Malware Analysis Report

2025-06-16 00:52

Sample ID 241105-yn2tfswrfs
Target https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbk9UT25TQzQ3ZFFNeE9DR2wxN3NtUkVIbG41d3xBQ3Jtc0trNk04WnFqcDRIMFhzS3NRNmxDN2dzQXh6c2RudldxcUh5Qm9Pd3Z2alhTSnRZclBuSUlIdUtuS1BsRHVQeHNQX2dNLWRPSUI5TmZldklaWHhyZjl6T3VxUTBzVkZ2aDRURWZDSm5yVjRMaHE3ZGRuaw&q=https%3A%2F%2Fwww.mediafire.com%2Ffolder%2F3is42kz6mwjhj%2FFiles&v=qq0j1po9-D4
Tags
vidar credential_access discovery evasion phishing stealer themida
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbk9UT25TQzQ3ZFFNeE9DR2wxN3NtUkVIbG41d3xBQ3Jtc0trNk04WnFqcDRIMFhzS3NRNmxDN2dzQXh6c2RudldxcUh5Qm9Pd3Z2alhTSnRZclBuSUlIdUtuS1BsRHVQeHNQX2dNLWRPSUI5TmZldklaWHhyZjl6T3VxUTBzVkZ2aDRURWZDSm5yVjRMaHE3ZGRuaw&q=https%3A%2F%2Fwww.mediafire.com%2Ffolder%2F3is42kz6mwjhj%2FFiles&v=qq0j1po9-D4 was found to be: Known bad.

Malicious Activity Summary

vidar credential_access discovery evasion phishing stealer themida

Vidar family

Detect Vidar Stealer

Vidar

Identifies VirtualBox via ACPI registry values (likely anti-VM)

Downloads MZ/PE file

Uses browser remote debugging

A potential corporate email address has been identified in the URL: [email protected]

Loads dropped DLL

Themida packer

Checks BIOS information in registry

A potential corporate email address has been identified in the URL: [email protected]

A potential corporate email address has been identified in the URL: [email protected]

Suspicious use of NtSetInformationThreadHideFromDebugger

Browser Information Discovery

System Location Discovery: System Language Discovery

Modifies data under HKEY_USERS

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Checks processor information in registry

Suspicious use of SendNotifyMessage

Enumerates system info in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies registry class

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-05 19:56

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-05 19:56

Reported

2024-11-05 20:01

Platform

win10v2004-20241007-en

Max time kernel

263s

Max time network

265s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbk9UT25TQzQ3ZFFNeE9DR2wxN3NtUkVIbG41d3xBQ3Jtc0trNk04WnFqcDRIMFhzS3NRNmxDN2dzQXh6c2RudldxcUh5Qm9Pd3Z2alhTSnRZclBuSUlIdUtuS1BsRHVQeHNQX2dNLWRPSUI5TmZldklaWHhyZjl6T3VxUTBzVkZ2aDRURWZDSm5yVjRMaHE3ZGRuaw&q=https%3A%2F%2Fwww.mediafire.com%2Ffolder%2F3is42kz6mwjhj%2FFiles&v=qq0j1po9-D4

Signatures

Detect Vidar Stealer

stealer
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Vidar

stealer vidar

Vidar family

vidar

Identifies VirtualBox via ACPI registry values (likely anti-VM)

evasion
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A

Downloads MZ/PE file

A potential corporate email address has been identified in the URL: [email protected]

phishing

A potential corporate email address has been identified in the URL: [email protected]

phishing

A potential corporate email address has been identified in the URL: [email protected]

phishing

Checks BIOS information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A

Themida packer

themida
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A

Browser Information Discovery

discovery

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133753104681453592" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1045960512-3948844814-3059691613-1000_Classes\Local Settings C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A
N/A N/A C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3936 wrote to memory of 2056 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2056 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2224 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbk9UT25TQzQ3ZFFNeE9DR2wxN3NtUkVIbG41d3xBQ3Jtc0trNk04WnFqcDRIMFhzS3NRNmxDN2dzQXh6c2RudldxcUh5Qm9Pd3Z2alhTSnRZclBuSUlIdUtuS1BsRHVQeHNQX2dNLWRPSUI5TmZldklaWHhyZjl6T3VxUTBzVkZ2aDRURWZDSm5yVjRMaHE3ZGRuaw&q=https%3A%2F%2Fwww.mediafire.com%2Ffolder%2F3is42kz6mwjhj%2FFiles&v=qq0j1po9-D4

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc5a6646f8,0x7ffc5a664708,0x7ffc5a664718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2860 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5160 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5160 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4856 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4736 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5324 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3396 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5684 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x2f4 0x4fc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4604 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3068 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3528 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6496 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6732 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7140 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2076 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6844 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6400 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7160 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3980 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7504 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2080,7840530839907437820,9124961366186817592,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7640 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe

"C:\Users\Admin\Documents\S0FTWARE_(password_1234)\S0FTWARE.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffc48edcc40,0x7ffc48edcc4c,0x7ffc48edcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1892,i,16025789273368738300,10916307629225994389,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1888 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2176,i,16025789273368738300,10916307629225994389,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2396 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2244,i,16025789273368738300,10916307629225994389,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2672 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --remote-debugging-port=9223 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3220,i,16025789273368738300,10916307629225994389,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3228 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --remote-debugging-port=9223 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3448,i,16025789273368738300,10916307629225994389,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3316 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --remote-debugging-port=9223 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4584,i,16025789273368738300,10916307629225994389,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4576 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4800,i,16025789273368738300,10916307629225994389,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4816 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4364,i,16025789273368738300,10916307629225994389,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4376 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4976,i,16025789273368738300,10916307629225994389,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4660 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5112,i,16025789273368738300,10916307629225994389,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4652 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4660,i,16025789273368738300,10916307629225994389,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4988 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4780,i,16025789273368738300,10916307629225994389,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5200 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5076,i,16025789273368738300,10916307629225994389,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5324 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5348,i,16025789273368738300,10916307629225994389,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5316 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --remote-debugging-port=9223 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4988,i,16025789273368738300,10916307629225994389,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5296 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc5a6646f8,0x7ffc5a664708,0x7ffc5a664718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2264,13479294948852490655,2723850512032513693,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2264,13479294948852490655,2723850512032513693,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2264,13479294948852490655,2723850512032513693,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2896 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=9223 --field-trial-handle=2264,13479294948852490655,2723850512032513693,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3656 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=9223 --field-trial-handle=2264,13479294948852490655,2723850512032513693,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3672 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=9223 --field-trial-handle=2264,13479294948852490655,2723850512032513693,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4084 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --remote-debugging-port=9223 --field-trial-handle=2264,13479294948852490655,2723850512032513693,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2264,13479294948852490655,2723850512032513693,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2232 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2264,13479294948852490655,2723850512032513693,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2252 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2264,13479294948852490655,2723850512032513693,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --mojo-platform-channel-handle=2624 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2264,13479294948852490655,2723850512032513693,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --mojo-platform-channel-handle=4288 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2264,13479294948852490655,2723850512032513693,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --mojo-platform-channel-handle=2456 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2264,13479294948852490655,2723850512032513693,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=disabled --mojo-platform-channel-handle=2236 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0x11c,0x12c,0x7ffc5a6646f8,0x7ffc5a664708,0x7ffc5a664718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2264,13479294948852490655,2723850512032513693,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=disabled --mojo-platform-channel-handle=2400 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2264,13479294948852490655,2723850512032513693,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=disabled --mojo-platform-channel-handle=3944 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.212.206:443 www.youtube.com tcp
GB 216.58.212.206:443 www.youtube.com udp
US 8.8.8.8:53 206.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 136.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 83.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 150.171.28.10:443 g.bing.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 rr3---sn-5hneknek.googlevideo.com udp
GB 142.250.200.54:443 i.ytimg.com tcp
NL 74.125.8.136:443 rr3---sn-5hneknek.googlevideo.com tcp
NL 74.125.8.136:443 rr3---sn-5hneknek.googlevideo.com tcp
US 8.8.8.8:53 54.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 136.8.125.74.in-addr.arpa udp
GB 142.250.200.54:443 i.ytimg.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 rr4---sn-5hne6nsy.googlevideo.com udp
GB 64.233.166.84:443 accounts.google.com tcp
NL 172.217.132.105:443 rr4---sn-5hne6nsy.googlevideo.com udp
GB 64.233.166.84:443 accounts.google.com udp
US 8.8.8.8:53 227.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 105.132.217.172.in-addr.arpa udp
US 8.8.8.8:53 84.166.233.64.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 4.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.mediafire.com udp
US 104.17.150.117:443 www.mediafire.com tcp
US 104.17.150.117:443 www.mediafire.com tcp
US 8.8.8.8:53 static.mediafire.com udp
GB 142.250.180.4:443 www.google.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
GB 142.250.200.42:443 ajax.googleapis.com tcp
US 8.8.8.8:53 cdn.amplitude.com udp
DE 18.154.63.62:443 cdn.amplitude.com tcp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 translate.google.com udp
GB 163.70.151.21:443 connect.facebook.net tcp
GB 142.250.178.14:443 translate.google.com tcp
US 8.8.8.8:53 117.150.17.104.in-addr.arpa udp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 200.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 62.63.154.18.in-addr.arpa udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 translate.googleapis.com udp
US 8.8.8.8:53 api.amplitude.com udp
US 54.149.127.17:443 api.amplitude.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 7.4.157.108.in-addr.arpa udp
US 8.8.8.8:53 74.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 17.127.149.54.in-addr.arpa udp
US 216.239.32.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 translate-pa.googleapis.com udp
BE 108.177.15.156:443 stats.g.doubleclick.net tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 216.58.204.67:443 www.google.co.uk tcp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 35.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 156.15.177.108.in-addr.arpa udp
US 216.239.32.36:443 region1.analytics.google.com udp
GB 142.250.200.42:443 translate-pa.googleapis.com udp
US 8.8.8.8:53 the.gatekeeperconsent.com udp
US 8.8.8.8:53 btloader.com udp
US 172.67.199.186:443 the.gatekeeperconsent.com tcp
US 104.22.74.216:443 btloader.com tcp
US 8.8.8.8:53 www.ezojs.com udp
GB 142.250.178.14:443 translate.google.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 8.8.8.8:53 privacy.gatekeeperconsent.com udp
US 104.21.63.106:443 www.ezojs.com tcp
US 8.8.8.8:53 ad-delivery.net udp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 104.21.42.32:443 privacy.gatekeeperconsent.com tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 8.8.8.8:53 cdn.otnolatrnup.com udp
US 8.8.8.8:53 g.ezoic.net udp
US 8.8.8.8:53 186.199.67.172.in-addr.arpa udp
US 104.19.208.227:443 cdn.otnolatrnup.com tcp
US 8.8.8.8:53 216.74.22.104.in-addr.arpa udp
US 8.8.8.8:53 106.63.21.104.in-addr.arpa udp
US 8.8.8.8:53 73.79.16.104.in-addr.arpa udp
US 8.8.8.8:53 32.42.21.104.in-addr.arpa udp
US 8.8.8.8:53 70.3.26.104.in-addr.arpa udp
US 8.8.8.8:53 38.200.250.142.in-addr.arpa udp
FR 13.37.187.223:443 g.ezoic.net tcp
US 8.8.8.8:53 api.btloader.com udp
US 130.211.23.194:443 api.btloader.com tcp
US 130.211.23.194:443 api.btloader.com tcp
US 8.8.8.8:53 go.ezodn.com udp
US 8.8.8.8:53 www.mediafiredls.com udp
US 8.8.8.8:53 otnolatrnup.com udp
US 104.21.87.79:443 go.ezodn.com tcp
US 104.21.87.79:443 go.ezodn.com tcp
US 104.21.87.79:443 go.ezodn.com tcp
US 172.67.73.78:443 www.mediafiredls.com tcp
US 104.21.87.79:443 go.ezodn.com tcp
US 104.21.87.79:443 go.ezodn.com tcp
US 104.21.87.79:443 go.ezodn.com tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 g.ezodn.com udp
US 8.8.8.8:53 bshr.ezodn.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 172.67.142.121:443 bshr.ezodn.com tcp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 227.208.19.104.in-addr.arpa udp
US 8.8.8.8:53 223.187.37.13.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 79.87.21.104.in-addr.arpa udp
US 8.8.8.8:53 78.73.67.172.in-addr.arpa udp
US 8.8.8.8:53 121.142.67.172.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 98.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 ad.crwdcntrl.net udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
IE 52.16.238.77:443 bcp.crwdcntrl.net tcp
IE 34.248.111.137:443 bcp.crwdcntrl.net tcp
DE 18.66.248.90:443 tags.crwdcntrl.net tcp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 crt.rootg2.amazontrust.com udp
GB 216.58.204.78:443 fundingchoicesmessages.google.com tcp
DE 18.154.63.114:80 crt.rootg2.amazontrust.com tcp
DE 18.154.63.114:80 crt.rootg2.amazontrust.com tcp
DE 18.154.63.114:80 crt.rootg2.amazontrust.com tcp
US 8.8.8.8:53 90.248.66.18.in-addr.arpa udp
US 8.8.8.8:53 77.238.16.52.in-addr.arpa udp
US 8.8.8.8:53 137.111.248.34.in-addr.arpa udp
GB 216.58.204.78:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 78.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 114.63.154.18.in-addr.arpa udp
US 8.8.8.8:53 200.163.202.172.in-addr.arpa udp
US 8.8.8.8:53 241.42.69.40.in-addr.arpa udp
FR 13.37.187.223:443 g.ezoic.net tcp
GB 216.58.201.98:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 ee3d37c060374187a47bcfdbe9f78751.safeframe.googlesyndication.com udp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 id.a-mx.com udp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
US 8.8.8.8:53 id.hadron.ad.gt udp
GB 216.58.213.1:443 ee3d37c060374187a47bcfdbe9f78751.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 api.rlcdn.com udp
US 8.8.8.8:53 id.crwdcntrl.net udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
US 8.8.8.8:53 cdn-ima.33across.com udp
US 8.8.8.8:53 oa.openxcdn.net udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 invstatic101.creativecdn.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
NL 79.127.227.46:443 id.a-mx.com tcp
GB 87.248.114.11:443 ups.analytics.yahoo.com tcp
DE 141.95.98.64:443 id5-sync.com tcp
US 104.22.5.69:443 id.hadron.ad.gt tcp
US 15.197.193.217:443 match.adsrvr.org tcp
US 34.102.146.192:443 oa.openxcdn.net tcp
NL 178.250.1.3:443 static.criteo.net tcp
US 34.96.70.87:443 invstatic101.creativecdn.com tcp
US 172.64.152.89:443 cdn-ima.33across.com tcp
US 34.120.133.55:443 api.rlcdn.com tcp
GB 172.217.16.226:443 ep1.adtrafficquality.google tcp
US 8.8.8.8:53 c3.a-mo.net udp
US 8.8.8.8:53 oajs.openx.net udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
NL 79.127.227.46:443 c3.a-mo.net tcp
US 8.8.8.8:53 dnacdn.net udp
US 34.120.135.53:443 oajs.openx.net tcp
GB 142.250.179.225:443 ep2.adtrafficquality.google tcp
DE 162.19.138.118:443 lb.eu-1-id5-sync.com tcp
FR 178.250.7.13:443 dnacdn.net tcp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 8.8.8.8:53 ads.yieldmo.com udp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
DE 51.89.9.252:443 onetag-sys.com tcp
IE 34.241.172.35:443 ap.lijit.com tcp
DE 3.78.168.176:443 tlx.3lift.com tcp
DE 108.157.4.82:443 hb.yellowblue.io tcp
FR 163.5.194.30:443 prebid.a-mo.net tcp
IE 52.214.64.178:443 ads.yieldmo.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
GB 142.250.179.225:443 ep2.adtrafficquality.google udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 34.120.135.53:443 oajs.openx.net udp
US 8.8.8.8:53 1.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 11.114.248.87.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 46.227.127.79.in-addr.arpa udp
US 8.8.8.8:53 64.98.95.141.in-addr.arpa udp
US 8.8.8.8:53 192.146.102.34.in-addr.arpa udp
US 8.8.8.8:53 87.70.96.34.in-addr.arpa udp
US 8.8.8.8:53 89.152.64.172.in-addr.arpa udp
US 8.8.8.8:53 55.133.120.34.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 217.193.197.15.in-addr.arpa udp
US 8.8.8.8:53 53.135.120.34.in-addr.arpa udp
US 8.8.8.8:53 225.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 118.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 13.7.250.178.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 82.4.157.108.in-addr.arpa udp
US 8.8.8.8:53 30.194.5.163.in-addr.arpa udp
US 8.8.8.8:53 35.172.241.34.in-addr.arpa udp
US 8.8.8.8:53 252.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 176.168.78.3.in-addr.arpa udp
US 8.8.8.8:53 139.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 178.64.214.52.in-addr.arpa udp
GB 142.250.180.4:443 www.google.com udp
DE 51.89.9.252:443 onetag-sys.com udp
GB 216.58.204.65:443 tpc.googlesyndication.com tcp
GB 216.58.204.65:443 tpc.googlesyndication.com tcp
GB 216.58.204.65:443 tpc.googlesyndication.com tcp
GB 216.58.204.65:443 tpc.googlesyndication.com tcp
GB 216.58.204.65:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 google-bidout-d.openx.net udp
US 34.98.64.218:443 google-bidout-d.openx.net tcp
US 8.8.8.8:53 75.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 65.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 218.64.98.34.in-addr.arpa udp
US 8.8.8.8:53 ag.gbc.criteo.com udp
US 8.8.8.8:53 gem.gbc.criteo.com udp
FR 185.235.86.149:443 ag.gbc.criteo.com tcp
FR 185.235.86.64:443 gem.gbc.criteo.com tcp
GB 172.217.16.226:443 ep1.adtrafficquality.google udp
US 8.8.8.8:53 cdn.ampproject.org udp
GB 142.250.178.1:443 cdn.ampproject.org tcp
GB 142.250.178.1:443 cdn.ampproject.org tcp
GB 142.250.178.1:443 cdn.ampproject.org tcp
GB 142.250.178.1:443 cdn.ampproject.org tcp
GB 142.250.178.1:443 cdn.ampproject.org tcp
GB 216.58.204.65:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 149.86.235.185.in-addr.arpa udp
US 8.8.8.8:53 64.86.235.185.in-addr.arpa udp
US 8.8.8.8:53 1.178.250.142.in-addr.arpa udp
GB 216.58.204.65:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 check.analytics.rlcdn.com udp
DE 18.154.63.81:443 check.analytics.rlcdn.com tcp
US 8.8.8.8:53 81.63.154.18.in-addr.arpa udp
US 8.8.8.8:53 download2296.mediafire.com udp
US 199.91.155.37:443 download2296.mediafire.com tcp
US 199.91.155.37:443 download2296.mediafire.com tcp
US 104.19.208.227:80 otnolatrnup.com tcp
US 104.19.208.227:80 otnolatrnup.com tcp
US 8.8.8.8:53 woreppercomming.com udp
US 8.8.8.8:53 37.155.91.199.in-addr.arpa udp
GB 54.230.10.111:443 woreppercomming.com tcp
US 8.8.8.8:53 www.chancial.com udp
US 104.21.79.34:443 www.chancial.com tcp
US 8.8.8.8:53 www.opera.com udp
DE 3.73.194.163:443 www.opera.com tcp
US 8.8.8.8:53 cdn-production-opera-website.operacdn.com udp
US 8.8.8.8:53 www.googleoptimize.com udp
GB 104.123.95.139:443 cdn-production-opera-website.operacdn.com tcp
GB 104.123.95.139:443 cdn-production-opera-website.operacdn.com tcp
GB 104.123.95.139:443 cdn-production-opera-website.operacdn.com tcp
GB 104.123.95.139:443 cdn-production-opera-website.operacdn.com tcp
GB 104.123.95.139:443 cdn-production-opera-website.operacdn.com tcp
GB 104.123.95.139:443 cdn-production-opera-website.operacdn.com tcp
GB 216.58.201.110:443 www.googleoptimize.com tcp
US 8.8.8.8:53 111.10.230.54.in-addr.arpa udp
US 8.8.8.8:53 34.79.21.104.in-addr.arpa udp
US 8.8.8.8:53 163.194.73.3.in-addr.arpa udp
GB 104.123.95.139:443 cdn-production-opera-website.operacdn.com tcp
US 8.8.8.8:53 139.95.123.104.in-addr.arpa udp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
DE 3.73.194.163:443 www.opera.com tcp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 66.209.201.84.in-addr.arpa udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 19.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 g.ezoic.net udp
FR 13.37.187.223:443 g.ezoic.net tcp
US 8.8.8.8:53 t.me udp
NL 149.154.167.99:443 t.me tcp
US 8.8.8.8:53 99.167.154.149.in-addr.arpa udp
US 8.8.8.8:53 votae.top udp
DE 195.201.251.31:443 votae.top tcp
US 8.8.8.8:53 e5.o.lencr.org udp
GB 2.23.210.82:80 e5.o.lencr.org tcp
US 8.8.8.8:53 22.249.124.192.in-addr.arpa udp
US 8.8.8.8:53 31.251.201.195.in-addr.arpa udp
US 8.8.8.8:53 69.194.219.23.in-addr.arpa udp
US 8.8.8.8:53 82.210.23.2.in-addr.arpa udp
DE 195.201.251.31:443 votae.top tcp
DE 195.201.251.31:443 votae.top tcp
DE 195.201.251.31:443 votae.top tcp
DE 195.201.251.31:443 votae.top tcp
DE 195.201.251.31:443 votae.top tcp
DE 195.201.251.31:443 votae.top tcp
GB 142.250.180.4:443 www.google.com tcp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
US 8.8.8.8:53 apis.google.com udp
GB 216.58.204.74:443 ogads-pa.googleapis.com udp
GB 216.58.201.110:443 apis.google.com udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
GB 216.58.204.74:443 ogads-pa.googleapis.com tcp
US 8.8.8.8:53 play.google.com udp
GB 172.217.16.238:443 play.google.com udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
GB 172.217.16.238:443 play.google.com tcp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.178.14:443 clients2.google.com udp
GB 142.250.178.14:443 clients2.google.com tcp
US 8.8.8.8:53 clients2.googleusercontent.com udp
GB 216.58.213.1:443 clients2.googleusercontent.com udp
N/A 127.0.0.1:9223 tcp
DE 195.201.251.31:443 votae.top tcp
N/A 127.0.0.1:9223 tcp
DE 195.201.251.31:443 votae.top tcp
US 8.8.8.8:53 20.160.190.20.in-addr.arpa udp
N/A 127.0.0.1:9223 tcp
US 8.8.8.8:53 nw-umwatson.events.data.microsoft.com udp
US 52.168.117.173:443 nw-umwatson.events.data.microsoft.com tcp
N/A 127.0.0.1:9223 tcp
US 8.8.8.8:53 173.117.168.52.in-addr.arpa udp
DE 195.201.251.31:443 votae.top tcp
DE 195.201.251.31:443 votae.top tcp
DE 195.201.251.31:443 votae.top tcp
DE 195.201.251.31:443 votae.top tcp
DE 195.201.251.31:443 votae.top tcp
DE 195.201.251.31:443 votae.top tcp
DE 195.201.251.31:443 votae.top tcp
DE 195.201.251.31:443 votae.top tcp
DE 195.201.251.31:443 votae.top tcp
DE 195.201.251.31:443 votae.top tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 d22073dea53e79d9b824f27ac5e9813e
SHA1 6d8a7281241248431a1571e6ddc55798b01fa961
SHA256 86713962c3bb287964678b148ee08ea83fb83483dff8be91c8a6085ca560b2a6
SHA512 97152091ee24b6e713b8ec8123cb62511f8a7e8a6c6c3f2f6727d0a60497be28814613b476009b853575d4931e5df950e28a41afbf6707cb672206f1219c4413

\??\pipe\LOCAL\crashpad_3936_OMJLQZKJMHFQXREH

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 bffcefacce25cd03f3d5c9446ddb903d
SHA1 8923f84aa86db316d2f5c122fe3874bbe26f3bab
SHA256 23e7cbbf64c81122c3cb30a0933c10a320e254447771737a326ce37a0694d405
SHA512 761dae5315b35ec0b2fe68019881397f5d2eadba3963aba79a89f8953a0cd705012d7faf3a204a5f36008926b9f614980e333351596b06ce7058d744345ce2e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bd4e64e22a04b029fdfaa78ad80e2937
SHA1 d87c49ed7e5a8b7da4170f03f2e5a131e33437a0
SHA256 dd650fcb0df576044f28caac9c034baf57b9208a57c72dfe9752bb1a9ca92daa
SHA512 df8270efcfec900ec1c5ff0b24598c0f67191387a376a5bdffee4a8d9348a9d57fa24356f295381a64f45ea59baead19e88024ead38f914cf84d22d24c8858a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e9b157b621a4a26cec89bba77737e2af
SHA1 94b85021278971b0e94f09d3a54cfcd08daba23f
SHA256 45ce652ddd47f1bd96d3b1152318c1b26b9f4c6c8c5b8d3b6e7cb9e3b1a4520c
SHA512 0e029b66baaddfbea827c942165c55d197c0f6a63b6bb392e9d9189b709e4709a46be3d7903aa967020ea5ecbd898ee26a73a2fa3b3cc32d06525095c304cb62

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b92a78f7cca2366eab01e62aded5dcd5
SHA1 6edff72ac0ab9c54ec3e40ec23369a38207eb031
SHA256 f8df760a4dbecc87e639099b51dd7259d0424da0325905d6f6db8a3afedb44b1
SHA512 c029b2133362041bb39a749660b2b4e4d48d883ea30c1c3fab62601caf8fc2acd5861671703ed691c1350c685f08488ec6e05efef10f7df5e8fc22130f731c1c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 819171ac567ae4967c59a4c71b630861
SHA1 4439d9fd395450a556c7399838ee7e57dfd5e80f
SHA256 a9ff586e3002b7c677b1220c604db38a22a27f8c1294dbfdcec4824dce479eb2
SHA512 be3b503a3f1c7509aee82a85ea96a819ff5467ced0edfbcdf70f1af4bc9c772bd63ce70da0ae90d4e32a8b0a05a5d5e58edb27ee6f70346d46575f170cf20943

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f37bd4195423c2110590be516e2bdc7c
SHA1 ae365d01989a1077b94f53810c218d92eca9c320
SHA256 d5f2643368199822b1958a3bc1fd66310547685cd0929b2b8c6f7a3a6595cded
SHA512 14c3cc13f8907ba23563de96c0b83b514e1e3072745a809c37b5f33b8bb4151ce30fa343b0ff69cfa6ad198da4e5964bd29ecea022d589c43b34cade1c9705e6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57f3d6.TMP

MD5 a92f99990ca3537bffd482233a175973
SHA1 82553cb1fe72267044f73bced7f04bb6e1fbff50
SHA256 e03dd448e5950b2f20f2f9c430bf470dec6bb12e0963d7bf38e7a4e97c4fa7ff
SHA512 a6cad10eb1180fb5822c989d09f2aa9cf55bf7ff607125c8143eff98f0b9fef76ab0c3de13a39650d492af54631c0bcf47c005919a799d50841acc76578230bd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 d21e023797f192d8804da542bc61dd39
SHA1 c80d9ac775cc07564edac41267acf5919ed48014
SHA256 4c90cecb7138f19057e099a77cff9305d211207fd2bf8854c74b55c9d1de028a
SHA512 7523de8f328c0d1ea6a21d2736ea7b89b9a2de596389dbef3fc0b0fe1e1244eac1c6dd446ef57fdd8230596abb792ffb1d399552754439be6dc1e19021f7a227

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 52ccd47368cf193a47c7d9a3c441cf60
SHA1 3dee05c3657b4d5430b341106a45ae4885d338e8
SHA256 adf5e1e1269fbf9566be5dfb5b56287aa80d505043dbe21fa895b0cf8d933dec
SHA512 955eaac9e86d3cfed3726517eae79494cec8331bc2142f8850ee33bf8e91b42b0a7941b789cdb5520cd43f095662524ca77c9b200b5a4270a3628c10b6403cae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 df12bbe04422715c7ba0048083177420
SHA1 b49e6f20ea4ecdc45af74397288be0dc7aadfba4
SHA256 ef3cf2630aa1ac6a95a17dadccb7838d6d6c5996728d50f1421839632099cd41
SHA512 116b2f0d5d3da4d9a380485b9d2e442a3fbb972ae159ac32a6c4c093cf869e024af3cad43ee61ad3d9d132b20c91dd145e4269eced930525acd4520681067eed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d0589654e2fca28f4e91e595ec99fd99
SHA1 0abd0dbeb235e527d08045449efd0e5fcfeb5a59
SHA256 d042cf5919e9fe0f8592f25c17dfaa2a321386a6cf49754c1aaa8555bd4d43b1
SHA512 9b89ca700512e603736f1ef90e3faf81005fb2993530d5a76e2c9ac02e921c952b285e546887c72ec3106f341c331a75a53637fc9db5a2251c060aec62437e68

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000040

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 709d5056e426c5bbc90d854394c6f188
SHA1 f216faa2c40eb0a806ad89c4a6dae786fae4b712
SHA256 c43f037bfd056a13c50aab9578eb77b1ffc27b62aa77f73ffe46e84fd59b7cbf
SHA512 ce931707f4b6f0968f398a1235218fc69f5632bd4c7b5140ae2aaebeb64b3f335d46f552321a624899dcdd13eed81897e13d0c9926ef3abd7b06925c94a84a84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 85ed6ca67ec6890a93d9ac0e776ece9c
SHA1 6f5c144e9a5eb83e2fed13d92772e217768c4b32
SHA256 69f468b6a1d3f80a26517c4c7915fc9c080c49f81432c6a43e2d833e991fc1fb
SHA512 6d30d090f83c27a5a6104fcb7784d09bf59e6759becf8589b926007e2d6c660f688007837bdb983e001a80f22fbc76428a4005bd9d169e614f84d99d5d49e62c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c2995235fe5bb98bfd0ea638f30a6797
SHA1 3b6611b51f53d9d218e517e880b71f8377daab5f
SHA256 a1769f5037d20420db333dd63a1158bacffa13a14060df171e213ac9600dd64a
SHA512 964c044eb36db5b6b59739b1374c58afe7f0872b70cb447993c37a44368cdf37a45852a9c4b3d8208a129b2ebe6fc81541913c1cbf9b44dbb4cf2f2a814f9a2d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 9c3da88c18ec5800ab5013d0b9ba3cda
SHA1 b6e399b354150f583ad1a72054feb0498f351f0d
SHA256 edfd4e8af3957492fc42f1857d50f937ee42c36bf3413b62db7f99176d6fc323
SHA512 f20a9e71f821e130bc738ca1c3cc946efa6150534ca18602f0e85ed3b0df8b7d0e5b15e95eea61daea6c3e0bf5619f0e6a92b1123b7131c9068a1dcdd3d2a926

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e740da1af6e23d5c8c3ba8d140843548
SHA1 b179065e1ff60d5e4f27d0cb8b82cbdff6e43cdf
SHA256 a382bece206855e47471a08c3ab4acc902aa4a453112e53debb6d62fc052a3d2
SHA512 17aa1873bdfb9db1fc3912b100fb9a14a785f4b565ee9a90ac045085f03f0ddb10262970a312282e40faa1b931ec1d02d64112e149730f356c6fcf8e51bd7e96

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58aa74.TMP

MD5 55a7802fb732efc80b72939a49645e15
SHA1 1c4a4519a8bd1ebee4e9ed9de7839e6dd4a021a1
SHA256 ddf34c0c7f8f2c40c734bc0a1b44a217b1d349af30cf22c2370877c532230a18
SHA512 a29da390454071115daea633dbd9797c36a871846ee75065f7aa3319c3f214887071f91788c931978eb2bbb86d2aa9fcec60e94ec3da1b2ef5970d702973db3a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 56f8ee295e63ca4fd1432a20f55f5f17
SHA1 d01b0537a348c570bed55a5baff26a6f6e5eb877
SHA256 a1917788cf47ef8c92f62f8383e1c010ed48a15a88500a18a9576e67f5e5beff
SHA512 e04789c52d262a61fd125f6a009fc139480a6e2aa3c5015d7b24b024f4144716ccbd7272432631695dfcd7859c2eb5954d3f7ee6873dcd0f586bb76cbceeeeff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 0dc06d17b14711b86f0a4f8edf924831
SHA1 6aa96e64d9ba5811dd4da8bf63268a9e9e6056a2
SHA256 03e27f8429b8b7b7381f8becd8116bf5d7e7b29994e3493ab19f409105813135
SHA512 b6bb1984a8e9eedc04ad93ecbf4ba70a7b36290d68ff4324025dd602758c511a4ed5d0423d623c131024c376965c519dd25933bcb95620edf14dd4d6e01df912

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6302b60eb83e70dab0e14c9a780a345b
SHA1 b7afecdb07ec743d055bb4cb641019d51a9dbb2a
SHA256 71b693a802eea751255e842b628a8b18687bea0137ce81b8601644abbe3c6278
SHA512 fc3cd065a388fba440b6a34e4cd63897bbdb852c2a85bb46f87fb5e59f2d71775e2c88cb313ddf638f7fd5fd49ffad938a2cc7964137dad1e783506baf64ce0c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8a312e4b591908f3e21e5e325b7d0a6e
SHA1 591cf3b6265af59b0a6051c461ed41e677ad24a5
SHA256 277b537481f70789a8ebe4b0e9542bbcaf094fb40fe9189d4b4f404640660d10
SHA512 6f7345c932e95e4e147b1bb895aab9dcafb70ce3a9a9a3bcb22377f6ad9eee4859c548a46251954e43d6874deddfbb7fe0729b8a6165b156709faba77a03e9ab

memory/2236-634-0x0000000000280000-0x0000000000F79000-memory.dmp

memory/2236-636-0x0000000000280000-0x0000000000F79000-memory.dmp

memory/2236-637-0x0000000000280000-0x0000000000F79000-memory.dmp

memory/2236-640-0x0000000000280000-0x0000000000F79000-memory.dmp

memory/2236-639-0x0000000000280000-0x0000000000F79000-memory.dmp

memory/2236-638-0x0000000000280000-0x0000000000F79000-memory.dmp

memory/2236-635-0x0000000000280000-0x0000000000F79000-memory.dmp

memory/2236-658-0x0000000021A50000-0x0000000021CAF000-memory.dmp

C:\ProgramData\chrome.dll

MD5 eda18948a989176f4eebb175ce806255
SHA1 ff22a3d5f5fb705137f233c36622c79eab995897
SHA256 81a4f37c5495800b7cc46aea6535d9180dadb5c151db6f1fd1968d1cd8c1eeb4
SHA512 160ed9990c37a4753fc0f5111c94414568654afbedc05308308197df2a99594f2d5d8fe511fd2279543a869ed20248e603d88a0b9b8fb119e8e6131b0c52ff85

memory/2236-677-0x0000000000280000-0x0000000000F79000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Temp\30220815-5a5b-48a1-ba42-1832ea925ffa.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Temp\scoped_dir5992_1514383280\ad3a4ad7-cf70-488d-82cb-378ec7a7e12f.tmp

MD5 da75bb05d10acc967eecaac040d3d733
SHA1 95c08e067df713af8992db113f7e9aec84f17181
SHA256 33ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2
SHA512 56533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef

C:\Users\Admin\AppData\Local\Temp\scoped_dir5992_1514383280\CRX_INSTALL\_locales\en_CA\messages.json

MD5 558659936250e03cc14b60ebf648aa09
SHA1 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825
SHA256 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b
SHA512 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json

MD5 07ffbe5f24ca348723ff8c6c488abfb8
SHA1 6dc2851e39b2ee38f88cf5c35a90171dbea5b690
SHA256 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c
SHA512 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json

MD5 4ec1df2da46182103d2ffc3b92d20ca5
SHA1 fb9d1ba3710cf31a87165317c6edc110e98994ce
SHA256 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6
SHA512 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 736221d16dfa1aed494be7e4badacd32
SHA1 94fe0c7558f74f25d253ebb6230d16d921a77111
SHA256 84483264b5ae742e47ee78bf418a1e372804dd60fef56f92c3542ec98efb110b
SHA512 c43051be0339f90a58c90ea0cebe33c51f89a4847e2749007193d6be32de40ad80e53e29477a6ca29b48544b01102dcc386013a41ccddba9b0041dc4598bbddb

memory/2236-1101-0x0000000000280000-0x0000000000F79000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 acf9c54d17ba490936ce63b6179eb769
SHA1 1c304383bc91c12a382bb19ecfcc7213b06d227e
SHA256 db77b2536d6e277fcfc1eaf3d5ed15a4a23e6e4c917a4168010a68c8cbc560b5
SHA512 596bb45ce23f7f66bb3cab31f643345fb64fb488e8032d3690ef550b1e107abc6a1177712153344b964cfa0a464de038a5b88a6e3a582f5bbffb875e06a6bcc3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

MD5 838a7b32aefb618130392bc7d006aa2e
SHA1 5159e0f18c9e68f0e75e2239875aa994847b8290
SHA256 ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa
SHA512 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log

MD5 89dae4224bc9c82aeebc527c8ad534f3
SHA1 7cbf9004cb6a979bb2757e13cbeef315c2bb6f59
SHA256 91ee55be2b4dc3432c707a8ade487ec5db276626e788d3fd01a2e14b19ee4f8d
SHA512 4db5b5afc6110dfea6e97eea6fc5dcae618d44d1bc9bbebf2c0e5adfc37fbc8e21ab8f4ae2010f6c9b90bfd70a5980b5d4487013aa7ad952ad737c7e8b7a82bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

MD5 3dac22c955440eb4df87cf356b4152b7
SHA1 cd17e749653296be83affd995618b1da20c93de2
SHA256 a91c7ed96239449917bdba988a46a3b6557bfb3af5e0afd83a248caca12dedd1
SHA512 999b9efe707eda770a66ed4290566b3708b6dafa217e5568491223b4835f3cbd0bf2086c704e9c987e56dfcf0d7f7eeb142c34356433bca7cd320cfa4b2c25af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

MD5 35c4be01c35042648dee46133fdd6683
SHA1 85609ef6a791320ce924bf3453440449d4fc6682
SHA256 9e1c0cc3317261e16df700a51d0016ed68dfd344856a43f0781a9831f80ee459
SHA512 c67eb37fabbe4ed1ae791bc12903a6ae31065549aa81fc50cfcc981843e51b7c628e2fdcdffd057377c94cd632762a65706320082d755a5dd4a740e15bfbc74a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

MD5 02f2a5a52dba33dc2a147c26479d7ad1
SHA1 5e0967b8ab776c9c826aa5c9b6fc21607cabfc7e
SHA256 0358213f9481b52851ca9790de962283eda98c4db00f32e142552dc1aead74e6
SHA512 7ce15d2c522f50a6319841188dbf103268a8cf1927a446d993ed4f8881b8e2bce5856ad27af670c1cf9f9f6b2700946e79179c1bc70ecb703e3cb660e01725bc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

MD5 b7e6ed57af2eedbccf9e03cce786eea5
SHA1 6413427d4d2ed61402b4489ebb533399fdffdeb3
SHA256 7d1a18b867e8e0de334708bc93cd4b2e78635bc58e4e2501300d88f4852cb957
SHA512 acf81e2ce8cf0934bc24c166baaeca59992fced164397b778f5f2e12a4530a41fb4c1b7df75ece6c722b1d6b3091586a1e816c0d1b91f41ed4a20b1c8bdcc25c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e7feee9f349fe639e77ec6334d089fbb
SHA1 2b546425a30c49f63a123dac0b74c58ebb707629
SHA256 8ef95abc9b6856e1e6177364ff00f607b64b13470ef00fd541c9be72b5cfa57d
SHA512 cdba12e6ccc8abe32fbc2bfc15c6c8939c3bdbf12f17920fde0ac65a919fd122074857b682c51ca52dceed49bceb6ce7f558bf544697e80af23c0c84a45951c4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13375310228084226

MD5 94e8367d32c5ba9396f942e3cfe89590
SHA1 b6827f9b19bdd174e49dfc389f31307fadab9b84
SHA256 b78ca344f2cb22e759e97d2da95a297bc008a052ee084e082db0688022b18467
SHA512 c6c674a8b776153d2ba2e175c63331b8664716071b8686b564b6aec27296a1c2187f116527b9b31e348d4252b3284bf96ec72f632684090e6967e58b55930bd4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13375310228256226

MD5 16e08e14b7dcd53f258b93b4dca953bd
SHA1 61ecb2a3fd3d234c89ee7f43db0ffcaa5d779aa6
SHA256 269462cc0122b092f12d48c1486d89c282a295c84491ac3b78c6d4d16830824a
SHA512 e2f3153ea7c4b21400838f1da04aeb8f466bf9e7f0e6e2e2805009ef63176da3d59ec153a67296d9d4ceca6aa908a8fa61f4f6a23231e8cdd1af02e0030c3f77

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

MD5 36a70bff40de7921abab1c2240a299b1
SHA1 77476e343cf28e92723e0a0319828ee9a5f28269
SHA256 9a8843109e61d353b2750bdf4c2b6d14876679fa5ff4ffab6df0f98893ba64de
SHA512 3636856eadb7c91f49f4cc32c9b9757c5b855f1405f10754913968370e45598de8dd2834d61406e0943a786ad8e20cc31284f2040a9aa481e95833adb395b2ec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

MD5 83705ce1df39d16bb7eca24bb6a8d24a
SHA1 fcaa976fbe79f9788be50734004457b0d63f9645
SHA256 377d56d8ddf275e8e6c5b48350a2c9311a32323da4e87c078c43d9c92e4a4aff
SHA512 b93784bcced6b5dc005b618e1cdd737f5d9bfb542dc9dca584923d24eee9d614d8dd066ee28f380463dd431dd3230f9407fb213ea3f97fb7bc8ee26c59f7278f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

MD5 1471550214030f6673328ab58832b124
SHA1 51827c1db46b773f88e6fdbf80572bd48f9c35b3
SHA256 a3e496e4456250f8253a7687b620489163d1bd8dd9619a7b0969b26547cd0e9e
SHA512 6aadc98aec371e8242a35c6e149e9fefa01fed81703ab58f220dfc584ef362305ccba6277087c1a0e8d7a867a6bd8d48b8706577c734010dac4abb7e753b2a85

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal

MD5 ba2f3dfb37652951ebfa52bdadb5e900
SHA1 e9af6c5a83601ffbaf3f8705f4a88ae61e70abc8
SHA256 1962a6cbcfd845ea390075c7600ad02b40d583cd5795d1b4bd7fa3160e6beaca
SHA512 e5cfbe5cf69f6e4946d1487a26903764b2fdc4309bd8968498ad18c3b987310fb8e864910903163a5dfdcbe228b27b1da3b791eace47077d4d826233724ff488

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

MD5 c40c14a6e0bdbc1f0d8f5ef78c8f169f
SHA1 4101d9fbbfb93b8c6a87b1e88d90af88375f384a
SHA256 a6f01eaaea4d2683b868880812bb053e5db674b83361cf1471b740d5075e138c
SHA512 96bee7a9c9c96dce38549428fa485cedf38c19b4f4fd88f86683d84cd16e985ddf087bebdf36f9dd0265e44b2cf1ee4ecb4ee83d3235546af3d8866b4c9b7a37

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2a545e50b6e4b5b0806185186a2bb9d7
SHA1 e5cf1d2a86493b0796c38b9390f8801a279f1c70
SHA256 ec9e8fc185039635d763467e502a43b04ff5948a8a5a56f5e7c40cef55ad0499
SHA512 ca3d4efbc178a2564109edf582d6e6970c6d91cf6d980df22f5df8ee128735a6858ec9666cdc0105ace6d3f9f87643d7571b14f2f91f7e0ebace466ba0d29945

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\reports\99b4da5d-ea3b-4a9b-9899-dcd30fe8002f.dmp

MD5 6382def3a23643d04d14bc5fbf261224
SHA1 a5d065e1e8b7c3a267bdc87faf922bb1f7534347
SHA256 97f8d131afc3e31bdf3589977652a1d29a7337b87f403e6cdd29727111cb302f
SHA512 29f82601d2eee0a2fbb33e965071ea72b8ac9c54252924e52135000b8ab83c0e45783ff090a9b8f6be3ee0222c8b2e845ba9f65fa3d974257ce42a4d217edfb7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 1a4e3b58c155cf69b0c2863fc1ede582
SHA1 6cc495886933a550ddd42c02a6de5e5eb240c05c
SHA256 db6142dfd2dc870e654295a8f92952e84e67661a9424149b9416c93ad34ecd63
SHA512 34d3ea16c6cdf464fe9cd09808d846595da13bf96b4d8a40320517edcfeee21a2c93eb2ca3839cc1137ae5118562145f58c706ff375c4367002f7e6f47010f89

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\reports\1edfc049-8bbb-40f0-96f4-bdd6756d6b7a.dmp

MD5 25bad79b43fde8af254e5570f841430b
SHA1 584727fc96f3c142b497db7a63b6cc8250ffc924
SHA256 225d1336db3581ba1d7d81324e22d290b5f6688e9dc08fbe78398a7ac2a2cf8b
SHA512 fba90d4249c6a13259b16391f1b6ea8d6fcb493b839d421baca912ef8a2c0f3226a8d2e38c15671f8962e92225fffa1d56a655ffc4f9b045456fb064949de0d3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\reports\a4d1b0f1-29e1-45a1-a52a-8fb592f97a6d.dmp

MD5 dc5804abc31fd911aaa244f2907869a8
SHA1 b947479802c054715fb85e11c978c3ff8178915e
SHA256 a5a7c177965fb7335472a8ad92afa061c0409f8b565809d7611bfe9cb53a5436
SHA512 7d931a0e4542f2b7df4805d5e2ed04bbae6897cfd8450469397ab5709208c2714b3fb3364635f073e86c32451819cdd24a497daf333dae4ef5ec0e278aa3257b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\reports\c4037143-c1e4-445a-b306-9df3f5bfa1c6.dmp

MD5 9aa040a66343eeb3f8e0407f2ecf601e
SHA1 349ae5e7c186c19279593af20cb433ad868e4c0a
SHA256 4ff2acdd7223e0093ef3d851385e8160992fc004ffb262d67851526b7ec3614f
SHA512 2ccca209d06d5da9f547ed6004080483a74a603b5b1777468d41c24df0ea8dd5d6fd9b7598899d9f964ffcbb937c7e664141606aa4cec23908322df7f93198c6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\metadata

MD5 93fd3cd64dc69736ff3e6fb37de89a27
SHA1 d47e4916814e7cb02706439294009e3fb87d57a9
SHA256 e608a97354b6df427cfeb75edd3dfb61fbb6ecaf1a3c924670ff38583eeea22c
SHA512 ec6775fe972adf63f6ee5701abb2b44ffdc24a6f2693f304dafd13fdd77868d92bbe282ab0222931648366a4b2adbf6702c33969af4aecfce00a92e825dfbbe9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\reports\ea239e4d-4b09-48f8-a36e-6532f08788c3.dmp

MD5 daf9dabc4fac7ff37c2f33ba075970e1
SHA1 54c6c0b5735133a71a89a4a7b3de0575af677a0a
SHA256 09b72705e6e618cb7a252ac4bd6573fd54d89178da85db209372664a580ddbdc
SHA512 dc00a4b274da69435617f02835a847c7ac25689a0d71036545382eec8d341dfe0aeffe37e3669dfc427b826a417e3e32a94e30628f2a89f179dbee92bbe83945

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\reports\31ddfe98-8853-4b26-a225-13984f1bbc7f.dmp

MD5 aead682d9b22cb76463f3c68fcbaba90
SHA1 8cc387a43a762a849de9d108c9ea8e7944dee5b1
SHA256 a03360f87083da9e16184808e665823ace3d1339d93527432ec97845bf8f615e
SHA512 f7c8f7fea17c42c514014a574f855ac9a3c44bae428e4f614241ee1291c325811f19752ca71bcca3fdba071e5a4a49ddf4596264a5fe061e941c861f0717d37b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 8eb4796437450894406cc7f41768dad0
SHA1 a7a31fcc68a422f3b2bc93f1b5c2fda920b4a80d
SHA256 8d38ef72681d91840d7ad0546dc16dfe63be855bdb82084c15aad86fbfa119cf
SHA512 1143a487331b76fa7a344597478f0568fc0cea704f09e572b02c49dd4c299c01a030b16f18d6def9ef92d7f584ed2d21e9acb5d785cf10c1e6bc2390fd425d6d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\metadata

MD5 417747ab69aa84575636fd22f10d6c5f
SHA1 383cf8dc901d555cab66b5af8c023dd145464e2e
SHA256 83ca2c69ceaa8516cb7a246129dbf22c67c4961e9f6fcb7f694616ee432cd5e2
SHA512 d47f289a13682a0e12ec310f885e60106b7e2aa8c4dd192d975524a58f0cbb831ffc8e0078dbbb2e6fe8e4c3b83bfc873e509d953cee9830b0f7edfd36c5f915

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\reports\ee186996-a986-4606-a220-e58c118743f6.dmp

MD5 32a825c39c97a3cf60c4a266ead07172
SHA1 2a2629c6b2fbb050a98c96b835941d471751f00d
SHA256 d6102f750cdac5d1a514d0566a265846e66c94045b6803703ec077ca6652df66
SHA512 29a9d35561834defc1b063ef7ca4720cfcadf016404e44340acc920fa80635fe50a9255f4d8b269494d01e4b15360c55d69a1daa5092047c11836bb390c6e904

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\reports\4f101412-a9cc-4b7d-b7a5-be97aee0903c.dmp

MD5 e342830a034b66f51159a2ecba8556f9
SHA1 12de9c178cc2c63bbb0e5676e4f6d66bc95879d2
SHA256 3840211b7d1d7f7b2f4fead5c347cfb96f6b26e18fd7e93808fce4da2f235692
SHA512 a197ad1d2aad407fab6b0252a653d2d9a45328569672283cc1c3d751c88a734fc021bd56db7bd4c23878a664d417aa358c140c0f954bc780855c0410a8c84aba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\metadata

MD5 112717ced5426247c2f3814d453e7eda
SHA1 6f03bc95a826d0f8e84832ebe590343a2f515754
SHA256 00ba09e318ded805e6e6fa428e84ca5efe330cf3df1f2077d368ab986fc0c07b
SHA512 1e59444fdf63de8acb1b6ece747c552cb03dbec8db10c86d76585f1190eaf392d0f9c6a9e1e6ab842c8bffd2779e400825956c3ad2435beee44f69cb413d8f4b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\reports\35458af0-3ffe-487e-b39d-d5eba4872da8.dmp

MD5 cb24a338dd53a067ea3ac8762344a1e7
SHA1 76c6b3dd8627c5fe3b32ef6e1a00738af8a9cc33
SHA256 8943ecf074d3bdc8bea7453eee11c2f91416414763aa25e62384f8de26fcd93f
SHA512 6eb5f967652814de097f140bf34bd8c60f107dcb165fa1ef8c6c58bb729a1abde7d10e806f3d208bed8262a2f7400df1b7a5b153ee6b08bc3239068a345a6427

memory/2236-1517-0x0000000000280000-0x0000000000F79000-memory.dmp