Malware Analysis Report

2025-01-18 04:54

Sample ID 241029-t5sjwswjez
Target 7c2fd2a7a4ac9763d2010bcc3640aa48_JaffaCakes118
SHA256 26b4dec69aeacb1bf048a11dc5ee0bf25f208b9d6a2a730f099d8e31e19f3a8c
Tags
stealer revengerat discovery
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

26b4dec69aeacb1bf048a11dc5ee0bf25f208b9d6a2a730f099d8e31e19f3a8c

Threat Level: Known bad

The file 7c2fd2a7a4ac9763d2010bcc3640aa48_JaffaCakes118 was found to be: Known bad.

Malicious Activity Summary

stealer revengerat discovery

RevengeRat Executable

Revengerat family

Checks installed software on the system

System Location Discovery: System Language Discovery

Enumerates physical storage devices

Browser Information Discovery

Checks processor information in registry

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Suspicious use of SendNotifyMessage

Suspicious behavior: EnumeratesProcesses

Modifies Internet Explorer settings

Suspicious use of AdjustPrivilegeToken

Suspicious use of SetWindowsHookEx

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-10-29 16:38

Signatures

RevengeRat Executable

stealer
Description Indicator Process Target
N/A N/A N/A N/A

Revengerat family

revengerat

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-29 16:38

Reported

2024-10-29 16:41

Platform

win7-20240903-en

Max time kernel

119s

Max time network

152s

Command Line

"C:\Users\Admin\AppData\Local\Temp\7c2fd2a7a4ac9763d2010bcc3640aa48_JaffaCakes118.exe"

Signatures

Checks installed software on the system

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000045c0dde48c11474f81d9a2c02be4ea2200000000020000000000106600000001000020000000eddf78bd9c785552cc06125cc3958c4caf0687365af4720854182fe4f09b057c000000000e8000000002000020000000225e1d7577d0137bbe2cd12446ce78117d29b2758987b8445a6f39483949f13320000000590b6404753d6accb4a91aeb0d072ef5f1e6a558771b4b0e2dae0eb2b96e1a8940000000f13c16894ce97dda4a21ef4b6edd76aea3cf0745179de7a054106eaf7c21537331443d69111b5242fae9519c07398d852d0b0d90dc85bff9d39916cb8b912ab5 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = e0fad418212adb01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000045c0dde48c11474f81d9a2c02be4ea220000000002000000000010660000000100002000000047ae29a11a2688e4bb314e46e73db0d2fdd39b9fee5d10638e3ace4610f38f82000000000e80000000020000200000005055f65b2d158a5c103160e9d489a8b738380d2d1a715b3697b36ae2aa7697efa00100001bce2df6fa840ab7fbb8b53f771bcf915e1a95d43b8fad244e4952926b2f42efb52884cb07e6d0ffe67a437fa36817f879ddcd747a611392fb8d720f674e019dc3960270b3d1c7244d815f310659adf2bdb9d790d250da99fe4420d2730eb4b473ff3e7ea2477dcf8e86347e1e1ef9f8fe39ada521e64c4908f95315be7940f9475089589bf2b840a3be33cd190e5b6cd1f58463bed199458d0006ecc273222359e41ce602f59b00d92c7b54143cca2a6e27a215bd90cfcfb04a39cfefc573f00bfd631aa4376a9f01d21f9f1915a87be8a40fb52f803980c1be2d69929bfc2a330432c7eeaf93dd3b59214433cefa63049eddcc3c7a3db6d6bfad828dfd0b7c6bdb76fe988ca541915e923d5e61fa15126ab48811cc2fbab29bb02ab65cbb713b5733b16f64fa43917a81ac3075106dbf15a7b60f02f527453c04c4e51875c39778738c59868cfa1e34af4dc655390cf4bafbbeebc5f9424c17bc8325e1a222fb1309564687b219baa299fd10c1f09d4d68f660708a510c1c17f3bc971b673a954af3e6ca6eb02d62e840cf86f939b8d49ea6ac829d731379db2e9c3a2d340e4000000044a6a0e6d443a554b6ccf3ed8401aca2108aea592f55edbf1c534e08f33f2b0d8b995a6c301f92a76b375f8b189768c58b9347afcd5d0b70f9f034c9727115a6 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\chip.de\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\chip.info\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\chip.info C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "436381810" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{4D8C85F1-9614-11EF-8AE4-465533733A50} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000045c0dde48c11474f81d9a2c02be4ea2200000000020000000000106600000001000020000000edb1bc40f16821cb7749d583bef02b5cdb5b23662199b24abc1a432d1704510e000000000e8000000002000020000000c0cd594429b33d4afaa43669ddd6d431a3d3d5064ef808035651936e6f5a964090000000b796e682ceef6034bad071fc83ec7635f715b23e28ff1776f7e7156e56736bc379400a9d03ff59dfa7f861c929a69c38597e56c966d78f673c78672a57e86c9d12ecab876cba00bd1af523848ef1232bab8b388b4e3bc29be424fceb3fc4a359c10f589c648179116a3545184acb4dd756c36e6f1f2b555b8ddd65f46f77014843af11ad1e8a685b677850a9e32c26c1400000006a69beed2d96b731a1e53e1110f0a06eaa74340a50b533a853f852db4e474105b709b1e280e0dd8fe5ffa44c11f7bcac5bbb45e2b6f6640d31db869977fc22e4 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000045c0dde48c11474f81d9a2c02be4ea2200000000020000000000106600000001000020000000ec56a0f74e0abd989b4e2913d44d8c2f8146d6bcee1db5597cb3eb56a94270de000000000e800000000200002000000083846e26064cc19100cd5bb0429b380a56ed38bb74d412ab8f5bd25b15a8389fa00100003937990eac19d01fb8742c9200c88884e3557ee63be11ff0add0f733fae3f2fbc9bb2f4c0a880941ffdaeb77a3b532b0c9ae4f23bf3c2eac70d23253fee36fed7a6deb618a28734922820960f5a3b34c0e0977773e7eb39007b29d677622483bcc2cc5572519e068e107e8da1ea8b915697a13e596487f77cf27840625a4cf5ae596d5e20ee200b3731bdbbb549585f5a1ea6a15228a500e33238da2a987da4dfe9bc639ce178604ddf48c62d868b9ed7c3132e0dbb3f28c6de8279b89f23a9f0b3d23fc17b3daece1ffa275bfb67011f83b0bff799330f55915923bbb9f1783e27f7e1077ddd9fced5b8a838135bc8019c7fd3770fcc6ca2bd33faeb026473bbd4d28cbfbfdf5bd1d24992d1f48e5bf6851a38bdc31b21abc26ceff7b34c0ccd5e50c621cfe686dd64f42fdd5aedcb57f26e35e01fc05fb922191d0d8c6bf96cf055840aafb228af765c3bce99e160e1e037989a3242b66790be4bdafa3e775c190cc0e4946763dcab4e30b76f00f901f8d82bba37e57d888df2e33e24a55047e5061bf9299668778d2a61ebf7d41991b4758512f5aa3b1c21dd7be4d75c109400000005fd1f03b807fd5148cfec4764125b3a0b8beabe015d9dfa57d3e2e0363c3740de2a6d3cf739cd43fd391c6c778dc36baf08c99757d708305032593fcaba60006 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\DOMStorage\chip.de C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\7c2fd2a7a4ac9763d2010bcc3640aa48_JaffaCakes118.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1732 wrote to memory of 3000 N/A C:\Users\Admin\AppData\Local\Temp\7c2fd2a7a4ac9763d2010bcc3640aa48_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1732 wrote to memory of 3000 N/A C:\Users\Admin\AppData\Local\Temp\7c2fd2a7a4ac9763d2010bcc3640aa48_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 1732 wrote to memory of 3000 N/A C:\Users\Admin\AppData\Local\Temp\7c2fd2a7a4ac9763d2010bcc3640aa48_JaffaCakes118.exe C:\Program Files\Internet Explorer\iexplore.exe
PID 3000 wrote to memory of 2740 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3000 wrote to memory of 2740 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3000 wrote to memory of 2740 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3000 wrote to memory of 2740 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3000 wrote to memory of 2136 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3000 wrote to memory of 2136 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3000 wrote to memory of 2136 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3000 wrote to memory of 2136 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3000 wrote to memory of 2764 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3000 wrote to memory of 2764 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3000 wrote to memory of 2764 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3000 wrote to memory of 2764 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3000 wrote to memory of 2128 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3000 wrote to memory of 2128 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3000 wrote to memory of 2128 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 3000 wrote to memory of 2128 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Processes

C:\Users\Admin\AppData\Local\Temp\7c2fd2a7a4ac9763d2010bcc3640aa48_JaffaCakes118.exe

"C:\Users\Admin\AppData\Local\Temp\7c2fd2a7a4ac9763d2010bcc3640aa48_JaffaCakes118.exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://www.chip.de/downloads/?icp2=download.badUU2020

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3000 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3000 CREDAT:406545 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3000 CREDAT:537614 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3000 CREDAT:472083 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 api2.chip-secured-download.de udp
DE 116.203.169.158:80 api2.chip-secured-download.de tcp
US 8.8.8.8:53 ocs2.chdi-server.de udp
DE 116.203.169.153:8080 ocs2.chdi-server.de tcp
US 8.8.8.8:53 www.chip.de udp
GB 2.19.248.206:443 www.chip.de tcp
GB 2.19.248.206:443 www.chip.de tcp
US 8.8.8.8:53 cmp.chip.de udp
NL 108.156.60.37:443 cmp.chip.de tcp
NL 108.156.60.37:443 cmp.chip.de tcp
US 8.8.8.8:53 cp.chip.de udp
GB 79.127.237.132:443 cp.chip.de tcp
GB 79.127.237.132:443 cp.chip.de tcp
US 8.8.8.8:53 tags.chip.de udp
GB 2.19.248.206:443 www.chip.de tcp
GB 2.19.248.206:443 www.chip.de tcp
GB 2.19.248.206:443 www.chip.de tcp
GB 2.19.248.206:443 www.chip.de tcp
US 8.8.8.8:53 content.chip.de udp
US 8.8.8.8:53 im.chip.de udp
NL 18.239.83.122:443 tags.chip.de tcp
NL 18.239.83.122:443 tags.chip.de tcp
GB 2.19.248.206:443 im.chip.de tcp
GB 2.19.248.206:443 im.chip.de tcp
GB 2.19.248.210:443 im.chip.de tcp
GB 2.19.248.210:443 im.chip.de tcp
GB 2.19.248.210:443 im.chip.de tcp
US 8.8.8.8:53 r10.o.lencr.org udp
US 8.8.8.8:53 r10.o.lencr.org udp
GB 2.18.190.80:80 r10.o.lencr.org tcp
GB 2.18.190.80:80 r10.o.lencr.org tcp
GB 2.19.248.210:443 im.chip.de tcp
GB 2.19.248.210:443 im.chip.de tcp
GB 2.19.248.210:443 im.chip.de tcp
GB 2.19.248.206:80 im.chip.de tcp
GB 2.19.248.206:80 im.chip.de tcp
GB 2.19.248.206:443 im.chip.de tcp
US 8.8.8.8:53 www.chip.info udp
DE 138.201.245.68:443 www.chip.info tcp
DE 138.201.245.68:443 www.chip.info tcp
DE 138.201.245.68:443 www.chip.info tcp
DE 138.201.245.68:443 www.chip.info tcp
DE 138.201.245.68:443 www.chip.info tcp
DE 138.201.245.68:443 www.chip.info tcp
US 8.8.8.8:53 use.fontawesome.com udp
US 104.21.27.152:443 use.fontawesome.com tcp
US 104.21.27.152:443 use.fontawesome.com tcp
US 8.8.8.8:53 c.pki.goog udp
US 8.8.8.8:53 c.pki.goog udp
GB 142.250.180.3:80 c.pki.goog tcp
GB 142.250.180.3:80 c.pki.goog tcp
US 104.21.27.152:443 use.fontawesome.com tcp
US 104.21.27.152:443 use.fontawesome.com tcp
US 104.21.27.152:443 use.fontawesome.com tcp
US 104.21.27.152:443 use.fontawesome.com tcp
DE 138.201.245.68:443 www.chip.info tcp
DE 138.201.245.68:443 www.chip.info tcp
DE 138.201.245.68:443 www.chip.info tcp
DE 138.201.245.68:443 www.chip.info tcp
DE 138.201.245.68:443 www.chip.info tcp
US 104.21.27.152:443 use.fontawesome.com tcp
US 104.21.27.152:443 use.fontawesome.com tcp
US 104.21.27.152:443 use.fontawesome.com tcp
US 104.21.27.152:443 use.fontawesome.com tcp
US 104.21.27.152:443 use.fontawesome.com tcp
US 104.21.27.152:443 use.fontawesome.com tcp
DE 138.201.245.68:443 www.chip.info tcp
US 104.21.27.152:443 use.fontawesome.com tcp
US 104.21.27.152:443 use.fontawesome.com tcp
US 104.21.27.152:443 use.fontawesome.com tcp
US 104.21.27.152:443 use.fontawesome.com tcp
US 104.21.27.152:443 use.fontawesome.com tcp
US 104.21.27.152:443 use.fontawesome.com tcp
US 8.8.8.8:53 crl.microsoft.com udp
GB 2.18.190.73:80 crl.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp

Files

memory/1732-0-0x000007FEF5683000-0x000007FEF5684000-memory.dmp

memory/1732-1-0x0000000000260000-0x00000000002D6000-memory.dmp

memory/1732-2-0x000007FEF5680000-0x000007FEF606C000-memory.dmp

memory/1732-3-0x000007FEF5680000-0x000007FEF606C000-memory.dmp

memory/1732-4-0x000007FEF5680000-0x000007FEF606C000-memory.dmp

memory/1732-5-0x000007FEF5680000-0x000007FEF606C000-memory.dmp

memory/1732-6-0x000007FEF5680000-0x000007FEF606C000-memory.dmp

memory/1732-7-0x000007FEF5683000-0x000007FEF5684000-memory.dmp

memory/1732-8-0x000007FEF5680000-0x000007FEF606C000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F91VN88R\global[1].css

MD5 4ba9a15316bccde9cb87b4dfe5783bdf
SHA1 8e3d0dea5e89b430400b5c3a1bc4091319fe30db
SHA256 ec1c9e1570a9c4ebe22747f7e618599c0044062cc1ed16c14493699bbc7f586d
SHA512 658b7414b27507e3e0eb6ccd45914fd6c0bc54ddb993a77d57d327e3e5e7d391a72f7bf7925c8ba8f38f580b811dbd4b6d09aa6fc9fd9a3324abe277e5c74a27

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F91VN88R\download-listing-v5.10.1[1].css

MD5 6c01f711bf870740a9d75b0a0fab5b95
SHA1 441e0837dcc17a1ea8b83da78f643cc0587bddc4
SHA256 5f375bb82620e577d68d4cb8571971e6e66e820c706eeae78c2f5367658c357c
SHA512 67b49314eb0c1911665444cde25d39e272c538a4a65ab5a5b0cbcce907c60636d09c1ecef01456b1829528739576026594a099d3fa3539d46ea766adcb0a3bf2

C:\Users\Admin\AppData\Local\Temp\CabD3F4.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\TarD406.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0c69f3e115337e90de56b1e0f82a3db3
SHA1 c5b46ea2452aa1fbca40ad80de302b708750118e
SHA256 ff0b7ba79043d375109dc49a623b886da918cafb0ad498bda6f20c85bcc029f6
SHA512 6fcd715c8cc3754f53f3b1c3d495666ea702911f0b27e4eac58d4c041b1fbcd97765cb29feec6a9f480885c7e4c9cb15c06da0feabe86f444b4936204bbae9a6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ca4fd7084dbf5b3b5d586e9daf5b809b
SHA1 8016218f6dadd0abdcfe85682b3e18471a20122a
SHA256 ed338edd0d982b05c77d2be3e736cf269d88461ed2d24199b2713d2ef35b041b
SHA512 215d796fb373e9ce2a26da84d1ed38d450861d6b487f4ec7fdbe576803c91daac43f6325e9deaf933bbda13250d2cf82098bedf7a527b5b307498847a3169d99

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

MD5 4b56aaf14edaf0a57b0bc22c05ecc55c
SHA1 f26370273165e976ea7ffebbb64bd6ab8de7122b
SHA256 069ef53dc00cbb3735a94434489e6647d3215932453ebadc5a7fcc6c56ad8f4b
SHA512 54247fe2df52ff81e9c7a5c91ecf3acc1be00e2db5915b2644e1621e10b50efda7ee215f2403d645b2dbfda2fa49d48c1c0bbaefaaa3941d701d8a7f11bb52d4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

MD5 55540a230bdab55187a841cfe1aa1545
SHA1 363e4734f757bdeb89868efe94907774a327695e
SHA256 d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512 c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5a87a150d0d5904f9c9194d57965a6df
SHA1 a65ada82e4970276acdedb8fbc049e7c14db5ef9
SHA256 cf12cac337afdab723ea7d483ea66610615a3f49231953291121530e3a4c979f
SHA512 dc82bfbc6fce38039319432bb13c2276609d566a7aa70f550e05debc4d7280d4912847598347dea3798a9e23ce2c5ba64e00432243543f29cc6f19970fc0bc20

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bd8f60b451afcb815333f0616683458e
SHA1 1ebdeb2a79ed5fceab3030225a1c067731231e96
SHA256 33406977417f7a5daf79fdd75b8e230d04ff95337af884146111f1064ebcaddc
SHA512 8d702742fa553b3744079b86b794e6b09483135d64e6a1a625ce60c51ba7cc7f17de80f78c253ff08a29f1df181f42d43b20e74a44a803c946fc8c29d5ffed72

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPUI9R2R\favicon-32x32[1].png

MD5 983ce52e161001d2f6c4ead8e7e3c10e
SHA1 862dbde7c3f56d048b479defd3ac68d6e3886d75
SHA256 818482a4a3c8967bbd551868597b9da415775c743702996b337ad679376be502
SHA512 e86430e4645b26bd8c1b23e82c7aee27b79626ba15026c22cfd7ef1ca8f2619de52de7387c969877a6611a5764657dcc3f1d095f5dc2b1acc49d99330fba1ff8

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\yiu0yt6\imagestore.dat

MD5 56be3e2d6dd306cd7e761227818cfc84
SHA1 efedef3112e3b7c067fd28c682abbfee89866ad6
SHA256 1dda7176f1d98f7fdd8a8e1c8765e7427cee93e552b713318961f219900f8a82
SHA512 e1dedd55181a831aebf6e58540a84485a9791b96b947f59d8eeba6d90d5bcdfbb1f0ea7a6827d6ed338efe4400418b8c110ac3f62f33f7a08f684a48943216db

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 31f4288e54a483d6f78fff754b287e05
SHA1 e5c4d6c2a3beb8dce0c3850c8d028f79efd5a18d
SHA256 d7c5608e85b2707bdd15fe89f8b75116e0dc7692fb06905454535c8340f89a77
SHA512 e6684c4a58b4a6351f6a288d32dea3c29adaee1e7be6160a1c8d697bb8b65d75dc844114a9146ce5a79976b5360e3d2a339aa3bda33d88eb405054db975987e3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a65ca65793e71de1a3770f481ec566a0
SHA1 b5c9a7f8216a32d459e690c3b4f9848d0fe15001
SHA256 5c517126d2f97cafd0a49b4c94605e83d4881a412b0f99fb6f9bb82c4a72a764
SHA512 8c0667496ffce4b8ceff8954dc6f87d40785dbedc8c4f50f498e7281088bbee07b07454c0dc4fff726dcfe11572d1a5fc18c5f070be688f157d314af0b5cca77

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 032d898837d039e4e3c4dfda15d12579
SHA1 7d03e115e787d5f86d5e6b74605257cf007f8fdd
SHA256 124f265a39e9501be995cf341c7bc7e19e5c0ee6ae54107c392194e0193f1794
SHA512 97fd6df72cec9d3562d5b4b797c133fcdd492a119fdb5004ef19d1e8750f5fed5f24385e94949a4c3273df8d40004a2f23d0fe4fb7a7cd7ece78e4963f64bc19

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fa074a354647d93b564d658f99e710f0
SHA1 8b05be1aac63d7635b3ad6df4a4fb60a4d53efeb
SHA256 18ef20fd697aee80a0011cfd5f4f69cc47fb9421968e458fa2f0e0dac97af62f
SHA512 db180e578c9fce97fa9458695f3172eee882ff89f98481a68d2903beb5bae190f9d41af438d3a062951b15fded8777533e15f7e89c91e2d6edf9321d1088331c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e3a49688f1ce4db564485707b2931e6e
SHA1 3eea5217559a34784e89807cb313d9e2349513b5
SHA256 7bdb8d7dfe68983b05ebd5bbb3cc4d315a44d2d1e9550176da0804251279c186
SHA512 74988a5b939d2ef9ff31a8ab4a07d543392a1edb83ad7d200491cb89ce8c5c28bc1afa17767e160703b257cda1b8c19392c86c3aabaf0071f0b6ece5fa2c4818

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c94b83b762420e82bc4c8f236c5e01a2
SHA1 7d17473367688c52bd20c829ee843a4d488c2863
SHA256 d968e9641f2e5acdd383249ee6beacec5eb141a5a23750b2cbf425141d237c3e
SHA512 bad6db3531708daf034daf2b42ec19028f10efb96a950880fab5bab4c4eae98cf5e40d065b3fbce53727504c503344d41a4d098d97500fbc631cca8988378a4f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 45d8612f675d609aa736c8f1b937f987
SHA1 b2ee194a5604c94dd7a6f6de123ab724ff840b36
SHA256 ec39868e3217038b7313ef77276e3ea490af1c281f687445980149b43ce4c0c7
SHA512 a6d709e80bc1b7382e22b541db8ecf3b5ce376680d33199298b1a105791892617664411a4b2a1107339fe3221aa561dda36af9155afb687cfe3b696de41eef91

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2a257ead12588ed893b51f88845e7e83
SHA1 36a934d916566b4e327a72b7ee2e73dd69022239
SHA256 a74df6cf3c1b89d589c259ba070bbb3de2e34d1aad1ad296407073ff9fcc0f29
SHA512 e747b3c8bab06504e4aa6ca0a819acf0bcd0136037911d77c4126709514197838c175f65f41d023c424c7e2527dbe913f8d35b56ae5b89da4d0f2de88e8b9bb2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 da8a3a3016af42acbaeddfe8b45d2bf6
SHA1 7d9ce3bd000a4bc659fe51e21648e2cc1406715c
SHA256 3cf2c0b7d8fbb62bc19a84abf1855cf012c7dacc8cb0a6fef78a8ac721b99c1d
SHA512 058ffd5a024363dc0be3b3fbc3a49ac3edb34de2c107610fba1400f869d93f870bb88325e7f362a30aaa07f1788a181a93a4fb4fb8e9f921547f5cb2e3a2bfda

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8d12196d2354a54d23035542ab7a83d0
SHA1 7e52456ad5aa2c0604f69809f8f092fc53bb296d
SHA256 89c2b00e2323b4b11e052090c4099cd26e5b2f3321974a231adad1e4d146bf67
SHA512 1751308cbe5aad2fb4fecac6d46a67b4dbe970dd2d3d691d0302fba73b4835893e9126245c17342b1fc7b400629fa4ab5a95c5da36ed46cbda92021f15b2cb9c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04

MD5 361824d3d6eaab798a401a2d4a58b4b6
SHA1 8f3a114bfd9b6b19ce7dfff8eb999230e61a89b4
SHA256 abd1bc09c145c12d35681206929464bb5b54401be67b0ed6c6d793242ad3c85e
SHA512 b60bfaf274c5a8c143bab56532e47f068d7321519701f521e5ab05804f18cff87c6422a90767cf3a559797c237a21140fa6122d365509444d4fa4723b4b9448f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04

MD5 56afac0ef77f9e0b91cb451c28deafbe
SHA1 a4702444980628bab7b42470a6fa38f403b281dd
SHA256 9f077d5c455bc629744e36e5027ce1de6896ff27b69c91b34ef9397076d4e9a5
SHA512 3f5bb343f526dad2359255cb700bdc15bf3757f4750269dc3d2ccc59fceab1dee72b7b338385b9bd1c406551fb97364e539e2aaec936691d5a27f358d246d5b5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 dcd04f40e04b564d5bc50b444e23d401
SHA1 ff9177d76dc7dfe3eff437c49bee61d355fe2e3c
SHA256 b25176894ac9dbcda328b7acbf058f412da1cd30caab4fd015a7492bcb534506
SHA512 eeb3db1e30c51599ecb22e164a80ce536ff6014d0f6214b2789222b3419223d509748d7966d906fd95f2abc27afc513ce6430a1a54e75210e771f4099cc459d6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751

MD5 822467b728b7a66b081c91795373789a
SHA1 d8f2f02e1eef62485a9feffd59ce837511749865
SHA256 af2343382b88335eea72251ad84949e244ff54b6995063e24459a7216e9576b9
SHA512 bacea07d92c32078ca6a0161549b4e18edab745dd44947e5f181d28cc24468e07769d6835816cdfb944fd3d0099bde5e21b48f4966824c5c16c1801712303eb6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751

MD5 a2f58531c677ceeeeb77722b02cfeba9
SHA1 461adc3639aa2aa715f1e784bbb1710096bab7e4
SHA256 856d68ac39ee7488470ae84c98fab5e677393c090608a9d80a955b54861c6952
SHA512 452a574c73e88906c538b0d2bd1fc6de59551234bcb8f4c42b1c4bd49851f2b1b5ba862ebabd09ecaa1dbc53f4d1f00a99419d37248f28eea964ab6f71e1b263

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIYAG1MM\wrapperMessagingWithoutDetection[1].js

MD5 6a96a074f7d5fafa4d5e50b481b83313
SHA1 755a80d91c8ff38d0e57162b84fceec22e9e5921
SHA256 e9940379f29b1325fdeb2fc514a60289b974a7a61cfd9a7f01db86a09aa013ea
SHA512 5e97c5c57b32cd5372347a9a536df7ab49bf19535a1e6d6722f908b6b82917b2e2feccc1456f20f5570b2b082c057a344eff5064ffef391f69be31dfc7b2aece

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F91VN88R\custom.703f5129fe0fc9164ae7.bundle[1].js

MD5 4bf27421ca58796b625db6b69195abd5
SHA1 82a371c21fcb492ab5644ccf4805296e149d5bf3
SHA256 71ad6d423927d0dbdbb0d39ca580dceb7b882a5cd3d0ad5b76c6df56c578de0b
SHA512 3ba53e78632cf813f072abe6a7bebc35b5cf76da21ec2c8cc5ba8967347b21e2d45a0698e3a9aab6cc86259489eee86776aa42523b3de28b1bcf1ec55fe518ba

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F91VN88R\gdpr-tcf.0b327789b5d246674c71.bundle[1].js

MD5 9ef6bbaf6775bf1b7a1ddd9d8051d03a
SHA1 be0e5dad62f81d7e0019928992425b15977ea527
SHA256 167422f9a1a89f8df2d51908c362a3058da461c734bc4323db6ee039c6159f45
SHA512 eda568d6706a4797e01c0542b9ca37a6184a8959aeb9d7b58aa316c1b038cda3fcb306229dd07bf17d891362b87bacdc36c237f09782aa5a400cb1bf342920b1

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIYAG1MM\apple-touch-icon-100x100[1].png

MD5 12fd68d0d224d0fff3bb1b88e0415a5e
SHA1 147ccdb5d559d5ae257f8bc240ae70c7fa502542
SHA256 b345f05be27df53ef98f189d7af753312fb8b2ffc0aec4c14da29dc14e82405a
SHA512 fe8dbc6c7fa6f0d5a534590a26d1aedeb03409363bc10334880a4076ed951039ae0e746623853e87d8dd7edb6d32231b9bf72cfa11b91b437aed36277a83e4ea

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\yiu0yt6\imagestore.dat

MD5 51111ef115c322b01a39684448f007cb
SHA1 858420d8d58b51e3d07f4d999acca3bce83db46d
SHA256 d3ca16f05be0a2676aaf6b630a252c60740ee2ffc4448856f1b30da04efa5f79
SHA512 2ca5934f33fb06d73ad7458dfed67ac51929fbf0b16325432354b704743c0383c25c1351d6f16aadd3e5adf3274bdd63f01994783e8bc593702f048c3e9695fe

memory/1732-906-0x000007FEF5680000-0x000007FEF606C000-memory.dmp

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\EH1Z716A.txt

MD5 3a90f2364bbd6f15f954b034e5d02a27
SHA1 1a692110c2df5daceecbea6ff6ab487977878cb2
SHA256 b2cb50e1aaeb5430e438d1c93e167d7354192f3f4c1cc936d678c414cc659ace
SHA512 0d68c3fa08467469c9619b1c9a08fab6e835940639fab05a917d03deee8bd603e1d1827d488cf4a57961cba8367c9f0e938580735833183b18adbbdbc41683d1

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJB1KT77\chip-installer-feedback[1].htm

MD5 316ebccf7b76c9ae705797c7f77609b9
SHA1 7512078ab7a4abbaa10e0621e89cbba05450e45d
SHA256 2bd2e7e4313820d8a334fbfe3fb292132e0fa708e9f161b7402f1220e54b5ef4
SHA512 94911f64a07fe778c250bbd753b0cb13eb77434564d3003c9cbed278fd76d6d9baf67b9edfa6684ddad9995c4c5539d8cfa5552b632df6e7fe6dda5573d8160e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0f8b45ea575818be8f87e866db69aa6e
SHA1 66807a84e8fc058682ac0818e055c41c0f5f045b
SHA256 6331b2cd17bb6ba0dc7f16c7350437266aafccfd3207b6de8e3309accfca9115
SHA512 b87fc0258b93b5834f592cb2d5025e8ce03ed02d58c8f33e151a193335fbc032a8a31fecf9870400b15cddf36068ae8ab4588537480204a32ac6a7b667341dd1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b3164399722f0dd8faab089e5b96c980
SHA1 350ed87e18180d128efca3e65d7424d3771479ce
SHA256 8579b00087eaade832098d81c3acbeeea8440d049296f895b87ec106b539b33c
SHA512 29e00c2e24e1b242028f4724e6143b26a1ffe44868262bcef1b3402e41a8bcc9b82f481475160d6c74ada72f1b3625a1677e32d0569697f21149fbdb083d3a59

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPUI9R2R\style.min[1].css

MD5 319580d7d8944a1a65f635e0d11e5da5
SHA1 e23bc18ef1b0f78f7010e3c16e4c5e1f333248bd
SHA256 fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
SHA512 743825eaea11208277528e506c115ec786ab060095ae4250c65a9b02fe9e5cb2ac5ac386532486a2678b9615490ce75ba096a9fd2041200989ad07a726b5d9d0

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F91VN88R\ihover[1].css

MD5 2d59839c61fdd2306383b8b19bb3b620
SHA1 c2e5cb709801c4357866911030ccf8855c922931
SHA256 e172e5bf2bd398e53794ab99c32afdc155df9b821025e97c396ed2b1498a1480
SHA512 0ec7ca9e335d38f30ea73e0d7db121ecb570bd14adb82c67200bfa2930bab98eb21f86fba4336d05c15a92f4d5aedc0f733a96922a4b60b21bfb4f6eedbeb1e5

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F91VN88R\style[1].css

MD5 f4dedce91094be8179a3689ddd9ca448
SHA1 5ce2ae55997c22c68333fc22f4c02f20d9775a57
SHA256 2c23fcf35f55769b24fe7f611c1dbf2ba7f931b84540003e77244f5021a73aaa
SHA512 1d2d384ab0bb9b78a1502fb738b794a10f0653e14bb5b8a37ac336f3a2f5bc75110e4ddc59b1dc68c8f57e2407631428fa8661f517ab6402bc4bc1a32aaebc39

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJB1KT77\all[1].css

MD5 daf5cd5fe4cffe229b52d2de9aaca383
SHA1 3cd39c55910c1146808d603d875d9a158e8080b7
SHA256 cb1684b9760122126d1999f6d24a10a105e2ef2846622bca5c09231412394164
SHA512 bc03b6cf2518b5545a6fe88ffda03ec20f1fe4c6f3335a09a98882c72ba9af4b3166fa6d644e60e2316582137177d7d4adf9089aac2b1813d85fcd221719d5fd

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIYAG1MM\wpforms-full[1].css

MD5 e7868a38751400560a26b1c515309bca
SHA1 7a332bc11bd2e7737abdffc56daa341b5c123fb1
SHA256 deab911ffda59f25a226692f9d1d15aebe74c2465db6f9ed6fffd2b12721924b
SHA512 9af15b699cd0bbee31f4fbfdcc2b8f8621332330955cce2ba8953475bb208656f6f2c1f753002f576bfa354fb65ebd51edee4bc28f726a3d7bf1a6d447d8f22a

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIYAG1MM\font-awesome.min[1].css

MD5 269550530cc127b6aa5a35925a7de6ce
SHA1 512c7d79033e3028a9be61b540cf1a6870c896f8
SHA256 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
SHA512 49f4e24e55fa924faa8ad7debe5ffb2e26d439e25696df6b6f20e7f766b50ea58ec3dbd61b6305a1acacd2c80e6e659accee4140f885b9c9e71008e9001fbf4b

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPUI9R2R\elements[1].css

MD5 2fcb248f1e7e9ec3ea873b64bcacac14
SHA1 ec422267ce955f46ad42520df3992705fb444800
SHA256 b1cf2ef1331d3f9e84e9ef2c0cb43d8ae7131e26d976ee49913c6448b3457fb5
SHA512 02cddeb73997d3e5cdfadcebb05f327c54f443317dd9938600d5495ae82451c3e3fff75c851925f1562b5e355e8accacb3020eac6cd086f57d79173cbc35f24e

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPUI9R2R\responsive[1].css

MD5 306b897d3026a6b2df3c23f0ff04486e
SHA1 30b984158aca832d128afdf17330c0faf93f0be9
SHA256 3965a674868b7d51eec896e26a1d2ba9b4bb3c5eaaf936af9707976971de8d55
SHA512 4bbfba2fea79246fddcfecd4c1f7d6e602c2d9fb0ec3ca922711e9ea301b6584b8957084fbea2f65bc665e3c39d9d1187345caacdbca99a6cec30e0605221c08

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIYAG1MM\theme-style[1].css

MD5 e0ec118b509614b109fec81f032eff7c
SHA1 895958dc6b29c62291071c13cf94c44b2010d6c9
SHA256 adefbfc7f20bbafa858065e040c4b83c38c3aa2a078ebafb8dba326f2980d240
SHA512 ffff4abaf75c4dec1b78aa02f68424075f4bc7c65b7282ae57472c29b7f1b5b3c81f5c5a5811f6ba923f1582816e6416ff0666452c6145e5f32b66c5ed507cbe

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIYAG1MM\settings[1].css

MD5 bbdc05bd89914457a2e2fd5c82d2169f
SHA1 470d938b552c6742ab6d09073fd00ad2e5a06b41
SHA256 13f6990c7c68b797db2c4f00f402e2e78858314e909c702b2ced5ff48510a9c3
SHA512 6d9fe88bee33ffcbf8a06bc1934723193e04824b6ccab2e93518ee685ec259ac9dbc40c5982e290f477f546a9dde62e3bc7bab41cd460ca30f3dab0172cf1153

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPUI9R2R\style[1].css

MD5 521721bcb7cd0bec9bf5f096b8ef05be
SHA1 4276508447b64cfff7cf18b70ebe0ded6d30970e
SHA256 99165038278aecc8c278e8dafcb369f6db123fd3f67d99203b4e5950bb6346a1
SHA512 b45962b36d354174c5ba79572a25f5efa33654414405fb8e8a3226395c993c06b70c9560334ebfb2617e5dfb062d30d7c5d24336c823ee00659006d2b6b0f8f0

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F91VN88R\jquery.themepunch.revolution.min[1].js

MD5 01fc8cb5a3ed7fe7a527714b39ac1381
SHA1 0f16b498aeacc6bbce52431b5165b959cc81c8bd
SHA256 7ea819c32bebb49aeb9678b2152d4802a5498ee44d85861b846745a06a1035c1
SHA512 53f73e6c97a2b79770860b5ac0b4a548dd6dedd8f7ebcdf7c5091c1b2c400d73211d4cb2aade620363f70413d6d23f1f251267e04bd9480077713eb77e13c246

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJB1KT77\jquery.themepunch.tools.min[1].js

MD5 67a9644e880e7a471d49c73bb7621932
SHA1 2ac89b145da02402ce1877c580850e08076c5109
SHA256 a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8
SHA512 1496a2aabf901c0882bee50f779eed1a215caa73bb385944f37f4acc61fa0b3b189a32312ae17d9b2013eaaa0636559a4262756cb1f6b8644341037f044ed4b2

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJB1KT77\modernizr.custom[1].js

MD5 d07c2398fb8269d8eb7e9ce2d1d5a6fd
SHA1 6e9f60fdd883cbd4dbdd59d5b15d1cb4f1d8f341
SHA256 07f91b09e865ceb0ff5783e2761b40bf4a23c5eb7cdf01b6ee1cf982d63e2be1
SHA512 20041bddbe37140b41e1eea1ea5640ec747ae1d98a2fd2e01d8103b5f559396eb8929969c528b6403e999e1e5db8dddd9141ba2d93b04214b975085e87466f51

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPUI9R2R\jquery-migrate.min[1].js

MD5 9ffeb32e2d9efbf8f70caabded242267
SHA1 3ad0c10e501ac2a9bfa18f9cd7e700219b378738
SHA256 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
SHA512 8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPUI9R2R\jquery.min[1].js

MD5 826eb77e86b02ab7724fe3d0141ff87c
SHA1 79cd3587d565afe290076a8d36c31c305a573d18
SHA256 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
SHA512 fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPUI9R2R\v4-shims[1].css

MD5 a034d3c71bee546f625877d7932917f8
SHA1 f217d4ded0bc9f786bd9ba1c09ce88aedbaed76e
SHA256 8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910
SHA512 7c76af9016f2fe0705101dad69a05f1b40cb747446ae7be4590357559e586ff163e8b92881e71051dea8caf055b2b58f6874b1b39b4dcdae8b516fd8e80cfd95

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJB1KT77\all[2].css

MD5 ecd507b3125edc4d2a03aa6ae5d07da9
SHA1 a57ee68d11601b0fd8e5037fc241ff65a754473c
SHA256 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
SHA512 d72727e8871a410e34fcc2815b65b84618acfc36c82d4ef80b5bd2acb2710aae7ba3de35626d354b036c38caaf10116572051aeb12e23d8fcd4b947e13aced25

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F91VN88R\wpforms[1].js

MD5 fde3c0a1480b4ec18ffdd682c59ad982
SHA1 c658403379e06f9e9b50a0ace4e8b8f1bab6b588
SHA256 6e8be64a49841c1bd00e69bf967c9aa3d7e46246b9c059b4ca51b15d58d95e5f
SHA512 e1bc7e76cdeac68cc9dcafc9eb187193433cb927164084db3a993e288429ae9b7a02665640920c09065976de84f8c86924c5e0af21afc89c772ca86d2126f08c

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F91VN88R\jquery.validate.min[1].js

MD5 44129a38b53be0fa07af3787460e8b75
SHA1 f5db238b720484dfbdd3b66fa6e1349ef95031c8
SHA256 b94552fdddf133797c626b9c0248f50de46de94e18f97bf778f520555115995c
SHA512 611a74df67bf22e5529845bd24f2edf866fa9382de40ea65153f17dfd7dde0c096e1b83b0f2aa6b3e0bb68e0520e36647fea01fc80977236599aab4eb40ea014

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJB1KT77\ajax-login[1].js

MD5 9192efd7638bd30110ac45dad6f4118e
SHA1 f8ae3f5ce3ab51160a628610824034bf94639ada
SHA256 312eb2602614cbf285f3312d49593210b06e69ad6010a538599e71b35018838d
SHA512 a283c0c1c094e4f6bab9e38aba5eee636b29a6a61359730b97387b96bbbd0fbdf70b7b0375f1cb5f92944eec83cb18c8d9918780f331623ceaaa796b3b97ab75

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIYAG1MM\main[1].js

MD5 481938e44e111a273bc258bb66d609ab
SHA1 712afbc039ba8087c35694b398cd744b3e8a8159
SHA256 9a20032f9d9e28e05c19323ddd065603088e6e67a0dcd18f1d4c337404c713e8
SHA512 759dd0b3209440b6ca9f335e9a0c55267c6847668120cd1daefac773ee97e201947037111b3852c42ac6bec2a650412bbbfafaa3348492949b4b9b282a84059e

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F91VN88R\plugins[1].js

MD5 10678cc966252a1b05d3019fdfc5bc20
SHA1 b70e4866225204e837cd14eef240db9585db3a1f
SHA256 a61329b86f067c05cb342ac74933c3989050aaee369614ace0b768e87645d1d8
SHA512 3287bd77e6d6517aa13cc8b685191c9d5f112a415e762143acf9121258d67940a068c29d71dc296a282039f4cd4200fe3dc81014611b0fe2547a83adf23865d1

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJB1KT77\chip-logo-redesign-white_on_red[1].svg

MD5 386dabaa0311567f9911255dedf7a2af
SHA1 95e1c6f90b88fe419ee10fe01aa99da3300036a6
SHA256 71a960ef12d16335b4bf9cdbbedcd46291e762b037fe4e6831ef73f04f8fc351
SHA512 e28186831c95d0ccabfc7cec01960bacbcae055388a7e1d491d2178667e4559a7c741131f62467bdbcc61a1c9862ca2ad46f942741f00261c6c2d30b77a53aef

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIYAG1MM\logo-chip-ohne_slogan[1].png

MD5 26b0b4527d99f10cc9c0f371948dcec7
SHA1 b4dce56cb60dfb5b997ec380747e6db396be112c
SHA256 091d7f74a57da2c3b134c130eb902731afb62fc7a53d7caa08506a349eff2cef
SHA512 68d6805c73b76ea5cc2f68717f3a57dc1326aa5fa1e98d3f16d7df168f1538c4339fac4a15425bb34f16bc361e2a7b399cdd22b10a9ea95f0bc674727e8c6e15

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\VI73NSRG\www.chip[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F91VN88R\select-icon[1].png

MD5 524ff02e79809fb77fbbba492c74ed86
SHA1 7ff8242cec619144ed079da3394aeded8c62a41a
SHA256 ecd869318cee2b78e4f7c60234360c2c2302d8248081abc7c60a91197f6967c3
SHA512 81a54c295f5f8e0a5014b645ea2353b36e32028ae8b228f629a9cfcdb039677c1f0166fe97da280f7f2d1e754c232602a3488cabdb1482ea79c50f3b9260ca5e

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIYAG1MM\MarselisSlabWeb[1].woff

MD5 1396a859d7bbb9b9344f7f78b5dad8ed
SHA1 0ada90fd6f0a2e22cdd8442653cea240a11c4672
SHA256 4d7dd4fb301738ddb56f813d18f73e04db023bc6970f969768db929b1c3dce55
SHA512 1033faa30988c73e7603d7e16cca796dcc82d5145ceab9264f1d7eff8de05932ed4249ff1bfb737d6381045121f88cc04ef5bd5aaeae094637947d4852166a16

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIYAG1MM\chip-base-icons[1].ttf

MD5 d018bab7eef3741dccd6d5828b8e675f
SHA1 1472e5af8836c7d74b1b7cfe62cdb52d4656eff8
SHA256 1a510255e1d52b7aa4e67465e1721d2dad8a5611218b1a6df2a52a1d5ba3d56e
SHA512 2d59f208b0cd41811c9869ad7921d9f521b331b7e9e26f404896b49ccb11eb3a19dfe6633c6bf4d31875b778bc7c64451578995e0956e6fa8739ff246c29fba7

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIYAG1MM\fa-regular-400[1].eot

MD5 3ac49cb33f43a6471f21ab3df40d1b1e
SHA1 3ad44eb5c276d1435408f253ca78da729a1aca90
SHA256 c1465a6b8743622f759b08a6d5336e57eb6eabdba1b6393fba6d30d45382f3d2
SHA512 fa62032031641c3807805799c4d2f4d9b87a169805f7f306def0cd7adb2d1894df3b98c867fac609cbd60a7588a71af35ac37fdcc55cbb43ace12e98f112b197

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPUI9R2R\fa-solid-900[2].eot

MD5 0c6bfc668a72935760178f91327aed3a
SHA1 ea845c59bee4a5c6db774b8d8060f5641b789ae9
SHA256 373c04fd2418f5c77eea49d514731058f1907a94ff3b4e5d7c3e5767e8b53d8b
SHA512 e285d4692b8dcf9302ed01df2c5cffbe28dfd5b31e6f00c76bca33117868afe6a444eec6e93d08c7212fe2d93b8c72dab7a835cbab4138d9130f345d5251a0a9

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F91VN88R\fa-brands-400[2].eot

MD5 592643a83b8541edc52063d84c468700
SHA1 d1ffd6340cdbf72890ccb67f32015eafc5df51a7
SHA256 e4299464e7b012968eed63ac2db1c9509f56bca409ef9f71f2926a8c3c80b2a9
SHA512 1a3b33ceb28320905650a143bac08841eeda98f1e82fbea0fe1ae37ebbdeb8390a2852b60166ee4f01f1faae83e5c744c5ae93deffa63242e9c6f7859dbc3bba

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJB1KT77\movedo-icons[1].eot

MD5 16b691536da12011e05ff2726e51ebec
SHA1 b230e156924ee031a6b267d80e8338332d680bea
SHA256 ed282a79ade5acde3dc5968c83a2d00876d0360df921515caa4b706a688dc3c2
SHA512 54f8756a0e70677544fea305e5905e89578e1b999d1bf11af103ba64df1bb858b2418fc67412ed70e8748b683aba3b37fdee22de85e56c73b7376f08b00eb3a9

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJB1KT77\fa-brands-400[1].eot

MD5 088a34f78f530102fd9661173b4a4f26
SHA1 d4987ee41e0e4142d561f76b8ea8e034c4d5d9d2
SHA256 e9fdf947c39f06f1b5e63c58eea2f2f74850421b4e32047dacb9c7b75dd42a16
SHA512 f471d0368adf36f6b3651b3b551d914a42eb50b38584cdb79a6ada9c5bb6fb30864b84ea3685ac202e0348e0f58aac6b424a92978e5ff65b20f67106d33ab45e

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F91VN88R\fa-regular-400[1].eot

MD5 b0e2db3b634d1bc3928e127458d993d8
SHA1 670fb01e4930ae46fe8d6d2b75ead288f54e8e61
SHA256 79d088064beb3826054fb88165416235897a856ca952fca1498b1c59b16aaa48
SHA512 981416648a0aba67476855441451b9dd6b8e890f2613ddda054d35dcf18ce3d335c9fb9b06deb25f4424d1af17faa3bc9ad16122d4a97da67f6a6fc33b465aa5

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJB1KT77\fontawesome-webfont[1].eot

MD5 674f50d287a8c48dc19ba404d20fe713
SHA1 d980c2ce873dc43af460d4d572d441304499f400
SHA256 7bfcab6db99d5cfbf1705ca0536ddc78585432cc5fa41bbd7ad0f009033b2979
SHA512 c160d3d77e67eff986043461693b2a831e1175f579490d7f0b411005ea81bd4f5850ff534f6721b727c002973f3f9027ea960fac4317d37db1d4cb53ec9d343a

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJB1KT77\fa-solid-900[1].eot

MD5 7fb1cdd9c3b889161216a13267b55fe2
SHA1 be6b63d528286b1be2328d871c9bae95d8d57174
SHA256 f29eef66eb3ad0e3574d8edb4b9e72a04692a0b2b92d99eb7c4b977611ddd4fe
SHA512 93f06dfddb5a5d772c35c7650102fa3a75746a4398ab1b5b97172f0b278ecce29d6a851ce7f6eb2b56e5d564c0f92f02f4804a96719c9eefdf42127abc4e31c7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B46811C17859FFB409CF0E904A4AA8F8

MD5 971c514f84bba0785f80aa1c23edfd79
SHA1 732acea710a87530c6b08ecdf32a110d254a54c8
SHA256 f157ed17fcaf8837fa82f8b69973848c9b10a02636848f995698212a08f31895
SHA512 43dc1425d80e170c645a3e3bb56da8c3acd31bd637329e9e37094ac346ac85434df4edcdbefc05ae00aea33a80a88e2af695997a495611217fe6706075a63c58

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B46811C17859FFB409CF0E904A4AA8F8

MD5 222649b048a9ef7f8253b4aa3d8fee29
SHA1 16c151f36beef7e9eb90fe49e285dc124efb11b7
SHA256 28cee848d6eb6a65d59d4e7bc945ce2286d249576b92729f38b93fa57e2c046c
SHA512 9471a364037688c3795ddc7724f46d01f18695b58386a36742cc32961bba9fa90c4bd2f330a34cc68f699e309df42ce0628d0b98b12924c8f19cdfc669833dd5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8B2B9A00839EED1DFDCCC3BFC2F5DF12

MD5 67e486b2f148a3fca863728242b6273e
SHA1 452a84c183d7ea5b7c015b597e94af8eef66d44a
SHA256 facaf1c3a4bf232abce19a2d534e495b0d3adc7dbe3797d336249aa6f70adcfb
SHA512 d3a37da3bb10a9736dc03e8b2b49baceef5d73c026e2077b8ebc1b786f2c9b2f807e0aa13a5866cf3b3cafd2bc506242ef139c423eaffb050bbb87773e53881e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8B2B9A00839EED1DFDCCC3BFC2F5DF12

MD5 32882208e442f829c119072dc144f1fc
SHA1 afc597750dbf25ac6599adb3b9ffe4bce432618a
SHA256 1d3ad73f9bbd91dacc06aae3c14176e8edcb6b770ba753177e3c3809993f07de
SHA512 7dda7c139755d3f8d31e8b39ffcf67dde9d7ee60d3a435dc759a3b4e91600d08d0a1781f5ba94f8316b274b5d52f5b8a8bb22779f60c3d2a658174af5b35c250

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 6bc34e55cacc4a61682b4f26b0c22f77
SHA1 d27986600eeec42ec1627e28c57d57c64af6ef48
SHA256 7dba2c45fc2e313f9e9bd58294caef0c8332e820b16396dc13a2b34cc87f2779
SHA512 e6459ca392bbd722c7aaaedc86ccee72f8fb50f104bad870a5babf088349c57d3f4ccc125a1b9a0bf41098b1125a8190567726373541f60f612be9f7856903ad

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fce59b82bbeec47260bf4e3c9fdcebda
SHA1 00ef6eafad9a86b82f364f6a77095efaf7fc8631
SHA256 c195ece5cf017757622adf50ba6723632bb7290d1138e0ea627f5ac802ed7dc2
SHA512 574ae219219e0ffa55662b6bae0eb335df3e67e77b318bc95baae24b67bbeb466838ee28022af7fa064f469d2339ef741aa7df0ef3906fd412fb1711933248e7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 058166fb4c04a92273b66258e9248b29
SHA1 2e712364de562fdcb01ef3b2673dba1a8f8e76ea
SHA256 6dead45d1ae7f5fa1cf7e8364977fea923e38715cf908466ab079c950c873f61
SHA512 a9af4df78dd1f321f90e89cb22159ce7ecd51ff96fc332263b98ba0483af8bdde245acd5911ed0bd2862435e9a13c718fff40baa22932649d8e57a4dc8037e70

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a1e53acf41405592f00b27c1419f5684
SHA1 7d9183647883c490107963f92adbad1e83215b29
SHA256 488e0d5e8457889781169cc187112b8b72fa6bdd62df0f8ce44ca9e0cf8fa7bb
SHA512 a78bde4e96aa829ae7311cf479c75dfc3867a816b3c7cbcbd83c99b12f351b69152c952ac551014ef415146d740ec9a05aec6c780a56b63bf3dad38196d69a58

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 14dfbc1cadb17f272b90ae6330270f23
SHA1 005ef6465a3e08d6058fb88c72dd78014fe7e950
SHA256 a8d8c2518c4e5e227b0ee90f77456d1f7d16ce0623f02f4e3484ac2969a48301
SHA512 8f2581ce87a0c161b3b9977c8bb6531f2e48e30a95114abb80a9e9b0d83d1151485f0175cbbf5a77d520dbac01c209048deaadb8db36295b19899433d9b4f2d4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9630b31f45b49186528270702f5a5d21
SHA1 49a3557c5b33ba5664e51fa47f1045f9926f37cb
SHA256 af94928eb9e20aaf0ea1a9994d602c89f6187e860fee3c5440a4b850a730c596
SHA512 30ec2770365ab7d0df1040503382e4942d7112c14c23bf9700162362bed4a3a0e40601c3696164b49c326fa382798023cd003c88b79bcbda2bcf48bd300403c3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a8366375727428f9bed357bcda1bdc7e
SHA1 3abe4444c2bd38b6530fd021a5f923bd61efe71b
SHA256 549a12e1bffb179ce9aa24789a7fffaade34c3261a778b0f2053735edab300bf
SHA512 c2e00661b2066bb150b7ec420a9e969f09d7fc25e2602466b770cb4b1795fa56be89d141d74bfcfc13f180411384f0f1d061d4b32c5f32305662da64f4dc7a5a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 ebc5e6087bfc7876a23080290a8bc3d6
SHA1 1edea18e0bf1dfb34b183241e478941fba881355
SHA256 b890624d9e175dc5e94409b62a1d172080f352c344244ea81eb04898b766cc9e
SHA512 adcbd5b8d0aaaa92580152c27f94b3700204fd15d57a408d435ce02f3d3900c6cd37176ffecd112ccd319638166afbba004b60ba4bb8f69f37d81fb653c1369c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 71569acb6ff266383d8f3c458fe443df
SHA1 994b9ad7cc9c939c1f81b8b5daf21775bb69b0a0
SHA256 6467af44a1946c267880773db12bdc7b12e516607623fce7a2f765e30e065965
SHA512 019ea565d6f115db48c0f5c752fc45781b83d4cf278566bdd58b39163252c382e3fc9f3b35e5a2ef469fee97d0e9e3ed942c1b1f5dc7472b898fe113778fbb14

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6ea8c8d83d16eefbbf558dbe2b6b2d42
SHA1 db73ed4cb4ad73498a7c268a7d2417d7ebd7b41f
SHA256 651b831f93b0c2ab68af73691a892255d30758e58b2a6b4515f0b07341851fc2
SHA512 5fe86c63d84c671a9d2b0f83b8111532be82fac215e7d23815a38b10e0a51891f605a5c720127873691e62daec843175539ba78be538df2ba5fd5728ef89135a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c050727f317f0961bb5c6ba7e512330a
SHA1 bab69e86bd24abaf456da3b6011999dbafc44517
SHA256 84d5b3a0879a89d381ceebf20c15051a3acaa03c969b080796d5768a96bf730b
SHA512 a1137c1c1fee3b2a31cdc6e43f1f8b4a8848769b537dd973e5d4f298a519db71fc9efb9ff1f37c592bc1e11947b2588b0616702e6de5fe48673bc468f57f4425

Analysis: behavioral2

Detonation Overview

Submitted

2024-10-29 16:38

Reported

2024-10-29 16:41

Platform

win10v2004-20241007-en

Max time kernel

145s

Max time network

156s

Command Line

"C:\Users\Admin\AppData\Local\Temp\7c2fd2a7a4ac9763d2010bcc3640aa48_JaffaCakes118.exe"

Signatures

Checks installed software on the system

discovery

Browser Information Discovery

discovery

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\7c2fd2a7a4ac9763d2010bcc3640aa48_JaffaCakes118.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7c2fd2a7a4ac9763d2010bcc3640aa48_JaffaCakes118.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7c2fd2a7a4ac9763d2010bcc3640aa48_JaffaCakes118.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\7c2fd2a7a4ac9763d2010bcc3640aa48_JaffaCakes118.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3344 wrote to memory of 3136 N/A C:\Users\Admin\AppData\Local\Temp\7c2fd2a7a4ac9763d2010bcc3640aa48_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3344 wrote to memory of 3136 N/A C:\Users\Admin\AppData\Local\Temp\7c2fd2a7a4ac9763d2010bcc3640aa48_JaffaCakes118.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 4772 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 4772 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 1128 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 924 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 924 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3136 wrote to memory of 4548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Users\Admin\AppData\Local\Temp\7c2fd2a7a4ac9763d2010bcc3640aa48_JaffaCakes118.exe

"C:\Users\Admin\AppData\Local\Temp\7c2fd2a7a4ac9763d2010bcc3640aa48_JaffaCakes118.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.chip.de/downloads/?icp2=download.badUU2020

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d12e46f8,0x7ff9d12e4708,0x7ff9d12e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2228 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2688 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3396 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5380 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5380 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5164 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.chip.de/secured-installer-support/feedback?t=&cid=&pid=&pg=45787072657373&data=26536574757049443D26436C69656E7449443D33313635333836363634333136353330324433363634333936343244333436353631333132443631333533383333324433333631333033393333333233383337363336353331333026436F6E74656E7449443D26506172746E657249443D26536F7572636549443D267374724F533D353736393645363436463737373333313330264455423D364437333635363436373635324536353738363526737472416E746976697275733D2665784D73673D34463632364136353633373432303732363536363635373236353645363336353230364536463734323037333635373432303734364632303631364532303639364537333734363136453633363532303646363632303631364532303646363236413635363337343245264572726F72506C6163653D34333638363536333642353336313736363534313733

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d12e46f8,0x7ff9d12e4708,0x7ff9d12e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4880 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.chip.de/secured-installer-support/feedback?t=&cid=&pid=&pg=45787072657373&data=26536574757049443D26436C69656E7449443D33313635333836363634333136353330324433363634333936343244333436353631333132443631333533383333324433333631333033393333333233383337363336353331333026436F6E74656E7449443D26506172746E657249443D26536F7572636549443D267374724F533D353736393645363436463737373333313330264455423D364437333635363436373635324536353738363526737472416E746976697275733D2665784D73673D34463632364136353633373432303732363536363635373236353645363336353230364536463734323037333635373432303734364632303631364532303639364537333734363136453633363532303646363632303631364532303646363236413635363337343245264572726F72506C6163653D34333638363536333642353336313736363534313733

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xfc,0x10c,0x7ff9d12e46f8,0x7ff9d12e4708,0x7ff9d12e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3736 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6420 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.chip.de/secured-installer-support/feedback?t=&cid=&pid=&pg=45787072657373&data=26536574757049443D26436C69656E7449443D33313635333836363634333136353330324433363634333936343244333436353631333132443631333533383333324433333631333033393333333233383337363336353331333026436F6E74656E7449443D26506172746E657249443D26536F7572636549443D267374724F533D353736393645363436463737373333313330264455423D364437333635363436373635324536353738363526737472416E746976697275733D2665784D73673D34463632364136353633373432303732363536363635373236353645363336353230364536463734323037333635373432303734364632303631364532303639364537333734363136453633363532303646363632303631364532303646363236413635363337343245264572726F72506C6163653D34333638363536333642353336313736363534313733

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d12e46f8,0x7ff9d12e4708,0x7ff9d12e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5760 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6732 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.chip.de/secured-installer-support/feedback?t=&cid=&pid=&pg=45787072657373&data=26536574757049443D26436C69656E7449443D33313635333836363634333136353330324433363634333936343244333436353631333132443631333533383333324433333631333033393333333233383337363336353331333026436F6E74656E7449443D26506172746E657249443D26536F7572636549443D267374724F533D353736393645363436463737373333313330264455423D364437333635363436373635324536353738363526737472416E746976697275733D2665784D73673D34463632364136353633373432303732363536363635373236353645363336353230364536463734323037333635373432303734364632303631364532303639364537333734363136453633363532303646363632303631364532303646363236413635363337343245264572726F72506C6163653D34333638363536333642353336313736363534313733

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d12e46f8,0x7ff9d12e4708,0x7ff9d12e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6392 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6836 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.chip.de/secured-installer-support/feedback?t=&cid=&pid=&pg=45787072657373&data=26536574757049443D26436C69656E7449443D33313635333836363634333136353330324433363634333936343244333436353631333132443631333533383333324433333631333033393333333233383337363336353331333026436F6E74656E7449443D26506172746E657249443D26536F7572636549443D267374724F533D353736393645363436463737373333313330264455423D364437333635363436373635324536353738363526737472416E746976697275733D2665784D73673D34463632364136353633373432303732363536363635373236353645363336353230364536463734323037333635373432303734364632303631364532303639364537333734363136453633363532303646363632303631364532303646363236413635363337343245264572726F72506C6163653D34333638363536333642353336313736363534313733

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d12e46f8,0x7ff9d12e4708,0x7ff9d12e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7144 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4300 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.chip.de/secured-installer-support/feedback?t=&cid=&pid=&pg=45787072657373&data=26536574757049443D26436C69656E7449443D33313635333836363634333136353330324433363634333936343244333436353631333132443631333533383333324433333631333033393333333233383337363336353331333026436F6E74656E7449443D26506172746E657249443D26536F7572636549443D267374724F533D353736393645363436463737373333313330264455423D364437333635363436373635324536353738363526737472416E746976697275733D2665784D73673D34463632364136353633373432303732363536363635373236353645363336353230364536463734323037333635373432303734364632303631364532303639364537333734363136453633363532303646363632303631364532303646363236413635363337343245264572726F72506C6163653D34333638363536333642353336313736363534313733

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff9d12e46f8,0x7ff9d12e4708,0x7ff9d12e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6304 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6732 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.chip.de/secured-installer-support/feedback?t=&cid=&pid=&pg=45787072657373&data=26536574757049443D26436C69656E7449443D33313635333836363634333136353330324433363634333936343244333436353631333132443631333533383333324433333631333033393333333233383337363336353331333026436F6E74656E7449443D26506172746E657249443D26536F7572636549443D267374724F533D353736393645363436463737373333313330264455423D364437333635363436373635324536353738363526737472416E746976697275733D2665784D73673D34463632364136353633373432303732363536363635373236353645363336353230364536463734323037333635373432303734364632303631364532303639364537333734363136453633363532303646363632303631364532303646363236413635363337343245264572726F72506C6163653D34333638363536333642353336313736363534313733

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d12e46f8,0x7ff9d12e4708,0x7ff9d12e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6680 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.chip.de/secured-installer-support/feedback?t=&cid=&pid=&pg=45787072657373&data=26536574757049443D26436C69656E7449443D33313635333836363634333136353330324433363634333936343244333436353631333132443631333533383333324433333631333033393333333233383337363336353331333026436F6E74656E7449443D26506172746E657249443D26536F7572636549443D267374724F533D353736393645363436463737373333313330264455423D364437333635363436373635324536353738363526737472416E746976697275733D2665784D73673D34463632364136353633373432303732363536363635373236353645363336353230364536463734323037333635373432303734364632303631364532303639364537333734363136453633363532303646363632303631364532303646363236413635363337343245264572726F72506C6163653D34333638363536333642353336313736363534313733

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d12e46f8,0x7ff9d12e4708,0x7ff9d12e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6860 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.chip.de/secured-installer-support/feedback?t=&cid=&pid=&pg=45787072657373&data=26536574757049443D26436C69656E7449443D33313635333836363634333136353330324433363634333936343244333436353631333132443631333533383333324433333631333033393333333233383337363336353331333026436F6E74656E7449443D26506172746E657249443D26536F7572636549443D267374724F533D353736393645363436463737373333313330264455423D364437333635363436373635324536353738363526737472416E746976697275733D2665784D73673D34463632364136353633373432303732363536363635373236353645363336353230364536463734323037333635373432303734364632303631364532303639364537333734363136453633363532303646363632303631364532303646363236413635363337343245264572726F72506C6163653D34333638363536333642353336313736363534313733

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d12e46f8,0x7ff9d12e4708,0x7ff9d12e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.chip.de/secured-installer-support/feedback?t=&cid=&pid=&pg=45787072657373&data=26536574757049443D26436C69656E7449443D33313635333836363634333136353330324433363634333936343244333436353631333132443631333533383333324433333631333033393333333233383337363336353331333026436F6E74656E7449443D26506172746E657249443D26536F7572636549443D267374724F533D353736393645363436463737373333313330264455423D364437333635363436373635324536353738363526737472416E746976697275733D2665784D73673D34463632364136353633373432303732363536363635373236353645363336353230364536463734323037333635373432303734364632303631364532303639364537333734363136453633363532303646363632303631364532303646363236413635363337343245264572726F72506C6163653D34333638363536333642353336313736363534313733

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d12e46f8,0x7ff9d12e4708,0x7ff9d12e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1296 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7336 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.chip.de/secured-installer-support/feedback?t=&cid=&pid=&pg=45787072657373&data=26536574757049443D26436C69656E7449443D33313635333836363634333136353330324433363634333936343244333436353631333132443631333533383333324433333631333033393333333233383337363336353331333026436F6E74656E7449443D26506172746E657249443D26536F7572636549443D267374724F533D353736393645363436463737373333313330264455423D364437333635363436373635324536353738363526737472416E746976697275733D2665784D73673D34463632364136353633373432303732363536363635373236353645363336353230364536463734323037333635373432303734364632303631364532303639364537333734363136453633363532303646363632303631364532303646363236413635363337343245264572726F72506C6163653D34333638363536333642353336313736363534313733

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d12e46f8,0x7ff9d12e4708,0x7ff9d12e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.chip.de/secured-installer-support/feedback?t=&cid=&pid=&pg=45787072657373&data=26536574757049443D26436C69656E7449443D33313635333836363634333136353330324433363634333936343244333436353631333132443631333533383333324433333631333033393333333233383337363336353331333026436F6E74656E7449443D26506172746E657249443D26536F7572636549443D267374724F533D353736393645363436463737373333313330264455423D364437333635363436373635324536353738363526737472416E746976697275733D2665784D73673D34463632364136353633373432303732363536363635373236353645363336353230364536463734323037333635373432303734364632303631364532303639364537333734363136453633363532303646363632303631364532303646363236413635363337343245264572726F72506C6163653D34333638363536333642353336313736363534313733

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d12e46f8,0x7ff9d12e4708,0x7ff9d12e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7936 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.chip.de/secured-installer-support/feedback?t=&cid=&pid=&pg=45787072657373&data=26536574757049443D26436C69656E7449443D33313635333836363634333136353330324433363634333936343244333436353631333132443631333533383333324433333631333033393333333233383337363336353331333026436F6E74656E7449443D26506172746E657249443D26536F7572636549443D267374724F533D353736393645363436463737373333313330264455423D364437333635363436373635324536353738363526737472416E746976697275733D2665784D73673D34463632364136353633373432303732363536363635373236353645363336353230364536463734323037333635373432303734364632303631364532303639364537333734363136453633363532303646363632303631364532303646363236413635363337343245264572726F72506C6163653D34333638363536333642353336313736363534313733

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d12e46f8,0x7ff9d12e4708,0x7ff9d12e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.chip.de/secured-installer-support/feedback?t=&cid=&pid=&pg=45787072657373&data=26536574757049443D26436C69656E7449443D33313635333836363634333136353330324433363634333936343244333436353631333132443631333533383333324433333631333033393333333233383337363336353331333026436F6E74656E7449443D26506172746E657249443D26536F7572636549443D267374724F533D353736393645363436463737373333313330264455423D364437333635363436373635324536353738363526737472416E746976697275733D2665784D73673D34463632364136353633373432303732363536363635373236353645363336353230364536463734323037333635373432303734364632303631364532303639364537333734363136453633363532303646363632303631364532303646363236413635363337343245264572726F72506C6163653D34333638363536333642353336313736363534313733

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d12e46f8,0x7ff9d12e4708,0x7ff9d12e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7420 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7384 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.chip.de/secured-installer-support/feedback?t=&cid=&pid=&pg=45787072657373&data=26536574757049443D26436C69656E7449443D33313635333836363634333136353330324433363634333936343244333436353631333132443631333533383333324433333631333033393333333233383337363336353331333026436F6E74656E7449443D26506172746E657249443D26536F7572636549443D267374724F533D353736393645363436463737373333313330264455423D364437333635363436373635324536353738363526737472416E746976697275733D2665784D73673D34463632364136353633373432303732363536363635373236353645363336353230364536463734323037333635373432303734364632303631364532303639364537333734363136453633363532303646363632303631364532303646363236413635363337343245264572726F72506C6163653D34333638363536333642353336313736363534313733

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d12e46f8,0x7ff9d12e4708,0x7ff9d12e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1048 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8096 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.chip.de/secured-installer-support/feedback?t=&cid=&pid=&pg=45787072657373&data=26536574757049443D26436C69656E7449443D33313635333836363634333136353330324433363634333936343244333436353631333132443631333533383333324433333631333033393333333233383337363336353331333026436F6E74656E7449443D26506172746E657249443D26536F7572636549443D267374724F533D353736393645363436463737373333313330264455423D364437333635363436373635324536353738363526737472416E746976697275733D2665784D73673D34463632364136353633373432303732363536363635373236353645363336353230364536463734323037333635373432303734364632303631364532303639364537333734363136453633363532303646363632303631364532303646363236413635363337343245264572726F72506C6163653D34333638363536333642353336313736363534313733

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d12e46f8,0x7ff9d12e4708,0x7ff9d12e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6972 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7340 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.chip.de/secured-installer-support/feedback?t=&cid=&pid=&pg=45787072657373&data=26536574757049443D26436C69656E7449443D33313635333836363634333136353330324433363634333936343244333436353631333132443631333533383333324433333631333033393333333233383337363336353331333026436F6E74656E7449443D26506172746E657249443D26536F7572636549443D267374724F533D353736393645363436463737373333313330264455423D364437333635363436373635324536353738363526737472416E746976697275733D2665784D73673D34463632364136353633373432303732363536363635373236353645363336353230364536463734323037333635373432303734364632303631364532303639364537333734363136453633363532303646363632303631364532303646363236413635363337343245264572726F72506C6163653D34333638363536333642353336313736363534313733

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d12e46f8,0x7ff9d12e4708,0x7ff9d12e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6472 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8532 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.chip.de/secured-installer-support/feedback?t=&cid=&pid=&pg=45787072657373&data=26536574757049443D26436C69656E7449443D33313635333836363634333136353330324433363634333936343244333436353631333132443631333533383333324433333631333033393333333233383337363336353331333026436F6E74656E7449443D26506172746E657249443D26536F7572636549443D267374724F533D353736393645363436463737373333313330264455423D364437333635363436373635324536353738363526737472416E746976697275733D2665784D73673D34463632364136353633373432303732363536363635373236353645363336353230364536463734323037333635373432303734364632303631364532303639364537333734363136453633363532303646363632303631364532303646363236413635363337343245264572726F72506C6163653D34333638363536333642353336313736363534313733

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d12e46f8,0x7ff9d12e4708,0x7ff9d12e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8448 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.chip.de/secured-installer-support/feedback?t=&cid=&pid=&pg=45787072657373&data=26536574757049443D26436C69656E7449443D33313635333836363634333136353330324433363634333936343244333436353631333132443631333533383333324433333631333033393333333233383337363336353331333026436F6E74656E7449443D26506172746E657249443D26536F7572636549443D267374724F533D353736393645363436463737373333313330264455423D364437333635363436373635324536353738363526737472416E746976697275733D2665784D73673D34463632364136353633373432303732363536363635373236353645363336353230364536463734323037333635373432303734364632303631364532303639364537333734363136453633363532303646363632303631364532303646363236413635363337343245264572726F72506C6163653D34333638363536333642353336313736363534313733

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d12e46f8,0x7ff9d12e4708,0x7ff9d12e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8432 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7332 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,15620364707751792201,12793923458411609143,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=8956 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 api2.chip-secured-download.de udp
DE 116.203.169.158:80 api2.chip-secured-download.de tcp
US 8.8.8.8:53 ocs1.chdi-server.de udp
DE 116.203.169.152:80 ocs1.chdi-server.de tcp
US 8.8.8.8:53 158.169.203.116.in-addr.arpa udp
US 8.8.8.8:53 152.169.203.116.in-addr.arpa udp
US 8.8.8.8:53 14.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 www.chip.de udp
GB 2.19.248.210:443 www.chip.de tcp
US 8.8.8.8:53 content.chip.de udp
US 8.8.8.8:53 cmp.chip.de udp
US 8.8.8.8:53 cp.chip.de udp
NL 108.156.60.128:443 cmp.chip.de tcp
GB 143.244.38.136:443 cp.chip.de tcp
US 8.8.8.8:53 im.chip.de udp
US 8.8.8.8:53 210.248.19.2.in-addr.arpa udp
US 8.8.8.8:53 tags.chip.de udp
NL 18.239.83.122:443 tags.chip.de tcp
NL 108.156.60.128:443 cmp.chip.de tcp
GB 143.244.38.136:443 cp.chip.de udp
GB 143.244.38.136:443 cp.chip.de tcp
US 8.8.8.8:53 128.60.156.108.in-addr.arpa udp
US 8.8.8.8:53 136.38.244.143.in-addr.arpa udp
US 8.8.8.8:53 122.83.239.18.in-addr.arpa udp
US 8.8.8.8:53 113.39.65.18.in-addr.arpa udp
US 8.8.8.8:53 assets.sp.chip.de udp
GB 18.165.160.12:443 assets.sp.chip.de tcp
US 8.8.8.8:53 app.varify.io udp
US 104.26.9.83:443 app.varify.io tcp
US 8.8.8.8:53 12.160.165.18.in-addr.arpa udp
US 8.8.8.8:53 83.9.26.104.in-addr.arpa udp
US 8.8.8.8:53 data-2f2ec12966.chip.de udp
DE 91.215.100.78:443 data-2f2ec12966.chip.de tcp
US 8.8.8.8:53 sp.chip.de udp
DE 18.197.217.20:443 sp.chip.de tcp
DE 18.197.217.20:443 sp.chip.de tcp
DE 91.215.100.78:443 data-2f2ec12966.chip.de tcp
US 8.8.8.8:53 78.100.215.91.in-addr.arpa udp
US 8.8.8.8:53 20.217.197.18.in-addr.arpa udp
GB 2.19.248.210:443 im.chip.de tcp
N/A 224.0.0.251:5353 udp
GB 2.19.248.210:80 im.chip.de tcp
GB 2.19.248.210:80 im.chip.de tcp
US 8.8.8.8:53 www.chip.info udp
DE 138.201.245.68:443 www.chip.info tcp
US 8.8.8.8:53 68.245.201.138.in-addr.arpa udp
US 8.8.8.8:53 use.fontawesome.com udp
US 172.67.142.245:443 use.fontawesome.com tcp
US 172.67.142.245:443 use.fontawesome.com tcp
US 172.67.142.245:443 use.fontawesome.com tcp
US 8.8.8.8:53 245.142.67.172.in-addr.arpa udp
US 8.8.8.8:53 200.163.202.172.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 68.209.201.84.in-addr.arpa udp
US 8.8.8.8:53 nw-umwatson.events.data.microsoft.com udp
US 20.42.73.29:443 nw-umwatson.events.data.microsoft.com tcp
US 8.8.8.8:53 29.73.42.20.in-addr.arpa udp
US 8.8.8.8:53 77.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 www.chip.de udp
US 8.8.8.8:53 cmp.chip.de udp
GB 2.19.248.210:80 www.chip.de tcp
US 8.8.8.8:53 79.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 10.27.171.150.in-addr.arpa udp

Files

memory/3344-0-0x00007FF9D9B23000-0x00007FF9D9B25000-memory.dmp

memory/3344-1-0x0000000000140000-0x00000000001B6000-memory.dmp

memory/3344-2-0x00007FF9D9B20000-0x00007FF9DA5E1000-memory.dmp

memory/3344-3-0x00007FF9D9B20000-0x00007FF9DA5E1000-memory.dmp

memory/3344-4-0x00007FF9D9B20000-0x00007FF9DA5E1000-memory.dmp

memory/3344-5-0x00007FF9D9B20000-0x00007FF9DA5E1000-memory.dmp

memory/3344-6-0x00007FF9D9B20000-0x00007FF9DA5E1000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 61cef8e38cd95bf003f5fdd1dc37dae1
SHA1 11f2f79ecb349344c143eea9a0fed41891a3467f
SHA256 ae671613623b4477fbd5daf1fd2d148ae2a09ddcc3804b2b6d4ffcb60b317e3e
SHA512 6fb9b333fe0e8fde19fdd0bd01a1990a4e60a87c0a02bc8297da1206e42f8690d06b030308e58c862e9e77714a585eed7cc1627590d99a10aeb77fc0dd3d864d

\??\pipe\LOCAL\crashpad_3136_YQFTYMREMSFRRJRI

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 0a9dc42e4013fc47438e96d24beb8eff
SHA1 806ab26d7eae031a58484188a7eb1adab06457fc
SHA256 58d66151799526b3fa372552cd99b385415d9e9a119302b99aadc34dd51dd151
SHA512 868d6b421ae2501a519595d0c34ddef25b2a98b082c5203da8349035f1f6764ddf183197f1054e7e86a752c71eccbc0649e515b63c55bc18cf5f0592397e258f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 fde015239f3f785af806c10f72964af6
SHA1 f8b3315b92facada96d01bd41736460d893b2c5f
SHA256 7226f14816b4af853e159872674a10045c9272d2f75297125fbc09a759b63468
SHA512 c275f8853621c0e1e507fcdb1fa21bbcd068e3041837e3d8c7c3260e843e9ce4341d811729efafc4ae94889a2ad298b4b6c21f076fb4bd987e95f687e8b9463d

memory/3344-44-0x00007FF9D9B23000-0x00007FF9D9B25000-memory.dmp

memory/3344-68-0x00007FF9D9B20000-0x00007FF9DA5E1000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 2ddcf69b536d4749ea2f68ce2e9fea40
SHA1 0f78c2d952e6e2f22e9c7ce249181ae806e922ca
SHA256 26ae535ac008c2196e26f2e6515c9a40751d8ae3746a18005ea1a8f521002303
SHA512 1668af6ae1308c658a76716f28bc8a8f520a17c2f0a757f7ad0e3ed6d46f7b047d701e8789cf15978af9162fd939a52072bb156f5117b85b0a21df7acd09f554

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

MD5 4e0c6c26a5bc7edd64fce32b753cc0e4
SHA1 16699f325f17c25ec84855d0e4f3e192c7cd868d
SHA256 126806ee184d6bdc9d4fa042c5d7889a7d25e78f332513890057756e593ec79d
SHA512 4e7f7a13bb22f6e9a74707faf1540e83cb0bfa63552ac506cdd6ab00a1d7e426a13be296488301d7a910605be01d1d4289e152269b29b03e9038c6928265fbeb

memory/3344-100-0x00007FF9D9B20000-0x00007FF9DA5E1000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 32127e9ce575d77bdba2c0a6ed72fda2
SHA1 23f0871c2cb947df0de3c8c3cf5e3b71e8d763a3
SHA256 c1636d602406dd842f25e1c156340ac9a43cd842688c115d5e4c19ad44589b28
SHA512 9858182411393d7ab555e06375db4523f9a528bd7ce18180de57551cacc2c7c01c44c14a4360f5292f00e3d39f4f22198cf869a207279536a71b6b13625175cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 310fc4769a2c7ca6cbc7aa6a6107b964
SHA1 fe50c7ae19f8243199acd11f11829e193c4909d6
SHA256 1477accfc9f969aaefa71624d4edc872197b02e11648187c208efcefff75a698
SHA512 ad5fa7ff01f2e0b78f8cf8cd8efacd5db075b73376d0e5303ba9490342ee97af1edf4960d1c6446c020ad0f31b50f2a2b3b42a3132f2a2002de1bacc61563387

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

MD5 812f3f2851f697f4ebd801ef5c798d9c
SHA1 b68b1dd17218ea2f549114089707fd5c97a0a7bd
SHA256 40b9714fd520a5e315fc8e9e9af306ed4dc3682d78c2dd683cfbf1ecc1347333
SHA512 da87259a2932a23cd05ce007811a21a07b969b696439f0ee86c3f6930a490cd7d56fa6f89b6f5e5c24e6f2bf54d99d63599d59f6bf8a6b4147bd0e2f6f59b6ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

MD5 90f9f5d6a438e32a881b2810d399a14d
SHA1 194e9a0201d083517842b169e75ce14c0b3340cf
SHA256 b3eb6b5410dfaef6048e57bb82bea987166fb7fe98c8f585ea26d55285332a6e
SHA512 3ff4ff37a89ea7dcf423f65b0001b0565bca00980e0395f9e879d4377328b5930cee48fcb5ee0b3c9d65e9a55a74e2c32b853097d8ef58ceb1bd8e0d2458c48d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

MD5 d6182d765414d228d788a74e2d7e10d5
SHA1 1190f12685840a6bd91790eb7df79ed9f06c6266
SHA256 3319f2daa863d4f9b82c511a9861d26a00086ae6291fd40d6f8dd38d6a2bb7eb
SHA512 bac88fec5308c9cb3c154d03e3dee4d971892d9e352b1bce08bef8006fa2a25397289758732e84a830c0701594462ecdf6deeb0dd4c3d449d8d3bcf306c4f5d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 4971a6ea46dbeae53088ac755fe37d5d
SHA1 edb30dd65b3eeb80930b04e91a9945d33186b5c7
SHA256 2118a92f8bb50e2ce191ef789a5aee19f6481e3394b99a696bc2b8f694449ad7
SHA512 c24d3dc445b3f0f8c7220fcba50016eb5ec6222c1e8351e9930b0f941fad4c132d6ad846f5099bcef1fdd806ae8f34cd02a7b6709a3349af978a7b36be411eb3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 0608c5f06d974530489aad86c51ccf5e
SHA1 10973e93f6464407eb1184db47e80d9f66988331
SHA256 397aa8d8b05586b07a4567e8a0ce21de2d9924e58e38f26daffb319697a032c7
SHA512 a654401346c88081236e4f52b700248e652229ca65ea5089b314fcc37bb481bbb785d4f5871e3a62cf369cfd29b40012bce4a45d77a3906bff59f41638df5e39

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 f4f8f939cd19b7d3fa19b4bbcc21a1f6
SHA1 278ecfa3e2aa4caef632c5f61e524902d62c1ac1
SHA256 c187f8135bba78f31cc83ccdad95bf03ed96a8d0d6331db2ef3a72c59718e21a
SHA512 95646c067a7ee0dc5fb2c00f3a21a987aa69ba27aef8afa2e135180d39a86d5f1780c76b8c41e1dc0259bedcd3e21e87e56a89774f8be2470308c1c0b369858d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

MD5 86adb1aae7a21d0620c71e1134670243
SHA1 961cde623ed0fb1e83c0d24a041a951d50da94ab
SHA256 d51667ded9b2eccfdd7a0e4a5dd52ba77815b7e55f80dda790ee839aa815736a
SHA512 1fc58b12822d1df1c64a255c8c05d09bfc798cfbceb7f8c2e633c7a4bc3f43daabb643b5cf7645df5ad0c17991b5277ad848a599fde5d767c3cd783c0b9327fe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 f0ee8f1089f063ca6fa08a96a5ad62a9
SHA1 9151549922e14b42a273978594798230ab6e679f
SHA256 90114ad5e35515400e5c2c762b5b5acdbf12835c9c3af1cbce956f9bd0d04318
SHA512 2e79fb7bc0a98758ef182fac2c7fba0a028e736a6b3c8119675adc10f56d8ad5f5a17f61ad1aadc77306dac54790ff111929fe7b152158328fec165fbf9df186

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

MD5 9dd21c2e4eed047c0c1751a5eae34592
SHA1 d01a716dc128b93e0e01b49361b7b57019e96553
SHA256 4e180501aa072fc6979010bbff5c34ed796648d47e22537fed44479630e0a8f4
SHA512 b4a849b3103c895a5a62239a5e1d2a8af743315c9738969e64f0a591c9bf5d93bcbce8d5c9f17d3b62d6593cc7955d9f9c290037437d47b39aa6f0c08ad2dca5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

MD5 bcd774d10f610fab9bb56c18d4b6947c
SHA1 cd07e6f6a0d33c3b308231f693829daf62b8391c
SHA256 5afb80c8c0f78a204b2abd339a968b41f2db5f005b58aa1eeb0c172246bb58f1
SHA512 e844cf3117ed12d65815ca2884aff371d8e3c72a5e6fcc880621995c4739ab6e568e60ae802345cf1373e5f63fc9bfe0216cc95907b57d70f0818292dfb36767

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 26b0b4527d99f10cc9c0f371948dcec7
SHA1 b4dce56cb60dfb5b997ec380747e6db396be112c
SHA256 091d7f74a57da2c3b134c130eb902731afb62fc7a53d7caa08506a349eff2cef
SHA512 68d6805c73b76ea5cc2f68717f3a57dc1326aa5fa1e98d3f16d7df168f1538c4339fac4a15425bb34f16bc361e2a7b399cdd22b10a9ea95f0bc674727e8c6e15

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

MD5 1396a859d7bbb9b9344f7f78b5dad8ed
SHA1 0ada90fd6f0a2e22cdd8442653cea240a11c4672
SHA256 4d7dd4fb301738ddb56f813d18f73e04db023bc6970f969768db929b1c3dce55
SHA512 1033faa30988c73e7603d7e16cca796dcc82d5145ceab9264f1d7eff8de05932ed4249ff1bfb737d6381045121f88cc04ef5bd5aaeae094637947d4852166a16

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

MD5 ed311c7a0ade9a75bb3ebf5a7670f31d
SHA1 0613c7ebba55ee47ef302c0f7766324692f899a7
SHA256 8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
SHA512 6048e7ab94134b7200f0d5ed7fb8d577298d4831a2b3a4e0e5baa5c67468f77d4409314d63d34436ba6ba038c86faf87e46dacf98d311a74291b976fa39a9674

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 af0264e295e928cdc8c33f12d5c14f3e
SHA1 e08700fe6eb3521cca33478787b3cbe8df7767ee
SHA256 501bc8d0b5a0197767dc5cc0886a92fb4cd1ac729da8edf35accd3b6919d9df5
SHA512 0431a7b6e0d04ddf6dcd359b13d9828172d0e14150da16aca132b929d03f43f33fec7c8aab2e42a6a50b8885d52a5db9a9678f8820f8b941a15e168e13521b4e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581ff7.TMP

MD5 acd5d621567dfadbe4533b2c50554be7
SHA1 c00f50eaa98206bf2dc442aceb9a35142b262435
SHA256 74f72cb91865e46ff1ce64a50892c3177e3b2c4804b70d25714376f6b16113aa
SHA512 3cc87f9e6d4fbcd99113312f653b1d349256c2fc81988815a7c769a9e2e78bdc6b67ce881481867a664b4e8d3f1fb0d484b04c97866f11d5924ca2e6797de53e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 67800d94c31efaaa14a8b0f51b86ec12
SHA1 13f0529140b4f71d397e55c8135b7202009cf632
SHA256 a41f1bcbdeb691c0e9e9eeaf7beccd01dc8c4e1ebdfcaa777821a27fc5e5b4b5
SHA512 b3aa656873e5b956655deaeeb37f2cf655a43e520f4843d5b5c1b820d0aef063a6bbe0f7463f3edbf803ce76f6e2f0ec1d3fcbec58a898e8a39f7fccd1a92131

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\reports\14e067b5-7e96-48b8-a2be-4d0f6575bc48.dmp

MD5 fa2c4628bbb508ad4ac4e57e6c431d95
SHA1 595929fd51cb020209414939a89d376b5a87d23a
SHA256 8ffc4803f341d39b5bdd0b624cc860c18c14e1714a0ae80f74202a65c426d37c
SHA512 71e140643a60351a7b414a43d59bcda82bbba0b8ad744e08e4b68df120a0ea42551a065413ff3303dbba1d1648529fa68c8ff9531882fcf542663f05ff5220bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0cd1cc7c3857e7666f8c6cfcd66ef875
SHA1 eeb4534ed84c1e91056f30b372505b3b04667c69
SHA256 9e821a23f2dd642be1fded6ebc2a75c990f46d72339ab693dc23d1b23229f3b1
SHA512 b1ce9a307367030a9970e8022af83531ec886f83d70ff4fa4d6b17cdbeb1a4161a4e8d07278d57eaa1841be337e922aff146aa8a7cbee19afd6f5a3657ad87c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2b434e639ea3d964557e69de1660dd1d
SHA1 f9022100eb731657e146457bae31ad325fb22f7e
SHA256 584cc35cb4f5908e5c6b7a71bb705091cb9ed487e200a6dd9ef161c11f075ee2
SHA512 9be75e8f3b36b6ef76ebee7426578c8b629a1a717f7a1a3de4e1d076a46f0ff116e7e10637d44fa5c197569382cb3d31f1e05925ef8f7618603873fb5104daaf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\metadata

MD5 0096f3541809ef176ee95c3bf2b669ea
SHA1 7e11cd118422377922dba04b71cbdd1039b1d46c
SHA256 31e3c4b8ab009f37754167da8afb490008cdeccdc76e1d36b145ff214c6d3def
SHA512 05880f06a59d72613ea4a9cf4ed7aa6675542e00b74411020881bfcf86d36411ff38968cc4829675710ff2555b7fb5dbe6254d9fff73f7c7a5cd14180bc3c656

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 2d503209254631ab89108735db90e95e
SHA1 94cb4e633e562e0c1196bc96c3fcb15884e78106
SHA256 729f0df272c2fa37b543c3c3fa41fd929951d3ed71067899b4fd92ccf880b768
SHA512 fe4c5d7f64ee5e21cc75ec07928d5422efaebffdc14ff6b6625983c37b43667f181f06be3ee882f786b279304ae7b794b98616f7fbee0892cbcc3d4500419ffb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2984257ea918326f_0

MD5 7d035283c130c14055ef78969faecede
SHA1 e8ab2aaff2030037a0c8c51c02496e9f32edb616
SHA256 295c7be241c7ae4114ca478b9f86e6ffe49504def7822fbad76e4d62c480a771
SHA512 e1c90c46240c630229ac0d9771819fd5fd6dd59b0397cdaa3d7c7141b82f93f44bf324748a540ef2744f90affbe5be80856f30d896a50b9f02d61b3d15125df7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\848454e9e3208b22_0

MD5 9e7519a628fcab562a6995ee60313f0d
SHA1 9b39482711c93e022590db5750371cc195a7a02d
SHA256 628badd259f65d27927db0dec8a99a1bd86d5561dc0221fc01e2aaad3634c004
SHA512 bcb3d4dac6801fcf829c57c15889cea0457b973094a4ce1b166aff286ddf2e73085f4a97308d61dc37eca967a087a192e38eda14a6c3b80ad3b2fb9575ab6df6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4acec542bf7be713_0

MD5 57d8b0ca3225775a651ac4d3ee1f49e9
SHA1 d703b7ab25d02ea3cd250dae9f0b25723ee363d5
SHA256 37ac2a0405086186ce77faeeff25378f70bfc563591c4877022c1e03520988a7
SHA512 c6071e42b33fbb26b7b7208340d0c75b91936a2c0428c5367aaa531a5d9e6fd735eab2013ab98e8bd2a81a5ff5508b35b8f575358e86970a635a658e485c897d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8e784b04e03e41e1_0

MD5 abd7d354fb8e57f969b047700fe0d80a
SHA1 93a678349f993b92a318086d5f0193934d978956
SHA256 7576bb50f5aef6c91f2d05d43b19577ba5809546cb394eee2ec3092378c3c9d9
SHA512 b5709cd9aad7dff4223445b1288671b40f66729d8a10cc9773e4426892c73c941b72ae09cecd748bd20f0b726581e98e887297083acf7442d330ada869b32bfe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\db136e7a69c5ad3d_0

MD5 cdca28b9f790803e18ae08b2e6fae2df
SHA1 5af1e98e8fc7f460936aef84fcde6756d5531fff
SHA256 d01431135ac2d12be1d36d850197bb67aa86550c73eec2fd8433b8029fbb2745
SHA512 bf91e5d5bf16eb3ee1ba6bd37ca2222f60edc3129dc341eeeb6b08375d47a2b91bbc0c0056fe01a3c54304b62701d3ab3588325c4921a71be602a8dee466c766

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b4de594485a9f26b_0

MD5 41047f729d7dd9e33393c138916fc244
SHA1 e0bf06634c0e150e0a365a7d8890564ad93bf215
SHA256 dada24ee8cb8c7cc9f8dd01ab0b70e54dbe64b2745511edb7120cab8d1b04776
SHA512 4422d63a06cfbbcba2508df454450bb01f3c04c8532b7a342a38a1a01d5f4cff56ed9dfb9fdf9acb6115fc10a1187ec33e225f8b509a28d246902762d28a9df6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\721c766d1159ca15_0

MD5 f16b4f47621306baf5caa37465923a2b
SHA1 2c4e46743501850771cae1f8ede7ebcbf936470b
SHA256 567b2c17188a6a6a297e4e7b28c225efec5125f54f42852f60398ac5c29aa029
SHA512 e57ca5b88023bb328fd961ef95bbd246efb7daed58a5b46859c577c64cc0e5971b1495763c315e671e1f994a7d716bb19a54cf0751c11c74a709308ac0fde6c0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3708348c7f291b6a_0

MD5 91593a151db037151e544d6874c1ca9b
SHA1 2306350df14b6c71c0ad6f7a1c7bfa6eed05a5dc
SHA256 fb9628401b86932c0ef5388f6a85dbe8e0101c011e5c1230aecf60a89b3e4b57
SHA512 935908a6786b09657d92ad6fc5d8da951b5adc7a4800b7c32076e57db5a4c7059466b6ed5cd0cfe2dd3411b342d3b339219c06056baf84ab574cb87a6804c793

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\72abdc74d67f31e9_0

MD5 296efa8e057af773d2c36f55a552c762
SHA1 a71abdc96afd6bb937d5e4a19ec337614a8a3b1d
SHA256 e8797375ecbe3a8766859e267fe296bd5508a79cd88416abcadbed66017d8754
SHA512 e0087b0e62729eb608756d665bfed5832b7a6fad4d4a0b5b82f692b54703b00ccf4fdf1910aa36d94f0d498575fdcc08893452ca03ef7debb4efa596bb1ced0a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7e65bf82250cd71e_0

MD5 6e0e85ddece168f6fab514bc7e7a99c6
SHA1 9bd00cb7516de67140ef55703cfe94fdf54fcc66
SHA256 6d1b82108b72bd993c68d47bd0e6f222cb6fe2e97fa468fae6d54f9a079157a3
SHA512 f3f6f6e22086bc6cc91a0d88b0ff876798257820bef1bcc942d6508a7904df50dca755bbd1116ca3fb94ed533ba2feec807169fb468fe40240e2160a6686d13b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2894fd592959b0c9_0

MD5 6d91368cbee4dd4f554419bafcda19dc
SHA1 a24b29a6cb4de467789deefce5777e432e2b351e
SHA256 e64fa2ef61c0059ff650a88963fab79ecb6f1858fa92d6d4b3cdc7c5773bf428
SHA512 b76090cb91ec760e174fdd95f1a2b43b6fc95946077b6efcefc8a4b55822e68773421aa0f23aad7ccf40abfddf027a033ec7fb3b4b4c5ad7c4cf45ac4189dd4c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3545ba7b29a9d0b6_0

MD5 4e111a0d9c140085431b0770f99b58fa
SHA1 4d58a67f6d79c2965862843c3f41362dc18c7325
SHA256 04dd45a1f2e6e9ddb451dc6020938d765b30f4726a38f32f8c8efb7fe52c7564
SHA512 af12e1bca8e4249831a42fba450f0abe9af4583bf9468a58c567da754c6157555d86881078f449f13aa8d3bb1f10a4e4aa70d7f3ad90494ae6d7554c907c5c1e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7c9ec9556faad6c7_0

MD5 ed13db53c268e99a21325788bb258893
SHA1 9de5fb5560e110fb5a8daf2799560d7a201abed0
SHA256 a6fe84ee1dcc05d0fd288106fc094c6f42978aa2f84806151ee242cd2099593d
SHA512 1f2231e21743a9079f5df5d27b99311f599e32e40a70ea7cb4336e8f573ecd5b0651cf3c3d14a1b0762185188402c58baa24b558cc9a6cd008772befac9cfb07

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f89492ecf3967904_0

MD5 b9f1b06281e50f6cb6e8a77183f0112f
SHA1 91c981955b5098b27ce99953df073442b4b6762b
SHA256 8b094a478f6bdc7710a39817c2eb0a2fe9eff83229288bf9b16ec186b3417537
SHA512 b0116073cbad644abfd9df693c9dcbd585d40fba38a6f0903e8ffb86ae8e2e74640f452cae304c400dda1b159fcba6a9c10554a1e9a6c9edf8f390ad6d1acfca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\73ed4eb5b99b6fd0_0

MD5 dec8a8a8f710b0645b03b9de1cebb236
SHA1 b6e3a592e70ea0f54d9cb9fcd4f1de15e3cd1c32
SHA256 d94f52e9255d9f8e412c6bddb75a1a193a2ada4e855e81dad38fa9594f1b9b07
SHA512 50288322fc634582c48f781da174d1be15bd21104d6d27ef4ac44bef3e8e010a717842b923e3f7e7489d7a3fa71528ef154616f53318b939e8ef80fadf5e4395

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\79394c3edffe4aed_0

MD5 23e86b37929bb96dd31778cb510451fa
SHA1 0c54a76d630298716d04111df608338ee24b103d
SHA256 7813f9909e43bb2d0b2bd6d15d78304446fe4b3330b38a529250cd2ab34adb2a
SHA512 fe7625a45b5a13493bbdce12310aaf1a2e8e4072f5a0ef5a600fb28e05e38c9573038518d3bb180ab417b195cf685ba16268280470e22831c7ebbc816b8dfba3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2066c5154f8fe445_0

MD5 c6944dd6f6ef9135ec6cb5695799d5b6
SHA1 883051e24e29ce9de428d3affb366cbdf1b664ff
SHA256 aa91dadb8313b97b52d46b6b79830dd59777f33a377f4ae0ad8a4522cd6d2e78
SHA512 5482ba20eabf7a7c5c2561cf3be44d807266ab5d9f9a86abd6c59074d140d9cb091b1676bbc76702fe9547ff595144a44baefab41d45d3bb49433646dc84f06d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\37ab3ea7565fae09_0

MD5 a83060ee639f27fe4a9968c0421f45bd
SHA1 2ec3bf953983b9015335a120415652174b53da7e
SHA256 0604d668f53251e107e9d97fc8258cf89a42040d495c872c5c44aa2103c67b38
SHA512 43e57fbb9c2b2a6145f1f9e95df6c549de38d11565f8314cb984fa8e2238b949f71ebd1a3c1e666548848c063a7cb7ab23c7e9cc0320e7e2631944647f14c886

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d5dd567d2fd8d40a2884a7634b94a7cc
SHA1 81c6d8a26ac5b1820e7084137dec8a3cb1afbb84
SHA256 d95dbae85aec4aaee2f95670799422f7662a8428b0213adde9f0aea4860212c6
SHA512 2c54a9d66d7f6bf172515bfce5c80ef447afcaf095fef0d2f1648715aca2363da09e4c99acf8bc8261bb67f63f16927824c06d914efea7866798498cb7400d81

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9b834549e6b9c6cd52d11545477b5b91
SHA1 ad7e19d98c930f5535c8cc4dda7ade0cdb4c78c2
SHA256 a6a1570b987c192e474bc0245652038aa66eadaeaa18ff56133f2d42741890ba
SHA512 a73b8a0f185c4165812877b958e2e81af3d97c1592510ad88f21e1f75936c9926b138b7ab360b1616e1390324ffc1b5aa3fe390d578f936a56723bfec3fa99f0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2d80bdc889ebd7e19baec1b3ab3a1b0e
SHA1 9bda1104b3200b95401897809551e59d3c593500
SHA256 9639423bc0777ad1bf94553665cf6b5f4c11935d5410b7b42c6bd78850bdc506
SHA512 eb9eaeb054646cc1c0d96c3318dfbbb5413f4114688cf4f9b3ffdc47da908fd91b77b79fd7aef769712857cd7a41180f8df4adb88354add4ae1e72c3a50ab9ea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7849bacae7504a8c501dc89a238f996c
SHA1 84f7e5e09c43a50f34b136a8e6145e0663a43a0c
SHA256 dcaff0de275a25473058909f72004bd3e3f1517203b0c7528fdbd63776ca0316
SHA512 6259ef3688cacc5bbc534337b80e3bf4fc818404258331ab7fcd6a0235a56fc5f09b3eaa0153c279c1dad121ac7cfe3fb40c2a8c00d45b2866f1d40335f4e98c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 17d3d91a80fa645f3c428477fea6fc7b
SHA1 32c0cc76611df0c8e547c98b5b3bece2b39bdc58
SHA256 ee51ade6d01a98026c6a8955d1800c7a54a67c98719e6af5d50b47c778010102
SHA512 fce46993f0e8ca58dfab0380d0474b9d23f09012bb5687bb2572033206f08d47d237b6843429d4642f1203a70cd82cb94aa3a665a0d4ba5668b6ffdc225ab7a5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f855c6aad0342f83dc84e8683c3b28ef
SHA1 99150d800c2547f8a750ca45e765e0a9af88dff2
SHA256 f1ed82a399cba7777451b97dd4b19d4e77eb909861a93b5827e78b11d6a0743f
SHA512 ff82807c65ef3c93c60c86618a1992c415d1678543cc1fc804b25465bebb75a89978422b36cf4ba137cbb27d3f2fde74bb07f6856dce92dbbd7b37ca2d0ac9e3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d73e16a3d23a5dec1c6dc4f851e53f2e
SHA1 60e1219867819e29a5f079914e14e8eecc5554a6
SHA256 9877ad504ec1257140e9562b486375faa59e84d3449c6dedf7d3bef8fa446b8b
SHA512 c4e79e3b49763477e093084fb17584f16da10ec35059bfe4168fba5c537168c606849097f11e2efc6de9fe807a29d5c73d4bbf1f6961901fe7362a9808e9cfc8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5c310fecf9020bec49857ecc2bd4df9f
SHA1 9f3d7d7a346f9b1c0020f2f8707e3cad3e0862b0
SHA256 d943bcc797bbff0dc076a9a375439e9270f041fe5f9fbf6966cbbbbc1e03ad25
SHA512 6ccbb86110750ac42ad5e6d63712c1a1183f063aa1b159f0f25f6b800b3e4cdf37368465c7010ec058d7518100b03d1189e2558ec0140939b8f490cd3df8f833

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\5a4115c9-090e-429a-a449-6e7cb42388ab.tmp

MD5 8b7f70b1e566567321ea44ce88dd6599
SHA1 1f45940c93f88f72fa3c75dfcab6635a1d463586
SHA256 5bca30beb67d11ff33b27b2dea0b5eaaa1163d215fd38e5e8027c95262d52548
SHA512 b2911f85b2fb18283ad3e9443489665284aaa97fa06df4495b16997739e351bb35c7b27710424136099c9f9defef39951576dede8eb06e8fef21ed994cdf370f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 70141332036c9c1d147eec2048b5a277
SHA1 30d35251d40b7716ef83f58dc92bbe3847bf2a80
SHA256 599d6129f4ff7aad8148d092c1bd221a294147620334414670fd3b75c86cce69
SHA512 b54cd447b3e10661f2e60670b5176980bf49436de852b9bb03c1d5454130cb0e238191a87c1ce6129cca2dbd10c06f4fce75d767a072855852eea6387e06df01

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 020779b0f1e0dbf6a459ba3ca23ae344
SHA1 a53b48288229c5732da099289583b4e24d1ec4c1
SHA256 7644c9c4f3c1ee664546f38e2b5d2ab5f9eda2935026445117b0548923eb70c3
SHA512 ac66430dbc7b4562845399f135e22d4bfa56003e54f50332a7ba3e31604b39772f97e8ab0ae7ad7f4d8491c5e81815e46941112fe49989a0518f970060861c40

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b25fcfbdc24480ff54381740dd639ed6
SHA1 94c99387347e33144ca4d64613592bf43e20e836
SHA256 1e984a46f88b35dba21b19afc0a416eb82f085d0cb927a3001fd182c75c9434e
SHA512 7aec632508c2f445d22f99f61fc6d3714d72244225a956994f5b372240c7b9bfe174f1b945a33e6901102bc2e8b6e5331f54af416991adc169ef143f2273551f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 688dc1eda8bef4fac7fd48a6951d20db
SHA1 e879fab99eebbdadf1f5479c3896cfc102bfc681
SHA256 108bafd357ff3fc0407094729ea6f37c6f6bf773475c58593b7d5649f7e5fa91
SHA512 43602508a5827f2b92ecce77d346a5b5afc76c0b0ddde865ea3ed75944009494ca2651dc70b0808648579acf0e95f3f157f55c165e56ca359c8c9f588c1b8531

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 dd999aff8262a412177ebd8ab41c6d0c
SHA1 0c2e563406f3f382d169376c1df33ce65180a131
SHA256 9885a55dcc08eb1f488fa1b23ec241d5eebf19f5629ca36cf493770cd5dd0843
SHA512 3f4b65a2138ebb39384919ff00179fc1a6dfd7d4139202cc0eaf492f3606e67481879c0829931220b26dc42b916c0c22682fdcd7eb25b7c376c2c517d84fd500

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ddd0f0edcc9bd1f45e8331dc02c43f61
SHA1 e4f6132e81ee7d0ed88bd50a3abcbda5a0f3d24e
SHA256 7027fb8e44929a532d354ae423aa3e684980158d8188ce4cb23edb016c357fbc
SHA512 3a8c9f8aa45c7ed88daff7325b5029fa04b43fa8d84dc1185529798d7361e112ee200ab843580ff9bc1ec4a6e8691bf3d8fc02920e4b74c546d51aa0d61a0dea

memory/3344-1380-0x00007FF9D9B20000-0x00007FF9DA5E1000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6afacfde8243f48da6954bd815a8320e
SHA1 b3074356a0b3f42dd1c7f9d923ab124275610b9d
SHA256 9616621bb25a259bff94879444ce385e209f03f07daebb856e3dce09b61f8c0f
SHA512 0de8c9a03f30af5be71798255be4f0293705908f937bc9947965b981a7351c509d86c308e8c5a1584b9b6fec93ddaec9d7018596631cef233e3501378ab12aff