0f52e8738e48726b797c89940d10c233adad4aac8887fadc57e37e993b8c4392bb9fe52fee5af81a03f61b02dd7fea71d936b5bfa |
C:\ProgramData\Malwarebytes\MBAMService\updatrpkg\SdkDbUpdatrV5.dll
| MD5 | 52c4aa7e428e86445b8e529ef93e8549 |
| SHA1 | 72508ba29ff3becbbe9668e95efa8748ce69aa3f |
| SHA256 | 6050d13b465417dd38cc6e533f391781054d6d04533baed631c4ef4cea9c7f63 |
| SHA512 | f30c6902de6128afbaaed58b7d07e1a0a674f0650d02a1b98138892abcab0da36a08baa8ca0aba53f801f91323916e4076bda54d6c2dc44fdad8ab571b4575f7 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 0a8563211b3603533aaf0a829109ec27 |
| SHA1 | 83d949a3d4ba4b022cf4cf4a0de6fd45542904d6 |
| SHA256 | f8b23594fdade56f2651be74204b6800ce36e3ba78f8fcd3da96766241261157 |
| SHA512 | eb866a2df19893932dcf9f04ad3cb995d00b45f83a89f6ef4f4aec39cb6388af2a7558f3da392b2e32dc561b152162cfc20e02a1c5577cfecf1bc351507864ef |
C:\ProgramData\Malwarebytes\MBAMService\updatrpkg\mbupdatrV5.exe
| MD5 | 869c1203781a48747f74786f941eabe0 |
| SHA1 | d2eb104e7982b6c10a8a1fdb196c69d3ca8173af |
| SHA256 | bfc55011ff831980e27627e766fa02a7d9b48bc27898a76d40e282fe56ff95cf |
| SHA512 | b6130421823757b76a9469ffdd5307df80b06f633914a41d2ac50328bbacdb9d91fefaf586b2f0444132fb534f5db7e098c7138da009adc3d05d2665f162f1b7 |
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
| MD5 | 61bd6a08809d2703f3ff45120e862219 |
| SHA1 | 8d5f4df8a69af1ed3cf3ceb472b506b0eedde090 |
| SHA256 | e8f4b689259603c447bbc4558865034048439c0a6532a894ffd745fd42f25136 |
| SHA512 | 9eef490621173d33c092a4e796022052139fc884b5d4bd9630cbd26f6dded1ec7b7ad37ba415e9772cfda63584eeb3f527ecc8e0aa9d9b8d0c8556c72f25a0bf |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.cat
| MD5 | 3da850e8540c857a936b3d27c72ed0af |
| SHA1 | cd5b3a36b1c3d762835ed2f62a151c5127f01dbb |
| SHA256 | 0c77c63c9eb8eef49e833dfbb2d4f0e91bf9aba6bbea1fbb8ff8d1cdc16f7e38 |
| SHA512 | 5c9d5add57ad377cea6958e13e515053ae8aa9f9d8471e8ec57064e5bf8f5c1f3efdf26078aa287e63f38b528333c69be0745894cb2c0b427d78775f7605507f |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 867ea8692423f9008587fa5551cde61f |
| SHA1 | e3f659c6909e2a5d9ba0723085635fd31fc7f55c |
| SHA256 | bd0003edc56fa043aa40896b67220b8575bf8824007750b8366f7b1fcbbe7b54 |
| SHA512 | 2047a7d28ca1eccf3102b7990dd0e899c5713ea6c98cdeefde50cac2478b7be41b97e367180c3a03cd59765f3f8c1d1150c6f4a8256af1bb05d145252719d1e2 |
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
| MD5 | 105c1474638a2df6db0381290b289e6e |
| SHA1 | 0fa461bc5eb6ca497f2a18334e4083fb3d6d07b5 |
| SHA256 | 779583482b089497a6e573429227eeb31f491d16c8761fd26dd5029918d19a9c |
| SHA512 | f4eed0e8a8959cbeb737a7e346d29a033ccccf2456a80ce8fac46dee3bf77d8be6bbc772e87f1047c73027d352164f259b0b4e7dbbabab10acfd10f8bf8e56b2 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 2156cdb05ccec09f2f59a1a81d3cdabf |
| SHA1 | 852b17d2b1c5781e79ba4bf9d1bb7a8221f4069c |
| SHA256 | b016a4488da7624b0487e7b0e5f88925dfe5342a1812ea9fbfcbe099b25b6f58 |
| SHA512 | 22bcb8cb837161b52824cb34fe9accc5948cd7586b42be0d5322dcb9226824dbd1bb5d69170a1e15b04eb3707fcdf305f789bfa2a9e07a4839b0fc1dc38ee631 |
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
| MD5 | 15b0c06895136cfae26139846566d55a |
| SHA1 | 2e393d020391b0a5bbb9cf2f962aa55866bfc3ac |
| SHA256 | 0e879f83ff21dbc19b4c697c5d7b1dc3680b08275190ee9b859dbfd3ad0834df |
| SHA512 | 1392733e5ccd02bf7f72f26850161ccec793bd609d3b8ba728e9fa95aadd46d000927e62521fafd65fab971743e1757153e63ed82af777740b12075fe975cb8d |
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
| MD5 | 6338663c6b841c02831bef236da57bfa |
| SHA1 | d797257776340978363966f9b922fc9bf91dc576 |
| SHA256 | 98e0b3e4d3e37c641bc5df789459749f064d6cb0a386749800e6a4e53086a9eb |
| SHA512 | e3b4b11dc44702753801b9b8de335a18e2239d817814e6654e414adf70694b09cdb7921c9d46382d9d4ca97bb506eb039a409fa3aed3d1fa7ffb5fa06c414abd |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.tmf
| MD5 | c97bdce34905d88028d709cbeb8396c8 |
| SHA1 | fee05f9fdf2f52c3b13de2e77e6ff98e4df485a3 |
| SHA256 | 72e4695c9c70d5bb90bcf4d4f6b20607ca25fcdcb1bf9c5c77a062c6eae77370 |
| SHA512 | 31ef1b6219d6bb7d723342e2f94e8199fdd517cae7008ad1f77e064f77eea0f6a3c0823269e55285a27137fe0234cca731829691f84f100ce048a5f62f7466e0 |
C:\ProgramData\Malwarebytes\MBAMService\ARW\mbarwind.arw
| MD5 | 31f4ed6c2077a6712cfc2b27762b580b |
| SHA1 | 57c68266fc9b49c5d7dc62a15eb6636befcbc84b |
| SHA256 | 1ca6574269eb2e6daa059cec58c5e999fc6345bb8a93a7b3e22fefd34a7ea8b3 |
| SHA512 | 13d9727a694c88fde149517beb4d16938f328486065b9d491151b06855312cd0b5deda67a2ee4ba85280d19d7d6b648bf0b6ffd3ed9cb346ba9ed0cfe9ceeed6 |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BAEBE581FCB73249406FC21094EA252E_BC0CE803EF41A748738619ED7838EEFC
| MD5 | 5bfa51f3a417b98e7443eca90fc94703 |
| SHA1 | 8c015d80b8a23f780bdd215dc842b0f5551f63bd |
| SHA256 | bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128 |
| SHA512 | 4cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399 |
C:\Windows\System32\drivers\mbam.sys
| MD5 | 2b6ba2a29aedad09dbbf964b404ca4d3 |
| SHA1 | f4740d6bdda9e157fb4e0b8c039117bfe0e147b6 |
| SHA256 | 76ef1379b03d1cc367e0422cc4688a3a6c697ccee798a750bb3ed53bcd71def7 |
| SHA512 | 6ead63664db520ff6acc5d28e858197a320353c62fcdc9feba089ec2b09df95b690ed72d67f7b73d658039478e694b6732aec65e398b0c130e6842870abaa190 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\version.dat
| MD5 | 690b68b9b8a195563fe6c1ceaefe9c6b |
| SHA1 | 7c4dd29c2ce50cbd47cefc7ecfbd15c1c733b65e |
| SHA256 | 734ed6899d9d12dc732b50324a4fb93988118a1d6991e2c11cd330982d6ec633 |
| SHA512 | b0e5b534e674096904031b1541a7a46bedc3980a9a4ebb9f5a32835c90caa386438e60fa3a3c2ed9bab70131ce58402f183a32692fe0a3cf785c2208d7fac24d |
C:\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll
| MD5 | ec9b045692fe77d349de3c1c485df14d |
| SHA1 | 07e763b7ce25cf5ef3f5563117a9908cd955e4cc |
| SHA256 | c4a5a407fa5833e8d86aa9e941f485e076150546fc29ae64342258f0f3e56f84 |
| SHA512 | 5da6e12e78ad1b7e1c9c4568761f358228c6556f6697b8898e3895a7462bc3bc78169ac656e5ecb26b1eb706298a1cd1e45d62ea5849c4cd7a751724074b919e |
C:\ProgramData\Malwarebytes\MBAMService\updatrpkg\expapply64.dll
| MD5 | 76a6c5124f8e0472dd9d78e5b554715b |
| SHA1 | 88ab77c04430441874354508fd79636bb94d8719 |
| SHA256 | d23706f8f1c3fa18e909fe028d612d56df7cd4f9ad0c3a2b521cb58e49f3925d |
| SHA512 | 35189cc2bf342e9c6e33fd036f19667398ac53c5583c9614db77fb54aadf9ac0d4b96a3e5f41ec7e8e7f3fe745ae71490bdcf0638d7410b12121e7a4312fae9e |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D13.tmp
| MD5 | 3b337c2d41069b0a1e43e30f891c3813 |
| SHA1 | ebee2827b5cb153cbbb51c9718da1549fa80fc5c |
| SHA256 | c04daeba7e7c4b711d33993ab4c51a2e087f98f4211aea0dcb3a216656ba0ab7 |
| SHA512 | fdb3012a71221447b35757ed2bdca6ed1f8833b2f81d03aabebd2cd7780a33a9c3d816535d03c5c3edd5aaf11d91156842b380e2a63135e3c7f87193ad211499 |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D19.tmp
| MD5 | b5d0f85e7c820db76ef2f4535552f03c |
| SHA1 | 91eff42f542175a41549bc966e9b249b65743951 |
| SHA256 | 3d6d6e7a6f4729a7a416165beabda8a281afff082ebb538df29e8f03e1a4741c |
| SHA512 | 5246ebeaf84a0486ff5adb2083f60465fc68393d50af05d17f704d08229ce948860018cbe880c40d5700154c3e61fc735c451044f85e03d78568d60de80752f7 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 74931da2f73b00a1213cd8a762274dcd |
| SHA1 | 7b46d262e8fadd0754656632b12ee2b4cd4ee5e0 |
| SHA256 | a92b8fb04c394574e7465684a0417d8aad078638c15d41422d78439bbd4c9292 |
| SHA512 | 301a622472979f88cc97fc128aad083815ee62f2a32fd36f9664d01534b5d4266e58e67ba85b3f22abb1f3c239ffdffb3efa7d4ac6ac7e3790a9eb232190931d |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D76.tmp
| MD5 | 54dde63178e5f043852e1c1b5cde0c4b |
| SHA1 | a4b6b1d4e265bd2b2693fbd9e75a2fc35078e9bd |
| SHA256 | f95a10c990529409e7abbc9b9ca64e87728dd75008161537d58117cbc0e80f9d |
| SHA512 | 995d33b9a1b4d25cd183925031cffa7a64e0a1bcd3eb65ae9b7e65e87033cd790be48cd927e6fa56e7c5e7e70f524dccc665beddb51c004101e3d4d9d7874b45 |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\DA9.tmp
| MD5 | a7b7470c347f84365ffe1b2072b4f95c |
| SHA1 | 57a96f6fb326ba65b7f7016242132b3f9464c7a3 |
| SHA256 | af7b99be1b8770c0e4d18e43b04e81d11bdeb667fa6b07ade7a88f4c5676bf9a |
| SHA512 | 83391a219631f750499fd9642d59ec80fb377c378997b302d10762e83325551bb97c1086b181fff0521b1ca933e518eab71a44a3578a23691f215ebb1dce463d |
C:\Windows\Temp\TmpE5F7.tmp
| MD5 | 653b76514491fc1916a0f5a478eed62e |
| SHA1 | 5711b6cc72bccc84c8d065f2edbe55bbe0bb8cac |
| SHA256 | b23aea1601c81b14f022a9d910f5b58c98545f17edb39fb7739b887e7579b4a7 |
| SHA512 | 6f76fd22e4f6a86e817e7caea4cb95e5c59153b4eb0b034da5a2b0c7ef09137b0d3278d68c85b0beb7ab436e147a94ae2c8876d8cce5b151ebfb05a6eb16acce |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 78763f3e8f526a4ba3c2ec8f8235d430 |
| SHA1 | a8fc53ec613b91c12a1c527739fdfce2c766ee44 |
| SHA256 | b1cd1412ecf7061716f083b16841945f161e4b6e5cdd26dbc00bca69918d74a4 |
| SHA512 | 47bcd1d8cb741a9b67ef8ba2b458f6764d6fd5fa0ee1f18255bbd42f0baa29f85d5b3b3ab4c71cfe9f6885efdcdfa02eea61d87f7bce1dbaf05e7e495bf793dc |
C:\Windows\Temp\TmpF654.tmp
| MD5 | af3bc4720e6fb282cad0dffb9cf1b5f6 |
| SHA1 | 4844641445866abab12cde279d97a578f8eb173f |
| SHA256 | 614930ed7afcf72f6137197f89263b7b85ef51b34a4d5a31ad64943d4f8eef41 |
| SHA512 | fb43641cdb638887e81fa73b612c7150d2b42c2bf46f3f58520502bb6bc73b46645183047d84568eebbdab2e55d6446a610e2d533eb147f81ac989e0a3739cac |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\DB2.tmp
| MD5 | 699dd61122d91e80abdfcc396ce0ec10 |
| SHA1 | 7b23a6562e78e1d4be2a16fc7044bdcea724855e |
| SHA256 | f843cd00d9aff9a902dd7c98d6137639a10bd84904d81a085c28a3b29f8223c1 |
| SHA512 | 2517e52f7f03580afd8f928c767d264033a191e831a78eed454ea35c9514c0f0df127f49a306088d766908af7880f713f5009c31ce6b0b1e4d0b67e49447bfff |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\DB4.tmp
| MD5 | 804b9539f7be4ece92993dc95c8486f5 |
| SHA1 | ec3ca8f8d3cd2f68f676ad831f3f736d9c64895c |
| SHA256 | 76d0da51c2ed6ce4de34f0f703af564cbefd54766572a36b5a45494a88479e0b |
| SHA512 | 146c3b2a0416ac19b29a281e3fc3a9c4c5d6bdfc45444c2619f8f91beb0bdd615b26d5bd73f0537a4158f81b5eb3b9b4605b3e2000425f38eeeb94aa8b1a49f2 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 4bcbc2aefe75a7a60dcead22e912d22a |
| SHA1 | c74bb9d8728ce1d868c0925f08054898d5afaa8f |
| SHA256 | 0685fc312b12e812d9334f962b35522c8d3a21d3576ac3e42fe40076ada09316 |
| SHA512 | 168ab56dd0c55508c56effde6a41d04633fbcb06a6302bcd42e434087f406b67b0af0dc6114793524659492babb8b6dc322ff1bd5aa0c3ca48bbbeb629dc10ab |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | d58cf00babe93e945e736ee6b10f22ca |
| SHA1 | e30b4b94683892ac5d58822f89038a6476447245 |
| SHA256 | 82385691a53c811eab5ab78bcd62ee13b18c548a6b904e328250a30136e111aa |
| SHA512 | a39d71107d8941f8715a844adb55b2efab7bb4e2bd13f8178327665788097d3340234ad2985c017b0449ade8895fe01b7a00f3b2889b834638f2fdd9b884d238 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 4618193299f617803dbf2103779cd0b2 |
| SHA1 | bb59532519a525b14ecfbd503ed7fc0f4856cfbe |
| SHA256 | d3527195c756aa1bd4d5de3b1f4d6960dbae7b0d547440c408f819c1748dbc04 |
| SHA512 | 2ea907cf81dedaf618a31be0469a2c8a41500b71f5f8629c62741b8f6b9e6bb0335105baa31a764977553c07c5fc6c4103da3dab3ec41e930673db35d9926bf4 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 886ef3cf8240e80902b5c8f9f1a28e13 |
| SHA1 | 41f6ff653f9f40e7350f573f028d439cf64d8672 |
| SHA256 | e7eed2d5f98cd5c75f7fd0ed3013147a18938d6fae3ed6c46babbca30fc2863c |
| SHA512 | 695376bc2a90db5cda98e005c86ab0c1a0e170ba518d8f7024c6a5c1499eafd8352147644a03d45294b20fd7b273385fe9949ba19bed0f9b01498f4261eda8ce |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 3765a8b6f6055c54c6ec75f3d8f33c26 |
| SHA1 | 092e420c7ffc18206062503b1160080ce0ad8cd1 |
| SHA256 | 6fc1d2ab96da8fc538d32ff38de6d528d211b2f34d211dbfa8b768bb13c7f2d6 |
| SHA512 | c41dab23f7eaf9c741ca388d93f321c265836d1a8316d9245bc0156422b13ea74a7b0953b726dd5f95ca87572d85e7e1b8f5074aef12d77554de721c1ab3aa19 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | b57dfb08cdc4eca229c406ca4510a8dc |
| SHA1 | 5a7bec1d1ce093664044c471a1c763e3ab3f34dd |
| SHA256 | add085019eae1e4f7fb6d9d14997d6ee167b78f0a40cd3080ce6610885f12ca2 |
| SHA512 | 1b70795920a6c8b05c110baee10b9f18681b8dd1a313442408db91deacfa84850dc22b1b3408615c7af91e5c3ef3baec04fbe8a5af9f407a533e7b981855723c |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 36b2b252fd0a1c42ec179bebb6b49515 |
| SHA1 | 379c2bebcc029b430dc2063a32a075aeed59f1c2 |
| SHA256 | 5db9bb5c45c9e34dcc7e4def7c33e21de7efa45c91a82940c45c67a33310601b |
| SHA512 | 95542f07f75b1ffc206ebe046f28882437796aa940f2375fb659d5a969376f5e5a0e56a2bb56a7b2cd0e58127716a54fc795a8ea5f6cc18f381065bb9eaec4bc |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 7fac255804eb916a0ec55e4b282554a4 |
| SHA1 | 121f0a39da11b2f287fbf52c69c606922b552dd1 |
| SHA256 | fd58b879e37eb4c15623135c7bbd24c544f8831295388d80b6d2caa87c8b935d |
| SHA512 | 8bca4f66ea2d43f0b08fbe45310c1fd7965696b73f425da785d790855d84e72cc10d91960e0210ffe09aba001b4f052cde5d7c6b81cd5687e1ceee9e92d4b701 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 112b4e140ab8d357f7dcef8b29f514a3 |
| SHA1 | 6b98839d759b01aebc87f3f550aa25b4047d57ae |
| SHA256 | 1bdbd51fe13572ee39d7ae59b6d142a540b68125be540e2faa7ef639b18e2836 |
| SHA512 | aa868b0d350dd74f4b5d9a0532b791394e81287e2265227d584b24f89a0dac98aa756fef1b216ff2963bf13b2734394d9817852050a6e69d04374f8fa418c083 |
C:\ProgramData\Malwarebytes\MBAMService\ScanResults\813caebc-8e70-11ef-b70b-fa9f886f8d04.json
| MD5 | f531e0ca28d0f6586cfa98924606a80f |
| SHA1 | d665a910ba4f2e4a801e0089b5d9690ca05c93a0 |
| SHA256 | bf46dc6a5dc8365de96b420aae5b5cc480bf78fb853634dd179e5fdd2609cc5a |
| SHA512 | 88d074dc4ff8842700ba2fddbeaa5db3b8d1097a2f1ea31fb2f76f5fa99678feea68c48e653f14fef0086383bed91026fc073245211cef32ca30f1ece6815a46 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c
| MD5 | c3c0eb5e044497577bec91b5970f6d30 |
| SHA1 | d833f81cf21f68d43ba64a6c28892945adc317a6 |
| SHA256 | eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb |
| SHA512 | 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f
| MD5 | 710d7637cc7e21b62fd3efe6aba1fd27 |
| SHA1 | 8645d6b137064c7b38e10c736724e17787db6cf3 |
| SHA256 | c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b |
| SHA512 | 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d
| MD5 | 4308671e9d218f479c8810d2c04ea6c6 |
| SHA1 | dd3686818bc62f93c6ab0190ed611031f97fdfcf |
| SHA256 | 5addbdd4fe74ff8afc4ca92f35eb60778af623e4f8b5911323ab58a9beed6a9a |
| SHA512 | 5936b6465140968acb7ad7f7486c50980081482766002c35d493f0bdd1cc648712eebf30225b6b7e29f6f3123458451d71e62d9328f7e0d9889028bff66e2ad2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e
| MD5 | 2e86a72f4e82614cd4842950d2e0a716 |
| SHA1 | d7b4ee0c9af735d098bff474632fc2c0113e0b9c |
| SHA256 | c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f |
| SHA512 | 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b2a1add47884baf4966ae6a191c9d1a8 |
| SHA1 | db11df5a5269d147c67f2abe2e09547bd08aa4b1 |
| SHA256 | 20064ac3b9eb6b708136b43953cea6489b14e74921a31a34f695073c8a2a8a7d |
| SHA512 | ca98ba2b0155d7e4c4844ff0f93ce35a362d7235ad7dc9c6dde05f21c52c6161987289e8969f5d1b1894296dc9625312db50aaf031a7fec23818fe38b9986f87 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a2f44913135ab57158689773430cf768 |
| SHA1 | ad346509e43a2d6187f8b6a338640f510e70457d |
| SHA256 | 29071c5fd2dee8604d6a7558f9981107329f3f00779798a77079894c17aaeaf0 |
| SHA512 | 1181b834dda0ea42fba91721bd514de3828fa80b8222678b9fe584170bf2005e3d2d3bbcc7f5d8aa039dd79493c6546c6840fc5ca1115cd567744ebc3734fd62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022
| MD5 | d8ad625c3b6ebf71c6081a85f887e6bb |
| SHA1 | 379f10b8da67d19ab8ad932639a7afd4975c964b |
| SHA256 | aff84929e57c1898ad3441f3fc7f850d903641cff756ac5a86baaefb33145db3 |
| SHA512 | 41c690dffac3a8dd4cb07e61947fc8a0d966d46c6f1993c6cc3156dc89f34dcd0b1378e6afd60ec57859c27dd01149655cecd642becfb2bc986f351f7998a271 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c3d772ee65fb3eacfee4e9d2c8e52c9e |
| SHA1 | 051103bf75a90596914ea095f0cc3438cafaa7d9 |
| SHA256 | c48da42e21f9a12d9496fd8a9a99925600678034526e2c025816b7cfd30308f1 |
| SHA512 | 3d3bcc6e2e0b2a63d814a2d7dff8639d896f39cc5c896ab3eadfbecc237e2f3798be32400324ae80c8becb9f819be6a1ee11772f5a68cb8fc34c99f5b44afc19 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3edeeaded18c43d5a2e9874710e0f26e |
| SHA1 | 878e1f66895b03e6e70046310756be2a7bdcd0e0 |
| SHA256 | dcd89cfbb73100b152f8938dc5244a5e55a7cda7cf4b703d7e458400294b22a9 |
| SHA512 | 644ba99e65416d9712f1bc611477e7c69326bcd6b51a986a0eeccbf08c33e10a7c760a192845d3381bea8df578ee4d21d75730c761f65bc5f944aa7b789f93b3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 07d9dfb9e5b2d440ab75452f8869afdf |
| SHA1 | 5703b1fccf644b7d545493dc586f6f45c495fe0f |
| SHA256 | 7779b8699470d09e9b731c10d560f5c82b87ee5438f61450be8b779073523be4 |
| SHA512 | a187248c5edb19d3f72ffe5385e9924cc8737d3213da264e6807aa84c7609275adc46312a621ee9d54cc34f63c48176960dde5e6951edddf1d367be6bfa2c9a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000079
| MD5 | 070a4ed814a1eb3ce6f40d5c5f095096 |
| SHA1 | 6037b9e6e679b31ee5f2b28b5cd5cb8982bc7048 |
| SHA256 | 8fb466b37ad64bebfcff27fd80f4b50818ad5fe6a12b0a326c91e450a21ccfdd |
| SHA512 | 44772a053c1009990c24b654e6da16a99f740c3c57407f54efd3b570d0932565b6faa5af19b094ac58b27a5def4f41c2d191f6dad1e185e168f4a0acdcef1686 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007c
| MD5 | 6c2375c37c399ecc1e5bbab801e83b91 |
| SHA1 | 3df6993c14c21e6a3d1892e2d23f9e66f0c4159b |
| SHA256 | 79a3c738c95d960e36ea62ef426f10605a7139ffb9332b9a30101d6e200d791e |
| SHA512 | 4934be4e5b5e046a89e86dc349b1ea1bcb76a48444afb0a31c3fecea9beb40c2f74b1a81cdde76204e9dea24a916f4e05d9298dac52b4acbe66b368d9c941b1b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007f
| MD5 | 199f79a72fa4db905e34d8fd2acd8b26 |
| SHA1 | 207fa36cec7bbde8518de3e4df4237236b863b36 |
| SHA256 | d199ba0ba3dd14a6fc68c19ba649dd1edc37d6e3fc3ede0eee6d767c712890ad |
| SHA512 | 58ba0dd1b6955c1808ae3c5b0803a5cbd4535881946ad15a479ff37ae194e30e72b675d049ec07b25ca370d6902357b9b4d203ef5a541745d425e4ef8d11b708 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 02dc2bbb612e1b74fe63d807e692c29f |
| SHA1 | 0428489e293a6ed7bcbf45ace62a726789801fe6 |
| SHA256 | f79e28b377c56774cde57d25a1786f32f4c0593207b7b3ca381699fedd556796 |
| SHA512 | 56752aa1a1798f2f2491877490891147461bcc037107b03f5dd2f72e60033cb2ba4bf845adba55d16e2635d3875c6f681e3416654bad5f12132789acc29fc3f4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 4e68ecccb0bbc1b74a9c6184132a5bd4 |
| SHA1 | 4812cb240c29aa789013b78e4769e6a88bdf25b8 |
| SHA256 | 060691e6e8c53df5682eaad5f387837c0a1aa0211a71676aa9130aa00f437d51 |
| SHA512 | 5b656dd980b834c5151ef74f8e7b556208bb74c5159bc6a3b25ff0287514e8785cc514b54fabbe2a5d04e4677c2814310d563bde51614cb733a67c2a5d32718b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5d6a94.TMP
| MD5 | 39287a6c28c46ae70c1d5bd1fc3e4de4 |
| SHA1 | f881341cad7302c8181a626a9b458ffa6c884550 |
| SHA256 | c8044d6d7fe2f93a78b47da3cacddf0e9a3fef6997a31ed550c3eabec679fde7 |
| SHA512 | 9cbe61a46d0dc58c84b45f6731b3c5dc8dbc310946204b868d7130f1787bd983fbe5ff9d8be6cc63215229479d9c7cf31de4a6707d9a3681b868a6c1776f931d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\8e7094c4-b168-4869-81b0-70f611f0e2fe\index-dir\the-real-index
| MD5 | 4b9a1c34cebe60c567afcae967b9e51f |
| SHA1 | 3d83541eeb21a555f7a0f24be66a5de85948a074 |
| SHA256 | 488db9da7620f675f3bd9672bdb4a254486d1a82043340c844f142b1507bd984 |
| SHA512 | 930c563758f5b8e0631eed1855b46021f579c2296c0440d1e242d38d1262db35a3da2e3c28cbefbeee38a8a8196d0804538eb6ce64c6b030f485bee0666683c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\8e7094c4-b168-4869-81b0-70f611f0e2fe\index-dir\the-real-index~RFe5d7542.TMP
| MD5 | 230a5d822f72aef76ffa7cc2897cf2cc |
| SHA1 | d7fa2ce4782d0838f063471011bca93391bda1c4 |
| SHA256 | 78f5e180d27f0f2fefdc942121b8127e4eb15b81591a12eb6e205a3465085839 |
| SHA512 | d1b6ff7ee7ac14cc9151d8f40a3e1b90252b64c9e59ef249a6c21063b3d45a91f06db30de17774ef5d37520e909ee551b5a674609bcd0c401d4897fc88a08975 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000080
| MD5 | 8eff0b8045fd1959e117f85654ae7770 |
| SHA1 | 227fee13ceb7c410b5c0bb8000258b6643cb6255 |
| SHA256 | 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571 |
| SHA512 | 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | af8adc373965e705351bcf54ec674559 |
| SHA1 | f4b1a43f7cbce9f7f9d383faa4a5aff8491891ac |
| SHA256 | c8acdc731389f135c0ec8e633c0897f587145efa831f05eb5806b6ca28a0c7dd |
| SHA512 | e950e5f5bb241b48ad1413535379b8c296198db6689b3845d9dde5efc5828b6c528c28e7953c28a39c0a1571c06bdd215ef52fa4b980f2e517186cb6d0a700d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2be96231687bec25a076e3d1227a7125 |
| SHA1 | 349e9f88d17f066ce9d4ac28c78a3ed109efa74a |
| SHA256 | 931ba23967cebfa5f5ecddbad4d77bef90be74fd9f23ab4d7f5ca3a5642771af |
| SHA512 | baa763ba6fa9eabb0e196cd5cabb33f5b873a3c193e05291e61a8037cdec0e45505e97c2c17561e4a134b9a781d7c69fcb4575c43b3a4ca9d25303179f50622d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | edf333e4f5151f38a401b5f2126a2529 |
| SHA1 | d7d25ab3be1b913afb13f169681c75b13eaa2ddb |
| SHA256 | d647770da599e8c688aa6ca7ce454083e684a809125a8d5fd47182ea31c4af5a |
| SHA512 | 939262fc35e4824371e4b491356f717b521cfff49b635be7b0a56a25d9e345ee3f1dac1e0d47412a2241598adae202426384b79565668acc74cc57b213742de3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\5ab34870-caa0-406f-9d3a-47bbba78bbb0\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | f4939d46fc33241a8912e3978a42bc43 |
| SHA1 | 0fc1b4505dbd8b1634394043d88955b433d82ee7 |
| SHA256 | 00cefb686b2c148e26fed8f78687bdf95623a07919ef2ab9078b80155441df0c |
| SHA512 | 49a339325635d6f41b7be8e6ff722351cf499ea212913aa6e441a9b66e6fdc67c700a03d2ecce786a00c6561a978950636883c7e1d4b415ca8c5a82f6079e3a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000086
| MD5 | c83e4437a53d7f849f9d32df3d6b68f3 |
| SHA1 | fabea5ad92ed3e2431659b02e7624df30d0c6bbc |
| SHA256 | d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb |
| SHA512 | c2ca1630f7229dd2dec37e0722f769dd94fd115eefa8eeba40f9bb09e4fdab7cc7d15f3deea23f50911feae22bae96341a5baca20b59c7982caf7a91a51e152f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008d
| MD5 | c53370008109e08c3e7b22a84ff1aab3 |
| SHA1 | 1e8d9eb35d38953b54df0e96caf1a9998e9f3271 |
| SHA256 | 2ecf65278668225f10f3a1c72a6d24223a1fe0a20d324d308633265824fbf9a0 |
| SHA512 | 921c88431ed203699ca1e04fccd6407b5f2ce101e39f96b024738d170f8fe0ef0b6fcff280eaa551896179ab8192f4208f61e71399b106282491a97821808f59 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5db9fc.TMP
| MD5 | 47f63443af5584986542ab3a1a38270b |
| SHA1 | 30d745979728b73e52070509042b7079e3a5b3c8 |
| SHA256 | a4cf5c571fb192cf9e4bbc10f01612842cd53e867d0f8a743d15cc2e66eb3fa5 |
| SHA512 | fcbde4fea9c6f514bec7893c1c2483ef126d7bcb7c765e12a79d92b316220ac086005403abcb9043d696fda5cca4c0df202ddfd1778c44d81701189a9f045366 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | d4504057961e4db4e9ed87e6bb00865e |
| SHA1 | 70efc148eeae6d830b42fe722107ffb54b491fdf |
| SHA256 | e279111c153a4291530da23b5d7c3bf504012b32240088810da2751823eb3953 |
| SHA512 | 59607370ad7e9fff337f21788b47789ec1dfe6808146d0c08b7b5933980be02d9538705741c8b310c26c4b5ff8754dbac89cfd567d9b25cc6ecfb998c1dbdcaf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5d286cb69240d1c010b4537af307c2df |
| SHA1 | 9fe6da0a181f2e17a52d3c6f529048dbad77a44d |
| SHA256 | db2e9d6e5347d8a99d5efafbc39d00357d92a12717fbb9339e39476584a680ec |
| SHA512 | a3d1be751e5c3aaa5422c80f56fd60339dde625518024226227e5aeb8ffdd2f369445dfdb724048f2b9d6171ee44a3074042b79f5c4b517b06ee9143dbab99aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\8e7094c4-b168-4869-81b0-70f611f0e2fe\index-dir\the-real-index
| MD5 | d9f7aaf27db021d7d0d19b86c5f984d7 |
| SHA1 | 66b4ba44e7fc80d10ef43b3b063617c6f6ff5015 |
| SHA256 | 4e49f07ecae5fe22eb45e898a85e91d3d71e8cc702b630f72aed6b65dca4c573 |
| SHA512 | 50cd12697e5b5b67edcc6367f7ad50cf5beec0aa7cdf15415f3655cb25527e914bd3952c987317e89c93f3fdcb68b556f69f04d5d90863eaa9daf968e1bc6efa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | dd202a8fc3a65660e9ebee7a7ec85a71 |
| SHA1 | 7326b73dc36443d5b79f2016ed4efe651c32cab7 |
| SHA256 | b61be59d2d6788c42a70bd71de38b35df85ff9302a01065339b5633afd741694 |
| SHA512 | 695b8049d44d13c194d7d5593c522f399c63871464d50b400dcc62bc180ac3a4a75c910c7f1bb1c0440fd24525e31d37e49b477c86f89d9e38f7d28b7162a574 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 49e6e8840b7683cb89255ef0722de25b |
| SHA1 | 148a881edc7675ba23e402e9077e817e0b016ec8 |
| SHA256 | fe1a8ca75805ca6217bef9785e37c348d77d3040bbe42f9b707f17e4ace7801e |
| SHA512 | 1f4412adc704af6c342e82cf26d910a1e25c455d230ab14ef582e0a95bef60b87819d713a2beac0e741e9fc9f6f9fb007ca8ecec547198c4eeb6406b8264520b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | deee743e2b4ca6031397208868340a87 |
| SHA1 | cc61b3cb3eeb324d4da949af05c75adcdc6b9044 |
| SHA256 | 18a19c1689cdb3c7097f35ce12c74a1642f8d7ef166819073a3bf3fb37e28003 |
| SHA512 | 69b515af3cd06a50927efdc9dee765df2ccb94fc21eb11878b0da557fa194ad727e408ac055adb0dca52d869876d841a9c959a1a45e21271ad9fb7051e108c3b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4f4e1c5ee57602faba7091cdb454b7a3 |
| SHA1 | 0661155d15992da1f48ac161cfd29ade2eac629f |
| SHA256 | 8efbd051fe5be17084dd20dcb0f28ec7e6ae182aa1e8c9ea355044ed345889d2 |
| SHA512 | d0ab4c296d0f11b8352f1950c1f21e2610d7dde214e6f97aff2ede088e08bad78dc0de2d66db18d8e2a9aaf605b26c002a8edb0bf4e8403ca51a43f754145d25 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a130c37f3c3b78fb8ce4fecb070951b9 |
| SHA1 | fc067d5c8b11fd442210c17700d4bbe4581b405c |
| SHA256 | 78ecd2e636e83f840088adfa89dd2a25be89744e72e4c1f76435136f6f958f94 |
| SHA512 | 6d4b38ea08d96f142b20065b12cdd2cf35bd1b4640b99e8351fc96f151e39a90ca6a7a7cdf2f8dd6ba4750a0b97b19c543eb3b19ca8f88c8b2f19cc04eecb58e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009d
| MD5 | fb5b1be45e7d88169e362c848ed1f51d |
| SHA1 | d6dc7f098997f761d1e99a55a9daad53b546cf68 |
| SHA256 | 6026dbd187f864e3c446065eae3587ce9ff8b9196dd553c342fb1908b0f98575 |
| SHA512 | 8abb63c32f0108754886faa80eafb8a1b14a3ef572c7cedecb08cfcaa151a573ad9e90f982a0231b681aaf212d6a704e0c72589a9004635a3ecac17d3ff95331 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009f
| MD5 | b260d9307e722bed876127066ba7e042 |
| SHA1 | c16e607f5092a348627631d805ce8c77cd00f01f |
| SHA256 | 6c4a06e11aa5fb7b2e8a414617a4246bc0ef99d033bf2a42396936acf26f5877 |
| SHA512 | 6265850d378c5250dcec1cb728a1aa496239533257ae9b252fc81424747f0caba5375994d14fd7c62ae07ea586af3c57fd7bf3917c7f645027fd94043a1a9d97 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a2
| MD5 | c0cf3ee0d8e9c832cbeafbee996bed47 |
| SHA1 | 15d36c5263f4a999e8c2f6626a979540dff85ff5 |
| SHA256 | c210000720eff4a9cc08da70cfe3120e13e222664f8dc9a7c277bbd2e56ba6b6 |
| SHA512 | bc97fc0d6bcbc55f5663ec12aef8642f1f4b23ee818ba13c4fe35d593443c51327e14226ac957895bb6f9b2f79bbac7cfb6a487ae972f4cfc5a454303bf8196c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d336cb4f2dd693241cdf66b78db16389 |
| SHA1 | a20e9048652bd56d41d2c7a03a4e28712e5964cf |
| SHA256 | 535e87a82f592357598c51707b3d004538c538c21701a43906331255a1d685ae |
| SHA512 | 9ec4fae80235b81f2702f3e27d921931e8ac0d5daa5dc2e755f0bae07c6c41f083e963928913d41c7526d23e673973b05934f85e4b775929ac30d048fd23ac2a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7f7424dd1ab48db16cbd065ed730d4b7 |
| SHA1 | c78c9c470f93f9e085cc53d3ec7aa0821676423e |
| SHA256 | 239f5412e32856dd7b854d6b1da336b4a3308b524f98e4637c1b01a3f301d94d |
| SHA512 | 09ccbf88e873a954837ea014e575daecb6bc57b2ae4dc8b6f6556ee03ad5494665984a4cbca8f070073c57d76d2523c5af3e51462d2ed671b6fe93cad9de000c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000092
| MD5 | 8e22a049591590445f28ce370ddebe84 |
| SHA1 | 3e9d70d3be12a7daf4b2d19d7e2ea003ef34e511 |
| SHA256 | 5ac40d532c33fdec400cb73752419d95f8d1f142eca8d3cd4d2804d249d01190 |
| SHA512 | ee130e56a9c3b0e913935ef05df3c1be1d2c2ad8f3d327f7bf897845a19953da188d3217ec8f5c94d6c0ea01ca0015bb43709c1b0273c0d0cfeb177e44c35f0f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000097
| MD5 | be3e266808f1fe250445cb26f9fd5ffe |
| SHA1 | 07a6048cb6535d694cb6cbb5768e35a4ab6e9fad |
| SHA256 | e374bf25be263760e5c583ce715150392f255038d045fae4199f9a13cc9cc03b |
| SHA512 | ac01239c16115ba2a04e023daa4fdf58a9865145475f39c0ba16fc290f45fccabab955569add0c2dda9828605098f98aa838efeb2245bae3465213147f52599d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009c
| MD5 | 0d40cc0f3824ccbde6c09c8beab40d54 |
| SHA1 | 9326ea59ca12ab324590c3836a1351fa81780e18 |
| SHA256 | f2fbcd670a6128611eb271472b4f2fce414ed280bec06d999382dcd9626a2c65 |
| SHA512 | e5c62de12ada6ebda0b1389cc6f1624244d7b1c4229be066cfb4f8ddb63a2eb981ca571c0bc0f489f238968cd00362e02285268bb8322342f507284f4d65f605 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009a
| MD5 | 20751f9b982921e2885ead917e941419 |
| SHA1 | 282dd851f1a192be4371697b98358489c6689c9e |
| SHA256 | c7daa645a82277c92bac8e56c72dc97a6fdb71295d7907023715654196ae7315 |
| SHA512 | 12220723a5bf42f79daff5fa30010bad1becf7d90c438f556d6a06e340e7bdc7f116593f6e30dfb42f65b432ca393a22af3f351ebe620d4140078dbedc63e62c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009b
| MD5 | 50f7e04b97088f3126fc3846fe4c0c39 |
| SHA1 | 2d67a36e97c91c251e0da221e2f62b0926b43eb0 |
| SHA256 | 034c64d4036e10cc9a877dd10c2f313261539322a4a8e79e1fa497cae8194199 |
| SHA512 | 9312d5500f288a35b015308776eaced47c193173247268445b4a7e210b84485dde3e78609831fe0092571d953a65084e39939e8202cf3e4643536116509679fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009e
| MD5 | b0e9e0a1ee9ea7227c7de9b326b92746 |
| SHA1 | e99c34a4d38dc5f9bd6c275de4b87be9694bd3b4 |
| SHA256 | d1c2846c6674f76d5a21e2f54f64994f6bea41286f27d57c4d26a0ae9474cb09 |
| SHA512 | 39ec30ef4a70e9f460fae634628b0653ed155ecb22e67dcfab3c21d0aa6a17ff64a194ceb2277e358af9c83806f0ba4e2fba2aee88204fa9fe28b0f5f1593995 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a1
| MD5 | bf899cc5ba60c522341e4d712a5246bf |
| SHA1 | 2c92c54c9919c8b81b4e77a97bfd4d8f202e1a6a |
| SHA256 | 4f8b9bf1630c24cf17444ec093052451c370c9371212db74b4bf8b4fd71a2817 |
| SHA512 | 05a5de1ea4be9424070376fcc53916ab8bae10c239a5d1ed2c533b889b067daae83e9d8386ce0390adcd9ced1c14a436eaa7f19287f23bba8273afce87ce9968 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a4
| MD5 | 857380bdd608ccd7a0487dadc8712109 |
| SHA1 | f1f0693f09be2fb82818ffc390c812004c465f77 |
| SHA256 | 5daaf19dd0820d8cf8f1aca4fe3aa343e5c5fb67b166a2898d9d097ae2b4a92b |
| SHA512 | 96fa6298ee7decd7c4bee42b8012bd4d5ae0d551fd2c8ff2817102c9a8392d905069cb8dbc92853b860b5715a34f829a862d9a361eb5af676e9beeae2c3ae26e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b1
| MD5 | 2e5e9c1a2fee624e54e5b587d3171ba1 |
| SHA1 | 6cd4cebbad91160cabe6decf75ed95c201efba74 |
| SHA256 | 902c6abd03c47ad692fb87a6abf5e435cd5414dbce04b09fe7cae57f678b9502 |
| SHA512 | 76c3b74c4060c406b155ff04c4328caccc641fb209f5c78e00107d8c0c0bc2c436889c08fe6ef54120583625d0c6499fa432662f8d34f85b181a27840c4415e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b7
| MD5 | 9c6b5ce6b3452e98573e6409c34dd73c |
| SHA1 | de607fadef62e36945a409a838eb8fc36d819b42 |
| SHA256 | cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc |
| SHA512 | 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8d4e9d69ebc3e51e88f6d0a8cbe6d907 |
| SHA1 | 68558dc84addd0e203fe678f41ad41b83f547ea1 |
| SHA256 | 9799319f020a57e10a67cd4ec661c03bbbb7923320b544c3f5abbce103359fdf |
| SHA512 | 0e109449a38e397fe2ec3947980b3f0a8efde076f81fb1bca5d7db1ef8a90343deb6a623c2916a20f11c48316583cc2a7e41713f64ec631fc34f6a72a8176603 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 86c7945066eafa36245bb52a7eb1724d |
| SHA1 | 64b6a771111d92c06f0944ed9fcd11ae09ed05d5 |
| SHA256 | 349cf3e8bfa188e660eeacce05fc330a2c7363851589e4c9fde38f7c0b40735b |
| SHA512 | e83314fd79372d1bb60bc560ff2a3bc37d8e612afdb7d30c6066b4846f87c61b1fc1439e9d9822ba88bc642fe4af879146ace5e5329644907b36dfe163f7fff3 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 05a0c43f2dca0aea626b33b0f57ffe88 |
| SHA1 | 5192ac4dbac3c5490c1c7ca2fad92bf227b61435 |
| SHA256 | 0ea41cef0b07aa96449d0ab4ed3d8980070a152cb835b1dbc329d22ff11d5598 |
| SHA512 | 12f74cfffbe304e4d743037b2976526f8df64468badc0183fb793483624913dc1d447129921ecaab598e5b1c04f71217b7204026af57a94a0c46f551eefce24e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\1ba000ec2cec543c4e27228d4cd4aef8ae1e8408\f828c7f9-3877-4ba6-8429-5cc266c4f665\index-dir\the-real-index
| MD5 | f96f9f1b0c5f24b0c43a6d3de034d879 |
| SHA1 | 01fc0520b541f8368d19d4f870b2ae6b049b68b3 |
| SHA256 | 400a721b860bbb8735ce4bde218e440c0dac6423625df7eb6efaab4d6f3a3b83 |
| SHA512 | b1efe1b3e58700db37e619438f6e420259f375183a4b3af993d0c64c1851af23023e8093daf2ed267f67092d8a2f7ca97c86c64a49dbf97ccc64aa4673030571 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\1ba000ec2cec543c4e27228d4cd4aef8ae1e8408\f828c7f9-3877-4ba6-8429-5cc266c4f665\index-dir\the-real-index~RFe5e91be.TMP
| MD5 | d7d18d115bb8bdf3ee07cfe598f65763 |
| SHA1 | bbd604589ef5360cf80402da2128a0501cd83e1e |
| SHA256 | 57834f5123160ed8ed8dcf7af490ed9d3f3aa751cb074e3760bf1274001fbb43 |
| SHA512 | 0687886b82c5ad08b0942532c88e8f55407ec944bb55dd9495b41371dc571921e675dee44882e9981a9c58b742197b94114d7a5dbc8a0bca3449ce6c1cd27fea |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 62ea333486380c861e1e961e3e9ef736 |
| SHA1 | bacc6d238e495c6c3abdb95878f23cbb01230ff9 |
| SHA256 | 7d7ee338737883829430957d519d1ddb5b6056257c891f51649326a4da04e2ab |
| SHA512 | 09f0b859ac2a4dba1de5526ab57de0ab9f72ef11c3900469f4efebea4309003ae0843b0cd8b022854d87d3e296af2462d09de40946770e085e9538dcda42b42a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\1ba000ec2cec543c4e27228d4cd4aef8ae1e8408\index.txt
| MD5 | 310e55bf531349c1b80bbf33bc942890 |
| SHA1 | 7d8c1be418015c81656c635ea9e0a6618c19f16b |
| SHA256 | 30bccbc41ceb244e2ef0ed252e8e6be591951ae25c14a064996babc878c17c31 |
| SHA512 | 3d79b76cce2178e8ee3718c76806c9e4c4145c26775798514dd9423620b5c16a089b527e3c04592f775e9ce7fde396052731706dbf55ca3d73740c63d1241beb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\1ba000ec2cec543c4e27228d4cd4aef8ae1e8408\index.txt
| MD5 | 25c2727ef05c6b8bd32d244f5f76459b |
| SHA1 | 47fae2f6a372a538e2540df14aa72f89a5f50d8d |
| SHA256 | bf305a50a7b152cb52715642a1abfdeba36e8a23111facb328fa39249e313bbf |
| SHA512 | 209aabbe92e3965459ee5bedf3dfcec2370d5e53a0904569815649fa31fdda124b366dd74cf9364bffd8cb6c2feb73b29d8882927a6319a6c1a00ef19da68033 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c1b0dd30d31a5b713b0dfedb786ca163 |
| SHA1 | 2e69f03f0bb086f2384c27768064d77e7a24ea3e |
| SHA256 | e5aa36f73ab6b6af0ddfdef1613f32cd76e6f3f624906c10e0d99e512bec6f74 |
| SHA512 | 60a3af7c976e902142e3e71f4882e44ebe8d2d2c0d9c3081ea12e31212ba1d8dd22eee97fcc3129542b2aeed16ac46f8a5a8f70688430e0158b1416b84b828a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0bbe00d9bf7b798e_0
| MD5 | 252db6c0a42b806698101685eaa134eb |
| SHA1 | ff968a29149b267eda389fd35fbd17ad9ee1089f |
| SHA256 | 9726523b0d02739ab53cd3d39b1b2e02db276622c2cd34d8d341920f349c4a80 |
| SHA512 | ff0d68285b3e8e3ca4232e95c75f83f345ae627f23875a91e5ee7bf6c5bf535dd39556757250190654d2ad810e7277435401e84548695e8a5f217235d19c0cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5dd1e579c9681f95_0
| MD5 | cbe846538243a27161ce63434d3de384 |
| SHA1 | 3183cf9d95b197633b20dbfbd5a64484e31d8cad |
| SHA256 | 7391fda39c99809f1e10beea8853f14c0e1a9a972aaab26f7e3d1fe58f1234cb |
| SHA512 | 83cb095377f3b2b2bb72860ff05f7f734701242c46c0241bb5d0d0480e3bbf156ab7e9b854ef3f8660a6cd7ceedc465456cfb99f2ff50cc7331e4837316d1891 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e55f0a6d1b533c66_0
| MD5 | 82eaf53bf8be665470df059769f4319e |
| SHA1 | e3b3edf88480d079f8854882c8a960cdd9e5d8ec |
| SHA256 | 4eadd4527255a492fe19b9df9f20d7b33641b5049ebba1a4661bef0b91598e69 |
| SHA512 | cf1dcfe857edd8a36428acf1aade17b9afd78e01f096c3ad8eddd7ddd3353942d77ab2ec2825163809e54ca13fdaf06e7baed5ab43dcb2d84e217d4a2557d082 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\03eef0e77feb64d4_0
| MD5 | 6772f30f6cb0fa11773da76c69430998 |
| SHA1 | a7c84f29bee00b3e94327375519357393014f950 |
| SHA256 | d288c26d5e36c585e37789b1482fd4716694935c6c64a895508a1917e9268ead |
| SHA512 | 040878c81263cbfbd6bf3338bb87e76c4a3e8961fae7605399b370dc14f8dd180a227de95fbda77bdb50f620740b3710d287d01da6846d3cb03de7c0fe87b1d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\635e64b37935c888_0
| MD5 | 82b585f739e51109fb9abe4fb0a76215 |
| SHA1 | 40a6c57b4651876d8e49734abe852f6ed4b251fd |
| SHA256 | 5c6e19e7bca6f89d3a0baf7bb11c0a8fb924bb25aa848665cdce2f7318cd3b5e |
| SHA512 | fd002328c3f18a10a386049f21cf9c2ec7753702268f4328afed2c855f9c75b18d3a9d828ed82e55f9ca59d09f86bde4bc5b7ed96f7430a652a30e6407daa81c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5801d3329fb36c59_0
| MD5 | 2a5859b9504db464ad1cd00b0c94fbbd |
| SHA1 | daf63f3fc66b5f3e0ba8758ac0d80ab12ba70335 |
| SHA256 | 203aea44e731b106a84a3cd9a6f5bfb17fcfea215a0a027a9fbd48a8b2afb465 |
| SHA512 | 84d24e854c8da3c5e3bcca675d984d5408ec7f4f41a966603e9654b7d316e1715ffd7dda25de9bce6a03673dae0676dea8e43d5786981e2bf587596592797ebf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6aa9a2943612cce1_0
| MD5 | 67e55ea5c9732e32038738d466e4130a |
| SHA1 | 7230045b7bf84747d06169a6e5e5d9e569e41264 |
| SHA256 | bec3cf7618e357b687c49fb8fac15e057a0301fc422c9df75b1e3aa6a27b183c |
| SHA512 | a63c17b7bf28c8adef672e2cd5eaf158e4ebc963438b5c3a336b3cef11a96925934c80d8cea494c15288a4954ff07b0615d472ee2af8af3010979a5e7b724165 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa4ba7faba93e196_0
| MD5 | b444c90f0e723ddc5a131a2780a8d434 |
| SHA1 | c1ec11463589ead57d53022379daddc6d5f1c0a0 |
| SHA256 | 3cd15c67bedf24d08d959d20b510a07b56bdc485936bb055d6f7840ad151ce8f |
| SHA512 | 8aead485f1f343675b6a49c352fab39d7a8a99afa1a96b7c0fed31f8b27763b47e1a3340904c7ac859f519905eb8c3e49bfdd879d9626ec85b1499619d68a4ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\580fd9376c2d4a3e_0
| MD5 | 3662e7b197ae2d3aed132cf66db0f080 |
| SHA1 | eeaf21050e241caacf63028c995f5b7263d30f47 |
| SHA256 | 80620785443e3afa49df1ac592d43026e409129206048c59af5d51b8d8028079 |
| SHA512 | 9e375a453cba72c2ac35243ab0dfa2610bfed853c7df4b9029e13c12584234661b891854646367472e10f688bf73e32d6ab4d94b4987fb001eeec40b7c66b189 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5a994fe24b451732_0
| MD5 | fbd4190b7a7019d4430914c022795d2f |
| SHA1 | 274821f8efb1d001292c36334bd87b465cec378c |
| SHA256 | 75ccd0a0d0e492abb27ab7b96beeb14911982b22e42aceddb7e1666fcfae22a5 |
| SHA512 | cca7a1b0cec0d4eac494fb1d68bf0f442bd2e29feb6fb1fb0b1a32e1e78898905fe9414811f4ca60e57ba3252d1c89afe2f3399f92a08e65de1bd6de27133cda |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6e1427d19ff38087_0
| MD5 | 28e7656a798720d49fd0dacad35dd9ee |
| SHA1 | 9952be7d2439e91fe55bb9d2fc07638a673cc17e |
| SHA256 | 4c314bb9825dba9e513ca3bc91671ed2d5d79ac7eea303694264ba2e55ace0d9 |
| SHA512 | 7a2a6fa24c4777b0faa8ef00d4f23ba02773d5ce13b3c6ab1e529b037f50b75c8daf45b1e569f5761b566fb6fe770b1a17d3ce486e6f1186ee1f3271e7b40c3d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d7a29efad91a1117_0
| MD5 | 7fe9e27d4b78dd3994b5c676bfa57a4b |
| SHA1 | 94d6df0174115c2cd9b99a6584965d11f48c801a |
| SHA256 | 81196a6e826a08dd58f10499882e234cc391eaa82ea73ee8fd0b3f93e462bd1e |
| SHA512 | 3d3f50711d073cf4d3bb6009bdbcc3d266cd92209440e57d95b9b432154d44f4cac56259c1f0c7a9251e6fab6aa8afa69a7ef5f83e9d7cab9fafaf5d095cd642 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e52aa3d5be04b7d7_0
| MD5 | b60bbfc68d79f51d2e5539f929b7d111 |
| SHA1 | 7fcab27380bff91d95a60d236b042d14cd1f4447 |
| SHA256 | 8445de575724ae6da5f947aec77dd1ee4c00033981e55471216b759acb21b168 |
| SHA512 | 1e5bf1e2cb2977fedf0ef9f56e6eeec485876b14c5f6af83d3ef71c39c07b847d81535275e9ec403df99a80cdbf1ac133521d5c2673a3ce3ef222f2e575f10d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\54c70e8d154012bd_0
| MD5 | 6f8c5a953df7b5e4611587ef71d4ecab |
| SHA1 | fc5d7d41a8fd9609132c3220590d372713adb8b1 |
| SHA256 | 683ab952da3cff2ffbf2f873d6c4adb00469470bf9ca12362e14d86e36096589 |
| SHA512 | 89ed9b4aa1eb284de42e7bce85093fbaad9c1c23f3342e88addd540ee33975d75215faf7e5185f3d891553324aa81ce4e745b698cd21668ea8dcb291ae8902ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ee73a31bd0cce7d_0
| MD5 | 422609ad3faf588add021fc737860739 |
| SHA1 | 37e2c7ec1883227164f31532e3fd77e881a657e2 |
| SHA256 | ce8543ba15533aff8716137e3d8359e021709d83e6c1e5d759b1830cf44950a7 |
| SHA512 | ebd0a470c494ca63b020e91526b05bf578bf1fd7150f17b84b395a9ae318060e822be3fdba8a1432d243fd8e54d7cb25be69a1b1f04f64f539d753f15cd55f37 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0
| MD5 | defc5f5ebfe7aeee8f76acc1f6260cd5 |
| SHA1 | 914476b61c2cbbf223b564bb68dc1b7ed2e0c13c |
| SHA256 | 94f4725b65116b116ac34c2d82d2ad48009fd2368f203a8135d7e19e00a01b9e |
| SHA512 | 330380276437eb2bb3b956935747f7a092c1eec5cdc4a2ee081891f0dc120e9d3fec3c394003c901afd71e0922919d03dbb3f94397dc37eb46865998d1180855 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a267b7c21d8b8c9c_0
| MD5 | 66438a1e1e69e949e4e9cf5fed934960 |
| SHA1 | 4aadd62984c33e3dc92282546f41c3c2accbbc7d |
| SHA256 | 3de62dea24e9d0059d6056843e330fa758070964f926c740203e33307ce9c2dc |
| SHA512 | 46bdc4ee88182401c430e61905487bd89547a7f782d961c198be5c9b7386549ede3c0595d2ebceace287664f1311ff5c74fc48e0ae454b9dff1f8ef31cf5a8c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bdabfb585fe33a71_0
| MD5 | ade926bcda60e311dc15336a96100411 |
| SHA1 | 02264972ab4a29610eaa6d3552c86457a57631ea |
| SHA256 | e27114f3e1a1ca9b3f4f4d431ddcbaedbfda6629b68d962fc00984e457d842d1 |
| SHA512 | d498c01b34b49e787830e0762003bb96129df5a4756ee196f173d6d36b6974c2ebd8f33afcc4c2eb506a71a0caa148c93832ee2b5822324b24d9d7ba826feff8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d3dbb3008455b523_0
| MD5 | 856401327c168fbf873112db623f4f8e |
| SHA1 | 0720fc822ebb5ece9f1ab9a21d906e55eb0b0dd9 |
| SHA256 | 46c51b0e337fa147cc34de5003273d19c5eae3bdddf27528cb2b7cd3ae77e6b8 |
| SHA512 | 17d377af47a2eb1a74bdb36e9c98d75061746fc1ce2159a764cb959e83c995bb7261189676a6752021d3180c04fe2f4b1d723e4303b016bf3883a052992c0e8f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a09f6271ad0c4092_0
| MD5 | 1411ae51f8af399a7839b752dc6db4b3 |
| SHA1 | bd0f369decf6e92cbefa3bca4304ffd48f7831d4 |
| SHA256 | d71da6b87e4a5e1af76615cbe759aae14438103355577ad39b9318fa6bc64bcf |
| SHA512 | b9196d450976ec079d467358d5ce78b2531644c9ebac6c5b904dcc8da199eacb91f528864721b7e39aac737f5aa9de403c0c0404299f00d922ba09d35bd1d4e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7a66a1246c4f29f4_0
| MD5 | fab0b4ef4a77093d9cc52a83cda7f31d |
| SHA1 | ddabd7506dc27c08c56b383ab1cce39c7b4be4ea |
| SHA256 | ac0b9ed6344829285346da6f2a41f47d14e1a4817c348c7faf89745fa6555f7a |
| SHA512 | e7868806f5a572a72d52251466f604531d93d982eecff66ff1bc995c1b7d27417b10134443b6e43f25d961f03c6b14745fa7a2913db1d7f049561b5403b3bb0e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9dbb949d27873cbc_0
| MD5 | b6e52fb9ba3fd83a159c2921bfa5c8f4 |
| SHA1 | 15ba97cf63ab588b604138f1ef84dc2026bf0884 |
| SHA256 | 7baa6a0794689202d82e3762d4e7607e207f471a17e05626133a9237398b936a |
| SHA512 | dd5bf19ccb9ebdab40a17c2008ee0c04d42536d6eb87d8003634ca8a1bef94580eb324d1c513cf6da9bfcf58b177fccc463230ef3fb60df3f24f58ec9ae2a413 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b3e82669a81c981d_0
| MD5 | 31e29d4ce6169b6aebfe86edbb411aac |
| SHA1 | 0681ce87ccadc9eb25e5d89ee7b77d62848b1e84 |
| SHA256 | 2c0515841da89a6a314d5419db855530c8d9b09c12aa215a2632f59c329b493d |
| SHA512 | d4609e900032956661ae249d9f4cf8b3416f7d0b64b48e8384b5a975b4c80ff62d6a98fd2349681e3756c4932d91ccec23c6de51a697c0ffc64549933f903de5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e4f85019800026a2_0
| MD5 | 469488a31b1fcdc64757f0ddf6a227c5 |
| SHA1 | dc8e717a25fa91ddb48fd78ff9edbc7e561a9839 |
| SHA256 | b941c86d35476529f1f2ac9cc3282f22bb3ce1572dd70b23a2c7e728a9df4235 |
| SHA512 | 4abab9e27cf2f0e76cd370d92167ca30a0f59e8fbad20b69685deabc3b8f20e80b9dc987e59ff386879e148c3e328a6b313de634e9c4799902e33fdc3e062258 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7cf9843337c39c04_0
| MD5 | 6374b7c685b018d99363bb9f9d89daf9 |
| SHA1 | 219e7a17ef48fa7daa21038ad6204ef9dd04ac62 |
| SHA256 | 7948e7a4394cb9f8d91ffd4bcb05a3dd3b510e6d30d9d7ccdff92d61719f6046 |
| SHA512 | 9f6b39bb120482067e815704f16da1dd2b203b9d9cf98a904b2d8f4f6e37971dab19312c49bf636a11832ee09709b4105faef084db2ca13e581bb4021cf6bf17 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ca5bb3c84b908d6e_0
| MD5 | b4702b1706c300ff345b7e19d53ac40a |
| SHA1 | 5c65542bc8536dde533f13d527fc04a29c869060 |
| SHA256 | 5c38519fd9b7bfc9e7676974383e79f250200903ae74a046f1046390a3216098 |
| SHA512 | 183de098886937f60057cb8831f9d20ec8d22674eac6a99ef4d7d6c719e3ef7eeeb2ff3e5779d6f5d91eb6a75b786b353378625df822c1172c56d6a6ef6f795b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8908012b8e4a5af1_0
| MD5 | 99e257d2f51af4a515b6f70dc7004e4b |
| SHA1 | 88a41e27ecd9f29f0422f393fcb5deaacd21e58c |
| SHA256 | 3725a0534eec33e712ef1a90a0dab67c41f74bddc02cac7268946a637c42609d |
| SHA512 | 679f02f1aee2f4cf02565ea622d1e13823a89521167adc5835061c147b39fb13247f580b599d42feab55dbd375e17dbdb812170d5a394a35e7dbbb6f384490d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\718aba49c9504085_0
| MD5 | 2e6f2401964e379ba63e2d7026f04228 |
| SHA1 | 54b834a9cb147b65c06e8e2d8168fea695d854b6 |
| SHA256 | 1eaabc28e961c32826907f4a29ef22b13c569abd70d3b88e0ed2695072bfa0be |
| SHA512 | 642ab1ab10ae8f97201506b420926227317b8e7b8bd6d0c366c9c08501da86f1f3d994fc055ff7ec6fc0b31c4ec1de2a36c6f0b434c9eacc83bafbd1fb3d33e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ec4b11de0b23393_0
| MD5 | 5235fd4e33e4ac8349194c0da92320e0 |
| SHA1 | b11d3912d0296f00cffb8d83e97f92f6ac6358f6 |
| SHA256 | 0804e63333d8cc7d7e6ca0f059cd4659bfe43d73f683d62c40941f56f4351ef8 |
| SHA512 | 440c3ee9fed8a91b162fa10d64f48ec3dc2fceaf9a802d437505adfe53c826d54573cd31f76151cc0dd81d6897db8dbfe6d32cb842c5c0c586144a41f81b083e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\476831ba582729ec_0
| MD5 | d17e78f6d6fc42cda6bd7e6d1e90ab44 |
| SHA1 | 0b0ecac778d88f227af0cf0eb4d262f329e39583 |
| SHA256 | 7bfef8df9f34ff9956fa149b7be267e406912a9e6ecfb9a4f638799397604518 |
| SHA512 | 64a657129e4f46dfc23bb4b6257bc2e464b9255322190a2ca634ec7e70b70b90faa92a018a7f3971323fd2711b58b6d956403aa384aa4cf2ff4f911ed96779b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\87bfea9426cb2ef3_0
| MD5 | 1b91c8d9e6db0681593bdb4c8de4e90f |
| SHA1 | 8fbcec1620fab5d2905199f30335b82442125a17 |
| SHA256 | aed1cac329baa75b4112bda652a999b51dd6f6e5cba5e3ae06c0cb4143b35541 |
| SHA512 | f893edf1c7369f45d508b13a9a4afdc4eb9d0233ba157d6bdec20978ea76baeeaacf670e7e5d247ca59203057f611a3c2fe0d27e183780bfeb0c94faa18cad92 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\534ab76442c26020_0
| MD5 | 53d1750e1a9e00c358660dd777971f9d |
| SHA1 | aaf9b0836512adb9e9072f9d5d8d03485f687745 |
| SHA256 | aa847eca9b52f5b50a99e2e9585c36f2aabde769a269ce14ff98425816379290 |
| SHA512 | 9f00cfa9bd7d4ca8208d9edaeef5b9c16f9bfe6d22db85fd5221b8d47bdf9566729af5eaa3db39f0b5d4013379f7120b531ae0eca745c60daa21cc187c49b70c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\81764cdb356c9506_0
| MD5 | 87c90e74158995ede3926faa65b34473 |
| SHA1 | 931829a3083d75f784e51242fcb4ac6776350c7f |
| SHA256 | beb38d0d17c192d86c08a1d754b240ff7ba8b68d1f5af1b2c0984add14f00e5a |
| SHA512 | e66ed19f77db56845fb6096ce354de98d62f72d74607642c8d75b25ead69df814c553e186cb55557a0424b600511bd659feb6cfe96c2f6b7d76a16a5a4a3f9f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\02735674612cbc52_0
| MD5 | 50f692e6b88eb89229afea6603718948 |
| SHA1 | 6d0420f5bdc8e3a0fc60fa230599ef2a82bf0e8a |
| SHA256 | ce787fd52225299d4087d40241f809c7f57d0ba1737a6e335b797941755819d4 |
| SHA512 | 17575c09568941d19f018a6ffc4bf0de12e03ffa033cf4827446e65b2397ef380db14d66af3fd4ebc7012a2bcbe722cc7a5d3e7c15b197afaa7a5883a878e744 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0a44ad51d1ad22c6_0
| MD5 | 3b71fa6986957989beb07a9f32fd34bf |
| SHA1 | 8f20fbdd0c8de02f923bbb391c17b40bf0878cf1 |
| SHA256 | 0013e8425db517c2f3c9c5fd43ef973d9d25bb811ba4a38297a868b68e3937d1 |
| SHA512 | 69e48236de8f6c96e93af49c2a8af1d10086d2cc2cbd16bdb2ecd1ad49e99ecfb76e059f66fcd909c195ab23c971a4d4387ce89d046851d13ca1b46d20c3d4a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3fd2be14abb3904c_0
| MD5 | 8df56977f8f5b41883f154af9254d943 |
| SHA1 | 8b0303bb349993b0d2b313b735cb0c97c5ec31af |
| SHA256 | 1ce9421fe8efdede966f89f8d60dc98eedc17fad811f7c85b4366f0bead9c034 |
| SHA512 | 19533f74c64e40bf6c7f69b41e70a8e7741512d0f4c3f9b2fceeb2b6b58430223f09185335e73a0cb7706ce65df16a0d26115ea4e9d8f275dca0bde6adde67d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6d3b0ad57bdf7db9_0
| MD5 | 6853b9b7d62fdaa630aaff7c75892fc8 |
| SHA1 | db8cbdad1ba57cfefccc1bb1136722cb157e1d15 |
| SHA256 | cc011cace9151e4a0e365575149608cd0f0db0535e0d2bd4eeaa9eee85d80def |
| SHA512 | 9de79260b0cd0c99b7401f878b9ebc0cafd0d48edc37917e462bb7f24635da4b5759563a99bb61cba501026331f4a4c115ad50edd9760fe5ba9b9493a2111d6d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daea348421cbc209_0
| MD5 | 44e2c96c48cab61e9c1dae8787f44fae |
| SHA1 | 318927ccf98d5c803a6dfdd4a8224a237b4d7690 |
| SHA256 | 452f590a9b1a294ccb0eb54fe14b470e3ffc604d7789764b2ba0c3ba8d3e0406 |
| SHA512 | 522fe371a93c8a24191a6d0280c9c5f212194aa0b885320aad90366886e911becf8ab7f7f5bb9203ec291f8d24950f6885f12c96407335115feae43664b15c10 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a2bee1f3b78bd157_0
| MD5 | ee6505ddd3eee8db9e1027d28f961bb0 |
| SHA1 | d1c492ea66cc6044a6caa59c715f8becf5245871 |
| SHA256 | aa4750c637c9e78255a13794af365d5781a84d6c130f6334be94dc4f742b6200 |
| SHA512 | a43667f0115cdc8097286529f2acb1ced9cf9ea8c65695aa6a4bb870197c59fa25a406561974efea0cc2b6b62c091f1170eb2f22630371b895316d5bdc979c55 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\de4c4ec7d3f8d6fa_0
| MD5 | 14a8b7e5d516b1ec2490c16cb3a7c04b |
| SHA1 | e64cf70dc2eae58a5b02d652b59e0fde0a180bce |
| SHA256 | f3138b7c31a2c0082e86345ef49d6bcc85cca5900c809e5499775fc54030b4c3 |
| SHA512 | e1d77803f97e98afecc98babd023a1e42b20ff312abb85f8073aca31696e81a5c7790bb3caf0d1214b59249293e1ee0e502c892bea0130ee636d0d59df473a94 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\273820857948f45a_0
| MD5 | abed4938aafcae19651ef94f029984a0 |
| SHA1 | 9b0dc1d79b50144dce2dc1a375e1a86a3494dd3f |
| SHA256 | e1148dc3e58e88cf93f65cd679e0469ffe023d4b0d54411d10f79c3cd85fba19 |
| SHA512 | 4348fd14361633ced0f450e0f825040f353d4fea5611f58ef69f41231f3ba55fab36aba0dfbb70ba08bc55ac421be88928a9e3fadad1738350b67e8ecc7eba71 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 979bbc2dd613a71f1ddfd7068d4f9bb4 |
| SHA1 | 7751993525ab5e9a198572038a0d749615936499 |
| SHA256 | e8df5205d405d1942cb119e902b2c702a0c3ee2cf8507d5896ff87295450118c |
| SHA512 | 82ae3e4e773886e354c7f8913158b40ce3290a9a5c5e53651773597283a524f213086d5ac0efa74fc711172a7f7f23799a0e0bb5faebedaaf1bdeb3217ea1b0e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 293afca9b69b94856812e78b2c6c75ae |
| SHA1 | 14cb58e895156753f8d4b5cc2c91a37b8133203b |
| SHA256 | 115e8a94ebb1896996712c29e47b8f3f3c0bfc11bda312b61570d4f5b8fcbd26 |
| SHA512 | 06538605c87d29823c187e7a61c0e5444994e998e7db9305bb34e451809b92afcfc3ad34a30319a9b599c4706cc70e6ed4bd910a9c355d7a8203f31359357c89 |
C:\Users\Admin\Downloads\Smurf-Wrecker-CS2-1.zip
| MD5 | bda75d408baa486650e3404d9308f52b |
| SHA1 | ab99ff65e16e080bfd96e635a41108e957d8064e |
| SHA256 | bca21c225dcec1def826394e69a1a8ae36d40c77962175e712eefd8416fcf601 |
| SHA512 | bbb7f445ac76cfeefabe2f4a85027983e747941b02cd1b0a396d28e80ceebfbca073c12392d73eb88c3fa03760801ff76e549954fda27327859a0f88c1815119 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c447038a5048e3c200d2e831d2b315b3 |
| SHA1 | 59529c5c344b10c0eb55f8c25944455ff73f472a |
| SHA256 | dc83bede897b06fd0dd048c7ec751ecd16c7c52a82eef0efc2a32878eff6de39 |
| SHA512 | e0f8768e6578b594c1d661d281528550aa77469be156b4581f5574f992916c2d2f2354542f9dbf6fe8018f86fcd4a3b879e19da570eeecbd03e699f60ae9e32e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | aa8586e0521f84fe7601dfd60d261d3b |
| SHA1 | 5fb974bc850e31936b6cac1c89ba4bb57a4c9ca3 |
| SHA256 | e191e5a68113e43a1ded38e48c9fa8a2e914bf8bc194363e6f5d4802824e71dd |
| SHA512 | 04fb921c12ef5b6e1e40dbbdbef3c35af1d2529160e7a31c1256cec256acce096252f354eb94973424576bd366c2715f17f9c772d6fd31a681df5fab8c803d20 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c32303c63d3d15bf157687fee55d2378 |
| SHA1 | d7255805f557c1355d1b105d959a3c1b0076f839 |
| SHA256 | 6c4adb18020cce84f15a849b738872dce95c13c93053801d746d58e58b29fbae |
| SHA512 | b4d8d4383e6970e66272591336abcd70e92c83d5595a0a8bb38686a68ca398a246b41dcf86f5f3162aabb49e40bd6e8803be2288eb396c77ccd951d03f484ed2 |
memory/8616-7751-0x00007FF6A0400000-0x00007FF6A0825000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 4cc432312b3dbc34f06b5378d99166c1 |
| SHA1 | 2265bbd8f4d0602e7f6ba68631f307acb851b355 |
| SHA256 | 8c06c9e542c014ce9b1551c2a624141d806f5af059263a1d231dc279acc329b5 |
| SHA512 | 79b9881ac378c38e5c39eabbc29babd8d86c998de2099910e74154b2901882ea5f1c0e85ca378772918ba64a8bd2cf9aca27e04fd6c26ae7c6f258c77cc3ec3a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2b0c58fd47f0647ce827d174202b92de |
| SHA1 | 39f8e2fb7f5e33c8802c3e38359f5cb0d0d71bd2 |
| SHA256 | 396dabd4ab872f7b583f949af427cb7b590546d232488b201f14a03f0ea431fe |
| SHA512 | 14f26f144203a91e5fa4f32d26223041d5e407ad6c56b0ced4147df45aafc7ef938e80e3cd46c71f475c51226b5fe04cee6cad4b4fc822408eebef6cbebeae92 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 530993a10d1691c0102aeb30b6732355 |
| SHA1 | 08cccdd556ea94466aaf4afa4fe595a6356406cf |
| SHA256 | 296e1cbf53d24b63f804f8523e350fd4c7fabf327496b11c7e57654e477e61fc |
| SHA512 | 2662a62b69af61912fdd4c32e9bde83b9c7c95dfeb6bfa0c347458ebb7c1a97beec84f0d746f8d666f99e6e2e244dc2eb9e98f4ac7b9d6807ab6aef824691f81 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3b2272b742b8049f3c380e4451c8fbc3 |
| SHA1 | a14ce12a3f3389153e7aade74632f873eac34e65 |
| SHA256 | 4c2d45b42f5eedad761c7a13136a59572981045cc8669f00e5ce02389c1f49a3 |
| SHA512 | cdcc2110886f5b13fc2c9ef66fdaced2e56767bba668f962a9c37b46ae1fdb61f7e59eaa58dfadbb365c53d845913b8dc1bc77e425d99b48d45396e645249e56 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\14ff8116b518ca2d_0
| MD5 | e81f7401f8857d0b061ec572bd685cc5 |
| SHA1 | c900013424e67ea98f4cc2e433045bd5b37a83b6 |
| SHA256 | dbf920c62663ec187112ec27dc51beb6ae2076ca95e7442b9a71f7768113e342 |
| SHA512 | 598ffe97c60e222fdca6c05d9e89f915473202bd9694e3d3dd503064a7d5ea8e655d2416f1af5d9dc011440a1b3cbfc7b83a5cfee355e1c4e61814695629df3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\48b1105b4c2874b5_0
| MD5 | a12d794eaba4bce9d99b8d9eb79f7e55 |
| SHA1 | ef0d5322ce165cb64539f72cffa18a0f280571ed |
| SHA256 | 6f87816e416ecc6254242d63f463edf23e25b419adba26d129296d8bde9d14c7 |
| SHA512 | a8526efe5b3d122fb0d7e3b14294dcf091c8e99e32cb91ab51d278ae630c5c2699d36e3069d19b74d652ecd37da155b5024b6e370162a50953ae22e05dc4e690 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8e5987d08f7b6e11_0
| MD5 | ae2db2de1613b786287d6dc7830b976b |
| SHA1 | 7ee5d4251c185c835f04c4feb46191a4254f774f |
| SHA256 | 2185e99f6be88f25869d09ff7cd020245219c6a8343bd8b3c6cf2ddcfbb71a9c |
| SHA512 | e5adecfe2c77cc687ae67d886bb28faa0a5fd6bc0c7d665666b79d0daf04431981ca86b8f4b1a6471118444d5624325acc5d466cdb05fdb73e7da66b09a86fcf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\63bab61298dfac24_0
| MD5 | 5c63e74cb776222c551b424330cb249e |
| SHA1 | d409a09d0bad87ec8d294011734ea4e611f2f8e5 |
| SHA256 | c875036afbb8dc5ff57e38170459055b5b13589602ca745ea36014caccfa0ea3 |
| SHA512 | 9b6872953a1e5234f5748892248047bfe49e2f176a7c974bda0a25466019e5dc5c3b1924d2d52b94a8fdb7a22a95539fa085cf72c4e6f103417fd2e7dd073df8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa5fe3b36e22e31b_0
| MD5 | 894320a8d541fe8146c0e20f96865075 |
| SHA1 | c5b4486ceeb3f0f8672609b47a918e5b0a133ef8 |
| SHA256 | c2bfb2b81ef1d596a6f59aca4046a9e46e0c86b6b29fe80d9c0e16568bd7e993 |
| SHA512 | a9994438c975fe13d3570d3f74b32032f92f3ca77a2bfe41c87e552f04d365f4a5e5ad1707f2704e516d3a67e7a08865a18bc19c9c1ed9e63d4b638dc5e2a7a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fbbc3b076556d40d_0
| MD5 | bf00a1b845c264c67dd452579ef26e1b |
| SHA1 | d3b02f625702de238e0294941d76b97caafc155e |
| SHA256 | 785d96e88a1f52630a84a6b08326f4920e25bf9ecd9a4c5ef3925f6e99425ce7 |
| SHA512 | af4cbab8c40ec99286eaf7a3d2498aa17a1c14376541e9dd1383e90f60768adc6b7a0013dd25aebfacfe006895473bebd04a36e825cdd5f9de163dafa653914c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b4efbb7782bded86_0
| MD5 | fd1f766e7d319bdf3a294000521d24cf |
| SHA1 | 1a04ca65da6817eaaaf298ededee06fb6accf533 |
| SHA256 | f041731e7c73af54b54495181ac288b734bd9e4e3c7014cac03dac0f518d8da2 |
| SHA512 | 1eb295cefc8fd29c564a0eaa2c9799747feec1b7749be855a95d895849ea01ba0c4d6b676ef3d3b7f6b89f8355e7e9ae6877b6ce96e86b9b3abd197b21643b9d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 92950f3df543b786988f396e0750ac02 |
| SHA1 | 896a2a028b327679e1ef12b56fdc097d2a202531 |
| SHA256 | 8411bdceb9ba609c0b0d4f09e7b50281b38fb4cb04ce5ec3b319dc3c1c1847d1 |
| SHA512 | 4c363a766588700b7481c5c8b90608f3a8c261adf087bc4645c6549064b94fac732fb204e530528fe5a072c6f45c54ef733ab37ffc4342914504c3c063118753 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | c924d0cdbceb8d427607485d2120a3f1 |
| SHA1 | dc2b76b84c0e85fc0668efeea84162fbab65431f |
| SHA256 | 293954b61cb47b90954e3816cfea96ea0742295468fc23345346d0239d237cb6 |
| SHA512 | 80edcefb0f49c97356129b8a080d734ca8a25ed59963a11e2c1cfb9153e1338b75f70ab0819721c090e8f44c9d4b9177579d0d229bebc7c4dd1a5e8c21e731de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 129febbc0b8f2cd6b476f0961073f8dc |
| SHA1 | e9470970a6e5678e8fe6d4c4769eb82595957bc8 |
| SHA256 | 24e2ed30285685a63fe9b2df783c5b1f5887bc3feca1398026a3a9a88fef9b41 |
| SHA512 | c06a1c50acbff6d921154adf65d34de7fe10e799464e5940650ee40fa9e16bd2a2a667e13db942c207befa2f2c2524bd16f21c3005ad3752ce98d9ddcbfce3c9 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | cfc5296086a9fc2bd4ba95d8447dcad9 |
| SHA1 | bdad4c1683bd13d578f2bcf6b1129325d58965c5 |
| SHA256 | 04cb44de29ef95ff59607582d10abb2ed54d753772352f80086367b46ebe9acd |
| SHA512 | 56a60529ae27627e37a18c4d0243c91780ba65f63442d91f044d9eb2604f833eca91861f56180fc37fb1887ce6b08b9317417d52af25008aa9ed1b75790b3a8e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c6b0d28a04397d3777cc91bd2743cc9e |
| SHA1 | 0543a2f832f7f8eea26026deed8e3a68b354ffde |
| SHA256 | 62d817ab134c0d23e965eb686caff8884fcda7ef8a29ca917ca4d41578f4699e |
| SHA512 | 0755868fcd0c16ef7ca85adf5ef0f6eb4504811d3e064bedd46a23721bd7d751392be1bb4559a45fb1e3f7bae1c391409237302f9bd76a82792b63261516092e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b
| MD5 | 674b4fc5263fb8dfb97a359ac8927d7a |
| SHA1 | 897462af10a26966f7976059bf28684982b52f39 |
| SHA256 | d874f01ddbf8f94fc050c8c98fe0d0e15fb1738a13bb7b5c459b92c2eef3f013 |
| SHA512 | 4827d658cc635840f19e2f979111f9f8b287f7eb580d21c9ab87a7b68f8089a8e4fae90683d86f44a3f6be3674eae918344ca5f9a4def8be3f2ef6babb7389bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000104
| MD5 | 03b1cfaa7d36337d472a96c4375e612d |
| SHA1 | 11dc55047e35bf5de4cd9355d63dfb260134fc8c |
| SHA256 | ee0a54330955c4516f7f57f9cd56eee28900863f7de6598458bd88866b7e40ca |
| SHA512 | 7d7750b8622f0a6c3c9cabc582956602c531ff8568f18ea088d267454cf25a0dbbb1f5a43215fec995e9aeaa379976fe044d3ea3234db56a7ab4a5444273a437 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\Origins\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000116
| MD5 | 307cc9c90b07960982452fd122fa89ca |
| SHA1 | d3f42e1a37b7a5e959c39a58d2a0a0e052b49961 |
| SHA256 | c6d11eb819da4a0881a7a97e06c203056dad988b7e2b7408c937956a1e454718 |
| SHA512 | ab10518151cbda16a00281e1788421e3755c252feec398ed68311cb7d72d9d2b7cb199b542d108c396212d01d194aba61de8626e4f8208421ab5dd9926ef8b8f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 520a42729a219de59c3be71507b2639a |
| SHA1 | 109014fb35a2249eba10297e617ded59019ba073 |
| SHA256 | 594919915e34d66827175fa90efd5c50205c14de3d5dc1bb208656a15d218ee8 |
| SHA512 | 5d5cfd21c70d5c19251a7e0f655c6a4a2360245584c45c848f7b5a8fa31d7fd71d5a8cb82f90529b028a37de20e2f4529772fcafda21775ba4a44b86a8fcd47c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4258bcb9741c45cef12c51ade97da043 |
| SHA1 | f4a727ee449adbae5d0dac8827ed4ff59975f586 |
| SHA256 | c4d896856bb3289bfc06d3d1c04b0ca2b1847987b41865773ec5e840162c359e |
| SHA512 | 2cdb4418b251670a63a97f921715f0ad524718c37e1915acc41b175171009f320146e17c3c67de5989b46ca31b9a6bccfefe9ca082ac0905859b1ff6f50cb19f |
C:\Users\Admin\Downloads\undetek-v6.9.6.9.4.2.zip
| MD5 | 138f822e25b756808fc5557b81aae86e |
| SHA1 | 0817bfe553cd375bec170aecbf9ead5c3b8aff8f |
| SHA256 | 34b77ca064926dcf2930067a2682bc0c4fb5f169c39e50f985e90e79b0fc0696 |
| SHA512 | c3d07ca7670b70915db9a3ee6137542c70f9155accd013d7ea218b26416ba45eaed35fea12808a35e5c4397188090256adf36b22ef96944b5a1de8f16499f8aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a712b135ae9cc67cc827c168a6ec4051 |
| SHA1 | 06a6c3089d500df66dc0030d76a96cf79b385939 |
| SHA256 | 91d6f44bb1514047d114ee0143e304e8afaa2bdf9ce72eda9933855c2ef18ba8 |
| SHA512 | 889f49b61e73eb4b081d692f314db30043d75df6b74d59d1e0e986c2ad0bfd20b9004ebf3f59046b99db7dd7eff685a2d89b3aad8a21c07a5d4ef53a354c770c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ba6be312c3a4dae8682e0fc45eae89ff |
| SHA1 | b75772ec6fdfaa2fb17079938610e1ff20a02a75 |
| SHA256 | 6d4ab51d0df9d529bbc9d135cf15f31e5894bcc5ccfa034813deedb4bd50f75a |
| SHA512 | e558a6d042b03d23802fe0a629cacd915e18d962923d52ae21f4af237fd950d5f517eeeabe1d0df14cb50f085ca272140e839ac1690ebbf0a6893351f55a142e |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | c35d7da846bf5919519e4e80301e704f |
| SHA1 | f8a38f9945527d602384dc66858cef96e43b4123 |
| SHA256 | 7879352d3aae455d4cc86ce07ccbd9a61f431b2ae4939a0daa05a96c3da05c5a |
| SHA512 | 8df81a76070823f61ad07126446b6e2893e2c017af989ff40d638fdbfa617188abf18b89c03c29bcf270213c63c194b9649dc9e42e7073a821624595da87efde |
C:\ProgramData\Malwarebytes\MBAMService\ScanResults\813caebc-8e70-11ef-b70b-fa9f886f8d04.json
| MD5 | fc66435680ed434e5a4d20dd90e6395d |
| SHA1 | c1bfece63674cb133047053dfc3838456b9a9e68 |
| SHA256 | b3460d1eaada60f7a6714257b9d3e128b674b13de7b4c1ea5b5c946d6fe07965 |
| SHA512 | b33e4bc903f60dbe30593bc73530e3d677ba484d4d37bae648f2dd72c3d263f89515d5c8b154847452d7808217836652f9f45fb83d043db422b6b3073bd1ae5b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000118
| MD5 | 2beaee0c711bdca561879d19c1b1bb02 |
| SHA1 | 07e6f36ed68087da7a486d88a195b2139a88cac1 |
| SHA256 | e7e9531c2e5603dfd8bad9130cf1eef068cef277fe5db1c841fcd898a2b9b40d |
| SHA512 | a3720ad8ada992b2801fd515d2a74db77d9fbf195f0687122e07b60843a97f99f01c75ee18b1bd201cbba7478d519e4c8b9d79436e99a7cf2fa21a2972133f5a |
C:\ProgramData\Malwarebytes\MBAMService\Quarantine\af94b264-8e70-11ef-95aa-fa9f886f8d04.data
| MD5 | 1dc81fe9176cc28ca4cead263a06a9b8 |
| SHA1 | 059fe29b9ddcf892b1453c7c0032b0b551c74269 |
| SHA256 | c5bf901f35f3e62926687251282a364f9880b5d66cc98e2be9ecced2f0444114 |
| SHA512 | b123433d406f1eb11c621725641835cb595cc2a1739677f5bb7d5f58b36cd41fbe62e44f499b25943df35172480eb14232d14cc9e37bf0e167256b126b5af3e8 |
C:\ProgramData\Malwarebytes\MBAMService\config\UI_SecurityAdvisorSettings.json
| MD5 | c35525645d7e83f11fc860180a7f8a0f |
| SHA1 | c4c6c89d51a803a78a4b67a309359bbae1fc20ba |
| SHA256 | 062943398f8dca7f7808f27c08b88e475a6cf18bf925b6acc5545e61fff752b9 |
| SHA512 | ce952ed3a59b0465a3baa76126b3f3bd9814f3bf37ef946de7021f2acb9d4fc7ed306eda644ea6f8a1aed6f19c00e6365fc0fb79ceb937fa22a95d8d922e5db9 |
C:\ProgramData\Malwarebytes\MBAMService\config\telemetry.json
| MD5 | 9dfab5b281a5723cc55e4602dc244c09 |
| SHA1 | 45639f7998a59c52d0a3197040073971395aca0f |
| SHA256 | a32aa82a4d155922d5f398fde7bc2ad50371b47ac013e8d40f17f882e796d3a9 |
| SHA512 | 5b74eb1e8a43e70a0ae9a0954ed373778722dcf37605f3bd43029dd2e4798e5dca0c83c05e03e610bf1672d7d946ae5805ceed4d40d396903a9300b3662c10c1 |
C:\Program Files (x86)\mbamtestfile.dat
| MD5 | 9f06243abcb89c70e0c331c61d871fa7 |
| SHA1 | fde773a18bb29f5ed65e6f0a7aa717fd1fa485d4 |
| SHA256 | 837ccb607e312b170fac7383d7ccfd61fa5072793f19a25e75fbacb56539b86b |
| SHA512 | b947b99d1baddd347550c9032e9ab60b6be56551cf92c076b38e4e11f436051a4af51c47e54f8641316a720b043641a3b3c1e1b01ba50445ea1ba60bfd1b7a86 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 45b9ad1517fb8f632135bce292abe7d5 |
| SHA1 | 432d886ad0ec9fbb47a65b84487625bed649724f |
| SHA256 | 1ada7e0fc872b1f0f2ff892e9054daead36bb8fc2b709f8ef2a86332bf976452 |
| SHA512 | 8e3ab16ac026caa5536c69351024fedc9fae3a66aeab6f8646dc0a4654a7e0da9985ddc3695ef5e516e7f05ff4654a0da7fe7b11f034fd8ff7be95911dd4302a |
C:\ProgramData\Malwarebytes\MBAMService\Quarantine\aef4c902-8e70-11ef-aba0-fa9f886f8d04.data
| MD5 | 7c6502af6b5549dcaac566fe6c1e387b |
| SHA1 | 171cda4ce1a7b29b1582430817c8652120dfb18a |
| SHA256 | 53bc1f031eac1ae520a3379fa42e8a15e472d81eaa9bf855e9340081c3bd651d |
| SHA512 | 68ec58d1680e13606f5b4fb79ece47550ba622d8b336971a4dfde6e49e5d5e315af77eebebffa2fd5d8e16f44164e00050f230f6b34e82a12843face51f2c4a5 |
C:\ProgramData\Malwarebytes\MBAMService\AMECls
| MD5 | fbdced427987cc14ebde070c195c48fd |
| SHA1 | 8b5e5d66cb0cfff705f2b124976be0c30f4f29ad |
| SHA256 | 26e696103a54bfa47722509320dbe6521124a9ce8cbf00f88add51dd46a35e42 |
| SHA512 | d8eef95738b044f0b79b63bc712b2bd6a847968d092db2e8f349f202911a02eff2dbd48143463d4fb5bce27589907d4f5f227aa214eeedc71341e3b3711c675e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7753ec2bbc2467f5f35b3194820f0c3c |
| SHA1 | 8ea11151dfabadb6eb39b96221e450b9149fdb70 |
| SHA256 | 9811873b840d927bb02ee3f386186f659191b80a74771cece722e892d45c20ef |
| SHA512 | 6733fff5bfc3e8e21222ae09e3458b4465b2b5da179078af2a3c810d61695694fcde32a4ff4c963938c92daf7774447b4a4d82ba2bfb3e46de551903f390da78 |
C:\ProgramData\Malwarebytes\MBAMService\Quarantine\ab930044-8e70-11ef-83f6-fa9f886f8d04.data
| MD5 | fb63f8f7297d0dacc6c4594fc8f6bb42 |
| SHA1 | 18270e81742d716b15026c2628b4519714017d44 |
| SHA256 | c5db13b845f87a485509b32872aff3dd8c2df8fded49390b6c736be4141c4954 |
| SHA512 | 785b59e9285b187697cd1648e75fd144a5d6790b3f00670ad1c31e39392f85145d1a3854a2a7eede925537053b7243081e080e4bc809b3fb82de0fde4e140194 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3c4f92e0a4a73ec5cba72b65f6c3c7a5 |
| SHA1 | aa9dbb38659e3e4cc0a5c42e62f10855c768a50e |
| SHA256 | 82a8a33cf099828ecfa2f3da4b84b515ed7c0c00c5ee72726247f4830f10ed68 |
| SHA512 | 52047cbfa8005bde3b3e07483d1c4314e288aa6c1884521c3cf75415638b6703b63e14b9632a35b7c750d52c8d862a26338df0eb2ddd6abf07dcc70a2fc39e0e |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 5e38e75b904341ff0b82b807159f112f |
| SHA1 | 797e54ae7ef7e4356cb0e4afc8ad70bd92eb3335 |
| SHA256 | d87675b91dd8567949955e9dcc236310342b90ca5ad130ec84fdfb4d93a74691 |
| SHA512 | 82d6d4d4ccb8960b5ef913687244c144c9616f500d0991452e0fdb1c55734af3474ff2daad1737e39ef5b4b3cce354e8512e2e3a7aef5ed1609f5f64a6a727ae |
C:\ProgramData\Malwarebytes\MBAMService\DDSCls
| MD5 | 7e7efc1581e37cfb10c0c020a0a9a25e |
| SHA1 | a47fab19096f78162758a75641b55dd3845f9697 |
| SHA256 | c075d9b5310c5e3ebec342e2e44b61cbb672c57d8719f0ee4ca3940a1eb5c166 |
| SHA512 | 4b7dd71b45fca91ba27468977790638026476121b0297addd3bb53478518750e7a1d1527dc1ba0312718de1186f5c07d52ebd03a52f31c1665fdfa5a139acf9f |
C:\ProgramData\Malwarebytes\MBAMService\Quarantine\870b0ac8-8e70-11ef-9d27-fa9f886f8d04.data
| MD5 | a7e1f780c1e03153b89dc9504adfbb8a |
| SHA1 | d4dbe9a03be80ed19f9376cb8685ce8046714bb2 |
| SHA256 | 544405c236ac917e7f6dacc3953470cc8d823ad728230455b41827229697d382 |
| SHA512 | 9d70d8b253db5f4ec8201bb2c1c035e3741e7659ac49baf90e91dc67038d350fabf5e3f3f06ef4fa8918db7bb838a4d095f6f75ac4902a13fbd9338b52f8dee0 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | ae567b4163821ddaf798bc0d8c573338 |
| SHA1 | 1e5bd3064a418cb4a7a57839ab0fb9a6cd4aa188 |
| SHA256 | d34040ac4516719cb5e805122623c1accee5a0b9f43e89f43268368a98749c72 |
| SHA512 | 4c519eaf03e996b38734c8acad7263452d300fec91552273c9e485b7dbec81e29079bc453a78f24acf5b9a263f85c460b7dee6f85a58f9287dd4513f3584ebbb |
C:\ProgramData\Malwarebytes\MBAMService\tmp\89b6506a8e7111ef8dc3fa9f886f8d04
| MD5 | 5c2d0e8398ec1c667037d7fa6bfcf3c2 |
| SHA1 | bf5cc5f273090de5e4bed1e4c7b6372dd3fc2250 |
| SHA256 | dcc6424ef33b6cb1b6f6c68cc2464f7a97ab41c4908a463e2c6745272e25f0d6 |
| SHA512 | 4ba4d982c4dc2ea7efff317134cae7d4d382292fb85d6fa7c197b049fd37b628463f24b6b743890705b508472d61cace9786634eb203c525598e88378c8a968a |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 72cdc5068352d9b729933d1a9f721759 |
| SHA1 | 55050a1a5e98bd52975ee138963b19524fd3f575 |
| SHA256 | b0dfedb1f80cd32081d463fdb75b5c0a5914167def6820dd43863fa083564165 |
| SHA512 | 4254e99f8fc19bce597101f705fefebe5cac670b5714728dd4729fcccd08ce80a4e30475dea921dec9c141a358bc3acefb99645b2d5e21740218d4d2321a2079 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 37fa20292b75ecb657f83f6078f34914 |
| SHA1 | 679bbcf564fa4ee34e58e281f8076f4324137525 |
| SHA256 | d2aeb992e574400a9cffe644d64760dbb069c1e4bee4187ca86c9b2efde930cb |
| SHA512 | 55d871216cf46996e6def6d28610fd3e9043dbc16c4c21f8b663765ac3f2cd2ae54e1fd0946ecda76f3ac7d2622a59f9cdcfde557cde0024956aaec8dad5116f |
C:\ProgramData\Malwarebytes\MBAMService\ScanResults\7b4e65b2-8e71-11ef-81b3-fa9f886f8d04.json
| MD5 | 14a18c9e3ad4657aabf91f2706d1850d |
| SHA1 | 2b52284cde1480ab942073639cd57c5498f9fa51 |
| SHA256 | 381b7abb549189a1269a7e96193860e3be4470b17c42c9f0d5207d18999acb00 |
| SHA512 | 0e7cce4baa4bc5c8b99bf8424a7d01a38a5fac890f4c228c55c1f7558abcacead546c7d298c2f9d420120097577320ba7c50e211eed9e86c0f8ba98ad3c7c296 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00012f
| MD5 | fc3a54126b60aabb257a03ee7368bccc |
| SHA1 | 2a52d4a13d6025b116c7e2670d8f15b00731100c |
| SHA256 | 2403e1a1abbaa8f911da32a55052a95352a23250d3caf33cfd9246e4084fcac2 |
| SHA512 | 9ad6ed709ca7da4609e33758d4fcfeede77b7a56f5f8fa2919073695baf49211fabf6905be9ef778e0a060cd11260d0e6eadf4fc0f056dedcda23140640a6622 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8c74a711d1f7dafc0b3937c92149e09f |
| SHA1 | d114f936ed8d0391b9ca8218e7379b13e2bbb818 |
| SHA256 | 61324fd5cee843bf434746ba72a4a3f3aca7e260387b6ec73b19dc09fc5808ee |
| SHA512 | 6a9e1ca8d7661b9e4ee3e71c25bf576252b315ead91befa575decc5a905e11aa05df1aca88b5ca5dbbad0d6dd9b403b488fee838d86590e025c9c42441e4610a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ecaa3655091d6b75f1a536cb5fc74021 |
| SHA1 | 73af74102714f826463e8c9f0e869b34a8cb3f74 |
| SHA256 | 02be726639536320df658303dc9c5338dfd2578e84bac5b6de61d1eddcfebead |
| SHA512 | d80b387c9e35170934ddb6ce86afe628cd77320eea985dc29817b877315f6bce5d76c5558638a7770b7699d3389b24044b38624f8b64c391b4c06869258f9ad2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 878e378486335326ca6fa2cfe2970f13 |
| SHA1 | 7db74579607966b7133139b378980ec4747dc3a3 |
| SHA256 | 50c010c550bea65526812a3990580cd0f5b22626ee146ecee7e7f4aae44bcc23 |
| SHA512 | 078142cb1196dc8106ec30b8cd761571fe443ea6acccaf9171b9b783d7939037dc6155c7dbdc8f9e2086fcc1ae24c3e7fe282fcab4a1de9bcce674d4f17465dc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DABA17F5E36CBE65640DD2FE24F104E7
| MD5 | c6150925cfea5941ddc7ff2a0a506692 |
| SHA1 | 9e99a48a9960b14926bb7f3b02e22da2b0ab7280 |
| SHA256 | 28689b30e4c306aab53b027b29e36ad6dd1dcf4b953994482ca84bdc1ecac996 |
| SHA512 | b3bd41385d72148e03f453e76a45fcd2111a22eff3c7f1e78e41f6744735444e058144ed68af88654ee62b0f117949f35739daad6ad765b8cde1cff92ed2d00c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DABA17F5E36CBE65640DD2FE24F104E7
| MD5 | 9cb4e0cbc439ff26b6b5a6c552c9fc45 |
| SHA1 | 4f722a3e7988e4dc488cb24c331770dfd909bbdf |
| SHA256 | 0b1ac93c68a3e7e8382875f4e5d0c7db8ca44484a9d78708099004b011d3c520 |
| SHA512 | 45f8243106d6c6cd5c604f02c8bc69f8b7cc03bf8ba23185cfdb5fb7dd7975047d99d6465cdf341858ffc190ce06fbcca8133a40de062bc5c0be464ebe370670 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 93448dbc5b80713bdced272df144b412 |
| SHA1 | f8ea05e8ab1b0b6c2625115feaabc064458dfd4a |
| SHA256 | 21fe38af6a2d01f5d8c08c2ce357497b3a9e9ef024eda1f1123bb3787dc35674 |
| SHA512 | 5920d60e3dbf85fa72642a68908aa9ac482bf8660e465351a263ec19d6994f12cbc32cb020d92f787536247fc39d883240fd31c9e0faa922d00a4fbde22cc552 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000135
| MD5 | af7ae505a9eed503f8b8e6982036873e |
| SHA1 | d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c |
| SHA256 | 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe |
| SHA512 | 838fefdbc14901f41edf995a78fdac55764cd4912ccb734b8bea4909194582904d8f2afdf2b6c428667912ce4d65681a1044d045d1bc6de2b14113f0315fc892 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000136
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2a8ec8926d3fb2b5f0c2adcd46f53f1a |
| SHA1 | 846bd47d6237892ab17b0690c42c39963dc1d11a |
| SHA256 | 24b41bc1aef6bfd7ab92c3ac7adfad3f2b6136ec3c8945d3ad774ff3bf81010a |
| SHA512 | f38d9d65748ea519c815416df0d49fca4e0b83ce3b62283c0737b20bac466c71d63f859aabd6231596b1678f46c36c3fbca3267d20dc1ed9d1c0c1f257c3e2df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a2871b677f884b65143ecefa3ea2c981 |
| SHA1 | 74268043b3ae127a34abacb76e2020670689e88a |
| SHA256 | 19f4dfd367c3699d6c9e928dda7dae7d4c92b4aaf0652f5446105cc31ec01aa7 |
| SHA512 | 4a8f4bfdd86e15504530c0b303ea7b9ff78115cd8daefa38bdd3ddbfba27474786880e2fcc691e8b67a01b01874781df8ec6a52e34f6b2cc4e387227a59d497b |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | e4338038aee0837573d85282b9e08ea1 |
| SHA1 | c8aebbaffdcf838809d9f383aeed9309203d88de |
| SHA256 | a418cd08c994137a4ecd5639aba013cd68d1ed4400fd5c7dac65120c6868574a |
| SHA512 | 9b87519ab780cd479ac521855727633884ea1f6dc061f0bf02a5c8e11a45aa10814230ce1df4f1565f50d6ced4af53ca4cf1a4684b888e106835b9564898dd1c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000151
| MD5 | 115c2d84727b41da5e9b4394887a8c40 |
| SHA1 | 44f495a7f32620e51acca2e78f7e0615cb305781 |
| SHA256 | ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6 |
| SHA512 | 00402945111722b041f317b082b7103bcc470c2112d86847eac44674053fc0642c5df72015dcb57c65c4ffabb7b03ece7e5f889190f09a45cef1f3e35f830f45 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 86bbe172cfb36fb9f92aedd63388dc89 |
| SHA1 | 94a00e95dc1934164b512cef551eebc9c1537cb4 |
| SHA256 | f9e9b792b961a0732e56189bccae9a6132aeb35a21d1d90299b527bc2e62d77a |
| SHA512 | 055ce26253ef426b35f78dd8771558ca579913e3cb8ac9c317083256d1558ef7094caff43372c7aa62874cf1ac21bb4e3499d125605e2740537e2b4ba3c27abe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\38c8892a84268700c1d555293fc3fa782ea43951\cea1f230-41ef-4776-b46a-db366ab9130a\index-dir\the-real-index~RFe627e14.TMP
| MD5 | e5945ac35c3402ba4404eb1713478d03 |
| SHA1 | 76aa800e06cb3fd08fb5077c5ce76ce71f3670cd |
| SHA256 | 9b4ec5869dc321f4169797edafbe04fd36e032fce9ccf0215fba8ae8d890db8b |
| SHA512 | 0d140122636377484fd1ceb937352996a39ea771e126586aabb6baf1b1880bfa0254d70ce20d7c985c2fe0a50cb17e11b205eb7f9fa3ba51eb3e36f21857f7f4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\38c8892a84268700c1d555293fc3fa782ea43951\cea1f230-41ef-4776-b46a-db366ab9130a\index-dir\the-real-index
| MD5 | b0916b1163916b744faf3588d3b5f0e4 |
| SHA1 | 92222aa19443b99199696f33f86ae647a065a188 |
| SHA256 | 236fc7983f0138e79003dca218ca8a72bb8adac9c12479cd277d818f977a10a2 |
| SHA512 | 9e0c4e0d1301578bb3abba980fb5cbf102188d7586bfe6f6349628c180bcba145ced57bf8c9e530b4dc9aca46fedd3a0e6593e249fbd355d9fd750ef54f75359 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\38c8892a84268700c1d555293fc3fa782ea43951\index.txt
| MD5 | cdf188da211b7a00d070fe67f2649c53 |
| SHA1 | f0757583f0619e562fc8884d730b09ddf5f74f9c |
| SHA256 | 5e056fb1cf9e8a441fb37cd0c6f1db49aa593b4eff6259325988585a3563a348 |
| SHA512 | e836aa7a70b7f855e5c0802dba8f29b82f42b3539b3d0b830f04b647b1d5c22a7b76f66888c575d7311ec769610806aaa002c9258db80aedd419475f086f6fc6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\38c8892a84268700c1d555293fc3fa782ea43951\index.txt
| MD5 | 804ba83373cb5ee3f49b6a68e89e79c2 |
| SHA1 | 8249115585567cc02311c0335cf2083fee9db49e |
| SHA256 | 6b93bbea5f21490c0538680fbdad679b0f485b8a6f7e3b9f197ce78208db99d9 |
| SHA512 | d632763e6bcbebc0f1fe49947c4a0c3450d739e64219f75ce2601c8438173652c741694a60d36e2408c5d3ed41b6aea44a4ba32c4687b570a239f019f0abb21f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00015c
| MD5 | b3e330d9a2b44afad2d4477512409c60 |
| SHA1 | 2fc7353393e223b7f43479c4d5f5a7d6930d9fee |
| SHA256 | fc555d8b3345e678e51772bbf483649c792e98f68d12a66acb75a8416041c2a2 |
| SHA512 | 74d32e2b0d0efd8f91ad0fd09181651323bd7c1222c7f6af9d199caea633695d8fc806d484e9dadbde414d5d8e0d1ede98845c01fb8a83c3c164f340cce45098 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00015d
| MD5 | 120487dc73cba74ba507e43d627cf23d |
| SHA1 | bb7e16f235da60fcf9c8cc2530049886d6f7f871 |
| SHA256 | 3d7cfe80f6f4abe9aa76cbe82829991a5dd670b5adfce249fa0faa022597f7bb |
| SHA512 | 677495412adce43a8e5dd20b4b1a9254a93ebe7608ff27e62aa17f8f0048e2c53ffa041cccb08320ff814174dbbdb0a8193bdca512c65551d69688f85f205a32 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bc60ed1e9790d18059fc28c049f2170f |
| SHA1 | a0e0b022330068f2827f0cc333275719696f50f1 |
| SHA256 | 5a5f8ee0ef90aa7868b5c1eb4f959916d7c64e4c8dcd25b2efca3c995083301d |
| SHA512 | 4b386dc7a322eac80126b63a2cde4c435e57c8a8148bd49f6524ba3ff8b69a47f5871c88569ced5229823856f0c6708283bb10fe1e42fce4708ed60447a64f3c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bc85f52c822221e186423bbb0e88fb6b |
| SHA1 | f4d139748eac0bb32ba4be1666c29be22073d02c |
| SHA256 | fd0dae5674c0058117e7c1d41da66dc7ee4a8c1a603de9c0d4f5523318b0c066 |
| SHA512 | 1ebd9c459601492eca79df698c9f5ce9edd3aa038b215f50f3607237d1bd6fee15f7bc44a1c0c1dee0bcef948b25c365d97b2c9f0d8a82e22f0581deed9c922a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000153
| MD5 | 214f75e42aa5cfca07257cbf8c64e83c |
| SHA1 | ba4bbe71d4ab266bc145305217cdf86a7777137f |
| SHA256 | a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00 |
| SHA512 | e8d896c8c3509941fbce96e2847838a520b3bc8d94348b1121840a1a2a45328be939238423a03cdfb7823cf128eec3190de8b4c1924553d603ef02fa856217e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3f37ce07be31425a_0
| MD5 | 8292ecd0a11cd781a140855635432016 |
| SHA1 | 8cac8ce1ebb7d2e9b4412a691df801d437d4c184 |
| SHA256 | 74b9aa0c554a88e9ad1572793719e5ec2256fedc7de83c1f5bae051f5671ed13 |
| SHA512 | 70f3b5682a4ed5023e4c74a69e4cd1d0ddf0042d151bb7775997da3e736d66641b5622ddd576d58a4a7cfb7208ea61681cf3a986a45f38a2b1b7406934121a2c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000162
| MD5 | da93aa5083d4a8a231142493c28fdae3 |
| SHA1 | 7ec3646cb8219a1e3f4d2bfb9b80343ad4ad0fde |
| SHA256 | f953d546d5c0159ed38fb748e442276e47958eb0f95f29c6af82b7e31e3667ff |
| SHA512 | 4af42d49043a6d8d193ed491a66999fa5d57942b6d1ceea33574eaabd53bb7cf86573980ee9c4aac98b3e039011634c2450041343872de503661416cad2616f4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\993f7d88e15a6329_0
| MD5 | b2d9768bf05794c00d0a0b38a159b0c2 |
| SHA1 | 7364753d4617c72a77dbd451602a0cd9aed7588e |
| SHA256 | aa2fd444e34a560cbd9e48762eae65833696a043821b6fce6e329c1ae76ffe76 |
| SHA512 | fc677c6eec4e66bd08a9170a3e985c61886c48902dccd4ae2739a8cde3695d026585fddee76f271fab46db68b2825e747c36183051414ea5807d248f2ebd4bd2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\eb97b3fa8e1edd45_0
| MD5 | d724d7779346e55c935491c6c2acc7f9 |
| SHA1 | b62d68cd8bee4f7e773501ace6ca61ea8e2d55b2 |
| SHA256 | f277be0fe751003d18bd0fc27da69f56ca3efd76c1fc30fefb0fe0c141ef42ed |
| SHA512 | 847e560c8517f5fe6f93fbe55b627b1264c4123fc8cb2ec744270f4c9e0363357ac72447dc8f8c1ba68d113506758c8429d26a003042cde253a5767dc50b6e45 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000160
| MD5 | d35069a726e91cbb4bddb37625c2e967 |
| SHA1 | 2e42a7cc045e4dee24bc38d559e444f015c17f4a |
| SHA256 | 5fba16dca8cfdc08b8455cf2f88ff64dbe70619bc86d410a564b298c5f109d21 |
| SHA512 | 83d83637dbc83322189222d87e45e5781a757b972cb1b0e5004d99f1439332d4606a607740280e9031804ccf60c734a040c89bc0972c85ae9d139cd500058b2f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\28aa98f3ff7e303f_0
| MD5 | e344f39209f1f8ee6887987bf31916bf |
| SHA1 | 83c4f58602280402bec6df45d323d7242772d92d |
| SHA256 | 8759a9a2da346043dd0afa3186ead6ff2dd6a45567cc11e5560a8ca535cefd23 |
| SHA512 | 5cd283f0dfbcdcf39f3c68445d9484d2b52380341a2e80751901e6f7d9a85d84dd963a419ee7fe01ffd7ba48a38f24586897cfa6108475ea89cc3579931e7fe9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 498f5b6e827eaa59af1c3d7d77e106c0 |
| SHA1 | fd8395bc7642b1a9a86f43bb8ad5d33c36b13cfb |
| SHA256 | b2e77bea7636600d9a0b593060bd8c00caf51f7e4fd2bbc5a0b0a44b956a8213 |
| SHA512 | 266f129d268b0b3ea9b62bc69ef9e5750534e95d7d0d162f18a0841c403ed203a47b91be4aba2a4baf4a11c47793249bcf72173446cc742cd729690b0c728ce1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2da68dc2a8c6e46acdbace59de3c7c1c |
| SHA1 | 16c303993779d157f18fa5e61f91345313d07785 |
| SHA256 | 2eabd0c31b1d31b2e59aece8cc0feb860a50855332f391cf554235ba56335fd0 |
| SHA512 | c1d0e7bab77415b9ae020e20f9af0ba2ebfe2df219f4d52a35bc5a7e4b6703bc9eec3cff39dd42b8be084598129d05c0c4b78ef1149b44d011afe65637fb6bf1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000148
| MD5 | 04f4c51c1b1ae4347d3ef9e63dd650f8 |
| SHA1 | 87e0f582937e3aa332e9fe12b9bb0b8b45bfc418 |
| SHA256 | 590d1c3dd1db6db4deb55d98a95fd11ed040d8ca1775f406558b66441b50e6ec |
| SHA512 | 9c271842736e0cfb9198bcc29003fe93b319984fa65ccc571fc5bbfbbc7165fe89effc76f9a2fa4d052bc44633badc2dc8bc73bb3b68022a4d1c626e386c23e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000146
| MD5 | 7680465c99b9bbd9eb5e3055a95ff481 |
| SHA1 | 4f035af69ca6076226746c23e900846846dce364 |
| SHA256 | b53b1d67494e1a4c85056d2bbd233fb9241dd02d88261f72aacf17584f0731e1 |
| SHA512 | 3c78423f29234a1bc867a73f3c8ddb792869fdb388537867a8d78e68d545386c6cd92891f05221194113ddbc822532184d0763ec329db396c7d41c4f59d447d6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000147
| MD5 | 7c2224075fd41741e27aab8e01cc338a |
| SHA1 | 61ab9ba861743b87f8af0c55e977aa1c653f8d73 |
| SHA256 | efaecafb3b690ff5bddf38ffb089a715f083e311ae55761697fcd3ba69b5a141 |
| SHA512 | d6dbda96d49ff4b36d6906dcf001e7ffbbd953e06a347abd5d3db8784feda2d134b875f7612611061628ba175656fcb6da378e8bd06764a287add3e64e33ce82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00014b
| MD5 | c83e74b8ef273a113b9c97e403b1ddc2 |
| SHA1 | ed9fe2f0fc9927592c2af47761373a408375fbb8 |
| SHA256 | 3def657575e143a703990cde9b6c53849432b604f0eff63091547270f805442c |
| SHA512 | 84c94427d4d2ed319c7c9e3bf0fa87ca29b8af759ba18520a49aae759a58ecf4f833528366bfd6cc33105bedfdd26d6ef38ba78979bbaf014e1f262a8474a334 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000149
| MD5 | 2b175f9be1bc413666c2cb94b7b82aa6 |
| SHA1 | 296e059cc0330c35c1a6bea8192c835894a63178 |
| SHA256 | 0d7de85a8632a76524cf886ae28005a4e8b1c8f06cb19b30e0f51375a27cc0e9 |
| SHA512 | 101552f23d0f961e17ca887724da8011f5dab7a1324ebb775e5d6c1e41718f4f2d6bec317aa9986fc8b28d8064adb0cde9fce827029da55762ed0558acae5606 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00014c
| MD5 | 1b28a4cd7eb2d9622652ce475f67f898 |
| SHA1 | a2f64c12b808eaef9067971818ec413ff79b606d |
| SHA256 | 59488a9b44d8e3693b3a945c1293cb4295f3e78da8de39cc9302adb84a38989f |
| SHA512 | 40691ea3e57f1531527c49d561ff6bd7a4014082f8a1657f37804ee71d158943b7946c2de81496bcadad66ba111e0107cdf78bc11c886debdf08339a92dcc29e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\128ccda746d71870_0
| MD5 | 61eb5c5f756303149e273d9a2dcb2e39 |
| SHA1 | 0048d991ffd033b88170b4d5d8701710c24e32a5 |
| SHA256 | 917e80fa1372379d4eeebcfe6bd448fd40250ee84f45de468f090ca0c71028d0 |
| SHA512 | 7dfda7a88ca6c955c62c84696a45889945859b52cdc2e2cc664ab90d2d4b33df042a4ef06b64c38dbde19080c60372c9db0a6d407ddf0ca2da31f1aa1c122dd3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\df53bad28ea1e322_0
| MD5 | b806ed36b8158ab30484b7ab2b2683bc |
| SHA1 | b6c03a477c2cf1a130571ae0864a87b8bcf36a98 |
| SHA256 | 13320dc8a97d5fe817faf1df32bea848309881d890e84d709cd4c893bcff48ec |
| SHA512 | 5bba6dc0003a5ef51de326b4ec10cca3012e5b4a049d97b4cada7ce39d35a5088f889d7af314308bcdaef2861e57a8d3f7f696da0185185a3aac8da5cbf11b29 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000161
| MD5 | 925fac8bcbf26a70b0a12950aa6021ab |
| SHA1 | 80d6514e254a37d63eb53f1a2c71c79dece9336a |
| SHA256 | 82a1cf7361ffa672affeb17c40c91b0b0b7d8d5a983073c0320d11ff6fcf4931 |
| SHA512 | b4fb30cc7e4a7e0e0188a2a8b96c916dccf37064715d9c2ef58f30e2f4de40bd5e4630bc490fb85be81e78177ffdc18a54c20737be9d7709fa781e0b93de63bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9a4b5d0082d3ce68011b1a4592d221df |
| SHA1 | d0bf4c161c53477ae85f9611cdcd80a7d36d6162 |
| SHA256 | ebb9559340d8bf00924fb101cd2b1edda3c4cfed0e7ea394f18aa719aa8de5ac |
| SHA512 | ddc49615dd552dcafe839dd90f263b1f40efd963e95d651c53d42021e52b0f12115724e1903aa6473bf8591ef4a6c13a99a65ea3d53ea9894e6f6ff10974977f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 7c95540687d3cf37ed2347d021b9e116 |
| SHA1 | 76b7c3e8f32e5c1c6d6d57e4813879238d284d53 |
| SHA256 | 844caef0396343827add9b9fd16a37efac43dc89091c4604463b67db6d07f088 |
| SHA512 | 701064ef660dafc7d2123f8f2c501394006988af2d6d841fa377be2a24acac0ea7c7e785a4f8edf6f990f9f692c4e9754b561002c6625fce8b4f4973fe09e8db |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 00a35f0fa859347f2c8ffb42c37319a7 |
| SHA1 | 3c7656826f36281b582b42c6c325585655085ba0 |
| SHA256 | 7f41d36d6a9ed72f9d8e6093d1103aa523e8ede2b6c4fdec2274706111a68ae8 |
| SHA512 | 8e9a5623742cdd3f633e716dd87072ae2e7b5794b84324bdb32d5ea18851779350beafd0126204db58fc6331b492aa19af3a010abb4a35a3ce94839a55ef7afb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 808b6fcbb904454ac67c5b9bf887d30d |
| SHA1 | 9da0afa0d232e6f9acbd3e46ee8b18f4d85158a9 |
| SHA256 | 802f8cf0ca97a3e6efe201c83b89dea89ce1679e61b5c6198f250823a759cd17 |
| SHA512 | 551f78e68bf1086bb2682eace70a90b4cc9471c77ce75b0e8cc56ba2caf32f82ac707ad667a8fa06b8242d0ef25193d8c970195957c183b04ea54c2a4140d54a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00018c
| MD5 | 59b3482f613319c6be60f411023f0000 |
| SHA1 | 475fa71db86e99720cde9236918e37d5c0974eae |
| SHA256 | 041a1df3673259bf64dcbdaddcee0d8513e767c3a0c66c43728d9dc4b9e36290 |
| SHA512 | 241ec1eb8f4e3f4761e9690c92a2b02610780a7cdc9bfb7943accd1b2277636630c631a738b40a9e622e5f6b7481e893740e0f8785d9450dd261063409af0477 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5b4c1ffac18196f329a824974a1e6ae5 |
| SHA1 | b65986d47ebdb3c419c012931da25010ba48c32e |
| SHA256 | 2ae9834f2ca3a517c6bdf4c94ea1a0a6ed999d80b6fa20f1159244db33d4f23c |
| SHA512 | a2bdf29c715ace13c0ce8b4a395e38ecb186b564c14b979329284a64d2f71272ce154a26c5cbb040c2ac4661e1d49680df7d06eb2bebe89ef6b9477e408b143f |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 82ecc9c02f0ea7746c59aedcbcadca03 |
| SHA1 | 442878a0ac7a0635f36ae1e6a5f5fdd6e2a6e182 |
| SHA256 | 6bef64fb472bbb73e4073d895e4310069d4b5e3a13c41e2ce677f4a02eee18d5 |
| SHA512 | 71bafc118dd160abaabc62fee18dd59ab22a52f2ffe1ce1a27677c7e2bfb06eebb3a6777fc44e11d083232465fe5e881f356a674a50635ddb6c5a9c2f613a12d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001a5
| MD5 | 16faecae5562804afeff1ae02aaf5cfc |
| SHA1 | 77a74baf348dab74110eefe88a24bae44431c959 |
| SHA256 | 5ebd38c4611b9ce31acefecfcb9d007323479b8fe35a0ab1b83ddc856edfbe09 |
| SHA512 | 6a1ce87366ff523d71265cff36832c6f2c55b254510b20cf5434b1bad51c3ffc7b956b2d12f88ef2c34c2fcc080f4891c64e0f84f445f44856139b3b01add207 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001ac
| MD5 | 1aca735014a6bb648f468ee476680d5b |
| SHA1 | 6d28e3ae6e42784769199948211e3aa0806fa62c |
| SHA256 | e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a |
| SHA512 | 808aa9af5a3164f31466af4bac25c8a8c3f19910579cf176033359500c8e26f0a96cdc68ccf8808b65937dc87c121238c1c1b0be296d4306d5d197a1e4c38e86 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | afda3bbbbeefb443132720723c936a48 |
| SHA1 | 868fb6205e7c71b9be6c2a68e718425f17b69cfe |
| SHA256 | 9e5703fea22f57402fd450da13a423fcb1e004dcd23deb8b45a1246adde3b8f5 |
| SHA512 | 74242a9cde02a21feab81be5a47929e1f1d07640b4e91d28499bf14ba1d24561e424813e72e38e79a782204385b3204ecd2fbf6ab90df8dc6171541f4a58ff42 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3b98dcdd27347a01516d0599c9f6fbb6 |
| SHA1 | 3114e749f387fdad3ea9b8437d0e90ee645c2d5a |
| SHA256 | b64b058b41dfed65b016e9b86007c884e2cdb6e01c334beacf041a24a59a5a39 |
| SHA512 | 9bb0121647aacc4441a7545253b742086dd8d70a86b014dad4e3625d69bb76c3f91ca6e596658176e0d47cf1eaefc9eff88193f21b624f1d0c6d5829632d0da6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a
| MD5 | d81d52a7a2de9189891eeb3753aac042 |
| SHA1 | 057b7068214f3af00ecf73677798979175192062 |
| SHA256 | 5d59969951587d02ccf8e5b8b08b16f8b8b3110e26dd195cfdbaaaae99674230 |
| SHA512 | 62a5c49989be283cc69609bedeba3e1a6f5d3a02edfdfda9baaaae7d55edef2fa80fecb22e9f5545b858c308cfa83b21a25768ea3ec93e4d6bc5d74c968bf2a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0
| MD5 | 614357e438ce93fa6e631e294d5f4740 |
| SHA1 | 631ef15b9e4a8f2fa39e640ed3046ee7fc3c8fbf |
| SHA256 | 6c7864006f5aab7cefc5de125f1a5118dd80a34775e936f7ae9a227cf6119b1d |
| SHA512 | 9a7cf3ae82cfc8a2c4a987a4e9a589b39aa30e784a604df121238b878a308583e2ffb3ee6f551a1ca902ade99c3ccea7af76ec5068abebc22fbd6b2251833f6e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9412c8b664751f90_0
| MD5 | 391a03a3c517a4bcbf69684e55bf732b |
| SHA1 | 5fd18a79ae4e34882b00d7b7512b65da75d6ca28 |
| SHA256 | 23727e940942f01f285cb761ec7ac1f73a4d86b1fe41ab685fb23610b82cf7f6 |
| SHA512 | fad3d914cd118fd9e46f6164364bbdbcf8d179eb8625195756266d7ca9992215a9ee7984370d1e2116a6d71564518d78fb12fe0501b346a1892ffcb640654242 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0
| MD5 | f9a1dae213238fff2c8813c49a1ff258 |
| SHA1 | 5551617e819734b18af6428c5e16ee676934bd23 |
| SHA256 | 8825798cced59f903aab5942800a2bc1f45175fbc218f0edac1e4ba2ff44c03f |
| SHA512 | 686130c5affa0513756b00bffb731e2cd02b80ef8161fd4dec5f3c72fb6cda589e736acb7fee5c6d80d8e6589762f24bcdc5db9719534f3e3ad80d8decba2e53 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f019da7e5b31cc2db92b2a27b08f5e6b |
| SHA1 | 578fcbf59da698af0764773f1c8958bf785718cb |
| SHA256 | 37b00822eabf8d1e15004613d7ca043f5c8479c1a98fc9eacbabf89f43d54ef5 |
| SHA512 | c5f45edd626035d22b8ce21908420b092c4be95a62c7ae7ee21a8ce40df8b31557ab98415c298de726b73ac7aa734f415ca338464fb570e99a4776f8c8a5a2ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 884b1c5343c27a8f3d6a1ceb06f1b3f8 |
| SHA1 | f9e8995d43dc4e789176479b140d5c6bc636786a |
| SHA256 | 8a55e4c10fc2f4ca02f1ff60cb154b89febc63bf8d55d10f5cbabfd15a33e7f2 |
| SHA512 | 726f2b8c32863db02eb511c9224117a830c14c63fe564c9ee90045f332b3084cbe29bd2eef02bc190f20319a0cacf9bbe93e7dbf2e21af7e14331092cf928c5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 38f6feae801824c0b8f7e68c16a9481c |
| SHA1 | 2f19cfb497367c0018a89268f9c3a1b217be7504 |
| SHA256 | ca737cce1066dc1a00da8a3e842599527551c7df1c31a3ee2ac88f305fc77ee7 |
| SHA512 | ccc75484f2545555f15933022fc9178b3d084cb1a39db34e8ecf9637bf6ac5d932a143299e66e9df3d22cc4d2d2fa1e1770388187ac6254d81575a9da648df4f |
C:\ProgramData\Malwarebytes\MBAMService\BlitzCache
| MD5 | eac7a3c5f21fd1bb96865c871f562f4c |
| SHA1 | f8c3ae6839dfa0dc072ba8a50ada209a863d4a50 |
| SHA256 | 25e44a19071b425d23ccd4f2a935a7419b665665dbb76ecce4fc1f673aa85c1d |
| SHA512 | e3c06bd686e45568257bfff2d0db80a0ca618eff20a23437e78a70bf42f4b35d1813f9469d74b1397b6e8b03303b5b994e7ec63cdb81c57d6b29559792586c11 |
C:\Users\Admin\Downloads\Unconfirmed 10994.crdownload
| MD5 | cb56ea529726c8399e6f7b8c54ed40e4 |
| SHA1 | fa79565ec772c51eaeced6769299113f32329a1e |
| SHA256 | a67d5dd48c2279867a2600e76b51ab45586da46f199f636eec7f0963db4b1da0 |
| SHA512 | 8c5f4345e8d3d89e7cda4ac0dcf11e785c96056f12066711b9c7efe0349e26e2bc2f954418515e2498aed275e8dfe7f1c701f651d0d0b6608322c9e3c43e8ac7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d0f3036de755f0d8bc46c58dd9495788 |
| SHA1 | 1c0d63bfd44877efaebab024ec122f9f53516d1d |
| SHA256 | 3d5e651c759f7db7e68454716fb528201c11856d5ef0ac2847e5f88e13c112f7 |
| SHA512 | 4e3d5c00493fb5a553e688f3afa745093d4a7f67a34d0cccda4ad5bc125a9b6159df78a4fce726d8db37c74eebb57053a348f05ca5d1bf8684cce50d807c6c71 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c7a873407d78bc76ac297cb903792635 |
| SHA1 | 3c77f877d02e2ee77937d4b3395057565e1979a3 |
| SHA256 | 701fa6c850340a67ac9ec02437f9e8c6675ef0668a1dd6ed57fe7508b567f46b |
| SHA512 | 02e27442247f4f9ca3c328d86e87e9cc76a52e702ce43d87d60f417835707750437ad6da998d4d690633ee7cafcc52cc8a1eeac03493f2d0350a7c972c823c88 |
memory/5132-10538-0x0000000000400000-0x00000000004F0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a817e546258c0e32a1a518d0b4e40368 |
| SHA1 | 2e1ec656ca1db97a53ae02ad3fd3d7ab3515b0fd |
| SHA256 | da2b35f12d1ffaeee6c10639b90f4638d4b46b146f68149cfda2986331eb4527 |
| SHA512 | 9a6bd0151ed3e41441aa98435a91e0b37f30751c637aab4a6fd36244f172e8cd872d37c671e653c19a18e28bee928521754ef9a61c12818535ba8cb1486355ad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 58f56a2c984b09e944f57e3ca46adf35 |
| SHA1 | 2b000a8217cb36b98cc8bd3d33f97a70cf7688fc |
| SHA256 | 79d6809a9bfb6200d83556c1635f46f9eca96baa5b90069deba83c2566664907 |
| SHA512 | 84eb8c94727bc19ca169af532d08192dd552d985ed74d7c9289b7a2a3c26944b6d2487bea5109eedc95af136e53e8e561cc8ec4ce2cb6be79cac84c7b87e8e46 |
memory/5132-10589-0x0000000000400000-0x00000000004F0000-memory.dmp
memory/8840-10590-0x0000000000400000-0x000000000072C000-memory.dmp
C:\Program Files\Counter-Strike Global Offensive\Run_CS2.exe
| MD5 | f46e0ed60e9532858161e6747b47bb69 |
| SHA1 | e9a095b204b6dccb410cfbbb4332f7885adefaf3 |
| SHA256 | 0cfda13cdc6396cb06201b8e7c78fc1a9f29fcac7564fed5b6d9fb818e63ba47 |
| SHA512 | b9cdf76f94e52a458afa22d244117ee8271e7107dd78264b47aaca86f064abad616616feb94489f5b54aa1a1e3d5c3bf72b55b06b9f06a0ad8cc096c0319d43a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\97e0f60cb0388de5_0
| MD5 | 7b08822faaa27b70ce571585ad8b129b |
| SHA1 | a604f3293dc4d5e469b4acbd11b07cd37be220cd |
| SHA256 | 439093483a18b3fdf82aaf41b181d282d41aa58faa56a5ada2154fe53e54ad54 |
| SHA512 | 969014b2d295651610da24a43cfa87c0b4b5cd0a62f1617957274c97334ab3a2c39efa7dee9b75feeb785ee77a2b1c5481c14e2996dd58e63036b4ac427ed26f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\11ec628802ad8337_0
| MD5 | 32ef5f9cc1676d5d868b5d86372a17ca |
| SHA1 | a1dc4286065ab11ee2a7d4c7863a9ba5890d7d17 |
| SHA256 | b0ce9ee2d36108efeec2807558e85d54e0ee33bcee5ffedce6c73ab2343a4624 |
| SHA512 | 4a4e6461d5c6cb024053b664547b8964e5d5ee99ce165b6d388e135c0f431c30b18dda08521ca4f5af331cdd0d589c71229c5ba479abb0500bdcaa00bd9a1bd8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0
| MD5 | d18a01166d639d47e5f072c10fb781bf |
| SHA1 | 9c54670a87eef3e28f286af80ab5fe000b0efc46 |
| SHA256 | 7cc7826d81a89deeb55e0ec660283821bcdd6cc1370b7112b2bd6af0ac33f67c |
| SHA512 | 22d24798dbc250d9fd8e813c2372a1fc06f8039edeac5eebab0f865cce450306a365d380de9d6ede61b54230f3800d2cc833506eea62bbc88b72e2bdcab3af31 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d0c04f9998369cd_0
| MD5 | bdcaf3895d8fb7fbf1cdc4820637b08b |
| SHA1 | ed3264d71cb0c9ed428ef361efcb7a15f49fa6a1 |
| SHA256 | b938a22ccbc0278b2c4417c27a1ea7249cda2cf39694a7447b35ac3eba075013 |
| SHA512 | c959368781cf217d0af865167c4ff78ce761d8898dad847649e668c5e576443567ff3e0b9cc3f0bef251ac2997011989f144506a06a2a30ee5a895b1feb000cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\83d6d3a772bbc707_0
| MD5 | b2f1d2ec67dfab3a2de70a8594c515bb |
| SHA1 | 1c081c9f87951337b0a57844de2ac501e9f9d00a |
| SHA256 | d264105cb94ecbf089ef28343702b4f91dbb8c1eb73fcad89982b888e3125958 |
| SHA512 | e2c9eca1e294666382fc8e8333abaf2effd07e6c2aa733af2fca0bc55019d89e34d36579aa05ff82df193edd4ea0eed4a3eb15f0d4aa4fc580ddf0ef81fa4c6a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\eeea6a59c461170c_0
| MD5 | e0e17a1a8b1ac8fed657229c3a1f3583 |
| SHA1 | f2be06e8956c7594b28580311a7d37dbd567640f |
| SHA256 | 301c0214e13bf0854116d14f78645eb93e0ca9a4491998b9912edb45ccbe1950 |
| SHA512 | 98c279d931a08bdf0c28f28ba90545fbcc8ffbd67e8228bc91534076a8e04c0332e5ae22721e9fb185165a83607b45e61d019bfcec5f765eab67b35db25e1077 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5de9f44e801f6134_0
| MD5 | 0031ba83688ffdb735396cd8c6b00887 |
| SHA1 | 03135224344aeb1478fd1ed53597517df0b55e8e |
| SHA256 | 7bc9c61e2f76e1beb185448a3d5bbaa97bb3db14d515ac4e518e01787bca12c4 |
| SHA512 | 52b65c97330b1e7f645bf76f6d84e52ee618d5af37f6b2bf6e08692828be8f871c42c263de5f966a4ffd8a8df106acd5b1e9e64e9e3822d386a4bf766fcd1de3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001d1
| MD5 | 301426f2db9f6e0b3a096a76b2a0c1f2 |
| SHA1 | 41b52eb8397f41b6a3f1bb1d70b93b360edcbc31 |
| SHA256 | 7958fe0d52e174d7a45250456a640b623537474554aaf7f531a6f99e417c1d35 |
| SHA512 | 029881e3c1e4bc1f7c46e81efc919051be72a0db162feeef87757a9405193043ee49a2a079b94ef8b2c10a0cd06184c582413d5fc0ca6e7966f28ecccf256267 |
memory/8840-10904-0x0000000000400000-0x000000000072C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 40b86f63d6b18834411a01c85a7e947d |
| SHA1 | 94d540d4d6918355bf48c2d1040c676cbe54ef25 |
| SHA256 | b6b019426cd9c17444ac283d01d9ba8cf30c01d8e54c9b07f79819134a37ceee |
| SHA512 | 91226f9287ec7954325360d02d8deeb0729ae8ddeeb3fecf6ac35ab027a91afa6a345e5ad6d8f6eae8a3f20565adc63663d3c973a772d01d55a0a6a14ae98688 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4b73594cfa436986d56740956cca6b64 |
| SHA1 | 966a070fa0e1c5fe1aea420f0733f0cfbc067818 |
| SHA256 | 873139890c1cfd36517fe1dd300ec23d6319cae82972dd9924cd5bfdaa01cd70 |
| SHA512 | c8f9bac8e3c118f0c6294594f7aef639735bdd6433b2d5444bcc93d664960e8a09d529b552da6dfb2413238dcce87b091efbd8a59f5a9a5b9b9706201ebce478 |
C:\Users\Admin\Downloads\MEMZ.exe
| MD5 | 1d5ad9c8d3fee874d0feb8bfac220a11 |
| SHA1 | ca6d3f7e6c784155f664a9179ca64e4034df9595 |
| SHA256 | 3872c12d31fc9825e8661ac01ecee2572460677afbc7093f920a8436a42e28ff |
| SHA512 | c8246f4137416be33b6d1ac89f2428b7c44d9376ac8489a9fbf65ef128a6c53fb50479e1e400c8e201c8611992ab1d6c1bd3d6cece89013edb4d35cdd22305b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ae49bec48982e9c738c672d1631e3687 |
| SHA1 | c00408a014079e636c6cf672c3c75ac600d9115b |
| SHA256 | 0babdb8c289cfdb5d48144783598127b8f5ecf03f06370c078637189602379c6 |
| SHA512 | bde2eb6a3ddec49147890173663bffe6c070febfcf4ed12c8bde1ec370cb39cfd2761f5caae8dac0a76f83282fbe708dc22ab00294503cf18ae7f8bef3b1dcf7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0e572edf47752bbfaef853afc0898727 |
| SHA1 | 684404b70c7ec7f0f4046dc9d6c715cbdb4f0137 |
| SHA256 | d2d8fd131d0c1e38b60f4978d170deff2287a9351ebbbaf39f301fca7eb3e8f6 |
| SHA512 | 5a95d03149af2fd90f4ce90ad92da32adee4a150c44c580105ddd071a9d756f542dd7471ad4bfb52c61fec484a8d33a6e5e814c7e4a65deee4641c2352b56ebb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4c9ab11be2ee30724e568aaadd5b9701 |
| SHA1 | 373a418a6fb831305886ff0c510e202cadf1793f |
| SHA256 | 8c7659ee85a2a21a6ca4020ef7da79eb74f55e505eda09e0e5fcb8245d24a3b4 |
| SHA512 | c34c479fa2201b973f2434ec613ea81619623c277bb6acc475cb39cf2d01cb593e1c20a1760872321303bf5e80d21e70958edfd8fb7fb2ee0c68e4464cf79bf9 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | ad199127459c48ceba5f2aa63d03a800 |
| SHA1 | d52f97109c2d38bc5c0e4205c221b380b74ac83e |
| SHA256 | 030ad74a6fc3748651c6c88145f662bc20a06c06c7edd6a960511a976d521140 |
| SHA512 | 162e80bbb1d801bc054be233442929a77280b3347d97212ea5fc3e6356133f66de0ccbdfab1d7f6747940e429cdb2103bad538c11a25661381b9f93f84f84213 |
C:\Windows\Temp\tmp968faaaaa
| MD5 | 0993ac2b5a78663d71ad53ed8395c39e |
| SHA1 | 97060c28a7224956c5ff2559b46f8271a50530bf |
| SHA256 | c3f4d2e435a4aa966d6f2e20f7073b61fd24da4423ce3d500d9ce8906eb11ae4 |
| SHA512 | 1f9145dab17037decfedfc4bca134800aeafc5f02975c29464ac73c9e98190ae5b1d58842c30a64f3663adf2b9884261889b9cfc62f017a2fdbe90968f5d0e91 |
C:\Windows\Temp\tmp968eaaaaa
| MD5 | 0163d73ac6c04817a0bed83c3564b99f |
| SHA1 | 784001e8d0e7ab6a09202c2a1094f371f7d017cb |
| SHA256 | 5114af822abc2b0f2aabb7565919164c9babf884e34c21095213dbe6a71511ea |
| SHA512 | 47051ee935be9e9d4457447c7fe5df06a5b0c5ef55d2c757d3dfa179b6049ae79732b1552e812febe5ae41a076cb29d8a809ae9b168afc7eb4c9eadfadcf5d9b |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 1ac175045b7c478b573c4df51dcf389d |
| SHA1 | 6a51d8c78779de10e98b231e0652d6d2f84bac7d |
| SHA256 | 69e2e395b2a7712826179e94db68d05d22ee0590b4b69560a726c5510928d9fa |
| SHA512 | 880f06691a776eed63f682c2055b620d9a6a483f9b11d70e7dbbff59d6691099a35661b2ab7e9253dc119d04732c5355decb4d0a9c24d764577e227a0c5fc34b |
C:\ProgramData\Malwarebytes\MBAMService\config\UI_DCountInfo.json
| MD5 | 5e8a69d47534695473b0cbf61107c269 |
| SHA1 | 648e218c3bcb6032ba2d0e6077e14031a29cae08 |
| SHA256 | 0c9df205487dbc4843fc4706d6a9115e2a2469721b4f124fe0d7da39dd3ccff1 |
| SHA512 | 05ed93c0d6b479cb53bdb178880dd2a11c77205f7fcd0f1a94784b169d4d345a2cead3a74701846e0b2b9fffaae4d1649d0036a4232343c0ce37220100617024 |
C:\ProgramData\Malwarebytes\MBAMService\config\UI_ApplicationSettings.json
| MD5 | c91817c3e7508ed4fa13478670cb5393 |
| SHA1 | bab302f70efa997eb8a25f633fbd3d4579ad7a69 |
| SHA256 | f1c5aac96c0b138ee1b286b5f0dff9be1f2a796db96d7b45dc7873d554bba14a |
| SHA512 | fe43610b8a35ffe1424a38bb7b8b9623965752a59d27ba58d037dd5df273698f6882d65672afd503a82ecdb6e004218a0132a65de20c08bc73f8df39cd751992 |
C:\ProgramData\Malwarebytes\MBAMService\DDSCls
| MD5 | efeb31e47f64b0654aae9bb15427ecdf |
| SHA1 | 0c00fbdd63ec9eb69d218ae0ee08f506b6a9e228 |
| SHA256 | 9546c93dff27639969b37fbcc53cad4f48582c308ab50b9a5b8fa96e44fec0dc |
| SHA512 | 4da4c566a7d0692326711a565566e105ecf1013308e7a4babab59b189efd0d5809bab2d991395675c8679061c4c1a32e7317cdffb0e567d1dbd35459144cd3a3 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | d4f63cecb2ad3e74f5cf62b82dd696ea |
| SHA1 | f58d787e5a1f0c005dca89dfc5f4ac703ae6b9c1 |
| SHA256 | 39537ede09b89ad7d86b593c6f32e368bda53c852983c81b14697d494e61f181 |
| SHA512 | 5ea21af34d23f32e4c44cfdb83fc34bb2e85298b00bc32daa06be8cec84a1cce4d52c52ede2e3263a26fe09e4b6723f4d49e7fe1b4f74e95bde5ba11783582c8 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | f3e197eac1b11574fd8335f412aa84fd |
| SHA1 | 05c0634ac85a89ddd91cc42399dc1358e175513e |
| SHA256 | d1597451f0856179d2e3e119a9b75ed618b0570fc33fbbb386ad97d39879781e |
| SHA512 | c57d144b2aec9844b5dc54807923d42cb4d9d93a758c4d8807c4c3524b78edd60d80d8b84f15ff72ad52f1c85fb9761b0d60a9d82af27c5f8100a3be72cf895f |
C:\ProgramData\Malwarebytes\MBAMService\config\UI_NotificationsSettings.json
| MD5 | b889ff78adf8ea0d76915315ecff3d1b |
| SHA1 | ba0e500767e7dcaa04a05540ed7811712df25619 |
| SHA256 | a803558388a37ce73ac5fa2ece332087010be626c22ea25e3ba2fc83e14b3335 |
| SHA512 | 7b75479508b6c896a945c6f9f70a703b0773bf636dfbdc68bad1bfce34b772c7f43fe09fa2121fae63ccb4bebf0a2829271d7bedfc3c9f69828fa2b78ce50ffe |
C:\ProgramData\Malwarebytes\MBAMService\tmp\15105f528e7211efacb1fa9f886f8d04
| MD5 | 194055c240e643d50f157747235b55b8 |
| SHA1 | da9c287f63d8c04e59ac37bd2d0a33d68bcc4897 |
| SHA256 | 2afb759e0d8ad9aa343fc5398a6bcd899d776562172172e932e033717cbea7a7 |
| SHA512 | 2215c4f29b1c49694adcffb6dff5212eaa903c93c593d4ca179b40cb5977c953bd974ecf25873a2637159044663d1ec4b4b9b9a8bf8593228068da1994c701fa |
C:\ProgramData\Malwarebytes\MBAMService\dds_tmp\D2.tmp
| MD5 | 9ddbe8acefd2dcaaa044c7ccc3bccb27 |
| SHA1 | dc45e7898236518b91ca70a30d0a9bd91036f282 |
| SHA256 | b3e0269d0c4fdcdda002b2953e4116848da5f1ca3f04e6861683af32eda77f2a |
| SHA512 | 57264137a6abc4d54b86f59976b96eadec0afb84b753859fa389bd91944590288f5dac9279ebb03f7d47def075cb8f4739776b8cc4087fb51706c2954869eee8 |
C:\ProgramData\Malwarebytes\MBAMService\AMECls
| MD5 | c404ace45e0414e07990509638641f7c |
| SHA1 | c0fc21241d4195f9a76e7b91210822a3e36393a0 |
| SHA256 | dfeed039860f1a7d730aced9fade456a493c16742e0cdd5bec1fa86699668e10 |
| SHA512 | acba9dfab1988fa63fe63e4eeea21ac75f0e19bba7fb35075ba55e5eeab03f1c40ad870650aaf2ad5585c8a69696b4d1219ffce2ec1e92006c218cb142e77c7e |
C:\ProgramData\Malwarebytes\MBAMService\Quarantine\ab930044-8e70-11ef-83f6-fa9f886f8d04.quar
| MD5 | e569753e4b8c41158ad418963af2327b |
| SHA1 | cb0082879cfa3a9ee0e45f9673ed615cf22d509a |
| SHA256 | 2c31305a0e79aa064a969b9a3f81be7540c36eaafaaf5411aa143df1974510bd |
| SHA512 | a75b5d09c974bb6232947306dcf2937944aa015d954e346f252ff8b3402dd6bcd8f0d9d7af87ccc3a0c4991f54de4d11a6e6879b82d764a1ab7b2ee6c3eb79d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001d8
| MD5 | 0e3d96124ecfd1e2818dfd4d5f21352a |
| SHA1 | 098b1aa4b26d3c77d24dc2ffd335d2f3a7aeb5d7 |
| SHA256 | eef545efdb498b725fbabeedd5b80cec3c60357df9bc2943cfd7c8d5ae061dcc |
| SHA512 | c02d65d901e26d0ed28600fa739f1aa42184e00b4e9919f1e4e9623fe9d07a2e2c35b0215d4f101afc1e32fc101a200ca4244eb1d9ca846065d387144451331c |
memory/8840-11263-0x0000000000400000-0x000000000072C000-memory.dmp
C:\Program Files\Counter-Strike Global Offensive\inf.ini
| MD5 | 50cf5343c4c0d3b94c0aa4957419f76e |
| SHA1 | 9384ed137a3bc54d2c4f1649a0bc26f59786d3a0 |
| SHA256 | 4325d3e643667d73cf27e35c51fa00ad4d464be92cac83e793ba638d341446c5 |
| SHA512 | b8259b7b18ee992fc3c2ffbb9134c01cba091f772f021c7da17174d881f087b5c1f881caffcc6dd83626bf17459c448e5089e4302b09bce92fb7238e6bc0a75e |
memory/5132-11293-0x0000000000400000-0x00000000004F0000-memory.dmp
memory/8840-11292-0x0000000000400000-0x000000000072C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 40ffbc65093f3d436c900cf6f1b57573 |
| SHA1 | 48047f300525e39cb0f379c7fb9707318afc3908 |
| SHA256 | 03f8f0261a1dc0e903110216e0042fe207cac669c613b9259ccb530ddcc9669a |
| SHA512 | 2be0f09c309a48625dee99dd6e3644ece46eede7f9900ac071844eafaaa0d6296fc3ae02762e9b2ed8864149c9b2711569363b9500fe191c5caca5aad0fde3ce |
memory/9084-11313-0x0000000000400000-0x000000000081D000-memory.dmp
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | f7cfdd225d2d533dc1f733434b852a80 |
| SHA1 | 96746482b2e9f5cd82132caadbf001b634473ffa |
| SHA256 | 02e5da68ba8ba7cdb03b8dbf15e13f8c519af2fa22ca72d85e67a394864e8c9e |
| SHA512 | fb2101c4be5b39a7f95451de2c40d3484ed4ddfd5eba6daa55144c2089b82a0c956e8bc066618827488e998b35429a6070403f9546dce645dd1112a2af9a5df6 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 6ef1ef98c182b49403663e6918470912 |
| SHA1 | 0e094e9e1a48ef4f21f82f55a9df27d4d076b174 |
| SHA256 | b65be8f06b0a4412bd2f871fd2456ba3683a18a74ceecf54e5d8faede9b10800 |
| SHA512 | 7f1e06b957797ad81e3c42f74ab021ad8a0d12507452691fbde0f78a8657d3cf4f9eefdea1d5a5d69bc81aa304c48c0454d4a9f0361b614e38128b97f68beacb |
C:\ProgramData\Malwarebytes\MBAMService\ScanResults\07ff57aa-8e72-11ef-b4f2-fa9f886f8d04.json
| MD5 | f229806fea299ec125230d704b93d75e |
| SHA1 | 42d29c67d0d2837c355e1fe79764d0d09c49d320 |
| SHA256 | 98387e01d4178270de992bb254ae287c21f4e3544da12239097419746188da93 |
| SHA512 | 35bd3bfd9076989be00ecff06621cf76b6e457aed69f2d501d9f3eebfe13335c487afca09a71747ae803a8aa558a949e99a01a5ceca5b18b664ce94f05e95589 |
memory/9084-11404-0x0000000000400000-0x000000000081D000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4d9e4a98b856a142fe31a36e4fec313b |
| SHA1 | 712ae03f3a5158a9b5cf5ec75a146cf92ba7c0b3 |
| SHA256 | 9a53934b9cf631e2532f833e215922873d83656b5167c64b677a079063964b4e |
| SHA512 | 82c50078ee89aed72adf9ba92dce05f07724ec0baf5f9d92135a9334417765c843371a9846f48af25bbf9d007443adde427d485778f48922bd9caa729d996e49 |
memory/9084-11452-0x0000000000400000-0x000000000081D000-memory.dmp
memory/9084-11469-0x0000000000400000-0x000000000081D000-memory.dmp
memory/9084-11474-0x0000000000400000-0x000000000081D000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3ecf9bb5ef69ee731742587a8b136ad1 |
| SHA1 | 9c1f9399c5e1948f285a49a20c8a21b1a9719f42 |
| SHA256 | 95297aa3e2662823b2f6167b9a0901a5f7772848738d86d0e55041e1e33c5ae2 |
| SHA512 | aa10978140eb0235b785225a5f32ae11400732d402cf848e05d47c36e0eaac822f7e23e500841c317532b350928b6b5b1081dc0747dc37d0cdb535823f536a88 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fc70ebde0ab65c0a_0
| MD5 | f34d50414a8fe900678c9d95e73c4945 |
| SHA1 | 004cf59b9f89841d574f5a6de1ee185395b49cde |
| SHA256 | c278ccade5a0c9c9b8469975059c0fa3b3f6821e1db872f1b0e1e7cf23a71f3c |
| SHA512 | b0207a167453a6f7032d9e847c7b53789d7e031dd12791a86401d01cfc83f3537203fb71868c21f536a13d5b1243df20fb50a8fab5c885e93289482b6b1835b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 696c8ee2b473984324b78b852634edc6 |
| SHA1 | 0d1d230fb117b34d43067c1a7c6db76b7802f442 |
| SHA256 | 530846846348424f9846a900c01406ceb5726e1762dd593191f7472e990f506a |
| SHA512 | 0cdf9c49215e5b1d60c2bfa8d570d710d64a84085ebe08fdc0799ad284a5c6a1e9b210a7c2fc7adcc778d2553bc73474ad47958a3a91bd77de6a0d944e75b9e0 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | b340c99b5f10f2a558a1e6e7dc3a4dae |
| SHA1 | febb78092b838f7aabaf54a081c61212bdafb41a |
| SHA256 | fd68c6dd75e28caa9022532863df99613b778631ac0ef6f496acec8e1095f9e0 |
| SHA512 | 12f42e19da030d680a8b823e9888d99a2f48b5713ba83df24c7dac8e624b4e1c95313721f2fcb25c0495f6da0aeb7768f8ab596927d9d1321b2b9a296cd8c410 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 47cd490b0b9e5543324066a1861a71db |
| SHA1 | fb78c0504950f21f19ed14fd0efc5381a594aef5 |
| SHA256 | 14d459f24137071812aabaaf666be8e9eeb85fa535831a54c34d6c3ff766b5cf |
| SHA512 | 3a6c3870fdcd9ed816be5d61b29c9b50406e4925251b67f10d81c913b52dbdddcb43d3f8881733b2668491521c7b18f50ba5c551f2b113409c6bf68edd4fe549 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0f10676dabfd2cee3bf3f12456625329 |
| SHA1 | d16b206649f9f42eba27ff6b36783d2f44498f4a |
| SHA256 | cd3ed1b8c6387c0fe214dddc0bd9b2a0ea491e1fc790a56b6193d18c5bce9c32 |
| SHA512 | b7dc2b6f57a3a5bd5404efb83dd30eee0337a5201ea89a151923839e7ac2084247a6f0c33615f079ac3c23b27c9ce0547afcdcabf410d84c2dc3f4e56bae9e7c |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 3d4e4276e166b133e3e3d965c2b65012 |
| SHA1 | f3fd953166e434b20c514638563e09680167ad22 |
| SHA256 | f96afc949f6b24fc05f9188a07eca536b971b5e9aa3a6edab054640172731628 |
| SHA512 | 62c9c4dd9667b2cb0b3d01fc881cdd2580db3a38ac17e197ff2f3a526e3e308b6d10a664ad7ceaffa4fe3aceefa0cd164b24655b18b3b4bfe03ac5666fad9a99 |
C:\ProgramData\Malwarebytes\MBAMService\Quarantine\af94b264-8e70-11ef-95aa-fa9f886f8d04.quar
| MD5 | ad85ef4ab903b27e95c5ad4fe116c41b |
| SHA1 | f08464ad607471f25799cde0b27ffa83af684121 |
| SHA256 | 4e498c08b97d51ed8c9ef5a46f4b1ea925504d8d96cb37802e473d9d03f7c115 |
| SHA512 | 761f95705ec494978dcc7d5c1221aab2bdbea68825b7b27aa5e7c4d278d353ebd3631d3faeae7d3f62633348bbac92a2fecd23ad3e2591f3565451f8a37c7e11 |
C:\ProgramData\Malwarebytes\MBAMService\Quarantine\1b48ef60-8e72-11ef-bffe-fa9f886f8d04.quar
| MD5 | d3800ec3ce5748fca2c2ac29f3043b3f |
| SHA1 | 3b6e9d627c6555b12f7898a06c3e19a7f3a9a039 |
| SHA256 | 4da368e3017ed30a75652448f18e8c9560a0eac68e47e5d1664349af9f89cd2d |
| SHA512 | 9f0530c30cbcb7331ce12c65323b84fdd434448662ab526cee20e981408f2ffd5c890a15c8d2549fcaf1bbbbdb133cf19a183e8c5ec4e2cbd28dc05ad2f31121 |
C:\ProgramData\Malwarebytes\MBAMService\Quarantine\1b5412aa-8e72-11ef-83c2-fa9f886f8d04.data
| MD5 | c79bf59df2a7948903c0cf4c88b07efa |
| SHA1 | c2730c9d997042148cf0abb4c659459e4d01b8a7 |
| SHA256 | fa787d77fef3a7e9c4251b4bff0859c41e982cbb31a306a19f7162a5eaa414a0 |
| SHA512 | be9ba38e79f1e89121d9a8fad18478a8b6a3de392eb5118354d606823574910c0c62e0bbbddd5c005ec3dd04dd99f24664ca031129b86caf672ad4ce3d79e769 |
C:\ProgramData\Malwarebytes\MBAMService\Quarantine\0f2246d2-8e72-11ef-ad4d-fa9f886f8d04.data
| MD5 | ca30f4643669de4af40ceb6560f24b68 |
| SHA1 | 1df9d2ec7349469a3cfe8a96c57234346589b8ee |
| SHA256 | bbf4aaf96798dd5a1f76d684ef306102af298c576574df1e85c626bf486e5300 |
| SHA512 | 39819c73e9f39bc26ea1734c343dbf17f394c022e2b57771e3eab3a79343d90cf7b6fdefed7dd19910fdd46bf103a3cd74f6bca4919bfe0c8887c1189da73d04 |
C:\ProgramData\Malwarebytes\MBAMService\ScanResults\07ff57aa-8e72-11ef-b4f2-fa9f886f8d04.json
| MD5 | bae1c354f6ad1e46b510e4ddac43d226 |
| SHA1 | c4f463e04924fa94ef4124129c365d08be42a565 |
| SHA256 | fe03d4d5841ef7152c47b4ad9172a6b2adb1182001dbb85dd30e14298418157f |
| SHA512 | e454c9e7d247ba772ad3349accc94992b4968c05cb67ad3177d10019c0290c5afc488db592f0ee87377a8aa593a9b6550cb0bff63372b8263bd8a8f474a75f9b |
C:\ProgramData\Malwarebytes\MBAMService\Quarantine\1b48ef60-8e72-11ef-bffe-fa9f886f8d04.data
| MD5 | 84cd8f5a248b1b31ecb14ecfa46416fb |
| SHA1 | a8a6c615c4ca7af14838293205080b6d2fc4cb8f |
| SHA256 | d2dabe632e642c6c0f8daf8b1402bcae15fd7629e6ac637d62e82371c1ef12ec |
| SHA512 | 0125ded293efea4b301c9e40e2b78384e65bd1d0ddf850a8450eb3f930fc01675e9834b3211a0777f94446ab74e39b1a055678269025a1bb28b7fef2eb83999d |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 403e78cbf2d673d10e96c395e46265a5 |
| SHA1 | 1c8ee0ca9416278f0ed86a66565393c57dbc8328 |
| SHA256 | 9e866d2175d34f9d852f78ccb70cef914057564976990053e1d24eb26f9ed4f4 |
| SHA512 | f5e83d99d582eb99e9d023be1daca05218537986dd0e8d119f7d87b037b279cfaba2e8293a22f893c580f66b1a1e90159451c03f752189b73e59230b72b5b180 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039
| MD5 | 3051c1e179d84292d3f84a1a0a112c80 |
| SHA1 | c11a63236373abfe574f2935a0e7024688b71ccb |
| SHA256 | 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3 |
| SHA512 | df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a
| MD5 | 68f0a51fa86985999964ee43de12cdd5 |
| SHA1 | bbfc7666be00c560b7394fa0b82b864237a99d8c |
| SHA256 | f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f |
| SHA512 | 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fab4b53894f8bd6c78aafe2183ef609d |
| SHA1 | 867536e6b67316870c0d9d84296fcb18d4a675c9 |
| SHA256 | e00a12bd43020192da10eb288eac160df6a2a9743045d21f22a74c4dc9ff1268 |
| SHA512 | 712a76b8754aadf7d08d6bfd4841fa637b84fc6244d0127158269ac377a8c8c4af404b678b13820ba1c67dea13dcc797adfdb5c88b9e1191db24416ca5b35a3f |
C:\ProgramData\Malwarebytes\MBAMService\Quarantine\1b5c9e7a-8e72-11ef-b3b8-fa9f886f8d04.data
| MD5 | c9d6cb60ee61d5e7fc4787abfbbff368 |
| SHA1 | bccbde064bd150be136360c31eeb36931823eda3 |
| SHA256 | c834df8633e1e960312e1bac868496ac19a04da00992da9fdc0af386e5852b10 |
| SHA512 | d2bfb89e71aa63195924775de87a6cd02e270f1dc198e376018da8a791ae4081c2fad3781568ede52fe051256d0d385282627d573dca1244ea4a322b2f6c5121 |
C:\ProgramData\Malwarebytes\MBAMService\Quarantine\1b094e32-8e72-11ef-868f-fa9f886f8d04.data
| MD5 | bbdeadac592765403e832efc77128d5e |
| SHA1 | 92d859df4dd118e90cf580bfd9755305e53239be |
| SHA256 | 574ac4bfe7373f544ddaef7e7f3db9d543d15728965a45fc9ca1f2b456faf29a |
| SHA512 | bf6908dae487a6bed9126ef775efd8f23676ee9ba18e000d50c5c1db95ec4e4b22f8b279b7657544f99ec5158cafe43c43b008c085044cebef6a7f514da13408 |
C:\ProgramData\Malwarebytes\MBAMService\tmp\5fd6385e8e7211efa152fa9f886f8d04
| MD5 | 816b142a4782c9fc6e2ce955601e6a00 |
| SHA1 | b1235a1f1196ab02000f352b48b8606d39b0287e |
| SHA256 | 78da1f2e75bfe4a08e5db173d2f1e174c47a0966552616b8bb7510e983abff9e |
| SHA512 | 9fdc9259b01564ead791c9a4a0a7843f292c44ed83318a258ae91f71967e9908b7d0d1572ee459925893e83eb95a2ba1b808ea5eacff80398736d628031952e2 |
memory/9084-11937-0x0000000000400000-0x000000000081D000-memory.dmp
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | fba406732373ef3da8c3b289fd2036c8 |
| SHA1 | 440051532c424ab7515564ca6d4ea7d6282d6b7c |
| SHA256 | 9bae68898830fb5bea4059679ad80068fca9befa0a645cc19f96ced3bc9e21e4 |
| SHA512 | 26f8de12b3edb59f6413ccfe55f68f3434dedd36ad15f45616c2603075196ff944f0447e8ff6c8b20df4c662d1f8f448d1b5a678465aaf0bd041b4ce5627119d |
C:\ProgramData\Malwarebytes\MBAMService\DDSCls
| MD5 | 7be0363b68f49088437bf19f72573141 |
| SHA1 | d0cb19aed2e0c472a28afff6348634e114a7f8e0 |
| SHA256 | 57ccbbabf6b709055bfa84d88b3a72351ffc488cdc1465b937b4beaea4a52895 |
| SHA512 | e35f04b01a44ab20819c72723fe7677628ccd6f7195d6bf5ffd807300db8e46702e8f5e6eb93cc3540fffd4db4837a8eaef338c0d35799003e8349f6da0b8ace |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 3d221d896092a97fc26da1b673e0f3a5 |
| SHA1 | a01867bcc14bf47319726596ceca6132a3edec35 |
| SHA256 | 1317a4667b6e3c939acfede52b579b7c0a6605ea521b3f18ad2bb9140d2c93c6 |
| SHA512 | 91eb4c9f79b878cfdfcb74830d80738deb9b254837520d7396b767803fafb0be8616752e0f687e5e5d602cec99d0487eca46b55c5af881cd4523205b19a56e24 |
C:\ProgramData\Malwarebytes\MBAMService\ScanResults\53067ec2-8e72-11ef-b420-fa9f886f8d04.json
| MD5 | cf156fa02c5e56f692f3453d92433057 |
| SHA1 | f79e88684d5c664acea3534b5930350907f7223a |
| SHA256 | a470ba2838b4eff927b3bf9cdc2e69e1d441d39f686f046aeacb01a461a044b8 |
| SHA512 | 367826c9d7b3ef02dd4661c80aeb8d0084f096321ec70556ce7bb2d54ae5ef4faee73fa8d67d3bb9e552ffeb6a0667da1c29960bd10cca7db11ee3da75c2be5d |
memory/9084-12038-0x0000000000400000-0x000000000081D000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 93b82f01976c9dd0614fd5e9b0a6e3fb |
| SHA1 | 2ca00d0617301fa1953fad1ff2d6b62b0d2d0c07 |
| SHA256 | 7814f18ed96c01493d2311faae6bf61c46b462f385bcb7d0bbd2070b265ccc6c |
| SHA512 | dfcded933bb8cba531fa2833c68572b1ac2cdfba8c2f56c70f559685d12054013aee8654f065139f58cd63b6629be49137869fb14b5ab448fd4809a217f6ddf0 |
C:\Users\Admin\Downloads\Unconfirmed 686503.crdownload:SmartScreen
| MD5 | 4047530ecbc0170039e76fe1657bdb01 |
| SHA1 | 32db7d5e662ebccdd1d71de285f907e3a1c68ac5 |
| SHA256 | 82254025d1b98d60044d3aeb7c56eed7c61c07c3e30534d6e05dab9d6c326750 |
| SHA512 | 8f002af3f4ed2b3dfb4ed8273318d160152da50ee4842c9f5d9915f50a3e643952494699c4258e6af993dc6e1695d0dc3db6d23f4d93c26b0bc6a20f4b4f336e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6dd39ffb80e4ce30_0
| MD5 | 57a788eb5de8d90501c0dcf4888a0158 |
| SHA1 | c9200d92b2a286304328f3e82d42ed5ea2849d59 |
| SHA256 | 727f2c3d4590a350020fdfcad3db61f5e00ad460936717e3b75a48f69e2ba2b6 |
| SHA512 | e6ab643e5bd050cd492943195b9ee24d75c5fe24de4960e09c807fcc11cc175fb620d3548786b0a7607201742e359b5e9dee8c69573ced40fd65b26b17995a40 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2cdc24dc350e2228_0
| MD5 | a59ce73799f38070871eea75526a9bf6 |
| SHA1 | b2bf6bc7dc9ed124af3a4b260fbc9db758d1b910 |
| SHA256 | c3293fb9b3d64f42f785a2d5dc56c934140c37d0eaeec020777156e3496dc829 |
| SHA512 | 3aba90a9e62fb58b95de2bced2adb8a194ac39b69103f84ea24caaf6f33453b7a1b79388469d214b51abe7b708384a3de17e7b300cda9e08487c0fb77230b6c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0
| MD5 | 09116619dcb4ef10f9fd371e37d59bda |
| SHA1 | 99d09968ce9caffb4ae120c53c64ac5783144124 |
| SHA256 | 8cc2d46afe59e4a0f2ad0cbcefb92f8c8fc25e544837e684c204195df541d8ca |
| SHA512 | db3424cb76da489fd4ce062747bf9f41b5de70c190b4b10b6c80fc383725b7f9c655c5477f2472fe22784a15e221964bd6f5c94ee54f0ab6eb640e078aeb228a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f9
| MD5 | 6ad95e97ea7616b91e0ec9fa1430812b |
| SHA1 | 5e726f7b82481387030c3119887ea7fc0cec1e8e |
| SHA256 | 155bfa8f8443091ca84bd726cd6f09c0fcc42c8049281222cb3dc13e182c0d74 |
| SHA512 | 188c56e52b1302b2ddf9cc0302c77c7644006330e99569bdb6e2a9085b72e1957b1c39cb75a56a0cf00fb8dc0e70f599d8e46b2fbe6c7f8e825408b6a12059b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f5
| MD5 | 2e23d6e099f830cf0b14356b3c3443ce |
| SHA1 | 027db4ff48118566db039d6b5f574a8ac73002bc |
| SHA256 | 7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885 |
| SHA512 | 165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f6
| MD5 | 6284a51b81fc2bfd56868d95b3e60f76 |
| SHA1 | a794f42d9dc3d819f28fd645cb5aeca69a8fdd7f |
| SHA256 | 39f38531513eb2d6379f23052ffff6442446eefaeb16ca1aad33787334bb3c11 |
| SHA512 | ab69a8edb8930dcc9b7155201635be9e9e74628eddbee106459b63f3f38167387420d75433ad1d9acf856d236e948859e343fa99028bc56301603e1a5931982a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000fa
| MD5 | 76d82c7d8c864c474936304e74ce3f4c |
| SHA1 | 8447bf273d15b973b48937326a90c60baa2903bf |
| SHA256 | 3329378951655530764aaa1f820b0db86aa0f00834fd7f51a48ad752610d60c8 |
| SHA512 | a0fc55af7f35ad5f8ac24cea6b9688698909a2e1345460d35e7133142a918d9925fc260e08d0015ec6fa7721fbeae90a4457caa97d6ce01b4ff46109f4cd5a46 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000fb
| MD5 | 2940076ef5b451648e126653123622ea |
| SHA1 | 46adb402ebad36dc277bc281d15b4b9643c4cb6e |
| SHA256 | 2766045315b53c22ce78b0c83624a7f52000765c55061a9deae19ca67897d664 |
| SHA512 | f695bdf186be90f1df6d303bf5beb5bec9c71a069978fb6adb23b68c893ef7ca0c5da2cdc32d39cdc9a8f0bbcf0050abeb3cc02c75a2861d9434591ac8680922 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f0
| MD5 | 1b6703b594119e2ef0f09a829876ae73 |
| SHA1 | d324911ee56f7b031f0375192e4124b0b450395e |
| SHA256 | 0a8d23eceec4035c56dcfea9505de12a3b222bac422d3de5c15148952fec38a0 |
| SHA512 | 62b38dd0c1cfb92daffd30d2961994aef66decf55a5c286f2274b725e72e990fa05cae0494dc6ad1565e4fbc88a6ddd9685bd6bc4da9100763ef268305f3afe2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f2
| MD5 | 7fe4c7e5160e07920449b17f3b7c2940 |
| SHA1 | 4efeb29ad3a180976839c958709a321da3c2f2dd |
| SHA256 | 9fd3b41781ffa2ca9b86df84c8f4ffbe0edb82b154ce03024659f7fe1814ec68 |
| SHA512 | 421361c4f519b3f3b5e0be9d47cb22252d6dc865cc8d82389b632206b789d4ca4d274873e411c563f75152c2a3a33c83d4599e685c45a0c017870a43dbaaa079 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2d8fe49bdf07e192_0
| MD5 | 6ec876cf47b391dfa4c5fc5ec4efe419 |
| SHA1 | ec0d7a26b853fc3402c662dd5c60e3466187222e |
| SHA256 | 3341e4bbf52d740b6803292485a4a962e7b3b6728225f3eaf16e271159f8459e |
| SHA512 | d724c3f7801e471a1f40cd9acc78078fe5e232a57c79906d0a170acc8fa1bd9f7488b58cd79d57037efdbe1ff46b3e13231fef717bc08612f54aa6b7d4e44086 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f8
| MD5 | cfff8fc00d16fc868cf319409948c243 |
| SHA1 | b7e2e2a6656c77a19d9819a7d782a981d9e16d44 |
| SHA256 | 51266cbe2741a46507d1bb758669d6de3c2246f650829774f7433bc734688a5a |
| SHA512 | 9d127abfdf3850998fd0d2fb6bd106b5a40506398eb9c5474933ff5309cdc18c07052592281dbe1f15ea9d6cb245d08ff09873b374777d71bbbc6e0594bde39b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f7
| MD5 | a14e84d87d0b93d71ec0b85d57144dfc |
| SHA1 | 1abb95e6d066c3c21eb96c0d87d36019b2d5c920 |
| SHA256 | 15951b261ae3172cea93d7b64d3f7c31e8e7652e63d3e5d221ae34b91285e8cf |
| SHA512 | a5b95f6ca6b7f16950b35716843f0fc51278cf4124e5b01c1210ab0bb4c3e049fe8888dbe0d771f1ba3ba5e26ec1a18f5fdd5a3e4e52903b036f341a6ca4ae41 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f4
| MD5 | 0574f47de6f1121ae28fa42fc0d3118c |
| SHA1 | 6c0d31c44638f1190a6541f251c3e8adae6ce0e1 |
| SHA256 | a14ce3a9f80ed2fbce9fe611f5055e7dd2f933643de5b4ed4bf76c6733d61041 |
| SHA512 | 0f6aa0571aa4d5fd9bab421d1d2af8c6529ab6512c29c8fd68637a3a34de66946403f5a78a1b5d84903adb36ea60a8c3ea361a822eff116f6617a52664c59038 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f3
| MD5 | 7eab02c9122098646914e18bd7324a42 |
| SHA1 | 5e2044e849182f1d3c8bcf7aa91d413b970fc52f |
| SHA256 | d58d66c51a1feb9af55ba4a2dcf2c339b7976dd011fbd5d071ca86b9d7f58a42 |
| SHA512 | dbb0f94de62d7d77d4bfe6c298043c559a0d4bc117bd7dc1d627caabffa8e712cec5e3adb4a737b350429493ac0ebfb81c8759aebed41b30218d0e7ff6f3196f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f1
| MD5 | 2fc909d72b9efe85b9edee40caf9acdb |
| SHA1 | e49a82568d68cc0df49a9018918e8d9799be5c45 |
| SHA256 | 4dded3fa8a503272c8d1500d6e0667a1ef57c61ba5332c48e3219bb6f8e1c030 |
| SHA512 | f5a1aecbbc881e2059d30203da5a5f68dac2c1128926e8d33be79e1e3c70fd3aaae350090530c9d190ad89ded6539200821d6acf5a3d122313c7bd7e84f30bf0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000fc
| MD5 | 5631d14803bfeef2b891791f0c8c456a |
| SHA1 | f6cded7f79ea091f23f0b8cdbd1f97d0a412d721 |
| SHA256 | a0a76e5cb026f6bb2621896a5d5b0730f9db44d979de5d65f0541ec8a57d65b2 |
| SHA512 | ef30bc67ad6e3041cf0e77b5ac6c46fff59e3cd53231df711ad946e1b68c158e60878ed954e4d2018adb4b0695a23313df1f652c70cb018ef5a58cf1d4ed39d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 33184c719b4359a7e9e08e6566730fdc |
| SHA1 | 9c419186c9139b3014b75c260fbf51f41936e549 |
| SHA256 | 1cb9d6a1560b97d422d0e86b4ea7128d82a69a127803d43979f1457a2af782b0 |
| SHA512 | 96147336483d02179f1e9e4e4214abd330f8ec59ed0477fd05cf5162de2c40a2127bffab1608a7d1591a72d4d684d1e8904ef7f10285808ee4695f21147d3606 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4f032e49500969f1a784b1620c0579de |
| SHA1 | 7744a34b0a4265c16057651a630b896dad1209fa |
| SHA256 | 61d85dfa792f8e5b39dc93f5ce9a14264838b081799f0d290771b6586a1d3d8a |
| SHA512 | ea63c1fbe72c360363ffbf9d843fcb1866b9b1b2ebf26d24ee3565959b3449d83dde571c58a76bea66cd42da0223adc4f5f74f6b76d282551fcd674d3fd8e980 |
C:\Users\Admin\Downloads\Ransomware.Mamba.zip
| MD5 | f94d1f4e2ce6c7cc81961361aab8a144 |
| SHA1 | 88189db0691667653fe1522c6b5673bf75aa44aa |
| SHA256 | 610a52c340ebaff31093c5ef0d76032ac2acdc81a3431e68b244bf42905fd70a |
| SHA512 | 7b7cf9a782549e75f87b8c62d091369b47c1b22c9a10dcf4a5d9f2db9a879ed3969316292d3944f95aeb67f34ae6dc6bbe2ae5ca497be3a25741a2aa204e66ad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 79aed039f9e7df84ebbc2d764914a59e |
| SHA1 | e5e6fa0702880445247fe2ca00df5440df0a9058 |
| SHA256 | da24a20ec1b7114b022dc80261e749b07b77a3799a1faf9e823bdd637b56bd6c |
| SHA512 | 8565fe9d1a2f875484c812f48c68d579240f39e5ce6ffa9c185216365a9714e0d4216dea01d1baf8c30305d71608dbfe0bd829bbbaacaea02bfe4c8c12e5b428 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c49537c83e0b8b30dcad2b0a91a88425 |
| SHA1 | 4b1b826b6b5119ae6166c83d20dd7551b6f7f6e6 |
| SHA256 | 01e66541ca04c28a5fdd92a996c72be35cda79428b89730546f3a868180bb47d |
| SHA512 | 34c1c3b8d520aeaa982d103045e7319e54c0ab2c183f7f295b3c3376b06bb31d5f8bbbd5a9d8d96d232d994a50546ede62b28f5e28d76683bfe1a6d72061abc1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3c545266bb843ee794acd2c82bfb51e4 |
| SHA1 | 8434744dc2a0506abf3a274a7e563eedcc349d69 |
| SHA256 | 49e3a7a583d29a33f1b71ad61bf6fb92f83bb58ca2d8d47c75b57c624600a161 |
| SHA512 | b5d10b31b81c59a0f27eea0ec3270d2a60dff2a36da85ee1c00befc831101a79ca4e2e9855c42044afa154b8ce282f1e04a11679051358be3071f4aae8c37183 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b90de343a595790643fbd726b3b0b234 |
| SHA1 | f99c6b48f75077481a7309cd95d818a7e3c6c85d |
| SHA256 | 70be4d0e80eebb7cb828be30fb9d7916226e2b8b0eda9aaa20f6dd065e297dc1 |
| SHA512 | 2f811f0d3563c3b009a2bbeb4db5bf6fed2921aedda06a9b8d3ec578073f8d2436c1e0d939152a456185bbde4994c4f2b62215e522892a1cfaed861af3815162 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c76f027e45765ca4e4c93eb92bee4341 |
| SHA1 | 1dda50fe1d070ffa6b184f49d6fc0610de9dea2b |
| SHA256 | b93742ccc6485c999ec75a0584982938fa707d7756353ff5cdc12ccf57880c36 |
| SHA512 | 3c216f40ac6cee4e6336f7202840972053435b94e126fcbc4f5c1ffda8fb65f488036152f2ff410a3e09004a870726a8422b565c2493e9f48daac2e68fd04537 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e8c51f681e6d3dc8e341e906f097da41 |
| SHA1 | 2ad2303f26b31cba4225e4325fdbe5e7828fb79f |
| SHA256 | 87779fccff7084f133e2e3ef8a49574a0172a5dd8c31003e5f5c3ef3b7d7228b |
| SHA512 | 7a67237d77fedc10ab9a446bb793049e266123e0375e27b1751182e1bd299b256576770970e9051935392030dd232d5d0bfdfa3f2ac98b265cf51835a5fc0676 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001f0
| MD5 | 6884a35803f2e795fa4b121f636332b4 |
| SHA1 | 527bfbf4436f9cce804152200c4808365e6ba8f9 |
| SHA256 | cf01329c0463865422caa595de325e5fe3f7fba44aabebaae11a6adfeb78b91c |
| SHA512 | 262732a9203e2f3593d45a9b26a1a03cc185a20cf28fad3505e257b960664983d2e4f2b19b9ff743015310bf593810bd049eb03d0fd8912a6d54de739742de60 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ddaa6008a4863f01ade7c6e797d7a0e0 |
| SHA1 | e862247acd4b12192b8394ae0e52c7d040cb8530 |
| SHA256 | dcd0db3ca6131b912be2b12cd044bff1e9a8c0d5fe741dfb5cb365380e43953f |
| SHA512 | 4ecbedc3dc844b577ae1316dfe920dea037841323020bdd607b7c80831970c4e8dd6f26cdc549f71480f9b3d50fdd4766a765a362eb1cce2d13b79be96d81574 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a49c3d0286b15622a5881b6c68d8fe73 |
| SHA1 | 47fc02004cc1055e41fc6ca5bdd46f8d84752ae0 |
| SHA256 | 128246a0607c06ebf78f26266af3b1c5ff306a6d974cbedab41ea354f7f9608a |
| SHA512 | 91f83c4911046b3a9d628babd1bf6b451c249db171683050e376d45e738dbf526354be7457596a1b6511689d50353501fd44120e499b7e22583e01fe656cbfcf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b19d310669978e917705ad56a0c88a71 |
| SHA1 | 1a8dad9f7d0409d6a7e7a4ced5332efe8b5d3ae7 |
| SHA256 | 20344fcff95571691dbb2dd644af284a20a98f6242272c2e52c995bb2388dc35 |
| SHA512 | a9b706dfb218b0b5ae902f3e06d945b8a6739c751bb730bfcdbe4f8e4aaa641c17c3e4d7e7bdcda0742d0170e942c4dcf3f474c09a33393620c209ee9371328f |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 247b1829750b0d823183c2bdc249d30b |
| SHA1 | 6289998e7ae81d051385cbf8fca1fc904f10e5de |
| SHA256 | e620b7f96d94d65885fa3e2a1c295c33dd38ce85db688f93b18f51e0ca57bd2b |
| SHA512 | e82d69be94d45202b9a39c5e70249694839107425725eea9ab46e2f9cc6b2c261305ffa7760edc9e1234ab4db0cc9c40108b8109d8bdce422612775d77aff2c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d64bef41906bb8bf41a80dc7fda945bd |
| SHA1 | c9dad53dbd111650ad88bfa45f645ffba5e7ec39 |
| SHA256 | 0103c785275a583a00901608497d58322af332fa63122b5d8ea52c4c9f9f0ac6 |
| SHA512 | c216c4586e381affbbeb0ea3b6c8145d5cab6e5428f998b1a5c4820dd6360f8f3874f1ef9d77992af4e3359e4b1cda53ac94d0b3fb417182cef5dc1127c70c41 |
C:\Users\Admin\Downloads\Ransomware.Thanos.zip
| MD5 | 00184463f3b071369d60353c692be6f0 |
| SHA1 | d3c1e90f39da2997ef4888b54d706b1a1fde642a |
| SHA256 | cd0f55dd00111251cd580c7e7cc1d17448faf27e4ef39818d75ce330628c7787 |
| SHA512 | baa931a23ecbcb15dda6a1dc46d65fd74b46ccea8891c48f0822a8a10092b7d4f7ea1dc971946a161ac861f0aa8b99362d5bea960b47b10f8c91e33d1b018006 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | eb10f17f39b12cef8ca2e1d117cc5125 |
| SHA1 | 858ef2a231c9fbfa43418f67d4bf02b5d9bd888f |
| SHA256 | 16699656d3ed4d8c3befdca0b7c9dfb80206ba2fe22ef260d48c286e99cf0aa0 |
| SHA512 | 245f1c5338022327bcc0cd5f7003c8bfd6bb4bf67104481b332934d5767c2b67c5244a2c68286afff8e2d7058d3cbd887fe59e4b89e43e5d10940c351948bc3c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ce38302e95e7874ffefbe09076673fb1 |
| SHA1 | 33deb9878302bef0440615b398312810e8e73888 |
| SHA256 | d6ad4347768cd6c80d21af0dc427aec971aa7bdec16dc9c8b2d920b56ce1205d |
| SHA512 | 8e70ce24265d2851325140019da184b97bff703728f48c9ca9a11ecee1f1a92ec9c92a49ee29f0b4a996e7c1a9965ac98dfd7596ce19beb049a39416652fc38e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\f774fa9c-f065-46df-9b00-9f417521f77d.tmp
| MD5 | 2af54a0458df3daaaa4fc1e9c7c9cfda |
| SHA1 | 5e1d98e595ff81cc12e6aef4c84c968ad8656c8e |
| SHA256 | 75248cda2522e621c5a29e7e2e8b6fcc8e343279d3c04020962880302c68c71f |
| SHA512 | 9150706eed838bdc7a4b3d02432901b592aefbeadf72e7e015085c0a95b0a0819e610cce34bf7e4bdcd5e236c4ee86a16e0c312f9e67170076f4045e8c915332 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 412a8df59bec2d9529c688fb28a393d4 |
| SHA1 | 2c05f2c21928be1db45bf7846accd52cee888053 |
| SHA256 | da394b752ca3949fc8333e1579a82c6e5052c703fc455bff415f106fa60a542e |
| SHA512 | 1771f33fdeda3d1b8da9d59ddc2bf9c6755f29b47a5b2101ea8d53ae5bea542cb9b0a4b3fd0e39d109c7d66bfc13af6ddcfc2fc47d77861ba9fce4b6a5804548 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | efd92eacbd514f5a5e8ea22688458f39 |
| SHA1 | 6076084a5effd81f8256ebe61be481cda20b927c |
| SHA256 | 552db8187f5957da0edc60a3716a72189062528883155a32913b5c95742e5f92 |
| SHA512 | 1dee9d758f97251a9be40dcc4a675bbad37efd4951578d5dabe87961c00daa774a67a754af0d6173dd0653ba50fc3b66660e3a75eaf23d5aac9d0003b3443088 |
C:\ProgramData\Malwarebytes\MBAMService\HubbleCache
| MD5 | dc124f3d82381b6773ff59c498e06b6b |
| SHA1 | 4837cd6323a84bedf27a56ba26e22fe7e1f1c00d |
| SHA256 | 15707b63dad34b3331a3f42284573705eb04af1d0fa2fa046bd1056d3a3d1689 |
| SHA512 | 518c8c7e451029c10af1220752a5a2e617e832809999e687b1d3c26f5fafecd610f7e5e680d5807c647506be65770310d116312c69554088bf72c4b742c9d9cd |
C:\ProgramData\Malwarebytes\MBAMService\Quarantine\0f2246d2-8e72-11ef-ad4d-fa9f886f8d04.quar
| MD5 | 122afc3523f9d14fe38722632bc68741 |
| SHA1 | 19b9f3f82eeccb766a3a22128368dd5650d7b558 |
| SHA256 | 998a8149e67a6490f2c0e0443164e54b05a1ec946b7e172bf16465dbf1e02e6f |
| SHA512 | 61afa691d9f010a61ea6abb93192b1bd99841ede8a89fd5b3ac673ddf2b2819ab6ddb3cf3409b33746a2173f2d70084c07ccfffba39c83bc2cf17baa03145d7d |
C:\ProgramData\Malwarebytes\MBAMService\AMECls
| MD5 | de0cbfcab31e65edfde24c26e4907d03 |
| SHA1 | 098518e908b977f3cc643202af65ec31667e2d80 |
| SHA256 | a66b2d43e0a43ff4bb9ed7e99fd3dc85a12d0fb14afa1a7a7615afd3b46fa601 |
| SHA512 | 4c76facbffc72766122ffbab72a6204f59ccc92482266b3f3d2d74ca8fb92daf204a01ca0989700170507f2bb768304c2cf5aa15c4c6af878fe82454b3342d5c |
C:\ProgramData\Malwarebytes\MBAMService\Quarantine\1b5c9e7a-8e72-11ef-b3b8-fa9f886f8d04.quar
| MD5 | 8f23d1aba1ddd95a5734f4522e4d7a7c |
| SHA1 | dd9c607d08093a17ad3822963679453341c9a767 |
| SHA256 | 640bc6606b90d850a343a30fd8280b376fda92aaaabc5ab7b2540c624e0906ab |
| SHA512 | 2544ab051c868bff8e092bc6192a0ad3318b44b5d4bac3a24e735276ebd500d9d1c1567e7bfe40329aa18882772fb4dfee42c59cececa414c8a017f56dba0ece |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\206742EA5671D0AFB286434AEACBAD29
| MD5 | f499955114e43ce3f139221f3ab7bc82 |
| SHA1 | 0fb1ec1994f6302f569fbc8ab3983379e00539b1 |
| SHA256 | b1f49f2ba3d5f3bd61a9d7c8bd3e07a05a6d0eda04b72f56b17ec93b96543c0b |
| SHA512 | e2ce1bca7f7dbd36fea11612f8295a88c25f3a4b2035a15d163f942739c5d9e51e3639241356cc4945f6246a0017ad5e884d5fccf5ca21be4e99efbf47a83b9d |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\206742EA5671D0AFB286434AEACBAD29
| MD5 | 01f8f619255cb2090ece811ab65d88ce |
| SHA1 | 8e750f459daf9a79d6370db747ad2226866ad818 |
| SHA256 | 3d29798cc5d3f0644a7e0dc9cb1cade523ea5ec83b335109b605bfeaa7d5f5c1 |
| SHA512 | 46f16bb99340f8d728c83ff093af9d4cff87811d432f92a804741144f0f3fc0aa8011b1efe0c24e0480bd6c7cb7af699077f9b8fc7ec8a40f9f7a186725224c6 |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8B749ED954EEEE8F51A69CEDBC94BC76
| MD5 | b62209b8db8599815b8e6904747b5abf |
| SHA1 | 79ab6f7c913f4ee77896f585eb836cb3737762d8 |
| SHA256 | 08df606fa1ebc19eeb482772f356fe35afbd53fab6a58852e7ec548e11b79c7a |
| SHA512 | 40e7e24b280335e6a2b195807e66741898da01ea5a2d8ceed0c0add49580491a1ad093d936dc271e0a454595fadcc6fd33ce3fa50a6f7652d529c8d249df4d52 |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8B749ED954EEEE8F51A69CEDBC94BC76
| MD5 | ddce882a5c1b814661e39e3e518186ed |
| SHA1 | c8c6d52015c2da7be6fcdd0014dfaa485ca91a55 |
| SHA256 | 432de0722144c03cd6c8fc8b60c7629260f2032e4f48e49a45cc638d8469278a |
| SHA512 | 44326ffaf71668185527b00f0f43bcc888683fbfc93860594a05f3b946226bc3d708d6a5d682ad4143ca9b22dbbff7f5ab6524c1e0110ac87cb6ab8a9a91874b |
C:\ProgramData\Malwarebytes\MBAMService\Quarantine\1b094e32-8e72-11ef-868f-fa9f886f8d04.quar
| MD5 | 846970f24e30c6dbe644e21dc3debb5a |
| SHA1 | 0aed3eca19dbe3c231f7a75d6a139f83ac5e80a4 |
| SHA256 | 07cd254838357308fe59472d73a69f3606e79e7bbff4d2a3ccd2dc795d2018ca |
| SHA512 | 11bbe50807013546e10f8c348eb217ec68b15657de7a05ba412cc5e1e776188f50e5690dd6d73088e3f566626c834662f527d720c0a5ec7bfc16e0c92a16c8fe |
C:\ProgramData\Malwarebytes\MBAMService\tmp\bf5df0148e7211efb658fa9f886f8d04
| MD5 | 01421bd66a2857f89c6a9923e558121d |
| SHA1 | 0f070e19862ce821178180c991d470778fb9597e |
| SHA256 | 1407fa23de3c2ac325e0edf5c360e9bbd4213a9d541aea27b52c0b27a7887e54 |
| SHA512 | 99dcea672f8d694fa2662c1558fa976294ef7c13322affa3c32ea61243e56caf20cfcef0c72f23b0838e17922bd80d617984e5eb13ac995b628719c7d4818964 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d14aa2a50abdd4cf_0
| MD5 | f4bbab032245f1a333499ffa4f2e864b |
| SHA1 | 8d2aa6b4b003b4315703708c7198d78dbe537bf7 |
| SHA256 | c963a229a2564997440bf0275cdb03bd1ca25dd17026a381812e4de75cd3e4b4 |
| SHA512 | 5e213f2109f08f4a39ab3b8f8ba74710db43f713f699e5632b68b16e95e3e2a7d7b58b3ac9708f38a28b98ae296b4af19b4aac2e7568909798489123ed25c9dd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\88d32734f413207f_0
| MD5 | a56c8a882614652dd7da9fd800015dcd |
| SHA1 | adc4e4bbf9f6bf2e726698c227a593461ef50d89 |
| SHA256 | 3337aacb6f1e61f1a1c410ff8b46596be39c82e1d4063a2b83b94e4b4d0d485a |
| SHA512 | c47cac1632e796efe753e9398113bafefc99fa0ad1deffd3efddd1d1e33edbc8fd6c23a73c8340bd6839755184693e80dd6d0a2e3ad2f46ed11415687f9de7f7 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | c76d26949847055a90f2ea495fa50d5b |
| SHA1 | 4577acbe7d4ca00fe7fef66723903777545281a9 |
| SHA256 | a3b0b0e3af98de2cd3cdcca9de86127932175bdaa5ec05aa74045df38fab6dd7 |
| SHA512 | de6c912a604d272af540786283f4ee25301529509c52ddef0979ce89fa4326a70a1b1ff0103f7e6cb7b8e881a9e46eb6a07d6bbd0a0c181af1f3542950b5888d |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 227033de7b3bcf5f801129a1d6894a22 |
| SHA1 | 49a21b2600a185abb40e2e32ed25a7a622ae96d9 |
| SHA256 | 4db876392410ef590535dd85e075208d60b8139907121108e71997b6afe72b10 |
| SHA512 | cb204f1024c348109528bac42ab5b768a98f12b4cd3f5d7042ad238021a77d479bf16bafdf51d736f5b0dfd92dc3e6ba14aa198b797a173ef5f9a2a2bb153b0d |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 463cb938a1eed01d2f73d8b3d53047de |
| SHA1 | 681d3e3be456c341cf97889d4d9e7ccf751777ce |
| SHA256 | 748d6ca8d66b36f7252daaac9a84aebf771bce5de5364eb2e6bb24a2e8a9668f |
| SHA512 | 89790af9e0a53f0e2d3033faaef6efad123b0e36603836cef43e404c672eeb0c4152016690034590af0980c2d09c8cd3badd783c15087d8e012e4daea25a21f8 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 675effe7d5b090570b43cea62e146687 |
| SHA1 | dfb708f9224f5b5cf8413d4c4eee249366d07508 |
| SHA256 | 7bad00a45d4a41805d91cb0390a81fee667974a5e3dfff13937c12665ba90bca |
| SHA512 | 3315756c18f9316932d1bc2421c2458b5d73fccf2155b055b02deda8fbfe4a61aa830a38ee1fbf48d5a34f4d6747e17a76c5f84bdabdd7a2b5be3d03f882a52c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 01f58815d3c5b73382f9553789e1fed4 |
| SHA1 | d8ec72a12b606c953bd6c03786f09b7c2b8d6971 |
| SHA256 | 1bcedc1013e39b8ffcea3e75711f5f51d1be6ac53150fba7e5cfaa185235275c |
| SHA512 | 37ae8120aa413a27843028415502455b85f1a00195697c41f994cbb3595aa1666d1f7a819b1ed8684d9b236f98d9cc4fcb8514847dc07eca2e3026129a84974e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d2ce766858b6d38efee7f28d076f0ebb |
| SHA1 | d5d2e315f3951c4364095b5d6d4454310195e0df |
| SHA256 | 0dcf6769e1c5889b9db1654369331b9983197bd02d28909b077736a936e329e8 |
| SHA512 | 8f2201675bc87bf6e453aa76bcfb3dbbb7b87be3fc2e78f60ee26801ed8ee18e956089a7cc52486096ef123fdfd7fb8ba3706dbdcd877b5ac13d22758c249dfa |
C:\ProgramData\Malwarebytes\MBAMService\ScanResults\b3c8b28e-8e72-11ef-b414-fa9f886f8d04.json
| MD5 | 9969c7f891ca06ede99609f7bd864b23 |
| SHA1 | 19f0f155623539667f763615cd0abe89d0859400 |
| SHA256 | 01c0fe9469f5b2958b4da90af4dfe0a8b4a2241657b4b7fa4242479beb18409a |
| SHA512 | 214e4c0118caf8b99e619018ec4ec3e336ad722e87270541c9b529f459b3d9010c2507741e10c739ae58a54489cc47fabaec025c1c1302719354fb2b1345c2d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ab9c14c6518b9f6de3b50e500e274dc6 |
| SHA1 | 20cb5435a178c1f24a0c3388c3012d3e976f1e05 |
| SHA256 | c149035cff4a9987b236932c4e6382b2ca2ff8beeee9f04f7f57ca2916d9a139 |
| SHA512 | 8e892c83d6dfa52c4dae5063204cf795112a694e5b0fb5f4b914aa4137fbfc6a17c5400983fe49c2dc03e64a74e0af2e65b310b2d2bd6c1edddde45047de89a6 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | f4c63e982f510f9845982e8517a2b254 |
| SHA1 | 2c5255e012e2a310b6a509b6d73d6f793a983a0a |
| SHA256 | 62689729a1bc05e7cbd74216f2018fcbf902d078a48bdcc055cd54f46351c825 |
| SHA512 | 166677e2407bd3317b927b06c718f4ce9aa7c072eebfe7d08718aadea8a659fc1167b93e16222dd76600e772907596dcb0901d3f65c5f5a6257368f310545aca |
C:\Users\Admin\Downloads\Ransomware.WannaCry.zip
| MD5 | efe76bf09daba2c594d2bc173d9b5cf0 |
| SHA1 | ba5de52939cb809eae10fdbb7fac47095a9599a7 |
| SHA256 | 707a9f323556179571bc832e34fa592066b1d5f2cac4a7426fe163597e3e618a |
| SHA512 | 4a1df71925cf2eb49c38f07c6a95bea17752b025f0114c6fd81bc0841c1d1f2965b5dda1469e454b9e8207c2e0dfd3df0959e57166620ccff86eeeb5cf855029 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9d507a2034a08be60b8cef1fe39e63bb |
| SHA1 | c4c8823a55f7e98ea7e1a7ee4c342f64d7b4dab0 |
| SHA256 | 7a1e3fc7465a46dae36a39e2404e9988424505bf4984bfb004a5e5fe7b61dc2c |
| SHA512 | fc16ff76711386cb7822251d03fa4487c8e276f7eca9bdf01c31f118304e7bdaa631f468b3ef214f37d52d1acc93fe4922c8a136a8c2b0b007586c21aa033e7b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b08af8139e9079e026f8cd55948b54ad |
| SHA1 | 505d4e310d84b5407478088dcd3966f863f12580 |
| SHA256 | f1e1a19bdfc028296ce0dbb4a16ff4cbf4f18fcd4be4a2565571f4c6462880bd |
| SHA512 | e47075c9e773b9f22a16c4205ad406df70a8295f332a9fe85fe0a314b563577780887bedcdddc4a8334176e613dba4ec5aacf1c99da11dde6fe88a717d487410 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ad3da63b93fca116_0
| MD5 | b0bdca4e1e3020dc4311116723e62618 |
| SHA1 | a40c0a8dfc03f3057df4c3e55571d594fe7931dc |
| SHA256 | f3cba960ab04c9fdf7585af0f8a6489a975381f6f8bef0d25901b77ccf03eb30 |
| SHA512 | 577933797129b895f1feabde50fe583f8b809611f8612c096e646d8cc68b3e4d213d4e7121f21b5adab5b33e17c3cb0cbc4e8b4c71fc37adca2d8de92a12a1b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001d5
| MD5 | 7e54e83ea94450b4117e7cee8bc41c4c |
| SHA1 | 29234140a0265b54e1775afb34147c574848a669 |
| SHA256 | 934fb71b2afd2294c30f2e6ed4608393cfc24663af18fc734f7ea8e25f020997 |
| SHA512 | 2cd23aa3a508abbc929732a47cedc84272b2e51d10ea5c0bf819bb1a0119ca71a42af5103ac5bcc3610acb2480cbc2872df42bc26abd47942910e7d8d290dfde |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 986949df33f27a81e3a23ec0c3cc2e89 |
| SHA1 | 04430923c7e58bf1530b02f19d87b3b56b51c06d |
| SHA256 | 4daa8580a500a52b9040f4b373359593439cb97e6e7ae9502074f3fd9fdd736c |
| SHA512 | d0b0b228881331eed85818706d7970feb3133ee06a87afdb3e12d5127c25cc084198895df621328d7da71136c96bc64022d22701efcc2f15bc9b91c4f0054e3b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b6f0b0024d907e7dad79314b6a328629 |
| SHA1 | d0965d3371ea6c329fa84641a73dad36b69cddb8 |
| SHA256 | ba33529ceca280f36ebe127c94965a19256884cdecbdd75af0998e3f0c1fef98 |
| SHA512 | 113c2459ac3e8dd22aaa29aff093cf6edba00fe2c9277758a2152d1325f48f23eec534f0f5ef9a5f349dd3195522e1902b904918e9c248b451c81d15a85c7e4b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dd1dad0a84d2de5c75757afb307a7704 |
| SHA1 | 1887c9df7163076006315c9677f4cace0ab092a6 |
| SHA256 | 3f06f7dd96ba0a1f913d906884984a039e09ee3a169a22b7bc0634e66e7a9009 |
| SHA512 | dc9372756f80f860d2dcf97f1459b83f0ba4fe7e0ba9c45d0b8293c745dcbde116f1150b66c698c0b69ddd37f420f62dfe04afc8c8bfe167a485c21232890f37 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 0fd33f9e2c3e12d07614e9a79ebbf7a5 |
| SHA1 | c84e6039a5fe5a939874a7af3635821c4cd3c425 |
| SHA256 | b38975560fe238183f241d8796ea484fad19b0c294e8ff8db1409422bf0a807c |
| SHA512 | c557bbe2ca4984b3ea7f9ec29f75416a4ad0cd6a0501f82f589655d3985ab1126e7aa3b8d355ccce7dd4525218796e1abccd616bef064ee4408a8ffa4fe51e4d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bf89ac93574b63a5f995e96664bef04d |
| SHA1 | 406c3c9b51ef1207dfee10f88322f9a6ee19a1de |
| SHA256 | 4ce1533496ea045ba3ec14452a32ebf72acc9871449d702e01ab87c6bf81e16e |
| SHA512 | 9152059ad5a565f61b4b12fbf776c0f4faf9d9c6be5ad705aee161287f2128f8add50b9e74f41faeb7ca1ecae7d094271c476feddfbfb037baa05b57603e1796 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cd7a595c72c52aea_0
| MD5 | 71850e0213d5aed68918d7bd718794a7 |
| SHA1 | e41c64ff718f7a93aae0e64216e2730797f15327 |
| SHA256 | 173946082cde8772fd6191fda97606dc5fff58ada8d6951e1289e1bc73cb7f11 |
| SHA512 | a82ad4597bbb34f33634a01fcfb31d100a0e8e02ebadbff06fade49b5d0527edada2b8fc4d65132321bbc9a924a38ac5ccf092d3fe3dcd36b57ca24d2dd82a14 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | da3a54b850657f0da445ced6af8c62e2 |
| SHA1 | 4888bfca1420965fda949c7e9b23a3bdc828d55f |
| SHA256 | 56076508ed770aa4e13df8adc874aba7390d4cb726ec8f53685a4406b86c5d1a |
| SHA512 | 5886949a7f458f8e159f430a5733e6e2eab54a82beb93714ac084fe707f3e69308913d8796638ca95968515ed9e6d4b20fdfccdc7589ef8431c12b4477bed146 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 30d7c2a446c8338c96c483b7b5689da0 |
| SHA1 | c91d4d53fa225ea88cb736b9f3699ea32af35dfc |
| SHA256 | c028c9ff33521cd5b82d98eec54c550fffd11a27ef74b02a98d44075cac61a4f |
| SHA512 | e9e32df993df80bad68573542d33165a9a6d5470dc5c7e572b1c239f14c79aa8895153678d800fcca741085cb7c47a146d2052304028f2fd3b88c07071049cb7 |
C:\Users\Admin\Downloads\Unconfirmed 253938.crdownload
| MD5 | 53f25f98742c5114eec23c6487af624c |
| SHA1 | 671af46401450d6ed9c0904402391640a1bddcc2 |
| SHA256 | 7b5dec6a48ee2114c3056f4ccb6935f3e7418ef0b0bc4a58931f2c80fc94d705 |
| SHA512 | f460775308b34552c930c3f256cef1069b28421673d71e3fa2712b0467485861a98285925ae49f1adea1faf59265b964c873c12a3bb5de216122ac20084e1048 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d4c6acda88e4f30da7a0a7e77d789852 |
| SHA1 | cd7761987624868a17b88d6c56c8b240e15f5722 |
| SHA256 | 81e98c7d1ef188d98969976678e3c6908e4cbd4b5a82be0f164e4e56e1710135 |
| SHA512 | ab5a1576a942970ee5788c01f16c399f20599834da349f9b546a7fcc90a433cd5ca4249d5632e318bde34a0b107140333b403127df2803642bbfe4229a0ad914 |
memory/7072-13818-0x0000000000400000-0x0000000000413000-memory.dmp
C:\Users\Admin\Documents\sweet.jpg
| MD5 | 58b1840b979ae31f23aa8eb3594d5c17 |
| SHA1 | 6b28b8e047cee70c7fa42715c552ea13a5671bbb |
| SHA256 | b2bb460aa299c6064e7fc947bff314e0f915c6ee6f8f700007129e3b6a314f47 |
| SHA512 | 13548e5900bddc6797d573fcca24cec1f1eefa0662e9d07c4055a3899460f4e135e1c76197b57a49b452e61e201cb86d1960f3e8b00828a2d0031dc9aa78666a |
memory/7072-14925-0x0000000000400000-0x0000000000413000-memory.dmp
memory/9028-16032-0x0000000000400000-0x0000000000413000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | c69931dab79e001519b9af50db256400 |
| SHA1 | f791ad1327a2d67f946e1489a4bb11cabe2cae5e |
| SHA256 | 17f45e77e1bca5d623562c3eb8cea409c3099463dbc2878875b55186fd2d1c44 |
| SHA512 | b21d5ba36cf6a114c0fa821eba979028293b2a987c1be5b74fa6599bfd82b9fe2bcaf1325f21c8ef680951b6624ab480f328d20e5a250ab339d36cf377ea454f |
memory/8068-16044-0x0000000000400000-0x0000000000413000-memory.dmp
memory/8068-17148-0x0000000000400000-0x0000000000413000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | bd63e57c6aee2895ed535c6beb90db03 |
| SHA1 | 8d5d81fbaf201fc623ca5825f394cb07284af2d8 |
| SHA256 | be3efdc50eadc279221f898681b1300d331a979cc9f2291c6b5b122f45f2ad24 |
| SHA512 | 80130560e4bbe299da7b8d1fc9957ab78b3babc08c15e7000394518407f1459fedecdbc2e2653632c348c87a95befc9e65ca922fb6acc02e3921f6cede44f649 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 62f0279a7b0b665bc906da44e5cef02a |
| SHA1 | 28480ded8709337e87d60c21b0ed1e442cf2a099 |
| SHA256 | 91237bee4f8bd5e6e96f3c9322cbeb0fd9c9f066e3608ebce15ddbb611a35722 |
| SHA512 | 060eefd7b55272e92f8c4cd59435d82e684eb3bec06b9ff87504efe3793c38076cbd791a2435d3d8b34b55362a4d525d275b9430c0c820c526a7c30c42c137df |
C:\Users\Admin\Downloads\Unconfirmed 509617.crdownload
| MD5 | fbbdc39af1139aebba4da004475e8839 |
| SHA1 | de5c8d858e6e41da715dca1c019df0bfb92d32c0 |
| SHA256 | 630325cac09ac3fab908f903e3b00d0dadd5fdaa0875ed8496fcbb97a558d0da |
| SHA512 | 74eca8c01de215b33d5ceea1fda3f3bef96b513f58a750dba04b0de36f7ef4f7846a6431d52879ca0d8641bfd504d4721a9a96fa2e18c6888fd67fa77686af87 |
C:\Users\Admin\Downloads\Unconfirmed 924085.crdownload
| MD5 | 5c7fb0927db37372da25f270708103a2 |
| SHA1 | 120ed9279d85cbfa56e5b7779ffa7162074f7a29 |
| SHA256 | be22645c61949ad6a077373a7d6cd85e3fae44315632f161adc4c99d5a8e6844 |
| SHA512 | a15f97fad744ccf5f620e5aabb81f48507327b898a9aa4287051464019e0f89224c484e9691812e166471af9beaddcfc3deb2ba878658761f4800663beef7206 |
C:\Users\Admin\Downloads\u.wry
| MD5 | cf1416074cd7791ab80a18f9e7e219d9 |
| SHA1 | 276d2ec82c518d887a8a3608e51c56fa28716ded |
| SHA256 | 78e3f87f31688355c0f398317b2d87d803bd87ee3656c5a7c80f0561ec8606df |
| SHA512 | 0bb0843a90edacaf1407e6a7273a9fbb896701635e4d9467392b7350ad25a1bec0c1ceef36737b4af5e5841936f4891436eded0533aa3d74c9a54efa42f024c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | dff2117e22b1492c2a58b516954252d5 |
| SHA1 | 1afdf61db0596f5f566f6d2b92a4de89dda7bc0e |
| SHA256 | 6551409c2849d91e5ba614786364625ecedcb5c3c8e25a7b6ad6cccad47e8989 |
| SHA512 | b9690059ca1d888fbb579377c3fdd415389e28b3b248390bc8a92d8447fbc96774102b941b125efed8c7b61f8ce6a0e32e4ed0fb08320d0b7a0eeedb01312d6b |
C:\Users\Admin\Downloads\!Please Read Me!.txt
| MD5 | afa18cf4aa2660392111763fb93a8c3d |
| SHA1 | c219a3654a5f41ce535a09f2a188a464c3f5baf5 |
| SHA256 | 227082c719fd4394c1f2311a0877d8a302c5b092bcc49f853a5cf3d2945f42b0 |
| SHA512 | 4161f250d59b7d4d4a6c4f16639d66d21b2a9606de956d22ec00bedb006643fedbbb8e4cde9f6c0c977285918648314883ca91f3442d1125593bf2605f2d5c6b |
F:\$RECYCLER\!WannaDecryptor!.exe.lnk
| MD5 | c0afb4201491c55f0b5cfacb31b01043 |
| SHA1 | 6ebb9c6094241110184dbdb55e43e884a28cbdf7 |
| SHA256 | 82cba15d4f1a20eaa3b9d496a6f71741df75bde7f5630843bf7d4e89da41692e |
| SHA512 | b5604f352763a890f1219b805f16c2361b0fe60b3c4d1a54006492b7d584da1c3f20092b118c74c22e6b889ee70901dc6583b70d3ad5b0cc0b6fe0a9804b2cd5 |
C:\Users\Admin\Downloads\Unconfirmed 337730.crdownload
| MD5 | 04fb36199787f2e3e2135611a38321eb |
| SHA1 | 65559245709fe98052eb284577f1fd61c01ad20d |
| SHA256 | d765e722e295969c0a5c2d90f549db8b89ab617900bf4698db41c7cdad993bb9 |
| SHA512 | 533d6603f6e2a77bd1b2c6591a135c4717753d53317c1be06e43774e896d9543bcd0ea6904a0688aa84b2d8424641d68994b1e7dc4aa46d66c36feecb6145444 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d15bad476bb513d860cdb3820f91f302 |
| SHA1 | d353b5b5f00d020b072d20a07db88e8c428c9cb5 |
| SHA256 | be2aaa12533205602e82629fa8232682d40d1106ab4dc7793e6cf42f4b2e85d9 |
| SHA512 | 9b16ebfc5c74d8b5fcc8ce2abf65cb6dc5c8a925685443765d1f606ce40e11ac01adf3b215c1f0f4be6bc7742eeff7cc6a0f832d1e662cd75bea7f4300c017ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 49cb0eca017c8c38d518f1267727f455 |
| SHA1 | bb9ed47a38fb090eb53f69f37b7ee658e6882ade |
| SHA256 | a119a30ce7af68663a8a0bbb81296f287069690175dd162e9265d28bb144f0d5 |
| SHA512 | 5eb3cb70bfecf0e8f4379ccc0388585502496f04907c0ab35d1a5a41e279dab1b8beeb346cd532e9db6e8cfeed7eeb8c6a73706197b2ac5c018f17fa6a95ac20 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\8ce74b5f-a01f-4541-96f5-1ec2eab1c68f.tmp
| MD5 | a1561504237b3fd4bcc4b92e0231185e |
| SHA1 | 5a2472cd68d135cd4c625471d7f5dfead2e4f507 |
| SHA256 | d99c9d0bba6786dd888343c81e88713d319473f20a6fad4010740de4bb671ac4 |
| SHA512 | a7f2bbc856c0b0e41687cce13149ecce63e6e07f0084fe5f25a75822c6219fbdd18c67fffc7bc88037034b1d2bba91d98aa450bd8d039c42cd64c550f6010ccd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0675c79dbefcb037429138e559935d2a |
| SHA1 | 1d8b526b07165467d42c2dcd2f8b6c7c6f6e1c83 |
| SHA256 | dfba572f61545b30eac8aebe3c7c54651e66c9065bed1b2c2de60efc186daa45 |
| SHA512 | 05fc7bbaf3af89cb762675f5da60c8dcd535b00f9a5727f588e7fe6ebfc14bfb0028e38b4c171da99fec1d461fa08ec7f03f4c8ecbe3582185292a2caf2aa62d |
C:\Users\Admin\Downloads\Unconfirmed 777177.crdownload
| MD5 | de8d08a3018dfe8fd04ed525d30bb612 |
| SHA1 | a65d97c20e777d04fb4f3c465b82e8c456edba24 |
| SHA256 | 2ae0c4a5f1fedf964e2f8a486bf0ee5d1816aac30c889458a9ac113d13b50ceb |
| SHA512 | cc4bbf71024732addda3a30a511ce33ce41cbed2d507dfc7391e8367ddf9a5c4906a57bf8310e3f6535646f6d365835c7e49b95584d1114faf2738dcb1eb451a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 55ff6917731530a6c3fb9e11c1e32075 |
| SHA1 | 64ad15776852f1ab5d3b7336865a03d34608f193 |
| SHA256 | 40f0ad7b9f148322cb2bb294e25776a7e1c801c0833832c3c010fcfdd4452d9a |
| SHA512 | b6d016a4e00294a65fbb7ecc0079a3d7c53afc3f3d2764fff836623eb84d6276c4394faea49dcca9e1a66508698d251d1d8a36c4ec0fab23283d9b8058bd8ad9 |
memory/6336-19203-0x0000000001000000-0x0000000001026000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 91dfb6753c9bf598d30d45a74ec7deda |
| SHA1 | 73831029319ad9d8790b46bca7deceda545904d0 |
| SHA256 | 335f5ed29f0fa2cebd0a032ed0bdf7aa5e0290581c4b27e8f6a88e8ee88e87a3 |
| SHA512 | 5188e6f400fef42bc5a762c58067bdf47a2d83cd185915fd3c1a7e3a5b17f5d5f97653c52bb1fb1be3d5395635c87e1dfa9a7aa2453f567056d0bc58ede78865 |
C:\Users\Admin\Downloads\Unconfirmed 905278.crdownload
| MD5 | 30cdab5cf1d607ee7b34f44ab38e9190 |
| SHA1 | d4823f90d14eba0801653e8c970f47d54f655d36 |
| SHA256 | 1517527c1d705a6ebc6ec9194aa95459e875ac3902a9f4aab3bf24b6a6f8407f |
| SHA512 | b465f3b734beaea3951ff57759f13971649b549fafca71342b52d7e74949e152c0fbafe2df40354fc00b5dc8c767f3f5c6940e4ba308888e4395d8fd21e402b3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\metadata
| MD5 | 7478f4e70f3630e6b7bbcabae3678df3 |
| SHA1 | e95048e8047411f0d8510ec23b23f560843e476f |
| SHA256 | 640e2bb5fe73b61e33a726160ae08f4972a8bcb3cd91c4b251ad76776d75332e |
| SHA512 | 618e39f8451faf4ae9295b0bc5aeadbc2c1ef2a42b5742795a29316c95ae37bb7883654146764f0ec5441f03c58429f406b50b8b2acdb19dea93fbb80a393e0b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\reports\1f9c8891-97f1-494e-9b22-0db8879be3bf.dmp
| MD5 | b58d52fced249234ff1f341b09a97997 |
| SHA1 | 99321baa3a0cde588452ba1e0a555ecc441fb65f |
| SHA256 | 65625626c2247f8ca184f0c3e2c4b566cce30136187bda9735908e6309bdae57 |
| SHA512 | 4db12ea48d512cc34408c8fc863bebe2e8a96185ffeab52e59341d279320fda2f3da8b26d1c8d4bfbb66ff3f4132f7d2fa09eb67dc26e17d0bfddad25e534485 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | 55f90365d0935ddc58c490b0feb34e4e |
| SHA1 | 982bbcfd466b66dba7546ca9dcafb91b9526a802 |
| SHA256 | 8bdda8045918b23d2ac440fdcb4f3989127c66c31d584b318b99fa79d8b9fd80 |
| SHA512 | 07a6da555a3b52352449a17cec052037953ce8c3838e6d25be03065b8ba5d3cc0c9b08a215dba61fd4fa81b4ca586987898d7f21dfc5d8a05f49caae1e14fe59 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | cdf5e254112c7453a6709bf9a95bd07c |
| SHA1 | d6fcdada5c74a8ce17f666b2b4f048d3d196e963 |
| SHA256 | e75a9e375e4559444362aea1396e7b659364638280dcfa66c00b0fe0edb0708a |
| SHA512 | ab2d8359fe2d9090d9d7d9adcf8b6f1120d969b40a8803f739fa9a454dee4a6c1ac267d21aa0275fd869045f5c783a7dbc3071f6dfceaee6d765e7a9daa2ef90 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dc82ab2792840676fc33b0cce767e01b |
| SHA1 | 5ec7f99781b62382d2ee7e9d2b33b47064022367 |
| SHA256 | 2eee89d8d251370c6d66f0468cbda4653a335dc1232c8b2e813884781c76ceb2 |
| SHA512 | 6aca6dede16a81c58d93aaaf63a9eef83c0c3481c578dac4c8f35609b087fde3d3f105bccf38fe9f5570f455ed2d496cbbdc50345d8d71d43afea976eef31d76 |