Analysis Overview
Threat Level: Known bad
The file http://example.com was found to be: Known bad.
Malicious Activity Summary
Detected google phishing page
Event Triggered Execution: Image File Execution Options Injection
Downloads MZ/PE file
Executes dropped EXE
Event Triggered Execution: Component Object Model Hijacking
Unexpected DNS network traffic destination
Checks computer location settings
A potential corporate email address has been identified in the URL: currency-file@1
Loads dropped DLL
Looks up external IP address via web service
Blocklisted process makes network request
Legitimate hosting services abused for malware hosting/C2
Checks installed software on the system
Enumerates connected drives
Checks whether UAC is enabled
Suspicious use of NtSetInformationThreadHideFromDebugger
Checks system information in the registry
Suspicious use of NtCreateThreadExHideFromDebugger
Drops file in Windows directory
Drops file in Program Files directory
System Network Configuration Discovery: Internet Connection Discovery
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Gathers network information
Suspicious use of SetWindowsHookEx
Modifies Internet Explorer settings
NTFS ADS
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Modifies registry class
Suspicious use of UnmapMainImage
Uses Task Scheduler COM API
Suspicious behavior: EnumeratesProcesses
Suspicious use of SendNotifyMessage
Suspicious use of FindShellTrayWindow
Modifies data under HKEY_USERS
Checks processor information in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-09 11:25
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-09 11:25
Reported
2024-11-09 11:37
Platform
win10v2004-20241007-en
Max time kernel
704s
Max time network
705s
Command Line
Signatures
Downloads MZ/PE file
Event Triggered Execution: Image File Execution Options Injection
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EUC1B8.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EUC1B8.tmp\MicrosoftEdgeUpdate.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\Bootstrapper.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\Temp\EUC1B8.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\Bootstrapper.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E6149087-533F-4D0E-ADC5-C92DDE62828F}\EDGEMITMP_4C104.tmp\setup.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Unexpected DNS network traffic destination
| Description | Indicator | Process | Target |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
Blocklisted process makes network request
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\B: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\A: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\system32\msiexec.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | pastebin.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | api.ipify.org | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EUC1B8.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EUC1B8.tmp\MicrosoftEdgeUpdate.exe | N/A |
Suspicious use of NtCreateThreadExHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe | N/A |
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\emoji-regex\index.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\fonts\families\RobotoMono.json | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\TerrainTools\mtrl_concrete.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\TerrainTools\mtrl_glacier_2022.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\Settings\Players\AddFriendIcon.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaApp\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\@npmcli\fs\lib\common\owner.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\debug\src\node.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\cacache\lib\util\move-file.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\just-diff\index.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\Controls\XboxController\DPadUp.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\VoiceChat\Misc\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\Controls\DesignSystem\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\Trust Protection Lists\Sigma\Analytics | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E6149087-533F-4D0E-ADC5-C92DDE62828F}\EDGEMITMP_4C104.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\Settings\MenuBarIcons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\identity\issuer.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\@npmcli\fs\lib\mkdtemp.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\configs\DateTimeLocaleConfigs\en-us.json | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\fonts\Arimo-Bold.ttf | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\particles\smoke_color.dds | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\TerrainTools\EdgesSquare17x1.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\Controls\DefaultController\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaApp\graphic\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\x509\ext.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\PlatformContent\pc\textures\sky\indoor512_bk.tex | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\StudioToolbox\Tabs\Recent.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\VoiceChat\SpeakerNew\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\minimatch\dist\mjs\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\chownr\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\cli-columns\license | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\pacote\lib\fetcher.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\fonts\families\Sarpanch.json | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\Controls\DesignSystem\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\TopBar\coloredlogo.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\LuaPackages\Packages\_Index\FoundationImages\FoundationImages\SpriteSheets\img_set_3x_10.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\Controls\DesignSystem\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaChat\graphic\gr-indicator-online-8x8.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\PlayerList\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\nopt\bin\nopt.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\fonts\families\PressStart2P.json | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\MaterialManager\Texture_None_Light.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\PathEditor\Control_Point_Hover.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\PlaceAnnotations\AnnotationSingle.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\TerrainTools\mt_flatten.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\ErrorIcon.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\AvatarExperience\PPEWidgetBackgroundDarkTheme.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\readable-stream\CONTRIBUTING.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\semver\functions\lte.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\delegates\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\fonts\Inconsolata-Regular.ttf | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\VerifiedBadgeNameIcon.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\InspectMenu\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaChat\9-slice\btn-control-sm.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\bin-links\lib\get-node-modules.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmversion\lib\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\corepack\shims\pnpm | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\R15Migrator\Icon_Reverted.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\RoactStudioWidgets\button_checkbox_square.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\tuf-js\dist\utils\json.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\identity\provider.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\MaterialGenerator\Copy_16x16.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\dialog_white.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\InspectMenu\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Installer\e5cb369.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI4DBD.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIB704.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIC0BA.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIDA80.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI4126.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI4E4B.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e5cb369.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSICA03.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI40C7.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI4156.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI4D4D.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\ | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI4F28.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIB734.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC} | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e5cb36d.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}\NodeIcon | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}\NodeIcon | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIBD4.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI4D6E.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIB6A5.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\inprogressinstallinfo.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIC9B4.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIDA50.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIABA.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIA3C.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIE56.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI4DBE.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI4E7B.tmp | C:\Windows\system32\msiexec.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\wevtutil.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\Temp\EUC1B8.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
System Network Configuration Discovery: Internet Connection Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Gathers network information
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\ipconfig.exe | N/A |
| N/A | N/A | C:\Windows\system32\ipconfig.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\28\52C64B7E\@%SystemRoot%\system32\dnsapi.dll,-103 = "Domain Name System (DNS) Server Trust" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\28 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\27\52C64B7E | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\28\52C64B7E | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\28\52C64B7E\@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124 = "Document Encryption" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods\ = "41" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\Elevation\IconReference = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\msedgeupdate.dll,-1004" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreClass\CurVer\ = "MicrosoftEdgeUpdate.CoreClass.1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods\ = "5" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\NumMethods\ = "23" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\Assignment = "1" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\NumMethods\ = "43" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\Elevation\Enabled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\corepack | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8F09CD6C-5964-4573-82E3-EBFF7702865B}\ = "Microsoft Edge Update Core Class" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\Language = "1033" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassSvc\CLSID\ = "{A6B716CB-028B-404D-B72C-50E153DD68DA}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods\ = "24" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CredentialDialogMachine.1.0\ = "Microsoft Edge Update CredentialDialog" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA}\InprocHandler32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\NumMethods\ = "8" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\MicrosoftEdgeUpdateOnDemand.exe\"" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA}\InprocHandler32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass\CurVer\ = "MicrosoftEdgeUpdate.CoreMachineClass.1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusSvc\ = "Google Update Policy Status Class" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\DefaultIcon | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A6B716CB-028B-404D-B72C-50E153DD68DA}\ = "Microsoft Edge Update Legacy On Demand" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\Elevation | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.ProcessLauncher.1.0\CLSID\ = "{08D832B9-D2FD-481F-98CF-904D00DF63CC}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 464528.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 839899.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeLoadDriverPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSystemProfilePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSystemtimePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeProfSingleProcessPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSystemEnvironmentPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeRemoteShutdownPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeUndockPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeManageVolumePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 33 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 34 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 35 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 36 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeLoadDriverPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSystemProfilePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSystemtimePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeProfSingleProcessPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSystemEnvironmentPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeRemoteShutdownPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeUndockPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeManageVolumePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 33 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 34 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 35 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 36 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\Bootstrapper.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeCreateTokenPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeAssignPrimaryTokenPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeLockMemoryPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeMachineAccountPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeLoadDriverPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSystemProfilePrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSystemtimePrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeProfSingleProcessPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeCreatePermanentPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of UnmapMainImage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://example.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff99bb046f8,0x7ff99bb04708,0x7ff99bb04718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2424 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2832 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4352 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4352 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5836 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6256 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6276 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=2168 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7136 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6964 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7256 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=7192 /prefetch:8
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1984 -parentBuildID 20240401114208 -prefsHandle 1912 -prefMapHandle 1904 -prefsLen 23680 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {377bf48b-c8fb-4f63-b246-1c21f7909556} 5944 "\\.\pipe\gecko-crash-server-pipe.5944" gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2396 -parentBuildID 20240401114208 -prefsHandle 2388 -prefMapHandle 2384 -prefsLen 23716 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {768a43bf-d9af-44ca-8b2b-067ac1ed0232} 5944 "\\.\pipe\gecko-crash-server-pipe.5944" socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2556 -childID 1 -isForBrowser -prefsHandle 2952 -prefMapHandle 3116 -prefsLen 23857 -prefMapSize 244658 -jsInitHandle 1200 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0fea5795-84c1-4d8a-b016-9a78618a6032} 5944 "\\.\pipe\gecko-crash-server-pipe.5944" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3992 -childID 2 -isForBrowser -prefsHandle 3984 -prefMapHandle 3980 -prefsLen 29090 -prefMapSize 244658 -jsInitHandle 1200 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1e7fcdef-c575-4cbd-90d1-443be0dc4cc0} 5944 "\\.\pipe\gecko-crash-server-pipe.5944" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4900 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4920 -prefMapHandle 4908 -prefsLen 29090 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c6d6e8e4-9b66-4b5e-80d1-7df3b46a9627} 5944 "\\.\pipe\gecko-crash-server-pipe.5944" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5136 -childID 3 -isForBrowser -prefsHandle 5348 -prefMapHandle 5344 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1200 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ace237fc-8195-43a6-8caa-344df72ee4e7} 5944 "\\.\pipe\gecko-crash-server-pipe.5944" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5476 -childID 4 -isForBrowser -prefsHandle 5484 -prefMapHandle 5376 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1200 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8b655340-6672-4822-8be4-b75e1f0ad2b4} 5944 "\\.\pipe\gecko-crash-server-pipe.5944" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5660 -childID 5 -isForBrowser -prefsHandle 5668 -prefMapHandle 5672 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1200 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b47961df-a8c4-46d8-a228-6e2150465fa0} 5944 "\\.\pipe\gecko-crash-server-pipe.5944" tab
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3712 /prefetch:8
C:\Users\Admin\Downloads\Bootstrapper.exe
"C:\Users\Admin\Downloads\Bootstrapper.exe"
C:\Windows\SYSTEM32\cmd.exe
"cmd" /c ipconfig /all
C:\Windows\system32\ipconfig.exe
ipconfig /all
C:\Windows\SYSTEM32\cmd.exe
"cmd" /c wmic nicconfig where (IPEnabled=TRUE) call SetDNSServerSearchOrder ("1.1.1.1", "1.0.0.1")
C:\Windows\System32\Wbem\WMIC.exe
wmic nicconfig where (IPEnabled=TRUE) call SetDNSServerSearchOrder ("1.1.1.1", "1.0.0.1")
C:\Windows\System32\msiexec.exe
"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\AppData\Local\Temp\node-v18.16.0-x64.msi" /qn
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\System32\MsiExec.exe
C:\Windows\System32\MsiExec.exe -Embedding EEBEE1A46F4442F78403581CC1477CE4
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 52129269BCB8714D2C8F3ED49B05613D
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7764 /prefetch:1
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 56B8C93FCC616B4AF7FD862A28152772 E Global\MSI0000
C:\Windows\SysWOW64\wevtutil.exe
"wevtutil.exe" im "C:\Program Files\nodejs\node_etw_provider.man"
C:\Windows\System32\wevtutil.exe
"wevtutil.exe" im "C:\Program Files\nodejs\node_etw_provider.man" /fromwow64
C:\ProgramData\Solara\Solara.exe
"C:\ProgramData\Solara\Solara.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=7248 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8148 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8088 /prefetch:8
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"
C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
MicrosoftEdgeWebview2Setup.exe /silent /install
C:\Program Files (x86)\Microsoft\Temp\EUC1B8.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EUC1B8.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QUU0NTEzRDMtOUEzRS00MUQ2LThGMDMtMDg5N0EyNTI2RTgyfSIgdXNlcmlkPSJ7MzUzOTA3OEUtRTc1MS00MDMzLUE1NDMtODc1QTE0RUEyMUI2fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntBODQ1MzI3Ny1FOEZELTQ5NzMtODA1Qi1BMUY5QUVCNjlFRUN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iIi8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNDcuMzciIG5leHR2ZXJzaW9uPSIxLjMuMTcxLjM5IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5NDY5NDE3NDM5IiBpbnN0YWxsX3RpbWVfbXM9IjU4NyIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{AE4513D3-9A3E-41D6-8F03-0897A2526E82}" /silent
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QUU0NTEzRDMtOUEzRS00MUQ2LThGMDMtMDg5N0EyNTI2RTgyfSIgdXNlcmlkPSJ7MzUzOTA3OEUtRTc1MS00MDMzLUE1NDMtODc1QTE0RUEyMUI2fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntCNzUxOUVEOC0wQTZFLTRBQzAtQTdCOC03RjVEODk1QTZFODB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTIzLjAuNjMxMi4xMjMiIG5leHR2ZXJzaW9uPSIxMjMuMC42MzEyLjEyMyIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijk0NzUwMTczNjQiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7440 /prefetch:1
C:\Users\Admin\Downloads\Bootstrapper.exe
"C:\Users\Admin\Downloads\Bootstrapper.exe"
C:\Windows\SYSTEM32\cmd.exe
"cmd" /c ipconfig /all
C:\Windows\system32\ipconfig.exe
ipconfig /all
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E6149087-533F-4D0E-ADC5-C92DDE62828F}\MicrosoftEdge_X64_130.0.2849.56.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E6149087-533F-4D0E-ADC5-C92DDE62828F}\MicrosoftEdge_X64_130.0.2849.56.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E6149087-533F-4D0E-ADC5-C92DDE62828F}\EDGEMITMP_4C104.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E6149087-533F-4D0E-ADC5-C92DDE62828F}\EDGEMITMP_4C104.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E6149087-533F-4D0E-ADC5-C92DDE62828F}\MicrosoftEdge_X64_130.0.2849.56.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E6149087-533F-4D0E-ADC5-C92DDE62828F}\EDGEMITMP_4C104.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E6149087-533F-4D0E-ADC5-C92DDE62828F}\EDGEMITMP_4C104.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=130.0.6723.70 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E6149087-533F-4D0E-ADC5-C92DDE62828F}\EDGEMITMP_4C104.tmp\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=130.0.2849.56 --initial-client-data=0x21c,0x220,0x224,0x1f8,0x228,0x7ff6b784d730,0x7ff6b784d73c,0x7ff6b784d748
C:\Windows\System32\msiexec.exe
"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\AppData\Local\Temp\node-v18.16.0-x64.msi" /qn
C:\Windows\System32\MsiExec.exe
C:\Windows\System32\MsiExec.exe -Embedding 7E3EAFB2373DD51DDE9899BD9571C7B1
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 3ACE9A8D80F043787F16F355BC3FF895
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 160E97D381F6F747474F03C62CFDFCD3 E Global\MSI0000
C:\ProgramData\Solara\Solara.exe
"C:\ProgramData\Solara\Solara.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7648 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QUU0NTEzRDMtOUEzRS00MUQ2LThGMDMtMDg5N0EyNTI2RTgyfSIgdXNlcmlkPSJ7MzUzOTA3OEUtRTc1MS00MDMzLUE1NDMtODc1QTE0RUEyMUI2fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins1RkFBMTM2QS00NEQ0LTQwNUMtQjAwOS1GMDQ5RTNFNjU0ODB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTMwLjAuMjg0OS41NiIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTQ5MTE1Nzk4NSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijk0OTEyODcwNjgiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5NzMzMDY3Mjg0IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8zNDZhZDlkMS03NDZlLTQ1YzctOGZlMC1kNmM4N2E3M2EyNjE_UDE9MTczMTc1NjgxMiZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1acXZRc3h6ZU9oRUFiaDllbWYlMmZ6b0xLd1lPckFUUXl3SXB2QkU2SWFlZVRTdVd2T0ZSMDhVb243NHlKYUJqZEUlMmZ4dHVKS2Y4QWNvRHFTN05BTzRNOEElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNzQ5MzM2MDAiIHRvdGFsPSIxNzQ5MzM2MDAiIGRvd25sb2FkX3RpbWVfbXM9IjE3NzE0Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTczMzE2NzMwMiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijk3NDc4NDcxMjEiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwMzY5NzQ3MzQ3IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iOTE2IiBkb3dubG9hZF90aW1lX21zPSIyNDE0NCIgZG93bmxvYWRlZD0iMTc0OTMzNjAwIiB0b3RhbD0iMTc0OTMzNjAwIiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI2MjE4NiIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe" -app -clientLaunchTimeEpochMs 0 -isInstallerLaunch 4412
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6356 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:OTNmqspgaMj45fDKQrW85VIah6gAfB1cOV25CG55YCYuE22IKEdXRTSU8Lt3hdPya6YFJTwYCEeqkYjhqlGtTYnI2gVjfFDcaPinKaR2tfpJjwF1mcN3wkZyheRaXVBsFr7oYU161QmlulX8GOVF1c-J0mOQTTvrvoUytlXkUKgVgZdNg2q3AXuwCfAMGr0bBca74yx3vNREb_hthghliEZBh2UNz0ZtIHesLHwOGOM+launchtime:1731152144698+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1731151877717006%26placeId%3D4924922222%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D045e4005-15c4-4f6e-bd46-124a311b4329%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1731151877717006+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,6326044991091685549,11364402254199499588,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6728 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:xsLAvKPmP9h27C0KKhGH1CXxzJn3awstE6n2qt-D5D_R2yQcYE4E9aivPcN49Xgye7EzKM7QywloaHRvV7_0C0OcsrH_pyTETJIMkKSk5MiJJZ15opY7p4YHTkMezOrAGTE9L_kOyn2a8oWkNV5SVS62yo3Fe5Sp0jHEOjuIctnFLb-lR8p6o6-vm9jKPNtc_U3SxAOLi-piS5rNqLj1dJgl_3NBSeQ1i5Xx2vpMTng+launchtime:1731152206961+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1731151877717006%26placeId%3D4924922222%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Db0cb77bc-3c85-4655-ae68-83ed884c7889%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1731151877717006+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | example.com | udp |
| US | 93.184.215.14:80 | example.com | tcp |
| US | 93.184.215.14:80 | example.com | tcp |
| US | 8.8.8.8:53 | x.urs.microsoft.com | udp |
| GB | 51.11.108.188:443 | x.urs.microsoft.com | tcp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.215.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 188.108.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.iana.org | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 95.100.195.136:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 136.195.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | getsolara.dev | udp |
| US | 172.67.203.125:80 | getsolara.dev | tcp |
| US | 172.67.203.125:80 | getsolara.dev | tcp |
| US | 172.67.203.125:443 | getsolara.dev | tcp |
| US | 8.8.8.8:53 | 125.203.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | link-hub.net | udp |
| US | 172.67.135.50:443 | link-hub.net | tcp |
| US | 172.67.135.50:443 | link-hub.net | tcp |
| US | 8.8.8.8:53 | linkvertise.com | udp |
| US | 104.22.23.72:443 | linkvertise.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cdn.exmarketplace.com | udp |
| US | 8.8.8.8:53 | p.typekit.net | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | maxst.icons8.com | udp |
| IT | 95.110.206.108:443 | cdn.exmarketplace.com | tcp |
| US | 8.8.8.8:53 | stackpath.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | use.typekit.net | udp |
| US | 8.8.8.8:53 | js.chargebee.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 72.23.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.135.67.172.in-addr.arpa | udp |
| CH | 173.222.108.192:443 | p.typekit.net | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.18.11.207:443 | stackpath.bootstrapcdn.com | tcp |
| US | 104.18.11.207:443 | stackpath.bootstrapcdn.com | tcp |
| DE | 169.150.255.180:443 | maxst.icons8.com | tcp |
| CH | 173.222.108.248:443 | use.typekit.net | tcp |
| US | 3.165.232.91:443 | js.chargebee.com | tcp |
| US | 8.8.8.8:53 | exmarketplace.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| IT | 2.20.224.28:443 | contextual.media.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | publisher.linkvertise.com | udp |
| US | 104.22.23.72:443 | publisher.linkvertise.com | tcp |
| US | 104.22.23.72:443 | publisher.linkvertise.com | tcp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.206.110.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.11.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.232.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.255.150.169.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.108.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.108.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.224.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | euob.bizseasky.com | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| IE | 13.224.68.84:443 | euob.bizseasky.com | tcp |
| US | 8.8.8.8:53 | api.ipify.org | udp |
| US | 13.107.246.65:443 | www.clarity.ms | tcp |
| US | 104.26.13.205:443 | api.ipify.org | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| BE | 66.102.1.157:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 84.68.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.13.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.1.102.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | obseu.bizseasky.com | udp |
| IE | 54.75.69.192:443 | obseu.bizseasky.com | tcp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| US | 8.8.8.8:53 | api.taboola.com | udp |
| US | 151.101.129.44:443 | api.taboola.com | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| GB | 142.250.179.226:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | 192.69.75.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.129.153.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.129.74.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 13.107.21.237:443 | c.bing.com | tcp |
| GB | 142.250.179.225:443 | ep2.adtrafficquality.google | tcp |
| GB | 142.250.179.225:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | integrate.linkvertise.com | udp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.179.250.142.in-addr.arpa | udp |
| US | 172.67.31.186:443 | integrate.linkvertise.com | tcp |
| US | 8.8.8.8:53 | ad-server.linkvertise.com | udp |
| GB | 142.250.179.226:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | cdn.linkvertise.com | udp |
| US | 8.8.8.8:53 | imagedelivery.net | udp |
| US | 8.8.8.8:53 | img.youtube.com | udp |
| US | 104.22.23.72:443 | cdn.linkvertise.com | tcp |
| US | 104.22.23.72:443 | cdn.linkvertise.com | tcp |
| US | 104.22.23.72:443 | cdn.linkvertise.com | tcp |
| US | 104.22.23.72:443 | cdn.linkvertise.com | tcp |
| US | 104.18.2.36:443 | imagedelivery.net | tcp |
| US | 104.18.2.36:443 | imagedelivery.net | tcp |
| US | 104.18.2.36:443 | imagedelivery.net | tcp |
| US | 104.18.2.36:443 | imagedelivery.net | tcp |
| US | 104.18.2.36:443 | imagedelivery.net | tcp |
| US | 104.18.2.36:443 | imagedelivery.net | tcp |
| GB | 142.250.180.14:443 | img.youtube.com | tcp |
| GB | 142.250.180.14:443 | img.youtube.com | udp |
| US | 8.8.8.8:53 | cdn.advertiser.linkvertise.com | udp |
| US | 172.67.31.186:443 | cdn.advertiser.linkvertise.com | tcp |
| US | 8.8.8.8:53 | 186.31.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.2.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | am-api.taboola.com | udp |
| US | 8.8.8.8:53 | images.taboola.com | udp |
| US | 8.8.8.8:53 | lvcreator.zendesk.com | udp |
| US | 216.198.54.1:443 | lvcreator.zendesk.com | tcp |
| US | 216.198.54.1:443 | lvcreator.zendesk.com | tcp |
| US | 8.8.8.8:53 | static.zdassets.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 216.198.54.3:443 | static.zdassets.com | tcp |
| GB | 142.250.180.10:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | linkvertise.zendesk.com | udp |
| US | 8.8.8.8:53 | secure.gravatar.com | udp |
| US | 216.198.54.1:443 | linkvertise.zendesk.com | tcp |
| US | 192.0.73.2:443 | secure.gravatar.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | i1.wp.com | udp |
| US | 192.0.77.2:443 | i1.wp.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 1.54.198.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.54.198.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.73.0.192.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 2.77.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 104.18.11.207:443 | stackpath.bootstrapcdn.com | tcp |
| CH | 173.222.108.248:443 | use.typekit.net | tcp |
| GB | 142.250.179.226:443 | ep1.adtrafficquality.google | udp |
| GB | 142.250.179.225:443 | ep2.adtrafficquality.google | udp |
| GB | 142.250.179.226:443 | ep1.adtrafficquality.google | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| IT | 95.110.206.108:443 | cdn.exmarketplace.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | devtools.azureedge.net | udp |
| US | 13.107.246.65:443 | devtools.azureedge.net | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 95.100.195.165:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 165.195.100.95.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | 13.179.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | filetransfer.io | udp |
| US | 172.67.200.96:80 | filetransfer.io | tcp |
| US | 172.67.200.96:80 | filetransfer.io | tcp |
| US | 172.67.200.96:443 | filetransfer.io | tcp |
| US | 8.8.8.8:53 | d1f8f9xcsvx3ha.cloudfront.net | udp |
| IE | 3.162.143.104:443 | d1f8f9xcsvx3ha.cloudfront.net | tcp |
| US | 8.8.8.8:53 | filetransfer.onfastspring.com | udp |
| US | 174.129.114.18:443 | filetransfer.onfastspring.com | tcp |
| US | 8.8.8.8:53 | 96.200.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.143.162.3.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 18.114.129.174.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s20.filetransfer.io | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | firefox-api-proxy.cdn.mozilla.net | udp |
| N/A | 127.0.0.1:62604 | tcp | |
| N/A | 127.0.0.1:62613 | tcp | |
| US | 34.149.97.1:443 | firefox-api-proxy.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | 65.204.21.100.in-addr.arpa | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 1.1.1.1:53 | getsolara.dev | udp |
| US | 172.67.203.125:443 | getsolara.dev | tcp |
| N/A | 127.0.0.1:6463 | tcp | |
| US | 1.1.1.1:53 | clientsettings.roblox.com | udp |
| GB | 128.116.119.4:443 | clientsettings.roblox.com | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 1.1.1.1:53 | 4.119.116.128.in-addr.arpa | udp |
| US | 1.1.1.1:53 | www.nodejs.org | udp |
| US | 104.20.23.46:443 | www.nodejs.org | tcp |
| US | 1.1.1.1:53 | nodejs.org | udp |
| US | 104.20.23.46:443 | nodejs.org | tcp |
| US | 1.1.1.1:53 | 46.23.20.104.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 46.23.20.104.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| AU | 1.0.0.1:53 | 1.0.0.1.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 1.0.0.1.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 1.1.1.1:53 | b.clarity.ms | udp |
| US | 1.1.1.1:53 | www.roblox.com | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| GB | 128.116.119.3:80 | www.roblox.com | tcp |
| GB | 128.116.119.3:80 | www.roblox.com | tcp |
| GB | 128.116.119.3:443 | www.roblox.com | tcp |
| US | 1.1.1.1:53 | css.rbxcdn.com | udp |
| US | 1.1.1.1:53 | static.rbxcdn.com | udp |
| US | 1.1.1.1:53 | js.rbxcdn.com | udp |
| DE | 2.16.164.99:443 | css.rbxcdn.com | tcp |
| DE | 2.16.164.99:443 | css.rbxcdn.com | tcp |
| DE | 2.16.164.99:443 | css.rbxcdn.com | tcp |
| DE | 2.16.164.99:443 | css.rbxcdn.com | tcp |
| DE | 2.16.164.99:443 | css.rbxcdn.com | tcp |
| DE | 2.16.164.99:443 | css.rbxcdn.com | tcp |
| GB | 108.138.217.124:443 | static.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| US | 1.1.1.1:53 | crt.rootg2.amazontrust.com | udp |
| US | 1.1.1.1:53 | region1.google-analytics.com | udp |
| GB | 143.204.68.51:80 | crt.rootg2.amazontrust.com | tcp |
| GB | 143.204.68.51:80 | crt.rootg2.amazontrust.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 1.1.1.1:53 | 3.119.116.128.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 124.217.138.108.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 89.253.245.18.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 99.164.16.2.in-addr.arpa | udp |
| US | 1.1.1.1:53 | roblox.com | udp |
| US | 1.1.1.1:53 | metrics.roblox.com | udp |
| NL | 128.116.21.3:443 | roblox.com | tcp |
| US | 1.1.1.1:53 | apis.roblox.com | udp |
| GB | 128.116.119.4:443 | apis.roblox.com | tcp |
| GB | 128.116.119.4:443 | apis.roblox.com | tcp |
| GB | 128.116.119.4:443 | apis.roblox.com | tcp |
| US | 1.1.1.1:53 | 51.68.204.143.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 3.21.116.128.in-addr.arpa | udp |
| US | 1.1.1.1:53 | locale.roblox.com | udp |
| US | 1.1.1.1:53 | apis.rbxcdn.com | udp |
| DE | 2.16.164.99:443 | css.rbxcdn.com | tcp |
| GB | 2.16.34.16:443 | apis.rbxcdn.com | tcp |
| US | 1.1.1.1:53 | images.rbxcdn.com | udp |
| US | 1.1.1.1:53 | auth.roblox.com | udp |
| DE | 2.16.164.59:443 | images.rbxcdn.com | tcp |
| DE | 2.16.164.59:443 | images.rbxcdn.com | tcp |
| DE | 2.16.164.59:443 | images.rbxcdn.com | tcp |
| DE | 2.16.164.59:443 | images.rbxcdn.com | tcp |
| DE | 2.16.164.59:443 | images.rbxcdn.com | tcp |
| DE | 2.16.164.59:443 | images.rbxcdn.com | tcp |
| US | 1.1.1.1:53 | ecsv2.roblox.com | udp |
| US | 1.1.1.1:53 | 16.34.16.2.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 59.164.16.2.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 1.1.1.1:53 | location.services.mozilla.com | udp |
| US | 1.1.1.1:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 35.190.72.216:443 | location.services.mozilla.com | tcp |
| US | 1.1.1.1:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 1.1.1.1:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 1.1.1.1:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 1.1.1.1:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 216.72.190.35.in-addr.arpa | udp |
| US | 1.1.1.1:53 | redirector.gvt1.com | udp |
| US | 1.1.1.1:53 | ciscobinary.openh264.org | udp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| GB | 216.58.201.110:443 | redirector.gvt1.com | tcp |
| US | 1.1.1.1:53 | redirector.gvt1.com | udp |
| GB | 88.221.134.209:80 | ciscobinary.openh264.org | tcp |
| US | 1.1.1.1:53 | a19.dscg10.akamai.net | udp |
| US | 1.1.1.1:53 | redirector.gvt1.com | udp |
| US | 1.1.1.1:53 | a19.dscg10.akamai.net | udp |
| GB | 216.58.201.110:443 | redirector.gvt1.com | udp |
| US | 1.1.1.1:53 | r2---sn-aigl6ned.gvt1.com | udp |
| GB | 173.194.183.71:443 | r2---sn-aigl6ned.gvt1.com | tcp |
| US | 1.1.1.1:53 | r2.sn-aigl6ned.gvt1.com | udp |
| US | 1.1.1.1:53 | r2.sn-aigl6ned.gvt1.com | udp |
| GB | 173.194.183.71:443 | r2.sn-aigl6ned.gvt1.com | udp |
| US | 1.1.1.1:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 209.134.221.88.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 71.183.194.173.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 1.1.1.1:53 | f4355544.solaraweb-alj.pages.dev | udp |
| US | 172.66.47.197:443 | f4355544.solaraweb-alj.pages.dev | tcp |
| US | 1.1.1.1:53 | 197.47.66.172.in-addr.arpa | udp |
| US | 1.1.1.1:53 | assetgame.roblox.com | udp |
| US | 1.1.1.1:53 | ncs.roblox.com | udp |
| US | 1.1.1.1:53 | arkoselabs.roblox.com | udp |
| GB | 18.244.140.25:443 | arkoselabs.roblox.com | tcp |
| US | 1.1.1.1:53 | pastebin.com | udp |
| US | 104.20.3.235:443 | pastebin.com | tcp |
| US | 1.1.1.1:53 | clientsettings.roblox.com | udp |
| GB | 128.116.119.4:443 | clientsettings.roblox.com | tcp |
| US | 1.1.1.1:53 | 25.140.244.18.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 235.3.20.104.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 1.1.1.1:53 | realtime-signalr.roblox.com | udp |
| US | 1.1.1.1:53 | lms.roblox.com | udp |
| US | 1.1.1.1:53 | thumbnails.roblox.com | udp |
| US | 1.1.1.1:53 | contacts.roblox.com | udp |
| US | 1.1.1.1:53 | notifications.roblox.com | udp |
| US | 1.1.1.1:53 | economy.roblox.com | udp |
| US | 1.1.1.1:53 | friends.roblox.com | udp |
| US | 1.1.1.1:53 | privatemessages.roblox.com | udp |
| US | 1.1.1.1:53 | trades.roblox.com | udp |
| US | 1.1.1.1:53 | usermoderation.roblox.com | udp |
| GB | 128.116.119.3:443 | trades.roblox.com | tcp |
| GB | 128.116.119.3:443 | trades.roblox.com | tcp |
| GB | 128.116.119.3:443 | trades.roblox.com | tcp |
| US | 1.1.1.1:53 | cs.ns1p.net | udp |
| DE | 52.57.175.132:443 | cs.ns1p.net | tcp |
| US | 1.1.1.1:53 | gold.roblox.com | udp |
| US | 1.1.1.1:53 | cdg1-128-116-122-3.roblox.com | udp |
| US | 1.1.1.1:53 | atl1-128-116-99-3.roblox.com | udp |
| US | 1.1.1.1:53 | pulsar.roblox.com | udp |
| US | 1.1.1.1:53 | nrt1-128-116-120-3.roblox.com | udp |
| US | 1.1.1.1:53 | syd1-128-116-51-3.roblox.com | udp |
| US | 1.1.1.1:53 | lhr2-128-116-119-3.roblox.com | udp |
| US | 1.1.1.1:53 | sc0aws.rbxcdn.com | udp |
| US | 1.1.1.1:53 | fra2-128-116-123-3.roblox.com | udp |
| US | 1.1.1.1:53 | roblox-poc.global.ssl.fastly.net | udp |
| FR | 128.116.122.3:443 | cdg1-128-116-122-3.roblox.com | tcp |
| US | 128.116.121.3:443 | pulsar.roblox.com | tcp |
| JP | 128.116.120.3:443 | nrt1-128-116-120-3.roblox.com | tcp |
| US | 128.116.99.3:443 | atl1-128-116-99-3.roblox.com | tcp |
| AU | 128.116.51.3:443 | syd1-128-116-51-3.roblox.com | tcp |
| GB | 18.239.236.60:443 | sc0aws.rbxcdn.com | tcp |
| DE | 128.116.123.3:443 | fra2-128-116-123-3.roblox.com | tcp |
| US | 151.101.1.194:443 | roblox-poc.global.ssl.fastly.net | tcp |
| US | 1.1.1.1:53 | tr.rbxcdn.com | udp |
| US | 128.116.121.3:443 | pulsar.roblox.com | tcp |
| JP | 128.116.120.3:443 | nrt1-128-116-120-3.roblox.com | tcp |
| AU | 128.116.51.3:443 | syd1-128-116-51-3.roblox.com | tcp |
| DE | 72.247.153.144:443 | tr.rbxcdn.com | tcp |
| US | 1.1.1.1:53 | s.ns1p.net | udp |
| DE | 52.57.175.132:443 | s.ns1p.net | tcp |
| US | 1.1.1.1:53 | 3.122.116.128.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 132.175.57.52.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 60.236.239.18.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 3.123.116.128.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 194.1.101.151.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 3.99.116.128.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 3.120.116.128.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 144.153.247.72.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 3.51.116.128.in-addr.arpa | udp |
| US | 1.1.1.1:53 | mia4-128-116-45-3.roblox.com | udp |
| US | 128.116.45.3:443 | mia4-128-116-45-3.roblox.com | tcp |
| US | 1.1.1.1:53 | presence.roblox.com | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 1.1.1.1:53 | 3.45.116.128.in-addr.arpa | udp |
| US | 1.1.1.1:53 | lax4-128-116-63-3.roblox.com | udp |
| US | 128.116.63.3:443 | lax4-128-116-63-3.roblox.com | tcp |
| US | 1.1.1.1:53 | 3.63.116.128.in-addr.arpa | udp |
| FR | 128.116.122.3:443 | cdg1-128-116-122-3.roblox.com | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 1.1.1.1:53 | b.ns1p.net | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 1.1.1.1:53 | t4.rbxcdn.com | udp |
| US | 205.234.175.102:443 | t4.rbxcdn.com | tcp |
| US | 1.1.1.1:53 | accountinformation.roblox.com | udp |
| US | 1.1.1.1:53 | users.roblox.com | udp |
| US | 1.1.1.1:53 | groups.roblox.com | udp |
| US | 1.1.1.1:53 | 102.175.234.205.in-addr.arpa | udp |
| US | 1.1.1.1:53 | premiumfeatures.roblox.com | udp |
| US | 1.1.1.1:53 | games.roblox.com | udp |
| US | 1.1.1.1:53 | avatar.roblox.com | udp |
| US | 1.1.1.1:53 | badges.roblox.com | udp |
| US | 1.1.1.1:53 | ams2-128-116-21-3.roblox.com | udp |
| US | 128.116.63.3:443 | lax4-128-116-63-3.roblox.com | tcp |
| US | 1.1.1.1:53 | lax2-128-116-116-3.roblox.com | udp |
| US | 1.1.1.1:53 | sc0ak.rbxcdn.com | udp |
| NL | 128.116.21.3:443 | ams2-128-116-21-3.roblox.com | tcp |
| US | 128.116.116.3:443 | lax2-128-116-116-3.roblox.com | tcp |
| DE | 72.247.153.177:443 | sc0ak.rbxcdn.com | tcp |
| US | 1.1.1.1:53 | catalog.roblox.com | udp |
| AU | 128.116.51.3:443 | syd1-128-116-51-3.roblox.com | tcp |
| AU | 128.116.51.3:443 | syd1-128-116-51-3.roblox.com | tcp |
| US | 1.1.1.1:53 | 3.116.116.128.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 177.153.247.72.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 151.101.1.194:443 | roblox-poc.global.ssl.fastly.net | tcp |
| US | 151.101.1.194:443 | roblox-poc.global.ssl.fastly.net | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 151.101.1.194:443 | roblox-poc.global.ssl.fastly.net | tcp |
| US | 1.1.1.1:53 | sin2-128-116-97-3.roblox.com | udp |
| SG | 128.116.97.3:443 | sin2-128-116-97-3.roblox.com | tcp |
| US | 1.1.1.1:53 | 3.97.116.128.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 1.1.1.1:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 1.1.1.1:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 1.1.1.1:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 1.1.1.1:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 1.1.1.1:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| GB | 128.116.119.3:443 | badges.roblox.com | tcp |
| DE | 128.116.123.3:443 | fra2-128-116-123-3.roblox.com | tcp |
| US | 128.116.99.3:443 | atl1-128-116-99-3.roblox.com | tcp |
| US | 1.1.1.1:53 | static.rbxcdn.com | udp |
| NL | 128.116.21.3:443 | ams2-128-116-21-3.roblox.com | tcp |
| JP | 128.116.120.3:443 | nrt1-128-116-120-3.roblox.com | tcp |
| DE | 72.247.153.177:443 | sc0ak.rbxcdn.com | tcp |
| US | 1.1.1.1:53 | css.rbxcdn.com | udp |
| US | 1.1.1.1:53 | js.rbxcdn.com | udp |
| US | 1.1.1.1:53 | fra4-128-116-44-3.roblox.com | udp |
| US | 1.1.1.1:53 | mia2-128-116-127-3.roblox.com | udp |
| US | 128.116.121.3:443 | pulsar.roblox.com | tcp |
| US | 1.1.1.1:53 | silver.roblox.com | udp |
| US | 1.1.1.1:53 | sea1-128-116-115-3.roblox.com | udp |
| US | 1.1.1.1:53 | dfw2-128-116-95-3.roblox.com | udp |
| US | 128.116.127.3:443 | mia2-128-116-127-3.roblox.com | tcp |
| DE | 128.116.44.3:443 | fra4-128-116-44-3.roblox.com | tcp |
| US | 128.116.115.3:443 | sea1-128-116-115-3.roblox.com | tcp |
| US | 128.116.95.3:443 | dfw2-128-116-95-3.roblox.com | tcp |
| US | 128.116.121.3:443 | pulsar.roblox.com | tcp |
| US | 128.116.115.3:443 | sea1-128-116-115-3.roblox.com | tcp |
| US | 1.1.1.1:53 | 3.44.116.128.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 3.127.116.128.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 3.95.116.128.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 1.1.1.1:53 | followings.roblox.com | udp |
| US | 128.116.115.3:443 | sea1-128-116-115-3.roblox.com | tcp |
| US | 1.1.1.1:53 | lga2-128-116-32-3.roblox.com | udp |
| US | 1.1.1.1:53 | ord2-128-116-101-3.roblox.com | udp |
| US | 128.116.45.3:443 | mia4-128-116-45-3.roblox.com | tcp |
| US | 128.116.121.3:443 | pulsar.roblox.com | tcp |
| US | 128.116.32.3:443 | lga2-128-116-32-3.roblox.com | tcp |
| US | 128.116.101.3:443 | ord2-128-116-101-3.roblox.com | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 1.1.1.1:53 | voice.roblox.com | udp |
| US | 1.1.1.1:53 | 3.32.116.128.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 3.101.116.128.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 1.1.1.1:53 | setup.rbxcdn.com | udp |
| GB | 2.16.34.8:443 | setup.rbxcdn.com | tcp |
| US | 1.1.1.1:53 | 8.34.16.2.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:64209 | tcp | |
| US | 1.1.1.1:53 | ecsv2.roblox.com | udp |
| GB | 128.116.119.3:443 | ecsv2.roblox.com | tcp |
| US | 1.1.1.1:53 | clientsettingscdn.roblox.com | udp |
| GB | 18.165.242.41:443 | clientsettingscdn.roblox.com | tcp |
| US | 1.1.1.1:53 | setup.rbxcdn.com | udp |
| GB | 2.16.34.8:443 | setup.rbxcdn.com | tcp |
| US | 1.1.1.1:53 | 41.242.165.18.in-addr.arpa | udp |
| N/A | 127.0.0.1:64213 | tcp | |
| N/A | 127.0.0.1:64228 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| GB | 2.16.34.8:443 | setup.rbxcdn.com | tcp |
| GB | 2.16.34.8:443 | setup.rbxcdn.com | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 1.1.1.1:53 | msedge.api.cdp.microsoft.com | udp |
| US | 172.169.87.222:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 1.1.1.1:53 | 222.87.169.172.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 1.1.1.1:53 | msedge.f.tlu.dl.delivery.mp.microsoft.com | udp |
| DE | 72.247.153.184:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 1.1.1.1:53 | 184.153.247.72.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 1.1.1.1:53 | getsolara.dev | udp |
| US | 104.21.93.27:443 | getsolara.dev | tcp |
| US | 1.1.1.1:53 | clientsettings.roblox.com | udp |
| GB | 128.116.119.4:443 | clientsettings.roblox.com | tcp |
| US | 1.1.1.1:53 | 27.93.21.104.in-addr.arpa | udp |
| US | 104.20.23.46:443 | nodejs.org | tcp |
| US | 1.1.1.1:53 | nodejs.org | udp |
| US | 104.20.23.46:443 | nodejs.org | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 104.20.3.235:443 | pastebin.com | tcp |
| GB | 128.116.119.4:443 | clientsettings.roblox.com | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:57326 | tcp | |
| GB | 128.116.119.3:443 | ecsv2.roblox.com | tcp |
| N/A | 127.0.0.1:57329 | tcp | |
| US | 1.1.1.1:53 | client-telemetry.roblox.com | udp |
| GB | 128.116.119.3:443 | client-telemetry.roblox.com | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 443a627d539ca4eab732bad0cbe7332b |
| SHA1 | 86b18b906a1acd2a22f4b2c78ac3564c394a9569 |
| SHA256 | 1e1ad9dce141f5f17ea07c7e9c2a65e707c9943f172b9134b0daf9eef25f0dc9 |
| SHA512 | 923b86d75a565c91250110162ce13dd3ef3f6bdde1a83f7af235ed302d4a96b8c9ed722e2152781e699dfcb26bb98afc73f5adb298f8fd673f14c9f28b5f764d |
\??\pipe\LOCAL\crashpad_1208_RDMJFXLNHLNPNCGF
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 99afa4934d1e3c56bbce114b356e8a99 |
| SHA1 | 3f0e7a1a28d9d9c06b6663df5d83a65c84d52581 |
| SHA256 | 08e098bb97fd91d815469cdfd5568607a3feca61f18b6b5b9c11b531fde206c8 |
| SHA512 | 76686f30ed68144cf943b80ac10b52c74eee84f197cee3c24ef7845ef44bdb5586b6e530824543deeed59417205ac0e2559808bcb46450504106ac8f4c95b9da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9253cb08bf3a469fd4fe03ff93ffdcfe |
| SHA1 | 1033f5a0f79cf60a92ce0daf8f85a63d15904412 |
| SHA256 | 75bfd8a4baaeacf77ef0b792fc569aa4f6a9e3ca0b00c3f8aa7e234868c4f3d9 |
| SHA512 | d64a607c712d744eb1825653368323ce65048159a80f8379599a137b3fece2cd533064b31ae4a564a036a4efc0bbe9d47bba16b7ff0ac828904ae8fabd6f367f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8883685d50887ae04b4dfd3e3d352669 |
| SHA1 | 9c712443c40d4aa86b55ddfb7f8059fb23dfb565 |
| SHA256 | d70c74188da9eb259d1a0ec381d1f0492882e621bab3591991e1917c06e0eebd |
| SHA512 | b0ad4b7d9772d97d845c0d762ae8337c3c48cafaf978ed593ef475aa2e697e061a8c6ec20335ccfff9784e94aaec502bf758f48713c2a2a6de03b0a24262fdb7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8f76e682e605f645b4a60a7de97dbcb1 |
| SHA1 | bbf70f492a55704beb287724018aef3bd01ef28e |
| SHA256 | 324f3eb498ecdda7d86ab59dc2d1a89fd49a2c8808678737b1b3864d1d94d8d6 |
| SHA512 | f12de2e2660e895c05eca443be78d070efd8c756dae01768cc7f201d39ba36b7e1d0879891b4a83d09d01fe3a77e8b239494800e5ae1ae8179e5b11a71e6eb6e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
| MD5 | 5457602e56b7f143da8f435082bfdd3d |
| SHA1 | 363bf07580430f43702cf77f4de15ef4bd75fb23 |
| SHA256 | 35badd4e6729caac834cc3e1ece6c63b217765c34889174a23d399eaf7fbe937 |
| SHA512 | cc455012e7bd538abcd1d7db2ef21e867903d9e45fe281076dd4062595619c5ff632834a566a04b21d0a78d73daf3142fb45c80d7dbcba05d9f0b4f41a5abf71 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e6d5106a7d80313b566e4c21b0460c37 |
| SHA1 | 45ac1a8fc73cdeedac16ba881d2d928de5a39b78 |
| SHA256 | f622f7e967c43dd1c5e65338741b79226295d1d92bb12386a89e76c7cb622873 |
| SHA512 | 2d7016f7fd572bb9e239bbb9c4a810918c02acb05436a8352a22ac346dbc77735b282dc169078b40e721b9b552d062210f78ea90e5a2c0784d8e37484e63d766 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2f8b62e9d9e68d77be62f964480da63f |
| SHA1 | 6ec6091f53bf1f5bc6513db9838805f829d318cf |
| SHA256 | 7840c31005e431bde32daa28cb35d203aeca5e63787cfe06599a1aa32166bd47 |
| SHA512 | 2b72652ad9ff3be72d97197198a341ac91224a76dd5e1f11b6f0fc05b829360893e6d9a9bf81692d6b2b79fb38eddf357e72f444036cfd64b24b5e43732abdeb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe580b84.TMP
| MD5 | 162051c0e471f1f37b4ab8a226b48dd1 |
| SHA1 | f25773a7edd27a0164a78aae71583576db18e454 |
| SHA256 | 31360a6bcfb5e4dfeaedbd64beced57c40ceb6539a05605807ef1a144dcf387a |
| SHA512 | f6dec9a18aed5638d27f61f35bfc834043bf775e8271bb3f832cf517fa4d90f2b267c890aaa69ee0e6f9c5dba20fa7242f0146c3e5b2a75e40fb3a0ccbd61100 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1829593c82fe1a5e530d2dd3fed84042 |
| SHA1 | 8c6da264a1bb369acf4977ae15a467a59dfe469e |
| SHA256 | fcc89116feae1f2b7556381d32e5fd83b13f071c89e7a8f3c759106343be80db |
| SHA512 | f482ba8f279964f55514aad8453fc16388653e084ab5beb2e0eea3530723e9e52abdb3b9628121802fa3e1ac1f835f93fb2a9f8f70e724cfd875a158d940fefb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ad6aef0abe6c056c5014092d18a29231 |
| SHA1 | 4047731eb49213b3e7648ca52d01bc03e1c20ac8 |
| SHA256 | f186345357c5695d65e3bb4008058b258801a1616fd679acf19fb310f2aa3a0b |
| SHA512 | fea9ad84fa1c57292562df06717fd89be9ab15e328366d51016d9c0622a9e25c6d77f539561ab386c7a2f05142a53dd6585317b45a312fe532471c76cb47a44a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 81f543a9031c33468f6bff7dd641b57f |
| SHA1 | 58f017ee293effbf19ece52af24b030b279ebd8d |
| SHA256 | 44ac816410d814b4788a80d4e2f36259ad58c33659b334993ebf09b3c63cd445 |
| SHA512 | d57361e0d1658fa1f29aa88e848348582b9da1923bcc4916e4f5b30a9d514da601c25e1e92864247a5acd6482624f7624840c039996e978647ca3356639eb6d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
| MD5 | 8498e0f6d3af282b2292c67507e9560d |
| SHA1 | 119fb5e4dd7b41d8ed15e4b9ca31acbed135871d |
| SHA256 | 1a55aefec4013b934d3470f455705c7966fe70434b36aba2fa52ee72216f93a1 |
| SHA512 | 46a9928063999a6b0f4d4f1035ebb9ce2e99eda3c1200eb426557ba989965b0b163f2b9521c406745e9474b30025c12d95cf4875fc8a079b8fc2c067f5259355 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6065d86ec26ea9f3e358fa6d04546ed9 |
| SHA1 | 31b85c96fdd6e439754c9cdc529dd3d581be8557 |
| SHA256 | 87e4d259d096fddbd483fdeafb2c78896b1626987efe1769ece0c84a1d64cfed |
| SHA512 | f7efbced1ad096ae32e10b570b23ca1f385da1b7b1cfb923bd8a367b12b48f289950b80673c57fa054f80209fea2d21b3bf8ba85d475678e03d39a1a25c50787 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 13f5910c346e768f48826dae28a0dea7 |
| SHA1 | ae4b66f5eba9d2467a07eb746e6b7708b270705a |
| SHA256 | e6bedc314a9e6dcd81633299555f0d32aafbd1e6b0a938530e729cf126432036 |
| SHA512 | 4fc5b80aa25bbb1e2a7f0f9072ae1ad7c6a33abbef1b335b0c26f5ef664e38eca08e6713f27a02e3c89cc56d269752b5f0b8ae3d8208d38503ebba83c6b3f05a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5a9b7c95746eebecc4f2cb4b6a122afd |
| SHA1 | a4e261950458a3052cd2cd367833e1d766b47745 |
| SHA256 | 4f7fa2773714dc67ba7ee274d8d6981b5c516c17775e45239a2c06adb2fcfabd |
| SHA512 | 5ffe1c1c13b7ef0182a27d442cafabae5264b07851c18024fdf5a0bd03605c112c89700563a26d61ea46db387dd99a5b1cfc8177be16fd986821079c6920f79a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1d40e305004bb7a7ba9e2c32c864d1bd |
| SHA1 | bc866df9faff9d6a7cfa1d6969dd317682fe7ab6 |
| SHA256 | a0288abbc67464f633152545c57320eed48cbbf3e6afa3c992f6f5bc62ec32dc |
| SHA512 | 6e2349520cc90d79c98c8c33ee167bd3eb508c2b9d2039efe9c4d1efa520289283cd3471b1f7a37879a3ff72ccdcb4cf86fc118948786b4ba6556df32c76ef13 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 44a0c9598d89629c34083c79e6c49ef1 |
| SHA1 | dcbeb57b399aa222b3730e9eebaaf4ee02e4ed33 |
| SHA256 | 528278af95d9edc1514370475539d360f54efc0ac03bbade553277698b02c8ce |
| SHA512 | 9e1fa14d667affe1314959a6f6d6357c14de672865f85ace1a51bf7a27614203437ca04425b3c7b06801d4646d790d454118ea6af745458d108cf4a4c0a26b62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | 2c92288016ce3a327c2230ee1dc04ba2 |
| SHA1 | 8cd9f721e5a0f19059854030773f76bbafa0036c |
| SHA256 | 3b7b2d0aac6717a3735156eee99212f28528d0dd86d7ba3f6e527535d1f6d398 |
| SHA512 | e60e33852a8af310cc8be770afc64a10c63b1711292770d4c7024842e534953de358567da3264e20c393199b1df43e1a98723a1f8bd657dea9a55a6cacb2f0ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | 61e4576e6aa91cd435fe92f085fb0a3c |
| SHA1 | fa21a6bad3a461c8f0e27b75913c8f1cbe0b2b62 |
| SHA256 | 78d8aca4e50e6ba58890b68f8c3d6e562ff0b16516a0c3df56be18b69dca6aa9 |
| SHA512 | b250c2940f7ca24b763bfcd4d39d0022d6441bad54c415b9848ef949f8871f219289f044301de03313bf8cfa53bb2797c5590acc1b32889b0641f7a13b710bfe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0b4eb2fe681297a4786647a047979414 |
| SHA1 | e04d8d223f3989d6adfb80147a38ada4ed052ef9 |
| SHA256 | 996840a23e7ea6441c84b785433e6b45e15d9f72c54a36b0f6212422cc5fe46f |
| SHA512 | 842c9481a65294bf463ee3833d7f4f7742133007419fd2c4e4aace224d9a5f8c14b160789f3ced8f6eb4e808908632a7b1a55bfd5bdac15404e157b3b7b34753 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6ae825dfe2d349b6bc6af399a430ba60 |
| SHA1 | 53a2eff4955c67ce4c28f4f8304681bbdc12dd86 |
| SHA256 | edb2fc90cbcabfd4368859d84f78584c79cdc6051001a1334a41429702ea7871 |
| SHA512 | 38f58f9c6950dbe8271d30a051a16a4a37ad2bbe67a980b2d59f674327c971482827d015dfbecba7362630bb9f99cad73686b8aa89e957695716eb7ce691a8da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\9729d578-9acf-42ac-9c6d-8b6a6991d933.tmp
| MD5 | 25f21927546ead6e5798a1fdf46a649e |
| SHA1 | adeeebbb567692459b5137579828867a94b9e548 |
| SHA256 | 0e2392b6ac9e071f20d0b947c24eb111c3f0ee1cfa2d959815b90af360c81978 |
| SHA512 | b3fbbde47454912c5ec8dfa69bfd696849171e3bd36dbff113248f0ad981cc16109182539edde0833df3610e0588b5c6cfb65e1f3e2a66169bf32b58045e35f2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5a0c447167adce0b0e9ceb16bdc1b6ab |
| SHA1 | 2093cb7428a7be03dcdd0e1a49cd0f6647d0f4ae |
| SHA256 | d98055226aa6beb498e3354a831894af0a6df3494dd562829e8a42c35b900cea |
| SHA512 | 9cd673cff26ae0b65160f0a4a287dd46011dcc58626c560bd28777e6a5dc79a4daed91f8f08631a6204b6ce2b90e6c26e3ad0523a3a720d274fc34591a848cef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\a39c99a2-2666-4c70-a8ab-093df6257cfd.tmp
| MD5 | 18703472a2e441fc7d64226a7053f890 |
| SHA1 | c33ca1ae767bc42d5ebf0523a0d6b6b1a1ba399e |
| SHA256 | 25c3576335edbdc523c25f5739a7b7eef41eb615667f842beedb044b1d1e6393 |
| SHA512 | ecce731588bc218a3d05699e87c32a0869df6e1ecf87e18ee99a4c5de0e502da122baec89ee24b0a959e29e49d8253e0a8ff680c6fc092eb94b464458a219086 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 19fb724d5fb055eb81ece8eb62f06738 |
| SHA1 | f98d691f96c3c803a6928ea36ae132085fda3136 |
| SHA256 | d8c617f4be99f4e57da37d9d6cd272732eeccc08e1f407f27a99d47e8edc4035 |
| SHA512 | 26798dc110bda1b403deb6bcfe25b24503b00b9188cf71fc166c0c9fb4a4d88e16bdad278ffb072b32cab40b9a1af0a79697ed862fd3bcf25e810d9104b7a617 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 231131547a4a22868a3b19fb4ab47dcc |
| SHA1 | a24a2faf408ad20881c42872689ca324dab97a3a |
| SHA256 | 17a4323365d0d8da3474847cf288fe7adeb64485d0b240d67545aa178bc31e13 |
| SHA512 | e95084bbc45ac14302508f4b3506304c8521044855ffc2c342b074132df0f9444470e27bfda7523072d2bb682bcc46e602c334360605273e84bf0d844a259eb0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g9per00b.default-release\datareporting\glean\pending_pings\23283d5d-80d4-444e-83c7-04542a08caaf
| MD5 | b285ae0805a4134105c99862a654897c |
| SHA1 | ce7cb6f3fbab1d0ca911de417b7cefb78b35ea12 |
| SHA256 | e66e1c1832a321eb430dcdc88d167ded6f0297313799b9aba63c7cd54f67bfb2 |
| SHA512 | 2cffe2f009515b253764121bf7ac89dc12596335ae2a798498a091baba17f3d1bc3d48642d38062748fb6ce7878ed62c44bbbf052351537f61e9b9f061587347 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g9per00b.default-release\datareporting\glean\pending_pings\0aad4ed1-d5d2-42e5-9d45-48801f5e2de0
| MD5 | fa02448c46336b11166f399a97264f5d |
| SHA1 | f87e1f22336acd84126a8565c1ef7f83434ca95e |
| SHA256 | f52b20bf297a066e11566f23161f50c5ad476290c4a09d87a472650ba98a2923 |
| SHA512 | d9be866e56ce1fa1f97a89bfa0a39c8495340f306d1c9530585e06f6a35d9b0dff451ca58801104beaf8455de999c59a2a8a4a3b940ac6dda0748aabf83ea702 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g9per00b.default-release\datareporting\glean\pending_pings\21b9f735-3762-4893-af8b-067ab05970ca
| MD5 | cfafe33751f7c97b5addfa83005b22fc |
| SHA1 | 2a400d6791d6fb846baf7f6b5a7996fb1682366c |
| SHA256 | 47277290352ca754e7ed8c45e2a62eb8d88fc3b55fab3a1269d654234b240752 |
| SHA512 | 9442fe3da11dc4d9249462e2b770c761d88f044a3f263ab77b94f870d1960f6544ca641c06c7219a90305aae283c48c3f0ed31eae501a637c970392f40d9fc28 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g9per00b.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 1a804b00a37f41c82e7505fb5feed721 |
| SHA1 | e4835b876345ac9fe898866fb587bbe7f9fd5261 |
| SHA256 | 147a3eebecfc0fc4c484a961308e587180c9e9119a72aa973f7a6fa03b03df62 |
| SHA512 | f6b2a5d13b13477e74a8137434f06099eb3a23a841d45c2aad03f53411310799fe1b77326a2963fa1686660dd04ceec9bc860f3a1535dc833fea23747a47d454 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\g9per00b.default-release\activity-stream.discovery_stream.json
| MD5 | 73e38a9edeae371c51e2e86e0fafcf61 |
| SHA1 | 0df143124a627bc1bd86709980d232f6b94e2e2d |
| SHA256 | 735d08e932f2f853d1a3352b31a1d7f6bfa23454da0da5b1fcd3812d3205dc43 |
| SHA512 | 9e508363e4680e2ab86d25aa8c0c089605b0a68791ae1b5b0f95a349262d4077a767e6e0252e2019e40cb68132925521512d93fb90603d850a21245d98b18a95 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g9per00b.default-release\AlternateServices.bin
| MD5 | 5f95911780981cfdd20cfc3897fb28dc |
| SHA1 | 83d0aa1aa217c8123ab3aed87d0025ce42accb28 |
| SHA256 | acf8dfebf62f6be5bf1cd3d9442c7340cdca657e7c35bcede4be994f477343b6 |
| SHA512 | 8df48f027bec015086dc5b7bc632bba5ac9d6d0b78d27fe1f3abc5ae016574fe783747b59092270b6a5c52f320fa2f53f429b01f4533461ec8062448a0ddb718 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g9per00b.default-release\prefs.js
| MD5 | a67c6a4b305d2edb6209511b85c62a8a |
| SHA1 | a61ceed98ac23d458b67cbab520e8271c66a2a03 |
| SHA256 | fa8b160f1d572e1e715ceef8442430480eb5c2e96ec539b22365760ffd4ef16a |
| SHA512 | 452a4682029f1d6c943e40f43b86828419590ac143fa0c4e6a4d37a03b0c46a920256a5bb0b9a9215ccc36eabd0f088e55262e98431a20dee229a0cf654de2df |
C:\Users\Admin\Downloads\Bootstrapper.exe
| MD5 | 2a4dcf20b82896be94eb538260c5fb93 |
| SHA1 | 21f232c2fd8132f8677e53258562ad98b455e679 |
| SHA256 | ebbcb489171abfcfce56554dbaeacd22a15838391cbc7c756db02995129def5a |
| SHA512 | 4f1164b2312fb94b7030d6eb6aa9f3502912ffa33505f156443570fc964bfd3bb21ded3cf84092054e07346d2dce83a0907ba33f4ba39ad3fe7a78e836efe288 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8514da98677f2465e507afa49915b10a |
| SHA1 | 0312b512f5be93df10b147387b19c20cf06c482e |
| SHA256 | 8a15d22c7ace8195d3abcfdb623b0a4fee0a1c8e9525467164e8a245bc0b836d |
| SHA512 | d9b04cb58763c7fa50413de76146d48c1de867b7f68d9fff19230fe6084ad6ef64527d6269943e1a8825c4769533c39e22669e0f33faac35867baed9ce61afb3 |
memory/1868-1082-0x0000029E81FB0000-0x0000029E8207E000-memory.dmp
memory/1868-1106-0x0000029E9E870000-0x0000029E9E892000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\node-v18.16.0-x64.msi
| MD5 | 0e4e9aa41d24221b29b19ba96c1a64d0 |
| SHA1 | 231ade3d5a586c0eb4441c8dbfe9007dc26b2872 |
| SHA256 | 5bfb6f3ab89e198539408f7e0e8ec0b0bd5efe8898573ec05b381228efb45a5d |
| SHA512 | e6f27aecead72dffecbeaad46ebdf4b1fd3dbcddd1f6076ba183b654e4e32d30f7af1236bf2e04459186e993356fe2041840671be73612c8afed985c2c608913 |
C:\Windows\Installer\MSIB6A5.tmp
| MD5 | 9fe9b0ecaea0324ad99036a91db03ebb |
| SHA1 | 144068c64ec06fc08eadfcca0a014a44b95bb908 |
| SHA256 | e2cce64916e405976a1d0c522b44527d12b1cba19de25da62121cf5f41d184c9 |
| SHA512 | 906641a73d69a841218ae90b83714a05af3537eec8ad1d761f58ac365cf005bdd74ad88f71c4437aaa126ac74fa46bcad424d17c746ab197eec2caa1bd838176 |
C:\Windows\Installer\MSIB734.tmp
| MD5 | a3ae5d86ecf38db9427359ea37a5f646 |
| SHA1 | eb4cb5ff520717038adadcc5e1ef8f7c24b27a90 |
| SHA256 | c8d190d5be1efd2d52f72a72ae9dfa3940ab3faceb626405959349654fe18b74 |
| SHA512 | 96ecb3bc00848eeb2836e289ef7b7b2607d30790ffd1ae0e0acfc2e14f26a991c6e728b8dc67280426e478c70231f9e13f514e52c8ce7d956c1fad0e322d98e0 |
C:\Windows\Installer\MSIC9B4.tmp
| MD5 | 7a86ce1a899262dd3c1df656bff3fb2c |
| SHA1 | 33dcbe66c0dc0a16bab852ed0a6ef71c2d9e0541 |
| SHA256 | b8f2d0909d7c2934285a8be010d37c0609c7854a36562cbfcbce547f4f4c7b0c |
| SHA512 | 421e8195c47381de4b3125ab6719eec9be7acd2c97ce9247f4b70a309d32377917c9686b245864e914448fe53df2694d5ee5f327838d029989ba7acafda302ec |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 09372174e83dbbf696ee732fd2e875bb |
| SHA1 | ba360186ba650a769f9303f48b7200fb5eaccee1 |
| SHA256 | c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f |
| SHA512 | b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g9per00b.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info
| MD5 | 2a461e9eb87fd1955cea740a3444ee7a |
| SHA1 | b10755914c713f5a4677494dbe8a686ed458c3c5 |
| SHA256 | 4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc |
| SHA512 | 34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g9per00b.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll
| MD5 | 842039753bf41fa5e11b3a1383061a87 |
| SHA1 | 3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153 |
| SHA256 | d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c |
| SHA512 | d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g9per00b.default-release\AlternateServices.bin
| MD5 | c08a929a20f826df95d09783b7cf41ff |
| SHA1 | 811176414bc7d0d92426b8460671d49d34d6095a |
| SHA256 | 9c03d52364604d1dd9af8f55c0006cd4e603d4b85c89984f4ed6512693098db8 |
| SHA512 | db258b758a1650fdccb93145f1980f912ac559fdd4799989621062e0e7ebc497bf067b992fc66e4382841bd35b39893fdb035ba42acd6bd5d5cf2b30b75a5a7e |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | 0a8747a2ac9ac08ae9508f36c6d75692 |
| SHA1 | b287a96fd6cc12433adb42193dfe06111c38eaf0 |
| SHA256 | 32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03 |
| SHA512 | 59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g9per00b.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json
| MD5 | bf957ad58b55f64219ab3f793e374316 |
| SHA1 | a11adc9d7f2c28e04d9b35e23b7616d0527118a1 |
| SHA256 | bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda |
| SHA512 | 79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g9per00b.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll
| MD5 | daf7ef3acccab478aaa7d6dc1c60f865 |
| SHA1 | f8246162b97ce4a945feced27b6ea114366ff2ad |
| SHA256 | bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e |
| SHA512 | 5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7d0d13f55700e70e94b594f687c6cf20 |
| SHA1 | f08a7100367d697ad708e5ef359f3886ae2845cb |
| SHA256 | c2afa09aa3c4c9342b697fea5204ebec09cc8319c015de277f746075a44f6f55 |
| SHA512 | cc595309cda983f5b7e9fd966478a53018287bde571d5b76bd49025a5b98afab8f4e00847bdcbbc7feea33c3d6d5cfd1e54c6fa5d0702b4dc4d6cfc62dbd1b57 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g9per00b.default-release\prefs-1.js
| MD5 | 4bb7734b3c7998b8c8c65a310a042e2b |
| SHA1 | 0edb5293c549402cf8c745a88a94b630815454ba |
| SHA256 | 7ffc5dd089e5d91df8275c3aa78b29efecf68c9add9887a57e2a39aad18b8be7 |
| SHA512 | c139d616aafb6b31bef95f42538d4ce7c8157c2e178fec66d7d2d753b326a9885a83bd85d69c35dfa493c940698d01dbab3074a5b9b14d6c6b3e06da46648c17 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 34e3339d1733df32982b33f44a8a419b |
| SHA1 | e742dfcf8fc004ba5610f9cd15acfcf10a7efa7b |
| SHA256 | 2d80e12c584360cc6c31e0cac307ed03260d0711901016da61ade2b5a75142ee |
| SHA512 | c7e5879bc74f4f52228048766f6d84f8c8f5939e19fbf5a932e3813f462f0422372a5875906a610db8f84df3b474b1bb9d7de1c2a3784d9cc17932efbafab377 |
C:\Program Files\nodejs\node_modules\npm\node_modules\nopt\LICENSE
| MD5 | b020de8f88eacc104c21d6e6cacc636d |
| SHA1 | 20b35e641e3a5ea25f012e13d69fab37e3d68d6b |
| SHA256 | 3f24d692d165989cd9a00fe35ca15a2bc6859e3361fa42aa20babd435f2e4706 |
| SHA512 | 4220617e29dd755ad592295bc074d6bc14d44a1feeed5101129669f3ecf0e34eaa4c7c96bbc83da7352631fa262baab45d4a370dad7dabec52b66f1720c28e38 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Program Files\nodejs\node_modules\npm\node_modules\bin-links\LICENSE
| MD5 | d2cf52aa43e18fdc87562d4c1303f46a |
| SHA1 | 58fb4a65fffb438630351e7cafd322579817e5e1 |
| SHA256 | 45e433413760dc3ae8169be5ed9c2c77adc31ad4d1bc5a28939576df240f29a0 |
| SHA512 | 54e33d7998b5e9ba76b2c852b4d0493ebb1b1ee3db777c97e6606655325ff66124a0c0857ca4d62de96350dbaee8d20604ec22b0edc17b472086da4babbbcb16 |
C:\Program Files\nodejs\node_modules\npm\node_modules\promise-all-reject-late\LICENSE
| MD5 | 7428aa9f83c500c4a434f8848ee23851 |
| SHA1 | 166b3e1c1b7d7cb7b070108876492529f546219f |
| SHA256 | 1fccd0ad2e7e0e31ddfadeaf0660d7318947b425324645aa85afd7227cab52d7 |
| SHA512 | c7f01de85f0660560206784cdf159b2bdc5f1bc87131f5a8edf384eba47a113005491520b0a25d3cc425985b5def7b189e18ff76d7d562c434dc5d8c82e90cce |
C:\Program Files\nodejs\node_modules\npm\node_modules\aggregate-error\license
| MD5 | 5ad87d95c13094fa67f25442ff521efd |
| SHA1 | 01f1438a98e1b796e05a74131e6bb9d66c9e8542 |
| SHA256 | 67292c32894c8ac99db06ffa1cb8e9a5171ef988120723ebe673bf76712260ec |
| SHA512 | 7187720ccd335a10c9698f8493d6caa2d404e7b21731009de5f0da51ad5b9604645fbf4bc640aa94513b9eb372aa6a31df2467198989234bc2afbce87f76fbc3 |
C:\Program Files\nodejs\node_modules\npm\node_modules\minizlib\node_modules\minipass\LICENSE
| MD5 | d7c8fab641cd22d2cd30d2999cc77040 |
| SHA1 | d293601583b1454ad5415260e4378217d569538e |
| SHA256 | 04400db77d925de5b0264f6db5b44fe6f8b94f9419ad3473caaa8065c525c0be |
| SHA512 | 278ff929904be0c19ee5fb836f205e3e5b3e7cec3d26dd42bbf1e7e0ca891bf9c42d2b28fce3741ae92e4a924baf7490c7c6c59284127081015a82e2653e0764 |
C:\Program Files\nodejs\node_modules\npm\node_modules\minizlib\node_modules\minipass\index.js
| MD5 | bc0c0eeede037aa152345ab1f9774e92 |
| SHA1 | 56e0f71900f0ef8294e46757ec14c0c11ed31d4e |
| SHA256 | 7a395802fbe01bb3dc8d09586e0864f255874bf897378e546444fbaec29f54c5 |
| SHA512 | 5f31251825554bf9ed99eda282fa1973fcec4a078796a10757f4fb5592f2783c4ebdd00bdf0d7ed30f82f54a7668446a372039e9d4589db52a75060ca82186b3 |
C:\Program Files\nodejs\node_modules\npm\node_modules\tar\node_modules\fs-minipass\node_modules\minipass\index.d.ts
| MD5 | f0bd53316e08991d94586331f9c11d97 |
| SHA1 | f5a7a6dc0da46c3e077764cfb3e928c4a75d383e |
| SHA256 | dd3eda3596af30eda88b4c6c2156d3af6e7fa221f39c46e492c5e9fb697e2fef |
| SHA512 | fd6affbaed67d09cf45478f38e92b8ca6c27650a232cbbeaff36e4f7554fb731ae44cf732378641312e98221539e3d8fabe80a7814e4f425026202de44eb5839 |
C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmorg\LICENSE
| MD5 | 072ac9ab0c4667f8f876becedfe10ee0 |
| SHA1 | 0227492dcdc7fb8de1d14f9d3421c333230cf8fe |
| SHA256 | 2ef361317adeda98117f14c5110182c28eae233af1f7050c83d4396961d14013 |
| SHA512 | f38fd6506bd9795bb27d31f1ce38b08c9e6f1689c34fca90e9e1d5194fa064d1f34a9c51d15941506ebbbcd6d4193055e9664892521b7e39ebcd61c3b6f25013 |
C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\arborist\LICENSE.md
| MD5 | 2916d8b51a5cc0a350d64389bc07aef6 |
| SHA1 | c9d5ac416c1dd7945651bee712dbed4d158d09e1 |
| SHA256 | 733dcbf5b1c95dc765b76db969b998ce0cbb26f01be2e55e7bccd6c7af29cb04 |
| SHA512 | 508c5d1842968c478e6b42b94e04e0b53a342dfaf52d55882fdcfe02c98186e9701983ab5e9726259fba8336282e20126c70d04fc57964027586a40e96c56b74 |
C:\Program Files\nodejs\node_modules\npm\node_modules\minipass-pipeline\node_modules\minipass\package.json
| MD5 | d116a360376e31950428ed26eae9ffd4 |
| SHA1 | 192b8e06fb4e1f97e5c5c7bf62a9bff7704c198b |
| SHA256 | c3052bd85910be313e38ad355528d527b565e70ef15a784db3279649eee2ded5 |
| SHA512 | 5221c7648f4299234a4637c47d3f1eb5e147014704913bc6fdad91b9b6a6ccc109bced63376b82b046bb5cad708464c76fb452365b76dbf53161914acf8fb11a |
C:\Program Files\nodejs\node_modules\npm\node_modules\treeverse\LICENSE
| MD5 | 1d7c74bcd1904d125f6aff37749dc069 |
| SHA1 | 21e6dfe0fffc2f3ec97594aa261929a3ea9cf2ab |
| SHA256 | 24b8d53712087b867030d18f2bd6d1a72c78f9fb4dee0ce025374da25e4443b9 |
| SHA512 | b5ac03addd29ba82fc05eea8d8d09e0f2fa9814d0dd619c2f7b209a67d95b538c3c2ff70408641ef3704f6a14e710e56f4bf57c2bb3f8957ba164f28ee591778 |
C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmhook\LICENSE.md
| MD5 | e9dc66f98e5f7ff720bf603fff36ebc5 |
| SHA1 | f2b428eead844c4bf39ca0d0cf61f6b10aeeb93b |
| SHA256 | b49c8d25a8b57fa92b2902d09c4b8a809157ee32fc10d17b7dbb43c4a8038f79 |
| SHA512 | 8027d65e1556511c884cb80d3c1b846fc9d321f3f83002664ad3805c4dee8e6b0eaf1db81c459153977bdbde9e760b0184ba6572f68d78c37bff617646bcfc3b |
C:\Program Files\nodejs\node_etw_provider.man
| MD5 | 1d51e18a7247f47245b0751f16119498 |
| SHA1 | 78f5d95dd07c0fcee43c6d4feab12d802d194d95 |
| SHA256 | 1975aa34c1050b8364491394cebf6e668e2337c3107712e3eeca311262c7c46f |
| SHA512 | 1eccbe4ddae3d941b36616a202e5bd1b21d8e181810430a1c390513060ae9e3f12cd23f5b66ae0630fd6496b3139e2cc313381b5506465040e5a7a3543444e76 |
C:\Program Files\nodejs\node_etw_provider.man
| MD5 | d3bc164e23e694c644e0b1ce3e3f9910 |
| SHA1 | 1849f8b1326111b5d4d93febc2bafb3856e601bb |
| SHA256 | 1185aaa5af804c6bc6925f5202e68bb2254016509847cd382a015907440d86b4 |
| SHA512 | 91ebff613f4c35c625bb9b450726167fb77b035666ed635acf75ca992c4846d952655a2513b4ecb8ca6f19640d57555f2a4af3538b676c3bd2ea1094c4992854 |
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js website.url
| MD5 | 35b86e177ab52108bd9fed7425a9e34a |
| SHA1 | 76a1f47a10e3ab829f676838147875d75022c70c |
| SHA256 | afaa6c6335bd3db79e46fb9d4d54d893cee9288e6bb4738294806a9751657319 |
| SHA512 | 3c8047c94b789c8496af3c2502896cef2d348ee31618893b9b71244af667ec291dcb9b840f869eb984624660086db0c848d1846aa601893e6f9955e56da19f62 |
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js documentation.url
| MD5 | db7dbbc86e432573e54dedbcc02cb4a1 |
| SHA1 | cff9cfb98cff2d86b35dc680b405e8036bbbda47 |
| SHA256 | 7cf8a9c96f9016132be81fd89f9573566b7dc70244a28eb59d573c2fdba1def9 |
| SHA512 | 8f35f2e7dac250c66b209acecab836d3ecf244857b81bacebc214f0956ec108585990f23ff3f741678e371b0bee78dd50029d0af257a3bb6ab3b43df1e39f2ec |
C:\Config.Msi\e5cb36c.rbs
| MD5 | a604cb4dbe412bd2adb17334e7f86f36 |
| SHA1 | 8e1a620aa42710c5104b2475e34184eeb7f4a935 |
| SHA256 | fffef5292f4f8e2724bf8d5f8ba2e429dbe0336e80c982c51b62737b6d7b44a1 |
| SHA512 | b8556db80a7dcf6f1c42ff65b1edd675a04d6fc7cf1a252e8a8b1b7a8723769f2ac548211d043ea36e0e08188d440693b1092cefad4e0f3d0c39c8f95599caa0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a1cb0b212aacf53f0c0f1715d13b8bac |
| SHA1 | 0f9af452b1b5331a6e3832324273afc42ac24efe |
| SHA256 | 83b9c1419e9340a69b3704550a4faa73558d8ae3b7b49d37b6f66301ba508a00 |
| SHA512 | a6b5d431303decbdf6ebd96c46aaf0a786913b1ef150e7419ae04d637ad7cb7194334c5618ada8550bbc8a5bdfa6a0877ee5641921a60734438785d519ab81bd |
memory/1868-3805-0x0000029E82710000-0x0000029E8271A000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 12fbce305ed58b0f309f2e04207e285f |
| SHA1 | 250405847f88901f1df24c274daa560cf8a145bc |
| SHA256 | ed8d855c48a252397749d9ae479a45481b5aefb6d4d84a630a237b592475f436 |
| SHA512 | 47c74b920f350fc23cff4623cfc5831977fe4c7300fddc8e581df025eaf872919cb74efec48511e576b3231cfcb9a1fe24e87c0b6bb4839cc6671be0cf11876a |
memory/1868-3816-0x0000029E9C6B0000-0x0000029E9C6C2000-memory.dmp
C:\ProgramData\Solara\Solara.exe
| MD5 | c6f770cbb24248537558c1f06f7ff855 |
| SHA1 | fdc2aaae292c32a58ea4d9974a31ece26628fdd7 |
| SHA256 | d1e4a542fa75f6a6fb636b5de6f7616e2827a79556d3d9a4afc3ecb47f0beb2b |
| SHA512 | cac56c58bd01341ec3ff102fe04fdb66625baad1d3dd7127907cd8453d2c6e2226ad41033e16ba20413a509fc7c826e4fdc0c0d553175eb6f164c2fc0906614a |
memory/2472-4230-0x000001ECF7BE0000-0x000001ECF7C04000-memory.dmp
memory/2472-4239-0x000001ECFA6F0000-0x000001ECFAC2C000-memory.dmp
memory/2472-4241-0x000001ECFA360000-0x000001ECFA41A000-memory.dmp
memory/2472-4242-0x000001ECFA420000-0x000001ECFA4D2000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 158f317be9d81f2698516e23690f012a |
| SHA1 | 94f519a0609278dd6694ecabacbdb820435535fe |
| SHA256 | 276dd5b5b87fbc83974687a718962b81e485091405c3b40ec99f400288547926 |
| SHA512 | 49fa261aca1b812332f0af137a284638263060cdf216a0b942057175dc730c0c1060ef1b28f13246e08e356d82a65db6a5131b4a6ec6f91a8d0b831572a1f2b5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b40d4f892903e1e1750ec6d28ba60de7 |
| SHA1 | c972c992841be634b46b18082e88ee0f066d300a |
| SHA256 | ed5c452d911ac11a84abca97c6f48b97c9aae4393f51fb4da17454e2dc534845 |
| SHA512 | edf055ecdcc19be881e539f0c18b382d714c9755f0acdbcde1e9179f0670fcd1923fcf5449aed91f3b0708f5908066bfb370f8e9eea36d23cc3a3fab9298e247 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 354b3c34523586ae65bf4220901e3b82 |
| SHA1 | dec551e9e195806fdeac63d553a7187f2b3d43e7 |
| SHA256 | 6f899df4c9c2a1de4ffab3619bd3260fa917ec45253eafef42aef17c622a2d9d |
| SHA512 | 6b038873a93218a1b99719b8e5e9ded6d572d4f9f6b6e5a3fd81b6a663bc47da4589edbce51be396586d3f70410fe942db11b9a62d116e54134b80467cd125d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005a
| MD5 | f2dcbb1f3153e72e5f9335a4776bb51d |
| SHA1 | fcf76e5002b9aa519906913f3ec493fb7affa3e1 |
| SHA256 | 2be16e2098f1c7f123d123adab5c763061ddd3db74fcdff7e77299267d4bd1bf |
| SHA512 | 0f9510cd8fe090ccc0ea7c60105b56147cb6f11d9726d1775cdf298c8d131f103b6d0cd71502ca1c72646020a067cd2b9e6fb41d18431a57dc86a8a1688b3afb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
| MD5 | 472ece08d83157c8669c86faad550a47 |
| SHA1 | d81a16595f7a062b137af6e29e957e12320c88a3 |
| SHA256 | 57197352cbc43cf6b7afb7e89183f3283bb54615b5adde733840292a1746211a |
| SHA512 | 3ced81643c5dfa373ab37c33480b9f75f681d557db3084a7b67506559fadc6ddc753ba9465722a57424608e47f57d2b7740ec5b92c27aa0623ccee140092cb8d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old~RFe5d7d22.TMP
| MD5 | 99ebc0b2db190dc4fa36fbd0ec42f459 |
| SHA1 | 6adf605502c470aa20e1b8b399a84d45ff20bcfc |
| SHA256 | aea1112cd405c331358ecbc42aff55699f4bd53014f78d9d5c1f0e319aa6adb7 |
| SHA512 | a5812fff5504d5dff0dddb813a8fc3f9aa41dad88b3039f18c375e901e17640e36d32853e804dc59b04b9ab1a1c23a90bf373222e264cb3a4dbdc9ccdbfdda71 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008e
| MD5 | 588ee33c26fe83cb97ca65e3c66b2e87 |
| SHA1 | 842429b803132c3e7827af42fe4dc7a66e736b37 |
| SHA256 | bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760 |
| SHA512 | 6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 74f752ced0b902d52b72134b3450cbcb |
| SHA1 | 860ac667267a263c07a98b84de2627eba371ebef |
| SHA256 | 05478ce604907f1243fae143c11ee499ba8fd6e643f88b15b5f1f9d240ad08eb |
| SHA512 | b16041aa044b32ac0b5658c8b740e0ca030f2b7041562473cc4770bb342399d8b6c2d64342d1b72aa78f6ca76a9586840a8274e98abed75a52bab4ab802e7661 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4bc2aa50c2d86eabda1e1108e3b62099 |
| SHA1 | 603001afcf5d098aa163c6499c634628cfc3c562 |
| SHA256 | fce0c4b53336a4c570a74c5d7a90ff62cb938c463b74ca29ed3e82d1788a513d |
| SHA512 | 5e0e1f52fa71d936f44e2a39e247bc77680c5771f085da0986559485f11adad517bbd881677d03005843e916d71958c84043ff2b11115b93476b1d23e361fa1d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 267ed08ef8665fff287852f34ffadce0 |
| SHA1 | 896f2b7a4e061c48ce6500b274e8725b8442850b |
| SHA256 | 8932ef5b4da60a9672504e6fd0f99c735ed8a5c531c18b903740f6e6934539c7 |
| SHA512 | 3ed4aba1083d867ae5efdefb7629ff8ee8c0e750b55f1f295efd0c725a1c11c65a77e2de0e5e4d94588495e4e58cc8f655e02f64616949342f1c66a17afdadcc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 71411d20dc316d6abf0c997c2af72902 |
| SHA1 | f1df00fd7f0cf45313fbe30ff38538441fa70337 |
| SHA256 | 410538a8014d76858a0f6ecee022140e0d08918a7be0f562832914438d4ed74c |
| SHA512 | a9b51b137b3bf11220ae68b35cdf3d25f13a263361679589873ef41034209f9194d703c4a83b0fbd2e0d88d6173978aeaae7dd8b535128e192e34f5ac1156ae3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g9per00b.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 674537fbb80d00c21f8b7574a1e0f760 |
| SHA1 | a9815afe1705b0ade368837e0597831730bef485 |
| SHA256 | 9cb3068cf0f0ed5605ab073d70c3e852a1b904f428ab7cc12e450eb4a5699f78 |
| SHA512 | 3c9ac8ea93a9e85f1166a09c789c61c547c68919b07102fef57c3747d2501ae7f373934c3a9d334a6d8cd24c90ebfa489dc788f5ecf1f2891cdceaabfcc819d8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\g9per00b.default-release\prefs-1.js
| MD5 | 0d54ba10f26ea37a5fdef9eeff265207 |
| SHA1 | 1d7ae03bd625d82bdb7829d107534d99ff2be438 |
| SHA256 | 4f548260fb185b261aa70c72e33cedf432205d273f2d50b08034eb804a642996 |
| SHA512 | 3708a81df0597c3451368f86235072fa73b306bc32784ab9fc1b9847655adf2f0a50172b892986dc3a7ef77d4c4f22c8850a8dfc2d874ae27eecf8a49d209b69 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6a34ca5e21b491a41b02f97986ade5ab |
| SHA1 | b6658605901ad3f2790db62c95082bb671fd74f4 |
| SHA256 | a940b95ad88602c4242899330260b1805a4f557aa0d6be8cb92fc19541941d76 |
| SHA512 | ba383eb872341cd72679474a62c275cd75594544ff64323350e1d443bcdeba5f8c44ee39204931f775de5e31129fd3b936af0aceb1891edccafd0feefa6581b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
| MD5 | ed56837b4c65bf8855cc33715c56adf4 |
| SHA1 | fb3e588866bfee1bf72c51e0aaa09a221b872617 |
| SHA256 | 6c1b45ceae46138804b05b2423671d7f00d990f8d686bb983660dac0631dc340 |
| SHA512 | 1674b3e132df41adb14d281ccd8fe83f6cc91fa48556cb104d5adf0ef29a6f0c0f2fea31aa20021a7089636e8d86f8422c8f3a5ddddaf9c497200359fd9f14f9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c2b92c313fd4cadabd86152a44390d5a |
| SHA1 | 11bd8a42c2d05e228a42c6a5d9a477ff11b46208 |
| SHA256 | d076dfd4e39d3d3cfa6b084a9edaa02cbbc210f20c831b1623e8812520750ddf |
| SHA512 | a7168811c830d7dcab5cb3f9ca6ef9386dd22a75cba1f9f12747071f60f2a5134c5c66a03fd17ed1f1caa78f423ff71581ec16ac9ec3d73b124f4d674b58aba7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\000005.ldb
| MD5 | cbd4452d0891ae0929d8e4078c21fe64 |
| SHA1 | 14bc16c9fd64a9d86e67ead1fe1d671180fdb812 |
| SHA256 | c77d9a9c7bd1c8b5a5f8448736789c2b44370815e45a0255ce718df22f5f861b |
| SHA512 | fca5def42a9aa8a3ee31e8fd4e48d06abb7c0c2e691d39ea7a7da14a9b271df97b473914bbbb17f81b3a17791de530c34e65f9ef74e7cbc85cb1f64a0acde3de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cff47c357b65126810804173931b323e |
| SHA1 | 14e1c77ef5397b6f4489c571c05fe05586457187 |
| SHA256 | 229b04bf876c90779d4a4017199acac3368657e587eda09f8878b4960647de27 |
| SHA512 | df8fbf3febfabc68ee5990a3d58d53aab8df0730f18b90dfe6fe3f010223bca2333eebe181187143e8731281afb3661fa37c9cda16559064cfc809a800f4363f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
| MD5 | 5c871f8a4da37d7eeb67b3718d2cfb26 |
| SHA1 | 2b9a7f454d97c0b31179b32792dc1d4be5a8e6c2 |
| SHA256 | 1cbb58d9ddbcf9782353e487e9735ab425371b1fcac10b0bb39e18185ec1d262 |
| SHA512 | e9ef4aad28bdac1a07431c5c16eaf4f531c7e9a47d34968041b536591a749fb0ffe3cb579babd7c241f909a91dd031dc6cbd6059f8468cb23c46f5b3184c9711 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 50f48ab06d0981a90ef5588541a9b1ab |
| SHA1 | 548ff92c6d38b9b225900b0b37ac3d54dadc8871 |
| SHA256 | 668de9f281668815b352797eedb6731a6889a4aa5ce07ee343eeb2f911eb5d25 |
| SHA512 | 9cf58b4c1e54154e24a931c8c94c39620790d8d3d09d59ccc14502da25ffc9d0410aaafe3aa096d34209ac82abdb816d577fc28378646e2a6b17dcb439dabecd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c94d9fdd118f1669309c84956c271f3d |
| SHA1 | e67c950b57dca15f0e462e3e07eafb399842c6c2 |
| SHA256 | 88ba3df6313986850e4f96fb70732975f1de27376f7c2a9bf0e0d3ba33a6d234 |
| SHA512 | 5708c23d8909cb3249a69a25c82b203c4b339607e7bb2dde669b8aafcea73b0df667123b715a9d04937d5eea6fabfca78350293a9e6c5b505fd6fb8843e69edc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a3a9a457104d996ecac78d94ecc47497 |
| SHA1 | c3ad20dccba5ff2b4de6ab8f11213a9391596873 |
| SHA256 | 06a706a2b4bfeb68ee167025e970caf4ca921fd9e05e033b8e9e28e5d496fb3d |
| SHA512 | 5cec3c64560150e118067ab161195d675c62baac465f790437da41ad29e31d09dab519b20dfd6a82a882408d6282efb8a33300d5ad0a960622f784e6cf3f75bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 97511bd490379d1c7a1329ee40b63ef4 |
| SHA1 | ca3b95636cb4ba6e3dc2a5e484df18531a94ef80 |
| SHA256 | 8dc91aac90e4489ec8303201bd303a9fdb6b6e49de488cd57d1db812e188eb29 |
| SHA512 | 7768101566272d24d350aca656f3beee43914408ecc361885d9bd440dc96cedcd652746d5d02f2cd32f46c47d272266ffeb226d0d6ec2c597cd335847cedc0c2 |
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
| MD5 | da5705f4ae30d837139cb7380d941e1b |
| SHA1 | 08ae6cb9b2703df17b2bf554586a36f4b73502a6 |
| SHA256 | 9f205a55a45a2a45d2ebb98afb21499b191a4b2e26f4311568d0337b32faa1ca |
| SHA512 | f3042947d05222aff5facc14ac6123380d502435e98608dc6d053848997cdd0fb22b121a381e67df893c15ae14ed836a58fca5898540ea5dfb0a0da32ed8dbef |
C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe
| MD5 | b68e7f7ae52ef8e962723c7ddda4f75d |
| SHA1 | 686bdf2057cdd7b16877fb5eec0aff150fa074d0 |
| SHA256 | d779b2acc52b4b3e72c1461dbc7e950f0b650e924b3799db425942f64624e94d |
| SHA512 | cb0ecf531c95d657019b0188e648520b36b8386516d2e640239d99972ae44439d21ec6fcbe7902fc59c6f65db3571db0944e48f2207a442f3be5d10c9655bbb1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d6181fc4d24add0ea40f91bfb9c9dd51 |
| SHA1 | 5409f4406a0604e59049ac2b9e8bc1de3ed0d674 |
| SHA256 | 6e513dd531b1ed1214a032039dbe0d04e78cbdbc3a30e92872f22d60a6f0be09 |
| SHA512 | 5263f3b020284a098ff7adf8af5dbec855d4f2637debcba8f43f216519c6012af8ab20edc79f0354d3698401d3fa0395f6782d933ed011e0c105aa08e78ff518 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 7cdc4449c90998580ada2243c2191203 |
| SHA1 | 455f34edd2cf9263988e35e4a69c8f99474ea834 |
| SHA256 | 8ed8674b9f3bc926dd8fc3163ed859c854cba46b2d1a295fa504fd0c819dcec0 |
| SHA512 | a7a9f0307c1dbc517740f4ff01f439e10cbbfb6c456dfb6b7d74b8cc85231ad8d1e9107422cba2f8fe9cf4a62141eb64f4d38aa857dfc3b3dc88f5ff34ca3284 |
C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\7f3632afdee7118812dd116069729b41
| MD5 | 7f3632afdee7118812dd116069729b41 |
| SHA1 | ed116033aff765c3eb24c3059aff6c6fb0be0c0c |
| SHA256 | 6c98e86a6d732761ef8b8b2df2646f55190657e02201ec8ab8b9137345154c5a |
| SHA512 | 44948874e9d243c234882ab1db269fd729f57ad5fb36a3b22428e0d78a9fe5a05366ed2eb97d0331caa0ef1b622528130344016e13f809b266dc1bdc10ebf9ed |
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
| MD5 | 4dc57ab56e37cd05e81f0d8aaafc5179 |
| SHA1 | 494a90728d7680f979b0ad87f09b5b58f16d1cd5 |
| SHA256 | 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718 |
| SHA512 | 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | 363afdbece5120ec23a56c0f3546eef8 |
| SHA1 | 5348285493fab8074d0d709a362185072fc9f7b7 |
| SHA256 | 159d9057a0b50e5b39bfc636d3f3d35ba77b56cd4b22829a3c8d3c49e821b1d2 |
| SHA512 | 819348598c81199b93238bc79d9773ca0188e5e32818ed590e84e771d73fb0f8a5ee956e5b0ce85d0f25fe8b0cd30e72da1d8df0fdf51fd81f64b6480cd94c9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7346d8f130c284111c5109c70e11c1d0 |
| SHA1 | 92e4a83cf9c4982b0cc3be8af9012eca359e5621 |
| SHA256 | 6f754f49a29afb1b9b078f66ad6dbb57883748f8a8cc67b2b8ba6b055b383f12 |
| SHA512 | 9cbc16573c159e2da744cedf9cc331e1de8a52fef6077450dd01fb2c3d68c0b19226e764beab515c9e2dc56cd86787a506cc954e84144e1752293e9b6b78ec88 |
memory/5856-5701-0x00000000008D0000-0x0000000000905000-memory.dmp
memory/5856-5702-0x0000000073FF0000-0x0000000074200000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 50214407e71e11cba5ec059d0813a169 |
| SHA1 | 4b45afea005e6be95677a44f6a87ef5f3d7d88cd |
| SHA256 | 0cc7031e169c6bfaa897d9018d64a18af3f73e43e9a67cc4688e76cce2edabe5 |
| SHA512 | b60960b7f7b7a63586c6b81ac6e636f33856909a01241ce21e62686987cd1237478ed5eae68c5b6f6abfd66611b991064a86614159802ced22618d8ba96147e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b5adce009b3d55e58d7b077ba7bf9789 |
| SHA1 | 1814bde9887a31e59010fe881cab74d903808b93 |
| SHA256 | d3a1a83690b4bd397a9ce13daf1046d720a57881dd249cfaba3aa1de4b5cf87e |
| SHA512 | 12a9a2d13e2994b0672c12271f88bac701c2f36dbf403e6edf06168febf91f22d2ed263897ea2502310e06a0bc9314e6bd7f85a8a9cdf05275d03930ac35195c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1a6bdaf28fe37a49f967c838810f247e |
| SHA1 | c2f678a8033d02318efd431f9faa633271cb0eff |
| SHA256 | 37e80d0be54968dfe3148fece5ef1cd4cbb39afd561e1029925f7383a1f29636 |
| SHA512 | 97ca052ac2549fc99d0738b1f790355250fe0ee835f0797598e42f4fba5cc79ababbab66e3c59b73d4b03fc7dbd3cf41f2e3616b8f1ffbcba87f0fe9d880397c |
C:\Program Files\MsEdgeCrashpad\settings.dat
| MD5 | a46c4db97b0d8a078472b93c42e3a40b |
| SHA1 | 466bfa0d48462e8ea840e337d52a7410e0fe2474 |
| SHA256 | 382f3c2870d438610c14a83ca633a11cfb39a6fc137415d7bf490ecf1e60a66f |
| SHA512 | 5f987c7daaa3599b7d5a64d2262cda87eb0da80447f6ad3e829c100680baeed0f611ca75f5912d02977269ca3ec74be7e15f4fe516b1aa6da15245e6956a40d4 |
C:\Config.Msi\e5cb370.rbs
| MD5 | 4811351aa3677e19c7a7f9e19a12a88c |
| SHA1 | a23f8b9c45d45ef9ab6a82370fbdd713a48a3b2e |
| SHA256 | ec335ec77a35be795a9c048791e6a8657e75ded99b0f6c847b6f1edd64ba4551 |
| SHA512 | 57b919845a88faf8ebb13af21a21e000ab6b5bb00a0fc818cae04e593dfa9aaa0120ddf01fd35e82f887c7d43a699e3da1fb74797a74f02b77a8aa6f22b37cd4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3f46d279b4969301162738ef88ff6620 |
| SHA1 | ba909879e5448577ac70a7ae6bbaaf667882236b |
| SHA256 | deb7d8b06e0d1476362b200dc5f763c4b6f210084ec3eaad7dc9f0214dbbe690 |
| SHA512 | c1b5446b75ccefcdd264c5a8d6b39ab7b116c0cd08e3f0c9323af38c8b5a1cba98620efb47f810e0ce6bc9665b7152553c298f255edd55df5e261d909c98e45f |
C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Installer\setup.exe
| MD5 | 9a98f71bb7812ab88c517ba0d278d4c9 |
| SHA1 | 459b635444042ad0eeb453cdba5078c52ddba161 |
| SHA256 | 273f8406a9622ddd0e92762837af4598770b5efe6aa8a999da809e77b7b7882f |
| SHA512 | 5685717b2192b477b5c5708687462aa2d23999f565a43b7d67388f48eb9a3d33d9a3da54474ce632a0aee1bc4de8a6172a818239033d4a035f045e15947868f3 |
memory/5856-5833-0x0000000073FF0000-0x0000000074200000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6f165afb6d16fa09c8e3f215aba4075a |
| SHA1 | 66d42bd1a958496dfd2b05586e0c1f1f3a0b3ad6 |
| SHA256 | e96d68991906f6192d243edd9b826a4f7aa641252275c522c0d10776c5e09fc3 |
| SHA512 | a25c676bee66d9fd8a5b1696f5e63ddf0d75402ad79183cf62c1c10891c08f3e8bd91b64a393a4d5e9ee262322b72bcf0f9cfadc232ce8d0da87ef2c2b619413 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0953039255abc929aafe5898863c04b4 |
| SHA1 | 73c719af6c488ce2f84b46ac018563d9c250caee |
| SHA256 | c7325cb167f5971435df207230be139ae96e29a67b7691e2117696ab1469dc86 |
| SHA512 | 1414d1a32043681b23dc91daf4d5f8d0651d3efd1f597e3e574d28fc9257ccacc565c4f70a5734a292bed3c08f1456beaeb9784f07f4265c76cf88516e5d5971 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d6668dd2bc8bc8a96efdff5a2667683c |
| SHA1 | e1fac3fbcfcdc073778a66a8303bc3b7c92ceb66 |
| SHA256 | 1fcf8b89e8f414309366c579440f498fc8773d316854f64eb85b45dbfa71c6a9 |
| SHA512 | 9423bc345559fe9bba0885a2ec12cb3e2438b8773774e534864a4c7beb076030b2818fb9fb150b43d05b9d30294160968bc81126dc581e49bae64eb0bbfb302e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c10820981f1cfec1efe3a5237ce7385d |
| SHA1 | d15a479baa4d5b2cfbccd0f7fa89bd760bc37f6d |
| SHA256 | c33799db8838d7b2ce1455f509234cf2ed70f69e43a1e4592c694b67fdd81eda |
| SHA512 | 1aa287ceb7eb8de2f0f72d7f4ebcd02bf878b2b0ded0d2a1d2f6b42045df695e9fd6bf2582bcf146163d59b11edcf69c09fc8ef23c0fcff0d906141c5e079363 |
memory/5856-5906-0x00000000008D0000-0x0000000000905000-memory.dmp
memory/5148-5917-0x00007FF9AAAB0000-0x00007FF9AAAE0000-memory.dmp
memory/5148-5918-0x00007FF9AAAB0000-0x00007FF9AAAE0000-memory.dmp
memory/5148-5921-0x00007FF9AAB40000-0x00007FF9AAB45000-memory.dmp
memory/5148-5920-0x00007FF9AAAB0000-0x00007FF9AAAE0000-memory.dmp
memory/5148-5919-0x00007FF9AAAB0000-0x00007FF9AAAE0000-memory.dmp
memory/5148-5916-0x00007FF9AAAB0000-0x00007FF9AAAE0000-memory.dmp
memory/5148-5915-0x00007FF9AAA60000-0x00007FF9AAA70000-memory.dmp
memory/5148-5914-0x00007FF9AAA60000-0x00007FF9AAA70000-memory.dmp
memory/5148-5913-0x00007FF9AA950000-0x00007FF9AA960000-memory.dmp
memory/5148-5912-0x00007FF9AA950000-0x00007FF9AA960000-memory.dmp
memory/5148-5928-0x00007FF9A99B0000-0x00007FF9A99C0000-memory.dmp
memory/5148-5930-0x00007FF9A99B0000-0x00007FF9A99C0000-memory.dmp
memory/5148-5929-0x00007FF9A99B0000-0x00007FF9A99C0000-memory.dmp
memory/5148-5927-0x00007FF9A99B0000-0x00007FF9A99C0000-memory.dmp
memory/5148-5926-0x00007FF9A99B0000-0x00007FF9A99C0000-memory.dmp
memory/5148-5925-0x00007FF9A9990000-0x00007FF9A99A0000-memory.dmp
memory/5148-5924-0x00007FF9A9990000-0x00007FF9A99A0000-memory.dmp
memory/5148-5923-0x00007FF9A9900000-0x00007FF9A9910000-memory.dmp
memory/5148-5922-0x00007FF9A9900000-0x00007FF9A9910000-memory.dmp
memory/5148-5931-0x00007FF9A80A0000-0x00007FF9A80B0000-memory.dmp
memory/5148-5933-0x00007FF9A81B0000-0x00007FF9A81C0000-memory.dmp
memory/5148-5932-0x00007FF9A80A0000-0x00007FF9A80B0000-memory.dmp
memory/5148-5956-0x00007FF9A8800000-0x00007FF9A8810000-memory.dmp
memory/5148-5955-0x00007FF9A8700000-0x00007FF9A8710000-memory.dmp
memory/5148-5954-0x00007FF9A8700000-0x00007FF9A8710000-memory.dmp
memory/5148-5953-0x00007FF9A89C0000-0x00007FF9A89CB000-memory.dmp
memory/5148-5952-0x00007FF9A89C0000-0x00007FF9A89CB000-memory.dmp
memory/5148-5951-0x00007FF9A89C0000-0x00007FF9A89CB000-memory.dmp
memory/5148-5950-0x00007FF9A89C0000-0x00007FF9A89CB000-memory.dmp
memory/5148-5949-0x00007FF9A89C0000-0x00007FF9A89CB000-memory.dmp
memory/5148-5948-0x00007FF9A89A0000-0x00007FF9A89B0000-memory.dmp
memory/5148-5947-0x00007FF9A89A0000-0x00007FF9A89B0000-memory.dmp
memory/5148-5946-0x00007FF9A9F30000-0x00007FF9A9F3E000-memory.dmp
memory/5148-5945-0x00007FF9A9F30000-0x00007FF9A9F3E000-memory.dmp
memory/5148-5944-0x00007FF9A9F30000-0x00007FF9A9F3E000-memory.dmp
memory/5148-5943-0x00007FF9A9F30000-0x00007FF9A9F3E000-memory.dmp
memory/5148-5942-0x00007FF9A9F30000-0x00007FF9A9F3E000-memory.dmp
memory/5148-5941-0x00007FF9A9E80000-0x00007FF9A9E90000-memory.dmp
memory/5148-5940-0x00007FF9A9E80000-0x00007FF9A9E90000-memory.dmp
memory/5148-5939-0x00007FF9A8320000-0x00007FF9A8350000-memory.dmp
memory/5148-5938-0x00007FF9A8320000-0x00007FF9A8350000-memory.dmp
memory/5148-5937-0x00007FF9A8320000-0x00007FF9A8350000-memory.dmp
memory/5148-5936-0x00007FF9A8320000-0x00007FF9A8350000-memory.dmp
memory/5148-5935-0x00007FF9A8320000-0x00007FF9A8350000-memory.dmp
memory/5148-5934-0x00007FF9A81B0000-0x00007FF9A81C0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d885c2bad5af8240d750974315db5f10 |
| SHA1 | f918e083544cbb78af20d981741424b36b039ba5 |
| SHA256 | 8344a477fe845fce9850d0e11f9e26031b0568767c64508e5eafd75948f0e120 |
| SHA512 | f4eb85d2a1943719f76977e6ef509f05613019eeddb1f459005e9910a49c5aab5e0d0128939147b8fbbdfa470769d9e5a9e764e080e451b70529395fadd07e9e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5dd398d3db889f08f7b5ea457d95c9a9 |
| SHA1 | 7e933f3d1f8c250675c9925a6d1553c98f067c8e |
| SHA256 | 22a9ae83165e00139d279877c2f6c0622cd6021629c9b0ec21482ca55545d80a |
| SHA512 | 4ca1bea235b372a621948f411847b8bea0b0f60fa191c4d6de7e16423e5326f1e059300d88274bd70244d13578302ab9175fc33bfc8f44560879c63cc85b0dd1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9a9744598428b4aa7f510f439b150b70 |
| SHA1 | c28f5aa98c81363385e7ff38a72436e851dd4fc2 |
| SHA256 | 336394ec280a16a2c758fde35cd79a8e7d5f6557e3523067b8c88f4000efbffb |
| SHA512 | fca0d1f5abb409d1b275fbefccaa84ef637aba7c11582275302d1f70e1e68782f53de67604adecfdecbc41ff7b5b8b327130f0937ce2878ac64208ecaa68c85f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5c1808f349aa38547fa159387407503d |
| SHA1 | 1c91fbcede048b1ba3854ed72d8a78a08d25a207 |
| SHA256 | 91157a934eb5f16bf942de170958a03db22c1bda010bc7f20b1c00e50c40e65a |
| SHA512 | 5fbf8212900a993aeab62d7acea8ab34a63d7017472e968f728f00a3ae5d39235768068f3e87bc4586d8c13891e6cfad6ea2bf9054e519c016cff2f2e4479b7e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 58bb7027824a75230daa706294e0a552 |
| SHA1 | a549d4f2abe6b8e09aeb52b28bef1bc953861fc7 |
| SHA256 | d0f32111c3bbfe74887ec9353aa1c689156af9ee00201dfdc9f2af68fa4a399e |
| SHA512 | 40245f8a7236a80551fb529207dae18ab9ebc27375f481f074cd831f93842f301356493aa5f422b414ab721f9454802add3558049420e163bf1a231d3032c27d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7bb6d352a7a6aa8c7df3a0133cde0614 |
| SHA1 | ffe0e140e51a90055364c07ce5eb3b62230497c6 |
| SHA256 | 73d09535744ab86c6d6982a84bc692921370f63a8b5c44008ce60f586af3bae1 |
| SHA512 | 0670d5ca64ee1f7a6ac1f3affce314f134b23daab3c7e4f10eaab1ae4398e20fc58c6c07dd0c7619dc32f3b9365eca0c21f62a164c33dbf0d715873680b035d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7f7de9a28c68230614e17f66fe31a327 |
| SHA1 | 2f92ce7e0984d14a1189932a5cf1df7bc055de52 |
| SHA256 | 8962bd4bd6c2f12b9d171f082efc098917b64eae2c745483894f60a1e22eed76 |
| SHA512 | ff432d3b8bbbc6b9306eb09cafd9afff62d2ac20de11b6596deebdcc35d7de7183866d00284e65dcac47c531afc9cd6c069c3e7f7206f314aca8b45acc8f9a72 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2393040c4908895a33188a66eba52e95 |
| SHA1 | 24a007d8d105c070c8b7d87293fb26ed593406db |
| SHA256 | f3954842593e3f6d25f4959912bfbebfc8dab86b0cf1b380d209685dd0956f70 |
| SHA512 | 14b8aa7017064053b57c5913b390da34d4c3235f2b723cea01e292a758dcb6100870e9357128bb2a06410b54fbb764dcbae6502e85c670e9eca6bf19e991dea8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d4fce1721c2d2d5a26da04343fea3995 |
| SHA1 | 9c7fd463b943e82f1290dc02eaac151e58f2163a |
| SHA256 | 2a9ebcb2b4f8a0d3343294d1126153613af201d3ed5accc91e2c40e053e56a47 |
| SHA512 | cc57753e7d4819025462831f9d8a887a35795dbc2f2ac63eb23bb8266ca17e51d4415ac8b1b715f568b4e9dd103b9198bc3784d4bea8ea22d137d1cd139f0cec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b4eb94a49dc731280723972a3523356c |
| SHA1 | 12d39070235875dc369ff236703b03eb2ea1734e |
| SHA256 | 785393e7252a93c93ec8ee5ef0c65672a9a67842a558ae1d147d4924678ca398 |
| SHA512 | 263bfb29f5881822db52a0b413ffe27c1b0b9b6003c790fd9d2f3e14a8b18b4e08a6647d1660a5c124e7ef6006db6d486a42c3337512e10fdd9123fd58085732 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 67c492fa41eedd701e11186af95c499d |
| SHA1 | 0eeb157a5cc0f52730a231c32a25f074e6e847c1 |
| SHA256 | 902aecb1b22d9830ff36165099cb1ddaa5711d61cb294d5dfbffd91e2fe75d25 |
| SHA512 | f387abd55acb69961258a3894d8419846fb5654d37914a5800098f4e61b8a99f89fd0b47c4d69117b5226b1064163d92cb215b02a1caf1b973a77b22d409deb2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a8457636c95942ed80937f2480292d4f |
| SHA1 | d764a506eeeb8d0e8cd512cec931f9c022d1bae4 |
| SHA256 | 6e6a7eb94e4a7a308a3d68904a4cd5feff1284a300c52c5b9926e40954131566 |
| SHA512 | 1a9aba017267e9eea5da6bfae146d8c05c6a6755cfec197e5c024b6eb103a22e06f55de434538e86d2de2090b23e5f81c2335617934155efe6dacae971c8c819 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a2056078042e9d0f36095f332eb17280 |
| SHA1 | 1e721d14d20585d4119d1d9c4a34b8cbba0b9e24 |
| SHA256 | d4612b5b7f9029b33a12e7205cd5ebefb0048e2b05a3f5eb19ef5988d91fe0d9 |
| SHA512 | 391454c619620ec65d641300605d3273be67396c75c9fc0e9156edbd400252fa808f09417311cd67032175ca1ed1547e247fd411977c63c6dc8a3a61dc9c3f95 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c742ebc2e0f9c143bd8aa87799d67226 |
| SHA1 | 48a67aa4e59fdcd7a2735f6b5a41f32b7afa8aa4 |
| SHA256 | a479dde5687ce7eea415d9c8db8b31b23c4caaf69716f23ca56420d0d15b8dd7 |
| SHA512 | b9a1122656afb95b48a1ae7e01cac3292a1a1e61568acb21fa20d2f9e509e39e1be4b15c7d71ac57ded46fbbdb2f97c0a7f17a0d05efdb9dbc710c795558c85e |
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-09 11:25
Reported
2024-11-09 11:55
Platform
win10ltsc2021-20241023-en
Max time kernel
1786s
Max time network
1785s
Command Line
Signatures
Detected google phishing page
A potential corporate email address has been identified in the URL: currency-file@1
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\e2b70edc-0c0d-468b-8ee2-55d7cec84285.tmp | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\20241109112539.pma | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://example.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ff9290d46f8,0x7ff9290d4708,0x7ff9290d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2756 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5660 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x134,0x138,0x12c,0x28c,0x130,0x7ff752815460,0x7ff752815470,0x7ff752815480
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5660 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1932 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1144 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=1272 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2cc 0x334
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6444 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8144 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7240 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8240 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7964 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8616 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=8956 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9516 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9712 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9964 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8088 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8852 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,5399660933583377947,2769062625832935336,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2248 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | example.com | udp |
| US | 93.184.215.14:80 | example.com | tcp |
| US | 93.184.215.14:80 | example.com | tcp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.215.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | x.urs.microsoft.com | udp |
| GB | 172.165.69.228:443 | x.urs.microsoft.com | tcp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 13.87.96.169:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 13.87.96.169:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | data-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | www.iana.org | udp |
| GB | 172.165.69.228:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | data-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.69.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.96.87.13.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.73.42.20.in-addr.arpa | udp |
| US | 95.100.195.146:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 146.195.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | downloadvirus.com | udp |
| US | 103.224.182.246:80 | downloadvirus.com | tcp |
| US | 103.224.182.246:80 | downloadvirus.com | tcp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 51.140.244.186:443 | nav.smartscreen.microsoft.com | tcp |
| US | 103.224.182.246:80 | downloadvirus.com | tcp |
| US | 8.8.8.8:53 | ww16.downloadvirus.com | udp |
| DE | 91.195.240.14:80 | ww16.downloadvirus.com | tcp |
| GB | 51.140.244.186:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.above.com | udp |
| US | 8.8.8.8:53 | www.sedo.com | udp |
| GB | 142.250.180.4:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| GB | 216.58.212.206:443 | syndicatedsearch.goog | tcp |
| GB | 216.58.212.206:443 | syndicatedsearch.goog | tcp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| GB | 172.217.16.226:443 | partner.googleadservices.com | tcp |
| US | 8.8.8.8:53 | 186.244.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.182.224.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.240.195.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.212.58.216.in-addr.arpa | udp |
| GB | 216.58.212.206:443 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | img.sedoparking.com | udp |
| US | 205.234.175.175:80 | img.sedoparking.com | tcp |
| US | 8.8.8.8:53 | afs.googleusercontent.com | udp |
| GB | 216.58.213.1:443 | afs.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | afs.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.175.234.205.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 95.100.195.163:443 | th.bing.com | tcp |
| US | 95.100.195.163:443 | th.bing.com | tcp |
| US | 95.100.195.146:443 | th.bing.com | tcp |
| US | 95.100.195.146:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 163.195.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 20.190.160.22:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 22.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
| US | 95.100.195.146:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | translate.google.co.kr | udp |
| GB | 142.250.180.3:443 | translate.google.co.kr | tcp |
| GB | 142.250.180.3:443 | translate.google.co.kr | tcp |
| US | 8.8.8.8:53 | consent.google.co.kr | udp |
| GB | 172.217.169.14:443 | consent.google.co.kr | tcp |
| US | 8.8.8.8:53 | 14.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 172.217.169.14:443 | consent.google.co.kr | udp |
| GB | 142.250.180.3:443 | translate.google.co.kr | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 172.217.16.227:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.10:443 | ogads-pa.googleapis.com | tcp |
| GB | 216.58.201.110:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | www.google.co.kr | udp |
| GB | 216.58.201.99:443 | www.google.co.kr | tcp |
| GB | 142.250.200.10:443 | ogads-pa.googleapis.com | udp |
| GB | 216.58.201.99:443 | www.google.co.kr | udp |
| GB | 172.217.16.227:443 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| US | 95.100.195.146:443 | www.bing.com | tcp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 172.217.16.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 172.217.16.238:443 | www.youtube.com | tcp |
| GB | 172.165.69.228:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 246.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.179.230:443 | static.doubleclick.net | tcp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | rr2---sn-aigl6nsd.googlevideo.com | udp |
| GB | 74.125.105.39:443 | rr2---sn-aigl6nsd.googlevideo.com | tcp |
| GB | 74.125.105.39:443 | rr2---sn-aigl6nsd.googlevideo.com | tcp |
| GB | 172.217.16.234:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.187.225:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | 230.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.105.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr2---sn-5hne6nsk.googlevideo.com | udp |
| GB | 142.250.187.225:443 | yt3.ggpht.com | udp |
| NL | 172.217.132.39:443 | rr2---sn-5hne6nsk.googlevideo.com | udp |
| US | 8.8.8.8:53 | 39.132.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | informhack.com | udp |
| JP | 139.162.86.43:443 | informhack.com | tcp |
| JP | 139.162.86.43:443 | informhack.com | tcp |
| JP | 139.162.86.43:443 | informhack.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| CH | 80.67.82.211:443 | aefd.nelreports.net | tcp |
| US | 8.8.8.8:53 | 43.86.162.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.82.67.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 200.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | linenim.tistory.com | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 13.107.246.65:443 | www.clarity.ms | tcp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 51.140.244.186:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 51.140.244.186:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.246.107.13.in-addr.arpa | udp |
| KR | 211.249.222.33:443 | linenim.tistory.com | tcp |
| KR | 211.249.222.33:443 | linenim.tistory.com | tcp |
| KR | 211.249.222.33:443 | linenim.tistory.com | tcp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| GB | 142.250.200.34:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.179.225:443 | ep2.adtrafficquality.google | tcp |
| GB | 142.250.179.225:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 1.129.74.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.222.249.211.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.129.153.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tistory1.daumcdn.net | udp |
| US | 8.8.8.8:53 | t1.daumcdn.net | udp |
| CH | 80.67.82.235:443 | t1.daumcdn.net | tcp |
| US | 8.8.8.8:53 | img1.daumcdn.net | udp |
| KR | 121.53.218.30:443 | tistory1.daumcdn.net | tcp |
| KR | 121.53.218.30:443 | tistory1.daumcdn.net | tcp |
| KR | 121.53.218.30:443 | tistory1.daumcdn.net | tcp |
| KR | 121.53.218.30:443 | tistory1.daumcdn.net | tcp |
| KR | 121.53.218.30:443 | tistory1.daumcdn.net | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 95.100.195.151:443 | th.bing.com | tcp |
| GB | 142.250.200.34:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 235.82.67.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.195.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.218.53.121.in-addr.arpa | udp |
| CH | 80.67.82.235:443 | t1.daumcdn.net | tcp |
| US | 8.8.8.8:53 | fpt.microsoft.com | udp |
| US | 52.167.30.171:443 | fpt.microsoft.com | tcp |
| US | 8.8.8.8:53 | maxcdn.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.18.11.207:443 | maxcdn.bootstrapcdn.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 171.30.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fpt6.microsoft.com | udp |
| US | 8.8.8.8:53 | fpt2.microsoft.com | udp |
| US | 8.8.8.8:53 | developers.kakao.com | udp |
| KR | 211.249.220.43:443 | developers.kakao.com | tcp |
| US | 8.8.8.8:53 | x.urs.microsoft.com | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.11.18.104.in-addr.arpa | udp |
| KR | 211.249.220.43:443 | developers.kakao.com | tcp |
| GB | 13.87.96.169:443 | x.urs.microsoft.com | tcp |
| US | 8.8.8.8:53 | wcs.naver.net | udp |
| CH | 80.67.82.98:443 | wcs.naver.net | tcp |
| US | 8.8.8.8:53 | t1.kakaocdn.net | udp |
| CH | 80.67.82.226:443 | t1.kakaocdn.net | tcp |
| US | 8.8.8.8:53 | 98.82.67.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.220.249.211.in-addr.arpa | udp |
| CH | 80.67.82.216:443 | img1.daumcdn.net | tcp |
| US | 8.8.8.8:53 | 226.82.67.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wcs.naver.com | udp |
| KR | 110.93.147.30:443 | wcs.naver.com | tcp |
| KR | 110.93.147.30:443 | wcs.naver.com | tcp |
| US | 8.8.8.8:53 | 216.82.67.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.147.93.110.in-addr.arpa | udp |
| GB | 216.58.212.246:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | rr4---sn-aigl6nl7.googlevideo.com | udp |
| GB | 173.194.183.201:443 | rr4---sn-aigl6nl7.googlevideo.com | udp |
| US | 8.8.8.8:53 | webid.ad.daum.net | udp |
| KR | 121.53.105.246:443 | webid.ad.daum.net | tcp |
| KR | 121.53.105.246:443 | webid.ad.daum.net | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 74.125.105.39:443 | rr2---sn-aigl6nsd.googlevideo.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | 201.183.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.105.53.121.in-addr.arpa | udp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | scrap.kakaocdn.net | udp |
| US | 8.8.8.8:53 | 84.69.194.173.in-addr.arpa | udp |
| DE | 139.150.6.25:443 | scrap.kakaocdn.net | tcp |
| DE | 139.150.6.25:443 | scrap.kakaocdn.net | tcp |
| DE | 139.150.6.25:443 | scrap.kakaocdn.net | tcp |
| US | 8.8.8.8:53 | 25.6.150.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssl.pstatic.net | udp |
| CH | 104.77.25.7:443 | ssl.pstatic.net | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 216.58.201.110:443 | fundingchoicesmessages.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | nam.veta.naver.com | udp |
| GB | 216.58.201.110:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 7.25.77.104.in-addr.arpa | udp |
| DE | 203.104.162.225:443 | nam.veta.naver.com | tcp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| GB | 172.217.169.33:443 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | stat.tiara.tistory.com | udp |
| US | 8.8.8.8:53 | 225.162.104.203.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tistory4.daumcdn.net | udp |
| KR | 211.249.220.83:443 | stat.tiara.tistory.com | tcp |
| GB | 142.250.180.3:443 | translate.google.co.kr | udp |
| KR | 211.249.220.83:443 | stat.tiara.tistory.com | tcp |
| KR | 121.53.201.236:443 | tistory4.daumcdn.net | tcp |
| KR | 121.53.201.236:443 | tistory4.daumcdn.net | tcp |
| US | 8.8.8.8:53 | 83.220.249.211.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 236.201.53.121.in-addr.arpa | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.179.238:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 51.140.244.186:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 51.140.244.186:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 51.140.244.186:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 51.140.244.186:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 51.140.244.186:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 142.250.200.34:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ads.eu.criteo.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | rtb.nl3.eu.criteo.com | udp |
| NL | 178.250.1.10:443 | rtb.nl3.eu.criteo.com | tcp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| GB | 172.217.169.65:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.65:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | cat.nl3.eu.criteo.com | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.6:443 | cat.nl3.eu.criteo.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | imageproxy.eu.criteo.net | udp |
| US | 8.8.8.8:53 | csm.eu.criteo.net | udp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.25:443 | csm.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | 17.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | en.taiwebs.com | udp |
| US | 172.67.143.131:443 | en.taiwebs.com | tcp |
| US | 172.67.143.131:443 | en.taiwebs.com | tcp |
| US | 8.8.8.8:53 | taiwebs.com | udp |
| US | 8.8.8.8:53 | services.vlitag.com | udp |
| US | 104.22.58.199:443 | services.vlitag.com | tcp |
| US | 104.18.11.207:443 | maxcdn.bootstrapcdn.com | tcp |
| US | 8.8.8.8:53 | 199.58.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.143.67.172.in-addr.arpa | udp |
| US | 104.22.58.199:443 | services.vlitag.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | cmp.inmobi.com | udp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | s3.vlitag.com | udp |
| GB | 142.250.200.10:443 | imasdk.googleapis.com | tcp |
| US | 3.165.232.39:443 | cmp.inmobi.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.232.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | api.cmp.inmobi.com | udp |
| DE | 18.193.40.240:443 | api.cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | 229.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.40.193.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dsp.vlitag.com | udp |
| US | 8.8.8.8:53 | adsystem.pocpoc.io | udp |
| US | 8.8.8.8:53 | px.pocpoc.io | udp |
| US | 104.26.15.167:443 | px.pocpoc.io | tcp |
| US | 172.67.75.64:443 | px.pocpoc.io | tcp |
| US | 8.8.8.8:53 | static.vliplatform.com | udp |
| US | 141.101.120.11:443 | static.vliplatform.com | tcp |
| US | 8.8.8.8:53 | odb.outbrain.com | udp |
| US | 151.101.2.132:443 | odb.outbrain.com | tcp |
| US | 151.101.2.132:443 | odb.outbrain.com | tcp |
| US | 151.101.2.132:443 | odb.outbrain.com | tcp |
| US | 151.101.2.132:443 | odb.outbrain.com | tcp |
| US | 151.101.2.132:443 | odb.outbrain.com | tcp |
| US | 151.101.2.132:443 | odb.outbrain.com | tcp |
| US | 8.8.8.8:53 | 167.15.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.75.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.120.101.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | widgets.outbrain.com | udp |
| US | 8.8.8.8:53 | images.outbrainimg.com | udp |
| US | 8.8.8.8:53 | log.outbrainimg.com | udp |
| US | 8.8.8.8:53 | mcdp-chidc2.outbrain.com | udp |
| US | 23.46.189.137:443 | widgets.outbrain.com | tcp |
| US | 23.46.189.137:443 | widgets.outbrain.com | tcp |
| CH | 23.32.114.7:443 | images.outbrainimg.com | tcp |
| CH | 23.32.114.7:443 | images.outbrainimg.com | tcp |
| CH | 23.32.114.7:443 | images.outbrainimg.com | tcp |
| US | 50.31.142.191:443 | mcdp-chidc2.outbrain.com | tcp |
| US | 64.74.236.127:443 | log.outbrainimg.com | tcp |
| CH | 23.32.114.7:443 | images.outbrainimg.com | tcp |
| US | 50.31.142.191:443 | mcdp-chidc2.outbrain.com | tcp |
| US | 64.74.236.127:443 | log.outbrainimg.com | tcp |
| CH | 23.32.114.7:443 | images.outbrainimg.com | tcp |
| CH | 23.32.114.7:443 | images.outbrainimg.com | tcp |
| US | 64.74.236.127:443 | log.outbrainimg.com | tcp |
| US | 50.31.142.191:443 | mcdp-chidc2.outbrain.com | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| DE | 141.95.33.120:443 | id5-sync.com | tcp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| DE | 141.95.98.65:443 | lb.eu-1-id5-sync.com | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | 132.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.142.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.114.32.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.189.46.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.236.74.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.33.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.216.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | prg-apac.smartadserver.com | udp |
| US | 8.8.8.8:53 | px.vliplatform.com | udp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| FR | 163.5.194.31:443 | prebid.a-mo.net | tcp |
| FR | 178.32.210.227:443 | prg-apac.smartadserver.com | tcp |
| FR | 178.32.210.227:443 | prg-apac.smartadserver.com | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | 65.98.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| US | 8.8.8.8:53 | 31.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | 251.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 8.8.8.8:53 | 227.210.32.178.in-addr.arpa | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| GB | 185.64.190.78:443 | image6.pubmatic.com | tcp |
| NL | 35.214.240.155:443 | csync.loopme.me | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 8.8.8.8:53 | assets.a-mo.net | udp |
| US | 104.19.159.19:443 | assets.a-mo.net | tcp |
| US | 8.8.8.8:53 | br0wsers.com | udp |
| US | 104.21.75.28:443 | br0wsers.com | tcp |
| US | 104.21.75.28:443 | br0wsers.com | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| FR | 51.178.195.217:443 | rtb-csync.smartadserver.com | tcp |
| FR | 51.178.195.217:443 | rtb-csync.smartadserver.com | tcp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| NL | 69.173.156.149:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| FR | 163.5.194.34:443 | sync.a-mo.net | tcp |
| FR | 163.5.194.34:443 | sync.a-mo.net | tcp |
| US | 8.8.8.8:53 | 78.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.240.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.75.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.159.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.195.178.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.173.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.rtb.mx | udp |
| US | 8.8.8.8:53 | prebid.adnxs.com | udp |
| US | 8.8.8.8:53 | ow.pubmatic.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| NL | 185.89.208.11:443 | prebid.adnxs.com | tcp |
| NL | 185.64.189.116:443 | ow.pubmatic.com | tcp |
| NL | 79.127.227.46:443 | id.rtb.mx | tcp |
| NL | 154.57.158.115:443 | ads.stickyadstv.com | tcp |
| US | 8.8.8.8:53 | img.softwaresblue.com | udp |
| US | 104.21.89.2:443 | img.softwaresblue.com | tcp |
| US | 104.21.89.2:443 | img.softwaresblue.com | tcp |
| US | 104.21.89.2:443 | img.softwaresblue.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| GB | 142.250.200.10:443 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | 116.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.208.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.227.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.158.57.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.89.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| IE | 3.162.142.187:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| FR | 91.134.110.132:443 | ssbsync-global.smartadserver.com | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| GB | 216.58.201.98:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| IE | 13.224.68.126:443 | config.aps.amazon-adsystem.com | tcp |
| US | 104.22.53.173:443 | cdn.hadronid.net | tcp |
| GB | 216.58.201.98:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | 187.142.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.110.134.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.68.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.53.22.104.in-addr.arpa | udp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 172.67.23.234:443 | a.ad.gt | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 98.82.156.107:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | 234.23.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.156.82.98.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prebid-eu.creativecdn.com | udp |
| US | 8.8.8.8:53 | grid-bidder.criteo.com | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| NL | 185.184.8.90:443 | prebid-eu.creativecdn.com | tcp |
| NL | 178.250.1.4:443 | grid-bidder.criteo.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | targeting.unrulymedia.com | udp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| DE | 91.228.74.244:443 | cms.quantserve.com | tcp |
| GB | 172.217.169.65:443 | tpc.googlesyndication.com | udp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.136.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.174.228.46.in-addr.arpa | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | udp |
| FR | 185.235.86.239:443 | gem.gbc.criteo.com | tcp |
| FR | 185.235.86.119:443 | ag.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | b-eu1.marketperf.com | udp |
| DE | 3.67.124.21:443 | b-eu1.marketperf.com | tcp |
| US | 8.8.8.8:53 | 239.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.124.67.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| GB | 216.58.204.81:443 | csp.withgoogle.com | tcp |
| GB | 216.58.204.81:443 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | 81.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wv.dl-faster.xyz | udp |
| US | 104.21.47.231:443 | wv.dl-faster.xyz | tcp |
| US | 104.21.47.231:443 | wv.dl-faster.xyz | tcp |
| US | 8.8.8.8:53 | srv3.dl-faster.xyz | udp |
| US | 8.8.8.8:53 | 231.47.21.104.in-addr.arpa | udp |
| FR | 178.32.210.227:443 | prg-apac.smartadserver.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.200.22:443 | i.ytimg.com | udp |
| GB | 142.250.187.225:443 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | 22.200.250.142.in-addr.arpa | udp |
| GB | 142.250.187.225:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 173.194.183.201:443 | rr4---sn-aigl6nl7.googlevideo.com | udp |
| GB | 74.125.105.39:443 | rr2---sn-aigl6nsd.googlevideo.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | rr1---sn-aigl6nzs.googlevideo.com | udp |
| GB | 172.217.169.65:443 | tpc.googlesyndication.com | udp |
| GB | 74.125.175.70:443 | rr1---sn-aigl6nzs.googlevideo.com | udp |
| GB | 51.140.242.104:443 | x.urs.microsoft.com | tcp |
| US | 8.8.8.8:53 | 70.175.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.242.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| GB | 216.58.212.194:443 | ade.googlesyndication.com | tcp |
| GB | 172.217.16.234:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.179.230:443 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | 194.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | udp |
| GB | 216.58.212.194:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 104.244.42.193:443 | twitter.com | tcp |
| US | 104.244.42.193:443 | twitter.com | tcp |
| US | 8.8.8.8:53 | x.com | udp |
| US | 104.244.42.65:443 | x.com | tcp |
| US | 8.8.8.8:53 | api.x.com | udp |
| US | 8.8.8.8:53 | api.twitter.com | udp |
| US | 8.8.8.8:53 | abs.twimg.com | udp |
| GB | 146.75.72.159:443 | abs.twimg.com | tcp |
| US | 104.244.42.194:443 | api.x.com | tcp |
| US | 8.8.8.8:53 | pbs.twimg.com | udp |
| US | 104.244.42.130:443 | api.twitter.com | tcp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 172.66.0.227:443 | t.co | tcp |
| US | 104.18.9.251:443 | pbs.twimg.com | tcp |
| GB | 146.75.72.159:443 | abs.twimg.com | tcp |
| US | 8.8.8.8:53 | 193.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.72.75.146.in-addr.arpa | udp |
| US | 8.8.8.8:53 | video.twimg.com | udp |
| US | 8.8.8.8:53 | abs-0.twimg.com | udp |
| GB | 151.101.188.158:443 | video.twimg.com | tcp |
| US | 104.244.43.131:443 | abs-0.twimg.com | tcp |
| US | 8.8.8.8:53 | 194.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.0.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.9.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.188.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.43.244.104.in-addr.arpa | udp |
| US | 104.244.42.194:443 | api.x.com | tcp |
| US | 104.244.42.194:443 | api.x.com | tcp |
| US | 104.244.42.194:443 | api.x.com | tcp |
| US | 8.8.8.8:53 | appleid.cdn-apple.com | udp |
| CH | 104.77.37.101:443 | appleid.cdn-apple.com | tcp |
| US | 8.8.8.8:53 | 101.37.77.104.in-addr.arpa | udp |
| US | 104.18.9.251:443 | pbs.twimg.com | tcp |
| US | 104.18.9.251:443 | pbs.twimg.com | tcp |
| IE | 3.162.142.187:443 | c.amazon-adsystem.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 172.66.0.227:443 | t.co | tcp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| NL | 2.20.152.25:443 | contextual.media.net | tcp |
| US | 8.8.8.8:53 | file2.co.kr | udp |
| GB | 216.58.201.110:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 25.152.20.2.in-addr.arpa | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | csm.nl3.eu.criteo.net | udp |
| US | 8.8.8.8:53 | lg3.media.net | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| CH | 23.32.112.27:443 | lg3.media.net | tcp |
| KR | 211.47.74.48:80 | file2.co.kr | tcp |
| KR | 211.47.74.48:80 | file2.co.kr | tcp |
| KR | 211.47.74.48:80 | file2.co.kr | tcp |
| US | 8.8.8.8:53 | 27.112.32.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.74.47.211.in-addr.arpa | udp |
| US | 8.8.8.8:53 | best8.kr | udp |
| KR | 211.47.74.48:80 | best8.kr | tcp |
| KR | 211.47.74.48:80 | best8.kr | tcp |
| KR | 211.47.74.48:80 | best8.kr | tcp |
| US | 8.8.8.8:53 | play-download.kr | udp |
| KR | 211.47.74.48:80 | play-download.kr | tcp |
| KR | 211.47.74.48:80 | play-download.kr | tcp |
| KR | 211.47.74.48:80 | play-download.kr | tcp |
| US | 8.8.8.8:53 | www.todisk.com | udp |
| KR | 115.71.28.145:80 | www.todisk.com | tcp |
| KR | 115.71.28.145:80 | www.todisk.com | tcp |
| KR | 115.71.28.145:80 | www.todisk.com | tcp |
| KR | 115.71.28.145:443 | www.todisk.com | tcp |
| US | 8.8.8.8:53 | 145.28.71.115.in-addr.arpa | udp |
| KR | 115.71.28.145:443 | www.todisk.com | tcp |
| US | 8.8.8.8:53 | wimg.todisk.com | udp |
| KR | 115.71.28.145:443 | www.todisk.com | tcp |
| KR | 115.71.28.145:443 | www.todisk.com | tcp |
| KR | 115.71.28.145:443 | www.todisk.com | tcp |
| KR | 115.71.28.145:443 | www.todisk.com | tcp |
| KR | 115.71.28.145:443 | www.todisk.com | tcp |
| KR | 115.71.28.145:443 | www.todisk.com | tcp |
| KR | 115.71.28.152:443 | wimg.todisk.com | tcp |
| KR | 115.71.28.152:443 | wimg.todisk.com | tcp |
| KR | 115.71.28.152:443 | wimg.todisk.com | tcp |
| KR | 115.71.28.152:443 | wimg.todisk.com | tcp |
| KR | 115.71.28.152:443 | wimg.todisk.com | tcp |
| KR | 115.71.28.152:443 | wimg.todisk.com | tcp |
| KR | 115.71.28.145:443 | www.todisk.com | tcp |
| KR | 115.71.28.145:443 | www.todisk.com | tcp |
| US | 8.8.8.8:53 | 152.28.71.115.in-addr.arpa | udp |
| KR | 115.71.28.145:443 | www.todisk.com | tcp |
| KR | 115.71.28.145:443 | www.todisk.com | tcp |
| KR | 115.71.28.145:443 | www.todisk.com | tcp |
| KR | 115.71.28.145:443 | www.todisk.com | tcp |
| KR | 115.71.28.145:443 | www.todisk.com | tcp |
| KR | 115.71.28.145:443 | www.todisk.com | tcp |
| KR | 115.71.28.145:443 | www.todisk.com | tcp |
| KR | 115.71.28.145:443 | www.todisk.com | tcp |
| US | 8.8.8.8:53 | static.nid.naver.com | udp |
| KR | 125.209.226.239:443 | static.nid.naver.com | tcp |
| KR | 125.209.226.239:443 | static.nid.naver.com | tcp |
| US | 8.8.8.8:53 | 239.226.209.125.in-addr.arpa | udp |
| KR | 115.71.28.145:443 | www.todisk.com | tcp |
| KR | 115.71.28.145:443 | www.todisk.com | tcp |
| KR | 115.71.28.145:443 | www.todisk.com | tcp |
| NL | 178.250.1.4:443 | grid-bidder.criteo.com | tcp |
| FR | 185.235.86.119:443 | ag.gbc.criteo.com | tcp |
| FR | 185.235.86.239:443 | gem.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| CH | 80.67.82.232:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | 232.82.67.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 95.100.195.163:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 95.100.195.168:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 168.195.100.95.in-addr.arpa | udp |
| US | 95.100.195.163:443 | r.bing.com | tcp |
| US | 95.100.195.163:443 | r.bing.com | tcp |
| US | 95.100.195.168:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | bing.com | udp |
| US | 204.79.197.200:443 | bing.com | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| GB | 142.250.180.3:443 | translate.google.co.kr | udp |
| US | 8.8.8.8:53 | googel.com | udp |
| GB | 142.250.187.196:80 | googel.com | tcp |
| GB | 142.250.187.196:80 | googel.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| GB | 216.58.201.110:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 216.58.212.202:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 202.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gppgole.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | gppgle.com | udp |
| GB | 142.250.187.228:80 | gppgle.com | tcp |
| GB | 142.250.187.228:80 | gppgle.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 228.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| NL | 178.250.1.4:443 | grid-bidder.criteo.com | tcp |
| FR | 163.5.194.35:443 | prebid.a-mo.net | tcp |
| US | 8.8.8.8:53 | 35.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googke.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | googl.com | udp |
| GB | 172.217.169.68:80 | googl.com | tcp |
| GB | 172.217.169.68:80 | googl.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | foofle.com | udp |
| GB | 172.217.169.68:80 | foofle.com | tcp |
| GB | 172.217.169.68:80 | foofle.com | tcp |
| US | 8.8.8.8:53 | goglee.com | udp |
| US | 199.59.243.227:80 | goglee.com | tcp |
| US | 199.59.243.227:80 | goglee.com | tcp |
| GB | 216.58.212.206:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | ww01.goglee.com | udp |
| US | 199.191.50.153:80 | ww01.goglee.com | tcp |
| US | 199.191.50.153:80 | ww01.goglee.com | tcp |
| US | 8.8.8.8:53 | 227.243.59.199.in-addr.arpa | udp |
| US | 199.191.50.153:80 | ww01.goglee.com | tcp |
| US | 8.8.8.8:53 | delivery.consentmanager.net | udp |
| US | 8.8.8.8:53 | cdn.consentmanager.net | udp |
| DE | 87.230.98.78:443 | delivery.consentmanager.net | tcp |
| DE | 169.150.255.183:443 | cdn.consentmanager.net | tcp |
| US | 8.8.8.8:53 | i4.cdn-image.com | udp |
| US | 208.91.196.253:80 | i4.cdn-image.com | tcp |
| US | 8.8.8.8:53 | 153.50.191.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.98.230.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.255.150.169.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.delivery.consentmanager.net | udp |
| DE | 87.230.98.78:443 | a.delivery.consentmanager.net | tcp |
| US | 208.91.196.253:80 | i4.cdn-image.com | tcp |
| US | 208.91.196.253:80 | i4.cdn-image.com | tcp |
| US | 208.91.196.253:80 | i4.cdn-image.com | tcp |
| US | 8.8.8.8:53 | skenzo.com | udp |
| US | 208.91.196.253:80 | i4.cdn-image.com | tcp |
| US | 8.8.8.8:53 | 253.196.91.208.in-addr.arpa | udp |
| US | 208.91.196.253:80 | i4.cdn-image.com | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 142.251.178.94:443 | id.google.com | tcp |
| GB | 142.250.200.22:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | 66.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.178.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| GB | 142.250.179.230:443 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| GB | 142.250.200.46:443 | encrypted-tbn2.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn2.gstatic.com | tcp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | suggestqueries-clients6.youtube.com | udp |
| GB | 142.250.187.206:443 | suggestqueries-clients6.youtube.com | tcp |
| GB | 142.250.187.206:443 | suggestqueries-clients6.youtube.com | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | suggestqueries-clients6.youtube.com | udp |
| NL | 178.250.1.4:443 | grid-bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| FR | 163.5.194.30:443 | prebid.a-mo.net | tcp |
| US | 8.8.8.8:53 | 30.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate.google.co.kr | udp |
| GB | 142.250.180.3:443 | translate.google.co.kr | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| FR | 163.5.194.30:443 | prebid.a-mo.net | tcp |
| NL | 178.250.1.4:443 | grid-bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| CH | 80.67.82.232:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| NL | 178.250.1.4:443 | grid-bidder.criteo.com | tcp |
| FR | 163.5.194.30:443 | prebid.a-mo.net | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 216.58.201.110:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| NL | 178.250.1.4:443 | grid-bidder.criteo.com | tcp |
| FR | 163.5.194.33:443 | prebid.a-mo.net | tcp |
| US | 8.8.8.8:53 | 33.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| NL | 178.250.1.4:443 | grid-bidder.criteo.com | tcp |
| FR | 163.5.194.35:443 | prebid.a-mo.net | tcp |
| US | 8.8.8.8:53 | images.outbrainimg.com | udp |
| CH | 23.32.114.7:443 | images.outbrainimg.com | tcp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| NL | 178.250.1.4:443 | grid-bidder.criteo.com | tcp |
| FR | 163.5.194.33:443 | prebid.a-mo.net | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| CH | 80.67.82.211:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | fd.api.iris.microsoft.com | udp |
| FR | 20.199.58.43:443 | fd.api.iris.microsoft.com | tcp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| NL | 178.250.1.4:443 | grid-bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| FR | 163.5.194.35:443 | prebid.a-mo.net | tcp |
| NL | 178.250.1.4:443 | grid-bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| FR | 163.5.194.37:443 | prebid.a-mo.net | tcp |
| US | 8.8.8.8:53 | 37.194.5.163.in-addr.arpa | udp |
| FR | 163.5.194.37:443 | prebid.a-mo.net | tcp |
| NL | 178.250.1.4:443 | grid-bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | images.outbrainimg.com | udp |
| CH | 23.32.114.7:443 | images.outbrainimg.com | tcp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| NL | 178.250.1.4:443 | grid-bidder.criteo.com | tcp |
| FR | 163.5.194.33:443 | prebid.a-mo.net | tcp |
| NL | 178.250.1.4:443 | grid-bidder.criteo.com | tcp |
| FR | 163.5.194.33:443 | prebid.a-mo.net | tcp |
| US | 8.8.8.8:53 | translate.google.co.kr | udp |
| GB | 142.250.180.3:443 | translate.google.co.kr | udp |
| FR | 163.5.194.33:443 | prebid.a-mo.net | tcp |
| NL | 178.250.1.4:443 | grid-bidder.criteo.com | tcp |
| CH | 23.32.114.7:443 | images.outbrainimg.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| NL | 178.250.1.4:443 | grid-bidder.criteo.com | tcp |
| FR | 163.5.194.37:443 | prebid.a-mo.net | tcp |
| GB | 142.250.180.3:443 | translate.google.co.kr | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 78bc0ec5146f28b496567487b9233baf |
| SHA1 | 4b1794d6cbe18501a7745d9559aa91d0cb2a19c1 |
| SHA256 | f5e3afb09ca12cd22dd69c753ea12e85e9bf369df29e2b23e0149e16f946f109 |
| SHA512 | 0561cbabde95e6b949f46deda7389fbe52c87bedeb520b88764f1020d42aa2c06adee63a7d416aad2b85dc332e6b6d2d045185c65ec8c2c60beac1f072ca184a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico
| MD5 | e5e3377341056643b0494b6842c0b544 |
| SHA1 | d53fd8e256ec9d5cef8ef5387872e544a2df9108 |
| SHA256 | e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25 |
| SHA512 | 83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef |
\??\pipe\LOCAL\crashpad_3780_NPUKASSRZWGHKCKW
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a134f1844e0964bb17172c44ded4030f |
| SHA1 | 853de9d2c79d58138933a0b8cf76738e4b951d7e |
| SHA256 | 50f5a3aaba6fcbddddec498e157e3341f432998c698b96a4181f1c0239176589 |
| SHA512 | c124952f29503922dce11cf04c863966ac31f4445304c1412d584761f90f7964f3a150e32d95c1927442d4fa73549c67757a26d50a9995e14b96787df28f18b4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ead08a0e38fab3aec5161744179f1aa9 |
| SHA1 | de989005772982863963a5c00ad965386cabfb1b |
| SHA256 | 1423d514dfc516b6a7a1a9c4b6bb3f3ce43924e8d7864c29c356f57aeea41c6d |
| SHA512 | 6ef8d5743a33f105e03522d062b5a90c456fbcd824fb8a5ab1b1480844bcc69d121aea0b3a59c8b5201b131a4a879d452f71bd2513fe252924c780fe07fb0485 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 9010fe212d7da97a4e9cf63a903ee7a4 |
| SHA1 | 8f124a736d045eea3c50a9597d18c9af8b128e28 |
| SHA256 | c2956b77f9af9f4d79e0198d8a7e0a5b6f880b4d597dfeee25a3f56c05d11834 |
| SHA512 | f763ab3261592107fb19b7d6134c7f4d02e921258b1c72f1e0c69a95ee8ed9cc20498259a279cca9648bbd213a5234b965a9196865d465e1f975ee9242e36326 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 3ee57cf90dfd624e04b447f91dc72859 |
| SHA1 | e6f755ccfb9c050c0764c5cba43dc5d1cbd8db4f |
| SHA256 | c78181e59106bee7ea02804f2d7d44244e5c4307e664f33a82dd75ca20fe2388 |
| SHA512 | 050daf9b9a6144f88d82a5243c15f2e2e523f161743edaf6cc79860e89c225ec69a9ac468ece8cc2ce8bfc7555b833ffaa6406934ca1c6a820d3fdaf24d50304 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | bcdb74d4a477da44d8bba71a059d742f |
| SHA1 | f7b8cdf64e5860b5cbd9ac877fd3d79f2a2430d0 |
| SHA256 | b3be667d8fd2987e8389f561b2583bfe705409a5369b4223e8ad772e3625f50f |
| SHA512 | 45d12034ab29a63da8f7b2a28fc446b3d4745c37b9b4119bed0cfb1b17a936333e55af0d8c1aa2a46402b9ed8dd91185de26097971fca3f09a611381fa712855 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2bfbd8f4cb8c94acd6b98d747239e357 |
| SHA1 | 6ebc0a6f3c028a1a7fe139f86193b90c730e6354 |
| SHA256 | 170759815181518535f7b14713bf5b51495db03ed5ef25eab728e7b9afd55668 |
| SHA512 | 4188f9544bfbab22712a3013bfb18a252a06a232bfb6e6f1f372ab0ebc84a65e7003417f1314fc48f17328e51dadc6a05a835dd607a70b40228083a5d38d5e73 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 11db8f53229dde415099090106716b0d |
| SHA1 | f48a0e1d61705e88da9d4dbb716872d7d844db28 |
| SHA256 | ab7258ed55bb14b7ad772ca65d38bdc4b5840218b096a0d9e11590b622a43a08 |
| SHA512 | c126b5774d984ad55ab4b6783d59b8d59c1b740811c74409d1a8b29232ce17f8a0ca305f765a43d4e384d5a06313b03018f3423d6be9a896d198c5eabb59034e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 21320325bdfc20c6f4e4d136228fc9c5 |
| SHA1 | 7e96950811d7ddbc1daeb7341ddb9768980bf2b5 |
| SHA256 | 5e7ac2b978206a07d8b1841a2bd89eae4b466bcd8a0df3a62ae2ca0439b8bd5e |
| SHA512 | ee78316d5b8edffdc83e3431bdbd28ae05a481d2a445ddf3b7c58bf0f01c6c42aead46a4d91e7fc75519a5ca8a7e2bab78749d88476c7a2fa0a25e8b3592bd43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c8f53a21453487cbb5bbe6069a382f70 |
| SHA1 | dd526b6e40d964d63dbbd27ece165f88c0d4d835 |
| SHA256 | 0f14bd8ef88a5314923ba02bc099cc438c07fb26ff0991e491588954d5f78094 |
| SHA512 | 314cf82fea39de9772ef1ecc9ce6cb21741ac427d4cdf05e4f81af6d06f3ac172e5b304e9c9e126ecf86183ee21c9d100363f6e612990922d1da58f1eed5a85a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 24002ac606085c955c21d44535f16273 |
| SHA1 | 6e46d0ef3343159333eb6f07bb25f6df02775a10 |
| SHA256 | 8dd682463c23cb1790925f7d226692e77373b92ef299b8f6a5eaea5eba531d9c |
| SHA512 | 0e695b5e9779d3b2d80a213271b2bd864f36e96d8f0f218616f782879f743caff799701219599f3b08bc38c21f03843941904eb739f0edf87496db09caab27c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a6110aea3683799fe417bd6de96d556a |
| SHA1 | b99c18a5bc3936001c38f5fe92bebad6dbd074dd |
| SHA256 | 50a674934f8f5d5d7f85f2c7a750a585dfcc8411ba76b75add81e970916ad941 |
| SHA512 | 65342a8360cfd9907b7b7d2562774b57feddb2f1c210619df6de0a0a305d9de7c3845b97adfe4de935e5cdaf908b0aa2ec0b50d614a832bcd05ea03627b8daab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | e4fb9b839186660b1f729b8df8c994b4 |
| SHA1 | 931792cd70ced4ad586f6329c30c294ebea1548e |
| SHA256 | 6838611c8ab6539005e11c84ca308158f89a51db57a62caf21faab48bf576177 |
| SHA512 | 625436bb52cbd7df7ed03be05fea52c5d54b6cc15037d70c268d9598e648a22246db902b9c6f097ba8b18bd924f6ab17120736285d54dce13773237f1669853a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | fb2f02c107cee2b4f2286d528d23b94e |
| SHA1 | d76d6b684b7cfbe340e61734a7c197cc672b1af3 |
| SHA256 | 925dd883d5a2eb44cf1f75e8d71346b98f14c4412a0ea0c350672384a0e83e7a |
| SHA512 | be51d371b79f4cc1f860706207d5978d18660bf1dc0ca6706d43ca0375843ec924aa4a8ed44867661a77e3ec85e278c559ab6f6946cba4f43daf3854b838bb82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | 2e86a72f4e82614cd4842950d2e0a716 |
| SHA1 | d7b4ee0c9af735d098bff474632fc2c0113e0b9c |
| SHA256 | c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f |
| SHA512 | 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | 710d7637cc7e21b62fd3efe6aba1fd27 |
| SHA1 | 8645d6b137064c7b38e10c736724e17787db6cf3 |
| SHA256 | c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b |
| SHA512 | 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 22d9494dd1fb3fb06cf4eac385bc031c |
| SHA1 | 565b5d35b0b55a4db21115958c801d0abde69a2d |
| SHA256 | db6621498a56aff3e55e994e0ee7acab594a0537b8aa6666bc1a46870cbe7f21 |
| SHA512 | 9ecb8f475f7d67dd5384c44727594974e1ce0fe81a2f07f090ca5920b5f83ca172c285d9b4ae25388bdbf804d281c7f0881788a952d4c9bb892458be293b073e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe630a37.TMP
| MD5 | e95ca9ddead8c44759d03514311651ea |
| SHA1 | 4cd08a3886b2975fea940b730dd17c0871e082ed |
| SHA256 | 44a313e70c46fad69ef6a1aaa39b326fe126be2eeab0ffaf4ac207821bfa0c2a |
| SHA512 | 27244a8fbf8c1a4ee3d55389ce810a0e69a96ed13ace06674d7858952530e0bf0604f96d732815f625e575eaadf171cd434e9980314386403f248b189e085713 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c10a941f7ab9bd6650c62aa28a33d0f5 |
| SHA1 | 0ea752281be0b76ccf5d8ad6c6e779b369917b98 |
| SHA256 | 89c81a43c56266f7edbc5f1a58aea78c2a0aaa5c6ae0d4fee2449a6b77f01312 |
| SHA512 | 9f55a98c6284d37264c15085c6bc437ac39529c8efb9d4b6d4648765dbcefa171df770e900c2a488a5411ec0ba460abd4a2a7b15fff4b38c604ab0c54ac132d5 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 91b9843f2c91d3388fc4420b92d99b76 |
| SHA1 | 2dfd54bb6813836fed19bb916a2388e1ba7241dc |
| SHA256 | f7344eef05fe54b323fa6e9ee2ce400cf15dd3d397abcec78d284209ddc42cf3 |
| SHA512 | 464b3243a32e48985690d1fbbf859431a9cb9649db36d63f8e0e88fa2be79b308304d2b1be815c2e14fd302a04a9d285778d011c0287ec7fb8623175c36f725d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | abff17004f84c7291e28541511ff6b42 |
| SHA1 | 0e6855bfa82d07fa74bf3c499919812cf7b24488 |
| SHA256 | 0c65602dc974814486511b244fc8b499666c223b7e158eef63cdbe0c130f652b |
| SHA512 | d0ec2e0a3bcf497f322b47fa9b8f663d6b6e37579468f90de9257195cf4a78d0df0ab925ec455be6b7f6a46b13c49d3d19e6a5fbb199a38c538dcad7c3ec2205 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | 2227a244ca78dc817e80e78e42e231d7 |
| SHA1 | 56caeba318e983c74838795fb3c4d9ac0fb4b336 |
| SHA256 | e9d7b93bae57eebd7019ac0f5f82bac734b7ac3534d1fa9bdba6b1fc2f093a24 |
| SHA512 | 624cc23d4a18185ae96941cf8a35d342e048476b0384f0595ec1f273e19163ca49b17b14760628eb9da9a5f5519d4671544669fb08985c4945faf663faf92e12 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 55a93dd8c17e1019c87980a74c65cb1b |
| SHA1 | 4b99f1784b2bb2b2cc0e78b88c5d25858ff01c5d |
| SHA256 | 4925dd477b8abf082cb81e636f8d2c76f34d7864947114fc9f1db0e68b5a9009 |
| SHA512 | f9ade542c593067dbcd13ed94da1ba17a84782575355396db8fd7c28aa70a3120d0c0a22d3ca3d2f0774c1dcb06b9319e243b36001c618c92e0af25cb9c8e46b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
| MD5 | cd74fa4f0944963c0908611fed565d9b |
| SHA1 | c18033d8679d742e2aab1d6c88c28bd8f8a9e10d |
| SHA256 | e432edfafbd52fcdbd59ef74892aa2e2ab19df6647ae723b368fca529066a804 |
| SHA512 | b526216bdbc73a97db41edbec6fdfd09b7b4ae149d415fb5811dde03ad4b1b0247950abd78fef807ae47674ab1b56ff0b971fa5e305b26bc92dc07871313b750 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 089bb451b68dbb8f475cf283b4148641 |
| SHA1 | 8403a4ea8719afa9baf39d2cb14b284a384c8232 |
| SHA256 | fbf02e0c0e536df04029ff38a24f8d45c5234593cf23353f406e7c3fa1a8a7fb |
| SHA512 | b8c847891bf71fd9e684d8c66d3d3bcf6349199017c4cb227e0bc242b4e327b7a1c1184976ebc10c1695fd1b868c806dce689c00e6b14563ce35b2db4ca16351 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dfae84b15cda6327025c9486e98e4004 |
| SHA1 | a13c1be1ecf817b311a5d10141a409f0d8b4d34a |
| SHA256 | e3de1e385868ac1685e2473b49ac24391532c9fc3f5f2909499c17f41e6a9c38 |
| SHA512 | 07f2af3d8de06d2ea92cf20439a90db66dc549aa2f93d7f75c5e54c7da54302a4a02e4f96d530458bc88297283037e5410ee861d961c2baf3a7bad27e02ba8b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ee73a31bd0cce7d_0
| MD5 | 7ec2cc36cea75d809c39dba59e111921 |
| SHA1 | 1f09d36bf15867e9c0320df248e3cb710c64f26b |
| SHA256 | 9d46701d08c9df75ef3574275da8c15c1195fc52fe260ea40b037e53f3e8d325 |
| SHA512 | 49778b5ae7ebe2f1b65c91af9d7e930a5d4368c76566e326cb790812e550947e82cbe1b7ef2707ca10a375d9d7d04fb96644deba929c5292837b52b74d52897a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9a267665648440b9_0
| MD5 | e8d32666a99bbe7da45c38cac23720e1 |
| SHA1 | c93822a27d774ac7b5641564e9529db2793f9162 |
| SHA256 | 8e2cbdc568e97f2ae8c4df52643fc30633a5d43bbccb31aea15a335693248efa |
| SHA512 | 55ab11323258230a7c1cfdaaa0731f99de44d7075595b66bcd84a099422df00e4578e6c089593b169b9dfc82077431d40e2a2916221a860b437329265223769e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a7c30afbee172db514d83c5179f99452 |
| SHA1 | 3486671c2178a0d992fc220ade202fb87764ab9e |
| SHA256 | 3ff9f7f1bd34699737f00db63febb612ebe3bb2c2bb259fe7f52065194ff03a2 |
| SHA512 | 10731c20d0175b7d31f65fefacfaf8ca8128ce79a427094d12189c25811a208399428ebd38f6f377e9b31f498f3dcddb7a2328e00ebfadeb0740b9d1afa6ad86 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3feda929fa39bc05bb576f7537fbfa45 |
| SHA1 | cc13a947b2317178e2955b689200edee7e11a17b |
| SHA256 | cce413dffb4f3028b076177715a07986b11f321fea3d7b5224586a9d7a90ba65 |
| SHA512 | 08e6d4f0d750af437d0f097e624c06339bafa5ce633fb249ddc90f212b97272971148e746fda8b2169abf9a4c03912ca17dd4afb6f88b31322f31143c81ab20f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 6db24c3540c6db1613b85b32b0cfa8fc |
| SHA1 | 1c00b03f78a64229d35eea836b797e1197aa2c82 |
| SHA256 | a0c078ffd08ba447e3999bf13fe89ab2745e3c03654053c0c349b4328baa6f0e |
| SHA512 | 89261bed39cdb536d7724360614c94a4a3e15f5903429abbd2c3add377e0e714210c987020eda4f2045c7f4501a2dd9197cabec01923787e6c2bee0163cee83a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 15b018e74867d01cba71b27fd44c708d |
| SHA1 | 62372c767512656b83d36daee8cda08f23e9e532 |
| SHA256 | d328afc5f627330dfb04bb49fdf9b4e365f11342b4431da43ce505ccfde316e5 |
| SHA512 | 5614eddd09f4e47c9e788f3c7dc30afb7034130ad09daf53d605548c28facbfa63b2a9b0e1636c169b4b0788ded3b6a8f5cb43b9646011813f846a7a1ae6376e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 2d26a258dae5c8c3ed82104189d7c3a1 |
| SHA1 | 7af5d9f2f95e7924d192ff477d0be20358d9e3b4 |
| SHA256 | 7c9c15df9e696c10d2963269890d9dc4f2a638b650f53c87a1a29542dba6f7e2 |
| SHA512 | fe738305598191a5a5c89bcb57c64f67b2b50484bd4b0f511c25771b8aaaef082782d521040b28cd3119eea320a94ab249ad85c1611c2ab2d5a9b4da6d3acb70 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1cf639a029f7649c63a0c5eda7ee8af5 |
| SHA1 | 95759db9c6f7e8532289bfad7fafe04b185a284d |
| SHA256 | ecdd871fd3cc46f00fcd06d1cdc56d9897af11de15283515c73ea116d4497d61 |
| SHA512 | 15f19c695268e8269ed2a7ed337b23e5017b44a5ad98db4320b30da3c388e4abf135d981fb86348036242d65bef57bb988c24a519ece76a68fd740ce46874c2a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d3395b51cdbb12433d1ec6d93d02e6a8 |
| SHA1 | fb40acd69f5e2480307235d76073ede425c56de0 |
| SHA256 | 71c73d8dcb6a4c276c6f4446669e024816eb082e42b179783783fc7a20823ab5 |
| SHA512 | db56c01835dbd31ac1ae1f1534a856d1e51946b62683df0e422a81b5d68d092ae5fca88953b6003a699bbac01fe2f05b03504d401565fdcb2f99a889b38dd490 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9c83c54931930794ee37c857c9880120 |
| SHA1 | 3211788b35899dbb63eb32e94d1e6edd3f0e8e8c |
| SHA256 | 3617c6800dde43eec28ae33895e8bde8468200701968e5a981d3b79523db12c8 |
| SHA512 | f47d88eb75664321eac8bef7ac580fcde484fb11171b798517a2c407a776b68c126c9da3cc1df033a88f417e40650e4d3a32f8e10d92900d5fbc6c88e28b65a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe6434ad.TMP
| MD5 | e1dcae3c6b44a6c7ab3574aaab2e8835 |
| SHA1 | 92017ffe8e366be97b95c19e540ff88b38d95f39 |
| SHA256 | 3090a33f3dcf263b7687c2da0f6f448f51814e1395e2c2aef38e4f7e9ea0993d |
| SHA512 | 71aae8758a62f9e94d21da287d77015459311c7f12bf65c136055ec660fbb901aa89f617204798afd04df7ca2a6ebec7b1c5d82f8455a4d9fde7d8f3b5b02940 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | f633b497bb1b06b78c0debb80b515109 |
| SHA1 | ff1103a121d15bfe1b88381b1513a17f13b4bba2 |
| SHA256 | ca48d8b65d4ab2f4b78d1eded5746a3ed2225768b42a7866abfcbbc8ebe00bce |
| SHA512 | fd1ceb2ff3bb6c2b86b5956868902078b33eb63cedd96a3eaad40ebb94ce4be2fe2d270164806f0528e20cec420d81fd1ef741599b171ba9ad7c3a1720ada080 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\652b3c0c-6726-41c8-ae90-bb701cbb19df\index-dir\the-real-index
| MD5 | d2cd99bf179aaf7be1775b0ba037b4fe |
| SHA1 | 93bf9ae09409052c6aa4494407063d1ae22458d8 |
| SHA256 | ef3ee7266d0b8381385f76570e7f848612e6752236fd107ccedf8ef7dd3237f3 |
| SHA512 | e32995d1d962957f00fe1ede2b712fe6461f09b91bf48be53fbe0ef6c093eacacd96db7cf302e288caebe652e46e838ad640e8988abaa82b1fd46760d416cc9c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\652b3c0c-6726-41c8-ae90-bb701cbb19df\index-dir\the-real-index~RFe644046.TMP
| MD5 | 6d96c192037f1ce2b85aca90a4f1bd4d |
| SHA1 | c4eaac84af09fece319884cb57538383a5e36713 |
| SHA256 | c843a53b2f806c18fded36107fb57cd06efb0dc416d984e8c2e25a75298e2c71 |
| SHA512 | a9056d8708e05f52f4a0d7e4bc005c5d30cf61cd63e158a9be3937a096b3ddf2f1c734e183ae0f3f58b29dadabb52300a52599655885bbe391e2081a376f5790 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 5143da63517f01cf86cb0cf0d5a99751 |
| SHA1 | a4e106fca5811cb7cbe86c38b340445cf963d866 |
| SHA256 | 37164fe44d97ae2a594d5f8cb3bf24502036f1a8916870fc18ecebd814c0c5e3 |
| SHA512 | 6eb5b4e12d85dbdcd02c65344234f6b14ae41344bc08e8f9c7635854ff6b3bae4e4677b5295e544de85b0ac3b6360a47d55fc2845e9fcf53513208b95f6456be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1e0f9bcd71a83a51b0d181190d28aa98 |
| SHA1 | 886e7ba9d781317c79fde6ad393951d2f3c20903 |
| SHA256 | 0dc3e3e4a3a0eca909fa68b5dbfec46f718c4e5608dd21b83a1237df4295032b |
| SHA512 | ba576f5f5499a3cb171e5720737cab58a0e897163b7a545d5eff0d1f57df75bd5d7fe2e73da2b9a619561c8f14e13191cc2a14ad0e90b82aee7505ce7a24805a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a0716976e40787b67ef2832caeb4a737 |
| SHA1 | 3c7ba106d2d100c79b33dcbf8fc3cd63dc48394e |
| SHA256 | 068d144e57988361268e4e3c2a6b7bde373fd834e198839901a07921b9392220 |
| SHA512 | 5ca7a7f7c965aa522619a4e8976af56d1d44cfb1c4683cc82b89c35a45cda12c08962635038dc4c2dbad622b5058ce31679fab3e86c0d9089b277cd95d2a16ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a8
| MD5 | 2abd079be1223e68fdd6f520afe8fab7 |
| SHA1 | 0f52ef825e632aa99b80724e2fc419fe1413ff39 |
| SHA256 | fc998bd9e644618ab3ece7ba644b58e43e6503e49b8ea2d19c6ee725c4676c75 |
| SHA512 | 41d1bcc91961d70146f3434857c2265d2c1ec8cb81d388ddd187de5096e580bda69da20cf4ed56d72aac3d4e731f177b99daeec128e0ecd68dd37beedf4b3f70 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a43fa88b1179796e_0
| MD5 | 2f4da9173340233da3c11b0c6a54fa19 |
| SHA1 | 880ff5390b132977f63e9ac7cac7d37cabe614a9 |
| SHA256 | 70b7e6235f944a09a6c95c3a2c866c4757513ac50645362143fd7b5044a577c3 |
| SHA512 | e1912f5e6a65a5336bc8b5f525331c070b165a3bbf7f9e270683884f6f3e0451dc741f8e81bf15647c902fcfcb4135fd9092500ada18bc49282af180aaf5f7d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b0
| MD5 | dee46781c0389eada0ac9faa177539b6 |
| SHA1 | d7641e3d25ac7ac66c2ea72ac7df77b242c909d3 |
| SHA256 | 35f13cf2aef17a352007ab69222724397e0ec093871ff4bd162645f466425642 |
| SHA512 | 049b3d8dcfb64510745c2d5f9e8046747337b1c19d4b2714835cc200dc4ba61acaa994fec7c3cd122ba99d688be6e08f97eb642745561d75b410a5589c304d7d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000af
| MD5 | 54460939adee2ae735d8ac184402558d |
| SHA1 | e9b88020fc803bc449f95cb1221294ce00590367 |
| SHA256 | 23b04b0b2a9bf4c2146efe04f0614aeb76fc0d62fa72adc436baed7a37cc0312 |
| SHA512 | 0a994da0fcb85a1b519ce3c783dc3f7da047a7d66f00b377c3a87cc1e5948f6bf2000349b9cb43214363fe3072e78c9e778075db183dc8a1eff829b4cf4bf685 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b3
| MD5 | 015c126a3520c9a8f6a27979d0266e96 |
| SHA1 | 2acf956561d44434a6d84204670cf849d3215d5f |
| SHA256 | 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa |
| SHA512 | 02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6b2e20aeba7c8486b177038891fc723b |
| SHA1 | 7a4c5d7b93ad67fffe2356f9df6d9f3dac5c1df5 |
| SHA256 | 1aaa880dc6994dc2b024237765a795204b61be46cc9080e46c398e3be9e54391 |
| SHA512 | 00152af94e54deb780b80f3a6a90ecdb7123e0630452b534a2f851261a43e8de5189e0636678d1ac18d96024a9dde1dc38caac83debec2e5989dce1b9846db04 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | de008b5cacab72dfad12df3bd15ae359 |
| SHA1 | 4ec1b47082508301a29d9da2b6df50c80b93dda9 |
| SHA256 | 7e0098a29029462c77a9eb1da4e253a8a13f74e9f63f053065d48bd5e1a718c1 |
| SHA512 | 687fcc431acbc31092fa325efd105db093e11b07a8f901a7eb89b10f8a745bc9d99d72a4dca0b87da27331783a19aeda873e0cb89c447e80f8f76996cf626c0b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\0887b6b4-9b98-46f5-b2c1-28132afaead0.tmp
| MD5 | 576a5506046d1c386547177fe23ffe8c |
| SHA1 | a38009cadab3f3e67a523b4d880d64dc0be172a9 |
| SHA256 | 9cc524128947bf3fb15d28042c72448ac6da61013c638ec3b67ebc5053059d28 |
| SHA512 | fbeb05aa23fa17379753a7f8b8d0b4da32b8a67829a469f17f1fdc0c59755e54313afe66fa47f0bb12db61cc0419a58b4b932f78c80ab1450bc5472b2d997faf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | dd04182a9609e9ed4515221a3d2cd956 |
| SHA1 | b62ffc7b1ee05a5fca1fe33776cca3b3bc40c92f |
| SHA256 | 2b533f03136415a2e879322db5c28f3b39ae08488adb53a44a710f7c8a7c621c |
| SHA512 | a1b0f14f8326af99421cea3c7eefecfb004587b6b31411662183b92d75185eda1982228d73f77481fc79dcde794afcb9651eeaf355c0e78905b61da8d28f8d69 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | fc831b4ea65f06ae59f3a12ac7090659 |
| SHA1 | 419cb5fcd5beac475dfa1e50ab1cfaa6510f3371 |
| SHA256 | cd6cc4a45cfbb8de3961a58fd60bafe67fd01cd4dcc6c686c6257a429a87a390 |
| SHA512 | 1ff32412f2929cf26c934c429814d1b3f1b8a8a10fb271801e47e2fd8135f7de455e6e45f972aff9404b866f890710ba70fd22d84dd2b54d074e576722c33ff0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5cd7e8e83d93bb7d69d0dcb30edcd7f2 |
| SHA1 | eebe4fd91a2586c89d1880daae58baba54f89ed5 |
| SHA256 | e32c67316a065968e682ea67f73f85f973aec3ba8d6f7d05cd5a51c1f36ed833 |
| SHA512 | 665047591bc5e80c20f93639730d0de034a6fbae0dfd7d5be58282c3833f02438000cba2ec0edaf20b7950372bb3d1415293449f9ff236727e7ee11c2a1854ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\652b3c0c-6726-41c8-ae90-bb701cbb19df\index-dir\the-real-index
| MD5 | 76a63133599cbef6243d483a0652cdf7 |
| SHA1 | 44493ef7a6f377fbaa869a7d206c11030db3eb98 |
| SHA256 | c9c752e9abe9aed9257215e58c595918aa1175e2b009f793db8fb4319dae1fd0 |
| SHA512 | 71ca231abb3c5bb47c92f32f2a79467b41e938f4c2b536d4401293c47da38adc0fc7e6c31269b00ac76b6e903bccc79e2bce6f9150c6dc62e7034ccda3c3f6e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000055
| MD5 | d51156aefe1bb617bea2b80267421bf6 |
| SHA1 | 21f5fb668da9d0a0b6b71f2c4f4c2b6ceada50d2 |
| SHA256 | add2bee75d3c9389bfe4ccafa5f08a9f1d3ab2f644c7ea02255070479d09bc72 |
| SHA512 | fdcf53ba59bc5e72954c6f13183e248354fbf6be8a51ee4bb7f4c9d01ca39c27c1eeed184572900caa4f48d279acd2b1c3ae0878285a46832f0724093898d8df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 7760f0bd5395c92ce0967bc0099a2b72 |
| SHA1 | 573288c8cb33ee9bfd7e55d56e33bbb7c4831039 |
| SHA256 | 77d361745d533bb93135ac18a65673e274109790af2f2eadb387b0923c99d7fd |
| SHA512 | b4862c6fa3758f15d0d159bf770bca0576c6559087f8244fd57acade3efbed8fbd7635b05247048ac9d02eb6a9b92d077720bd1d9d630526274ac2045f700ab0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | e61876043ece58adf87d71cea7bad396 |
| SHA1 | 3f23c396a35a9673b2c94ffbdcae271050d2eb1e |
| SHA256 | 32227e81151482fd1cab5bc3041934c74208f2a3cf984276937ea90adc7beb53 |
| SHA512 | 80ecd2bfb00bd7743315cd2078a22de48e5cb0ca650a4d1307b3f842def184fef143ba87cc77aeaced58677fb1ebd6e2be5dc19740ee92bb6d4366192ed85769 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\95b5b91a-8d8c-4f79-b506-a75f915f8b99\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000063
| MD5 | e097423f1749fd6a3e21ff2df812947a |
| SHA1 | 23b26e1e7826cf458e154e9cdb0f1afa8d90bf9e |
| SHA256 | 3dadbb5d4e785122b1174ee12b248088e28fca6aaf78e4f8251c512469e35872 |
| SHA512 | 65a4d58e729460c496d25703e41a7663b96d5bbcd48b3fe10d7078ae5f305814ca931d7df7b5a50251e6787344f9c23308a2f217f206919a670ea9d13e9de87c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4c7212666aa4baacc41be88e4fc3751c |
| SHA1 | fba332a9035ddce4e4c3f7a243fad7bcdc792a3a |
| SHA256 | 4992454a5c3fbd3e59d7176511608242bf2746a5ce138a63b3176d3c5a102059 |
| SHA512 | 150f1ce753172c887c31f61d3b40b9f7d158442042d7c788a78c3d7f785b5f00ec3e322676314500db4637baa7ac8cfd26a6fdc28670dff25d6948b079d20eaf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 299d9ae16ae22310cf2e910ebca5a6d2 |
| SHA1 | 6c67d701a98fbeae36cf56ecce9aeb22d16583fc |
| SHA256 | f2a979fa1e753911413460802cb917549a69dea949c88017f8027a5f9c4e60c3 |
| SHA512 | ca04f28c3d5092fb427fa1a426e13cfe3780a4136917429d75588091597e18ff00fa9d2bbf214586fa8b75d99a8a00ca83d0ee08938544ee757ac7072d0050b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8464f6f30e9c678cbbf4f56013a51314 |
| SHA1 | 721fc07f38175e6f13640a93e08623dc1c89eb9d |
| SHA256 | 71cb9a672858e3ed71366d0382e698a4326f69a3d78a7957ef4a5a76b7dedead |
| SHA512 | 1b720f9cfa7eecf03d1912f8bbc35674d77d7558fb34fa0fb2d1cf3d046fdb94f6750ee1d99b71a2148f304a242277c9a4e2af2187c9f64a66664e8589900771 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004f
| MD5 | 1183ace68690f4de0c3571f4ed05cc57 |
| SHA1 | bd7478a0244ec28985db90d59e72604c687fcf1e |
| SHA256 | 87a41d8b8a5ea4808d65574908b2c63e0b925b06a8e2809b69b9c204f235f62c |
| SHA512 | 0a82d1ed585d014a25ca4ff3af2e64e83f3a529352a8893b24f4f1150a495de45906430e0ec0bbf0b91ac62e94c80985ad64dea2df45fb8ae2a7621be2dd5d9a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000051
| MD5 | 8b7e7b8c23b3258a2797eff7ee34f466 |
| SHA1 | c14bcce1022711ea331bbe8f36934dd7a668b1e5 |
| SHA256 | 1101c3511b7b6e02a37264660514fb7cb52983b3c878c83073cc62914a446aff |
| SHA512 | 868dba59ad30dee43d80dab8f0c73993157f94f34dcad866235b51e506af92a4344c601c3537dc13e2cf192671cb09eb1496550fc9c7b28593d176c7b6842dbd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000054
| MD5 | 401424dec575b5bd40fcdf3d8e156bf9 |
| SHA1 | fc7051e7c9c855a7d396e2d6eaddaadc2c2335bd |
| SHA256 | 014e7cd2d67b5573a78c65ad805f7ab1ddf085f5b23ee6fe73af8d8f49b4ad89 |
| SHA512 | 4a59e0b1a6326914570f75af0344f5da1cb64c053a928916b648e318dc232ed0e1cd4ccfcb053dd29405395203b7292c45c8dbc2deccd82e1081b55374e2640f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004e
| MD5 | 18a64802714cd620582e3070cfe247b6 |
| SHA1 | 8b07b5a18b9378816ad4ea50545aae6c28796262 |
| SHA256 | c920432f90cdfb91ca4074cf59d22871407e1d2ac429b95c5ca46690ea4314f2 |
| SHA512 | f8a66354bf3b6ac887994f48e84d5d35fa38684c0c621f90fc9c846074518ddec7e3f89ca6a924456c1f54f8323ed2d5649893bc2d62061724e281a9a9028ab9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 904fc5ce6ea93f3cb044e67358fc48c7 |
| SHA1 | ae51caafd8376adee35369541afcf3244beeb8a3 |
| SHA256 | 58ea9613a5b40fb22f4f7bd65846609dc1644fabcea1506faac0a833b2b21eae |
| SHA512 | e3277c932a285c2b31e71e70a71f06966afaf5a3cd630d4d017463acd5f4f0f6fd5e28e72993d2e65a64f0a826909058dd6cbe22dad97b6f5e24856213b6b8ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009f
| MD5 | 159b013b70d17b31d5d89fe712f8923b |
| SHA1 | 65ac8ac8b9f2333c3c206a72f029423d1d418266 |
| SHA256 | 4b844e9d3c4934ad358d8f82da9a6dadc557cf2ae035d5ce919206293c659dc2 |
| SHA512 | c8edb29bc3bf85559d3189de64781609cf195bf2780d42ba7a4fd658fbc928f7aa9b4e46a76aadb968a5d644cc2ddf81ac247b3a3708a5359b25b8684650af8b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009d
| MD5 | ef376189e0dde65ddaa0ea7c28621d52 |
| SHA1 | 8776ffd60532b2b3172bfe6d084c5429f28b0e3d |
| SHA256 | 0fb06e9e3d1fafb1fc68d9e7988d637a6425042c9100d39991a8a81ec0fba4e3 |
| SHA512 | 1cf47b0ace5e05e2f62062470983ebd23ed2f4a098adf75d86026fa4c4716dc288b193daeefcc156f6101bd6153538e1d67e525b31198e5360f4ef79d0667e2a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a0
| MD5 | 8fac76b62e43e540eae96c1330d4d988 |
| SHA1 | da7c85d68b5ba627926ed856f3d39814ed9d3a69 |
| SHA256 | 824427ad4e2e3a505e20b51f043c9725f0db309bff13158bf1789645853ab8c4 |
| SHA512 | caad8f502753902b13bd8ee499e3c0cc24205b6525f46f5bc0a0e20ddc75239a39a5f3612fd36cab7216179f23a7cf911168869595b2756b0efd1de1e7b2eda7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a3
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ae
| MD5 | bcaddfdfc6ec5a45df21f6bd5c67a440 |
| SHA1 | 0ce783b0503ebdff40270964fb6f36ab762e6678 |
| SHA256 | babe221768bf60f79a6743f20b1767ff55f4fa754f1c0be1b137f5a4ed0df3a9 |
| SHA512 | 4b3b58d1c10f4dea4c101c1cd5db3a16bad7e0c9dedce2582eb4106a872c72523a48a2feabb898d7b428e896f5e319035ff67f91e534ecd7378468b40e62ef57 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f3ec863592583d29b6fd63274e84e1fc |
| SHA1 | 3c99b72c884383255ac8011d834fb0991583bb59 |
| SHA256 | ce43fddec3d6be086751ceaf4664f401d856b28d114a5ce389c9035c0a7b0cc3 |
| SHA512 | 0f52d829012f17c01039ff1ff612b6a1bfb3cd8a34b750511df816ae0f584fdeca25ad83654158ae2add1bf8b1a82fc02b16237ba3f066d2d941ec7b171d5dc4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 41cff871eae04fcbefbf7efd67c3392b |
| SHA1 | 5f94589594f3789973978877a0995fa076c59160 |
| SHA256 | 43dcd86260cf228baeaed340c416824e6edd544fe36a1a5684647ddf8f3422a4 |
| SHA512 | e44e47c4d71d4afb93c0a1bfeb07447745ca231d80f627031633e05aff5cb81aa35958b4ac8dd4723ea88b6f55ba3fad7dc42d75f13e6c17f43dae106f3c77b2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\652b3c0c-6726-41c8-ae90-bb701cbb19df\index-dir\the-real-index
| MD5 | e507af4bb20ff744c53861dd20adabfd |
| SHA1 | 8d4041fa1110035fb7270093085011edc7e66cf0 |
| SHA256 | ccfecd21de405e696ae213cc34551aa9545dfc8abdb3494319b359f766b72be0 |
| SHA512 | ce03b9ffd70ecf574bb59588b0f06da7a5de8f7e009b327681904d809cda5bc6a3599fe2d01007ec5612721b5787f8c5fa8aa16c942d495402932ca4fcfdcd35 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\8f079e8a-1b18-49c0-b682-0cdff93ab2f3\index-dir\the-real-index~RFe6546d8.TMP
| MD5 | a9acd9d280cc3ea7b87b875526a765c0 |
| SHA1 | 8065d5b3b6b4892b4e08bc01d97e2ed9cb2e7659 |
| SHA256 | c8e59c581f6751cf064203aac92d9c44d107e9bf33646a8d5932a429c290d024 |
| SHA512 | f216a718ef7c25484c695a61381963b8481015009c6d177425e075a8c4b3a732a2e67519d781ed0475a75b7c4b234dd2fce6b6b684450ee715e0b29d30791c6a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\8f079e8a-1b18-49c0-b682-0cdff93ab2f3\index-dir\the-real-index
| MD5 | 37f0d199c036f1ebd7b4b6f77ceb44c2 |
| SHA1 | 5ec9efca5ebdbaa92e1b7a89633d569c8b286d59 |
| SHA256 | 387a1bd0338e1fad0567078b1ddc89256512c53bccaa74903ceccd98b3889534 |
| SHA512 | aa35dbf976d7137b0efef81190984fc1365c8b50b8dd49648f5511d0666d21c6b414c536306823f297e0d519c44ccf34c8056c4f7a2aff5c3c26958c40aed86b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | e7ae3b79abb0ef9b60f3e4e53be87a46 |
| SHA1 | c2170896032096996cf6a632cb214db95a99b609 |
| SHA256 | ce9c714fcb8c05d0cbda3d093b74df0e7d1ab21e55f838e6408e0bc18fbf50e1 |
| SHA512 | a70e7943acab83858fb85e4b48e54750bbb876df2084e71dafecd99887637f8e35cdb13e399baf5f06c384fb1637e3d503388ca99a7a9a1ca2305a10dd4ec458 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 6a7fa9fd472b8ae3f5ce1824a6323e34 |
| SHA1 | 511ac30a5383d3257b45b1a9d7771a8921c6a2ed |
| SHA256 | f0f2e46d2fe6494ce6d6ad2b6796081d787dc42ea9b00279251665d84a1c0f76 |
| SHA512 | 262ae6f6cf87667c5576fef5d17245279470b38aeb5234fd2d7fd7a2dd5ae7eed2ae834cd1a9568854650237af6b19bb2d980d20093af610f0a39084141cdd3f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a8f3948b034c1dd573f14d01be1992ea |
| SHA1 | f3a80b7f4fd739a25e73764411f37b4bcf6eea01 |
| SHA256 | 17e9ccb4c15b4ec8aed0c9e1572a06f93b429473a520a362b2c3290a30a8a1ef |
| SHA512 | 1d6dddb29cc7ae2588e629be10c77e3965324b9974cca7f9e8dce87130e5a5ad17f101bb2f637384241b900dbc5a44477376c0efa51825dd52db3805f108bf91 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b6be5f07c153576f98b0c2325ac5ecdd |
| SHA1 | c8f0db322ba9811623d65b2acf7c5763898b0760 |
| SHA256 | db9b08fbcbc0fc9d7f6830e071fc8d35ce83db92cd16a61663e01e6ffd74b75c |
| SHA512 | c98e6d4b1bfadf25842aecaeb6d6216914fe7a431eea0cf18bbe953c198f96cc7913973334f852644722ad1664b7f3720af90df52aeabcadd9d2d2d99d1b959d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 1061ff3fcbea463a992fc178404b129a |
| SHA1 | 5595b32ca5f639763abec38078ad4f28c73099c6 |
| SHA256 | 0e369d293d611937c06dcd1d76b9ee20b0815b98365482dd0cede0cc741f4fdf |
| SHA512 | 661d8b970512d9a55e0ee9501110005e286ef2d5f4f33b434801ee98c3c3b78949a0fc65b0703c6435a7b3a0094cddd03713b15dd2c7e260c7d7bccb1dc04d37 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 39987862c95e555c00f994580e736ca4 |
| SHA1 | ca4ee1945a14710096fc3f368887cc8ede96f959 |
| SHA256 | ef09a91b40968f3ffd241706c932930e5605f16183b92c6e9a3b830c469c46a8 |
| SHA512 | 17f07073c9528f85eaa1b55207d2c97dadfba97ae5188e8dce8b6dc74f0c6e840052c41072be0fe9c474edd375b69b5eb4695a924ac7d3ef39f78a08b9ce91d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dfe07f2c15075c28_0
| MD5 | 5047186e46f17cf3752e3807e8cf080f |
| SHA1 | 7cba91ea2148968449a81f30808b71858956144e |
| SHA256 | 5962ab147dd29d6ee236e7bf9f468f3c7e4d7a61af0b3e6f4b7bb8b3fa1ffca8 |
| SHA512 | 9a46de3d8defdfccf403ab6e10d2ea6b80c3c9b5f4879c7a5cace0b36bbb6094dc8239297e9d30c86c0907ddbc2d4bc345c9ad42634157359bc7a94a1969840a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f9f54d7f2e6cf0b1_0
| MD5 | 9a7e7a0be3e9b3cf0bc03bcaad64ff95 |
| SHA1 | c0254a2a7894157d23c6e7cfa9326775f13e4879 |
| SHA256 | a9c98c36bffb0412d9f520d2ad067c1e3176c69473e48fa44b580d2b65266d00 |
| SHA512 | 70cea8974e1d6f6f14f314337b73e040d2875d852017714ec7d36321245ef00102d0c432ca8da832846b83fca1e92e6fb1078a02e96faeb48956ab9959fdd585 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5a994fe24b451732_0
| MD5 | 26f7a5f82f6b371f62db8dc541d3502c |
| SHA1 | 7e55b576b35d5d6af51ca8e822ca387ae2ac827e |
| SHA256 | 4b9d513eff0702c43d60803b1bc20445a35b7bddeb7d20ddf08cd2b5f3483a4c |
| SHA512 | d8947520e3d4242472c22e283b3e5149d0b57ed4b4c265ab2f049ef492ddff3fab5ce5c741758b14fcdacfb2ffdd821440c1460390961beec52a6136e3980896 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0bbe00d9bf7b798e_0
| MD5 | d27e0c5d6a97c33ac0f2dc647bffd3d3 |
| SHA1 | 259b6953f6f373abea10dbcb367fea96bec82d07 |
| SHA256 | 470c811faac305cb1c3b12d1f54756e951422faec5ee666aac08604a792638cf |
| SHA512 | 3b4318eb2adee31a927d66687d78567367d0ca80162243f910cd7c01e90a5c34f0fd96acbd569fafaadcda6baa5c3e17026c9cf1a03844341eabd6ff1870c6c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\580fd9376c2d4a3e_0
| MD5 | 3f9596cbeb5b9d4ab5517dfdec83f942 |
| SHA1 | f216c8d3bca7026367ce4e92297de296e234018b |
| SHA256 | d66ba7927e0df81a0b47d5d6e4be24a85e09814a33968bdddbe100e71f1f2098 |
| SHA512 | 50f05bb53f7e0a2cc209f4e576f3fccc6b675cdf9721d81aeb82fddd7f1fd89fa48eddd43ee3c6ed3acd128225a3e25e07503caf370bff1e847b9789bc6801d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\47fb99fa764e39cd_0
| MD5 | aede70b95e546f455f7780515b27091d |
| SHA1 | 710514a07aa301400b66d3fe640992cee83f7cff |
| SHA256 | 2daada6ef53d4ce7b4192d32a0d4eb2fcb3636c856eba6d51e59f4883501f3ae |
| SHA512 | 4a4d61f82e16c3453fe508e9e39bc58302e08203e0110c2eacb561b99f771450ece9baf74699197944ff42b87caab7b8183beac64b25054078aa76b97fb532ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d7a29efad91a1117_0
| MD5 | 1c674c2afaec66f65ad282afc5a3fb4d |
| SHA1 | a0981ea66e2160de3449ab7d58277a99bd970b83 |
| SHA256 | 7fde86aa65bcd752b5c4954fbe3320b24a8881ed35f1dcec99a5b419e3e8d528 |
| SHA512 | b55aaac76c3226acd6eace6fea3e264f1cf8d008026284f4d6395dfefd51545b287c051b25af945e94cf58e504c8e9491197ec1b6c598f2e630c336c84d3e573 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\605167868572c6c4_0
| MD5 | 79104aaf788419a7071d11c8b5c86221 |
| SHA1 | bcc32b0bef01e70dfb53ed0e6309f9440926e0fe |
| SHA256 | 46bcb46878f691cca857a40c18bf858eded22684378a5c28439c58324f2b65c1 |
| SHA512 | 5f61ff211d3e9bbc35e1c9420e98b17a69ec7563e958d13d5362416790cb1c6270fd490e7b80e43d11b1e6da39b208f4b48b3649759213259df05c94c621158c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0
| MD5 | 3bef54cbd2bf9531df4d710c61c7f98d |
| SHA1 | 4c407ce3e4e444f89c07c78a935b6c93c1ac0382 |
| SHA256 | 69a5f50d5fb4a8f6b118c91a7502eec4c88382ea8a728ad31b5dcf7613a14ba4 |
| SHA512 | 1073bf5af922e1c83983d7526cde5e5232bfa2622592e18746b2f65c13e7ec46154d8ff90452b2af18b03dd4b6ccd34b688fa3d5e1b7d496f6bd57fde4cbdf18 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0
| MD5 | 3480d5f498e2a1cf7f43fa8232c5450b |
| SHA1 | d767636bcdb4c69ddd2a38d5a658faa1209dd862 |
| SHA256 | b9235aff17c1e193d882819bdc5f6828890e5b014e07d198fb906f296acaccc7 |
| SHA512 | 7ca8d0951b7190ccc4be4f636dbb349a7522d740e700104aca2369bd903d769924e4cf4c9c3eeabc41a11a185fc7f8ce07cba5203b2c545838294899d694471c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0
| MD5 | cf5e4bf36a7a5eaa08bab34b7cc8de2d |
| SHA1 | 032b1ab6950bdf224974521d95518b45e0690bd8 |
| SHA256 | b4592b7d4d4c2e2babaf0fcae182b04f1a10c28c456113f83ad740e0e58392de |
| SHA512 | 112c2990af4979562b89671428be1b8453fb15ae2fb070b01731f9d493e174ff97305441c301e62abd7f8aa9dd6ed994d776fdb5d872ca8b514f36c6369fdcf3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9412c8b664751f90_0
| MD5 | 62405b96d1f742dd4d4dceaed30d03bd |
| SHA1 | d89adbb2c1787d6654835a606cb374245ce275f4 |
| SHA256 | fcc67a9c4e4f4c6457bbeee509e6523e1106db6468905e9698ec2816c37f8794 |
| SHA512 | 028fc9425a4d06cf2a21b9e5c8c6f5b54f2781a19e390c93df2397314b6e28dcd0a6b143f5039cff77d36b85168c74a5e499c101ebd48fa2a999d366e9cc8dc0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d0c04f9998369cd_0
| MD5 | e0f685dcf1b16a816a1e530f01b14274 |
| SHA1 | 79f6c9c4866b63f11acd53819470aa454264a309 |
| SHA256 | 2c2e83d72d74d403ca2e454eb77a21a0afb4038b7338eaea03501f023ef2f118 |
| SHA512 | 26d36d65ac94ef1033130c2a20668a7f9b1ff1ac5414fde14f920d7ac543b5f26dbc3e0a2c9f20cab6c7040a10e15a498cec53f025394a8f38508e137076621b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5dd1e579c9681f95_0
| MD5 | 5b40a2fc2c6b77b785ca52c3ffead6d7 |
| SHA1 | 3967a68f16cb922239e4b9f8b570f178c44cce9b |
| SHA256 | c4e7ddd7f6f801ec67c024e1636cbe532180a31f11423f829fe94a2c393ba69a |
| SHA512 | 3f9558a65b09f640c50917fc8371ff2d51b754592258aebe336da120338d3538a269e6c17c35187ef76558c2e060ba032178d56df3dee02072e7d5bf3b14ac70 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e55f0a6d1b533c66_0
| MD5 | 517bdff189f25d34dfbde4ba0ac7e35d |
| SHA1 | c4650dc93e97abd08cebd1d5153b2f6e08c9effb |
| SHA256 | 6c7a9eeb1009163f0912f4cbe782a011a13cc5eb1a3bddf9153f06d51c5fb677 |
| SHA512 | 230dd04fa157a1bd37b71e1f410199d8343add98ba9c0c9d40ab569d263e0824acd2dbefa571b8589a929ccf89fc50a6a90aa1f2d8ba98ae5edaa6e1e6008e0f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0
| MD5 | 4459764df15aa8b81752e402e10df1b0 |
| SHA1 | 5cc75fd8f3cbd43b85f0ae52eae559db18b64d49 |
| SHA256 | 20a81db338756881216253ea9b7f3e8f958a6afc8c63d9ab64ccce2275e755f8 |
| SHA512 | 66fae8d962f93af4a054d5a8fa6fc28398bac0560b5a7978468b8babbe96a71a08ede96a068338954493699365cba1a54030adf5c0bc22ca3185fbcbf70a59a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9dbb949d27873cbc_0
| MD5 | 00f635ba05573aff6e43ea4f80c53a7b |
| SHA1 | 6c331cc7327d13a94ef4828e49518c594dea71b8 |
| SHA256 | 74b4adcf31e887d8dc6da8f388358cea5f83397ce3777b71bf6a066dd40d0b2b |
| SHA512 | 976929fbba239f59bfc8a6df8119b7e0682b58d121724ae0cd9764eaba9cce23587c6e96984c4b16273a2cb5be1a4256441b5caa2aa8b6caa25f38650f2e53d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b3e82669a81c981d_0
| MD5 | ec622d5b33434abaff70581927fb964e |
| SHA1 | 3e1aa6c72acb7ae211e8a4718c11a52452a9aa4f |
| SHA256 | 56623d49dce56dbb60b20a639eb54b791bc0f8154370833c7e13e48b7972441c |
| SHA512 | bc073f157b6dc6b4d36692fec3fb74f6c0873856da89b59f1fe9d88a7dafca728e4884f97336f84b5b8936a94162ca8a7efc4a8bfe1c0c65f83e2c84443b5eb3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6d3b0ad57bdf7db9_0
| MD5 | 0a57240b626ec6a8ad8444242a954f8a |
| SHA1 | cfbdaa0cee31819bfa3e6769afe156fcc3cdaaa4 |
| SHA256 | c151746c6ff4a4b1acd03249f070f4c12265a5b46b25359a6c4e1eb5a48069b3 |
| SHA512 | fd848f61769bb089c57265d95d96af369953bfb0781f1b82a66e76ed48808403019caec456eac2ac8196a9df010525b978514f7c74a161b6dc1ba6ab2ea55b5b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daea348421cbc209_0
| MD5 | 660b907b40aac0efe84fafd7826969a3 |
| SHA1 | a992fa763f94ee05266b985d5da3e374cbb2f265 |
| SHA256 | b4459d952bf72e01b5b9e9829ac559f3ba14a91b4a5c58b14044128b811a225e |
| SHA512 | 057c8ae376f8ddfbfeba729f07f7a3ec0f13c901f7634da8f868b0651a1ac24d49496c318ae0ad3f765a34652cbfbae4d631ef79ad95c218fbf1174c3e0f92c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_x.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5360f6ac5c0a0467cadefc5ecc101fd6 |
| SHA1 | b3ced767e655ccaab0c62e0bd5a2e99f31450196 |
| SHA256 | a4aad10b38faf3dbbd3047b81c8f753e0648c9175d7754097f6685c38c707447 |
| SHA512 | 4fdc2325bf37b060dc48c60e06dabe1669d294ad939cc4d66992a1806215d37344956f100ea6c8bef022c0ebc271da5be8ea281c4d983fa5a0a434020dd0f75a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3ed92345eaa15f0e_0
| MD5 | 51aa4e1e867daec5042f9312c00d3b19 |
| SHA1 | 1ce6f54e9c4fb619b1c605c2b6ccfe44c0a826b3 |
| SHA256 | 0598c800331ea9d163dd4cf35dbf2d9e055f891e82e868e3fd4aa1e835f1b338 |
| SHA512 | 633c2f5cfeaf323d0394c615b8e79d768be516d173e0997effa75e7e862a8ab6d794f9388ca93a50531cf6d61bc0deb631eabf18e735bc8d8bb45d33a35392d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0373765715b33cb4_0
| MD5 | 87ea39e2e124a33af79ec1eaf954d648 |
| SHA1 | 02b677bf81a6308fa20638b2738ef445f977169b |
| SHA256 | bf4f3fb957a197f8f716473e84fe5637047373374c3ee924821f5c70394fd082 |
| SHA512 | 752c765d136f6fda05762284b971263ce50b72e93e0d2bceff060423b4a4b5a883f2db0c41eecc35b4f17e26477171cf8c3a6ae3cb1b21e0141122b7269c79e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6e1427d19ff38087_0
| MD5 | bbcba828639539c4db93aa143bd4ca87 |
| SHA1 | 1239310efde9c3d48c269f9659cf726a9b74ed12 |
| SHA256 | d0afa4031581dcb8ebbfa976fc55cf4492087bca13e399632443e7b1a25ab616 |
| SHA512 | 2ee7154a966198f2fc3a074c46d38abe83ad20dc26196d7374520c1bce1b509979981c8300e4533c4ad4e0cd097ce4f602ded31015210fdd49a563bfebd4ef2f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\83d6d3a772bbc707_0
| MD5 | e72924bd76971bcc1a7509a84bb5bdd8 |
| SHA1 | 57a950393ce1c8ecc801f43a752628b307b833eb |
| SHA256 | f265afe692661cec792e45729fbb6a1de4571a6f7fd928de74bde2a28f098ae3 |
| SHA512 | 68755324b4fcd13125e77fdfe116b6434b75f8e3339e2082c7e66415d88e8e204ff4d6035f15cff0ad1eac6b20fdb45830d5209dfc992d73024e7eac1fe4c349 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0
| MD5 | c5a03511dc3ff421222127393cad6010 |
| SHA1 | 577725a826655a9e628572605b701d89fba34dde |
| SHA256 | 1608166f2fdda9c8813391abb25611d4f2a08b66c4c7b67c4fdb152865c0aa43 |
| SHA512 | ca876d916721355341f2ef1eefb6e3cc1355559e15f8861a91340a54f5885e2cbf755d628dfb94ca141d489dff667ec776ba177d03dead4ff82d9fbde365dab6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\06b15a94f5319164_0
| MD5 | f83a9adfd799b723f6c16d46090ae709 |
| SHA1 | 258261a2614dfdc933f2201e257449e399b04fc5 |
| SHA256 | fd988df14442ed0219b098b8ccd779eac2bd55490869ff88ffe732b1437e23d3 |
| SHA512 | 30c064006ec4c41c14e67e9b03c5eb8e147e113cf319f761552451a2923d0ddcd5fef599fe24e650d242d404527740d8e631171cf8f294162c087615a832fc4e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d3dbb3008455b523_0
| MD5 | 6734977153f4aa7586018688d4b09f5b |
| SHA1 | bec2397267a301e68f42e212067b511bf444dc3e |
| SHA256 | 767cbd8f9d630fec7ce2e22a177e5436cddfc767ff8b17771b0141a04676c245 |
| SHA512 | 9b971a0b84d85f98a6076df22fdab19df3f4de3c4079e69eed47f5f5ba167b49caa2bb92b006024ed1b00f22ae63562859998640866f03b2d58453f6e3a21358 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a267b7c21d8b8c9c_0
| MD5 | 6061b72b06ce0cc21cf9d5b03b86bed5 |
| SHA1 | 271b85cc8d7485702b93421b157a60c0549e7abd |
| SHA256 | 9ed78b0620b6ee3dd19304a8d8226ade541f4209828f0d9a61f14e102d54a10e |
| SHA512 | bed2eef70b08e2e47c3baceb558c3a5ea49a1ba93b92b63f23cab1368f05f27bf933af426a78a6ae5a47ff1614c2f1ca553a40f2266a0d1be88b81e41848c7b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a09f6271ad0c4092_0
| MD5 | 3bddc905259206c4281002e41f7af4e2 |
| SHA1 | 2592c40a40e2c1a1a7e97bcc425fcacda7cac27e |
| SHA256 | 2a93a7187073370c25e2d70f8d334a01efe7c6fada59fb802e624dbcf0ec17c8 |
| SHA512 | be8724fe41575b33dd9d7ae6de4209e7bb2a5f11cdcaa55688bcb6b99c924d43d8f6f35fd3cf359f1dfaa27f645c4d66deb33ee28bdb31e5ca2259c5582bccd8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7a66a1246c4f29f4_0
| MD5 | 2d420b0efe91680b264e4541db5dfeb2 |
| SHA1 | a16909bb7849bef3ac696c4ad6271b992c973c7b |
| SHA256 | 917789a0d0d6418364042801e182a93d313718a7c02e5332b1f93ab38b596d79 |
| SHA512 | b508812e7e62304579d6add42ec5a7791a79d3a839071c4044b62e50c57b2ced8d0d6b2c10a53319c782c1b2e9298f3bfe9a1349a935c0adaa84b3887dfff004 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e4f85019800026a2_0
| MD5 | 22d22bf81ac8ea0b7a4b697cbec3e042 |
| SHA1 | 1dab1d09dccddb71346b8584e5bf871e584cf0d0 |
| SHA256 | 09f375dbfe80d7c2ec15f9b53d863c24e3fc0f86f43ed43dbd9ec737fea3909b |
| SHA512 | b5ef0d29b22e3677fcd301edd881b1866812d4e9eac34d00371273aad0132f50ef00dfde34b0bf7826cf46bcfb31426f63e331c68ef3d68c4337b23e240f5150 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7899d2b49a9daab3_0
| MD5 | 0c34168dc9c444f3b8dffcaae24714b6 |
| SHA1 | 18a47e9aea06bb5aa61792c524db8f380f4870e3 |
| SHA256 | 34b1cc1cb30a096b6024865fc029a6d931d814bd0ed32cefb2007a3ce8db139b |
| SHA512 | 303004032bb5072fdfbe3146c281a8bc5aa2094e6d7133f102d0d0bba8459fa0a9069056c31669062730972b2a406437cd6e930543f2ce2180b4af715592197c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6a26de030ab5c02f_0
| MD5 | bd5cb17784e869e088099086c58fc69d |
| SHA1 | ce378310d794f76b02960e9570151710757c5985 |
| SHA256 | c8afa89291badebfab7feff1d0db18888359c7751fb0f0576e5acea37dd8537d |
| SHA512 | 4ac534909466f5f1fec0a00d2e1a06d1b3f726f888e3d8dee2ac1ceea32ce26fe953c9eec1d61752025549253f3f5dea9b8984177a19391bd0f9eb9a5ad401c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\321cc95719d84d9e_0
| MD5 | 96fbbf378539143885c40e3ac296e19e |
| SHA1 | dd299b9d7f977424450789b35525fd3640cf4b13 |
| SHA256 | 8b2d66b86e4d3835577eb21fe85d5065deac88bac46de73bdf532e4c08840341 |
| SHA512 | ce2757c8f7d5f1a4196eea71097296f27db713aad745b647de6d8e150538e50fa17cde24aeabf3bac629ce57b5ce933b0c296c970b9da37fc75255338a5ea109 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\14ff8116b518ca2d_0
| MD5 | 7fdeadbacea728bec7c6f2b177a1c8b4 |
| SHA1 | 3eeb72f5300ddb7dfa65b83e7cb487044de43168 |
| SHA256 | 2e2aed84b5f179add26121408357f1c04ccbc55fc5857ea336fbae87c4c5700d |
| SHA512 | 3ca9f463fe041c164775727cd155e2898733a22d58835ac750dab8d0fa1b501ab99e1864f550de274a75b9c42bc3dfba846ed069320202b33024637e2ddf0105 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6272c120a5b6eb422af7785a27b315bc |
| SHA1 | 3cc8ecf40e76d7ed2cabcbc92b62cbf57e27768c |
| SHA256 | e8829916cfdb5c132366a5a817910d068cc49d09d622614c39694248fa7d5717 |
| SHA512 | 346a2191dcefa18a4b76f3141de6767efcb61d28c611801ca6e578067459dbf3ffa803baa2f3d5a71a09693d229ec90a48588fed85af87f2553e602461bd27ac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 62a8dd62b16d67e4752608425065f466 |
| SHA1 | 34b4c36ae1786a3152ac5e6d6dd14ab7efb58f3d |
| SHA256 | c584bf76a3f5d27c29545f3eb2fa54aae0e1edf479f300343b7dd80776139418 |
| SHA512 | f179c4e71b40467bafd80915bbd07cc7341124839bf525bca26dd81f82bb455a43dcb95f10384786c7610a90c77cc1ff6f5aa3ca1f24e9f94d11825c32224210 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cc908a7e95f89ed6f902b7f1d913ddc7 |
| SHA1 | 43be9f51f06058c329a6fb6b3acf6e8c1bc18d75 |
| SHA256 | 05d7f4281a335ced17fe095eca5eb8cd156e7da8d6c1b45a6e70446a19651d6a |
| SHA512 | 779b7de8d54ba29fda9b9750c21277232620c2ebe05d6cb2e72d29e2da0fcf68d90b853e4d5fcfe30c990450148ef2160074daffdad5b81cd78fd251de3da1c1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | dd4cd89f58c4f1abcec550406a580006 |
| SHA1 | 988fcaac4f3d796d6664bb8590297a139ae0bedc |
| SHA256 | fbd27cab0981eb54e760ca2554617204a9f7f238b9525159a592b6fb5011821a |
| SHA512 | dc42e1b779c4181845f78876edb8e4dbd62c1112752dc4c867b1faf905e40976166104b6e7bea6cab76c0317151982e03f358453b04adebaafa949d26d77e4d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000108
| MD5 | d4586933fabd5754ef925c6e940472f4 |
| SHA1 | a77f36a596ef86e1ad10444b2679e1531995b553 |
| SHA256 | 6e1c3edffec71a01e11e30aa359952213ac2f297c5014f36027f308a18df75d2 |
| SHA512 | 6ce33a8da7730035fb6b67ed59f32029c3a94b0a5d7dc5aa58c9583820bb01ef59dd55c1c142f392e02da86c8699b2294aff2d7c0e4c3a59fce5f792c749c5ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f88ebb9b9966775b838b7e9d0e35b0a7 |
| SHA1 | 70593dc96f21fc0a33b7d1911b72b946f7fbafc1 |
| SHA256 | ef3736dca656b679f5fe996e0226a55219e9eebed4e8f13d08deb5373a76066b |
| SHA512 | b4d501565342a9cb0f249ad01b4e424298ce37fddb1d708dd694e20633bdf1ef879246ea5827ee8d8c7487f8e4fbad5421a296bddb079f466db61974f612cde2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bc28c5c465d482c6847302217368fb6b |
| SHA1 | d21b07dcb37d99b19dfacefdc60510391eefe131 |
| SHA256 | 237963741c785634cc310293c19ef15a25c4c05f6e012bf7fa124a683a972995 |
| SHA512 | 64094378a1484691a7f589f7c94db322b6115ca696685c4e61e270d58edbee803164a57dcea0357ed984737b8928ec73232bd75dcaf56721c7cfb3790c9dddce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 68668f4b6ffa79b4baa07c21be517341 |
| SHA1 | fdd0bc856563759fb9acbc21b8c430e9c326f03f |
| SHA256 | d9d9802c9c17f8f85eb7c4ee2485f34538fc515f2dbd032573c6c799eac0cf07 |
| SHA512 | a8e14e1a97636ce69b8350abb0a9c261ed95d551abb22a8753ca73e53ba2d2d0ad27efc56f60cf11c7e20178a688752055b28269c466d639730ea9fc3b5f169e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | ee9d0f062d76f3c0bdd30f5ac41b6de9 |
| SHA1 | 332fd1f4fef0c5b13e14dd5a640152cfd04dea6b |
| SHA256 | b681b263be3e79c479133f697d9eeacb6b9ab804b08bde7a96c303804cf11766 |
| SHA512 | 2d12c5f9eb16d7838257958fe460a4217a22481b5d57486c2b81980a7d66bc1ca389c10fd6af7057d072ec469a6da7acfac605c6ea1a249cabec6bd72c1b36b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | eca492dd6514f6109ce28dc07cd81fec |
| SHA1 | 3e3fb3fe528fb1afcc461126c64e9364f78cd57a |
| SHA256 | d6770445a3bda0b8e39b832e47535a35c516416eeda29724bd9421355bff2442 |
| SHA512 | 7c0f65ebd660f48970dcaf901c8ed7097265001ec67b4024d48a603df66e8980b1e788685b0dd0c25496862688d874229fbaef6de4bdf6535d74ff124fd884d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6d737318eee50ce9ac3a76d9adb36f91 |
| SHA1 | e7c0ac19d2683782d1456b521acfa0929c7fef7a |
| SHA256 | 47a66827416d90a6aa4396424f8dbfccb8f7e4162c14f897d69164ea487cb43a |
| SHA512 | 2658bbb9650b998c48d64181074db419173254759c9bdf5d4a5aea9042887796b500fa8c526562b87092b5ae3eab0e25713dc4f08c7ce204520b9719dafdb9bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d55c26dd46088938ae83ba6ba99e80ef |
| SHA1 | dd82e727afd30dca25d95d1a42fcc25e3a6b67f0 |
| SHA256 | 83b18c1683a6722102baf4eeddfa5b5989e69e0573f5aa818edb6bbeb6ea7f46 |
| SHA512 | e28a70742f1c774ba75b3c0d249d7fc01fc84cc7e35f61e537b4a479b1c8ec586de63f53eee9ab18c07740550322674456f2e412486780428619ef733aafba88 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e9d94b618e4ba2f717a1a30c9d717cf4 |
| SHA1 | a279a490702427729ecd48acc9bf55975076b210 |
| SHA256 | 2ab20a83bc9e2cf5a96f32eac7bdc9adf9aa11bc41ccc31cf4d9cf64b5ac8e92 |
| SHA512 | d492251cf1f7dfed0e9a5b3932853cd70764a9d1f6fba640fa14243eedc3b79834523cd92e64a6b4e0260a6c6c922d43f1c857d7249f6ca85ea1b1d9a1d93826 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 209d77acf62dbe21cde208efddb1c41b |
| SHA1 | 2a41d91da05660aeac995ee37dfb5c5b2d8c8589 |
| SHA256 | 86c6442e22e801503942ed96ac1f6e2e06258baa80c8e3acf0449d81a6e70782 |
| SHA512 | 0164362fafd6843ab9ae4fc45738398f29e05c5e173bec25bd95c92ba7436c60a665f76798732b4b3b5f4d6640ed2054ba8559a0c5d8f89480dc00ed7bebff77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9a3ebfc89c8bb523_0
| MD5 | c0f5ee2f59cd1650d9d3f637d789bbd7 |
| SHA1 | 1e1c52f719569b9525087561517d9ff7b1349558 |
| SHA256 | 7cbc28ba58e3a9620ad8cb1d2956103759207f447f7e53a2adbd11b6bc183a0d |
| SHA512 | 9db65d46eb931b0d7468bccd54cbbf623eb3aeb6a9dbd8bb1831565e9bf2429ef9912271177cdda951ea60ef41e56f2aa02eb708cea00ce38cff22c174ff5022 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 67ba77d17aceb5465b8122ff1eaef049 |
| SHA1 | ea8b28069b1272b2c5ae3e9533f42e89c13a9ce3 |
| SHA256 | 2482d345b05855bc735bd293935252803178dc412800418af6076df4769a2ae4 |
| SHA512 | 32a33c68c7e67fbf1bada58fe96903347ee84d109821f66aa0c94d0a88a8c9927de59ae528e0091e82780fc72c8100196f2d985e74fcc9f0d3d386d537b7407b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ac94e09d43543bc3fe67230d8a735f55 |
| SHA1 | f35c308ad183c231cd2164f13b8629122d9c8d8c |
| SHA256 | 8badaf9d6d9cfa06e11a92b5ae746191ba7117ef0979f4df5b62a75c3ed552d3 |
| SHA512 | a89c9306cd237d18272c192479d4eb1dead4e23952613235bb7738a89baea2506835308d10d2e142a7e168955f415b87cdecfdc9c4b4ba61c51601d7a401bf7e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0
| MD5 | f36174fe1cb5c37db6b52bbd0c9064ea |
| SHA1 | d0ffc065a57e4d39540d5f33e2494cc823e24b12 |
| SHA256 | 769f7abeb28c3a8016780cc7581a6ea775a766cc9f31814e7177d4895b4e832c |
| SHA512 | 86a8d86cf4a94f9e9583ec762a03019a841c5dda70acbf32aff4d5f8630e3bcc682707116d75e83dfbf50ccfd29a6064cfb7caf6382bd3b2baf570385c1f3fc8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0
| MD5 | 598c43bb8baf5617568f63cb8cc37941 |
| SHA1 | 26564e0b6bfbaeba215ebb66028048b6400df6e8 |
| SHA256 | 381e8ce52960b278a594c61fff95812c89b222a2c1ceeefbbac7ca5930a0d070 |
| SHA512 | 9ce639dd9fe7a838c4ee0a1811a05a1c60a6e951b49c2a0e06f933b497f17f2620121a8e8171803e06dee93f8ad867023141e7ba80ee4f1a4898f7fc6b3231cd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8ba855155800fa47eb6281ae8b4c0b3a |
| SHA1 | e4518a61c296518e4cb215d5988284384a2c9ed2 |
| SHA256 | 9ccbb66ef4e033f3f3272e43cea6c3ade90a529fb9ce1af765c21a999d8cd90b |
| SHA512 | cb6b00007b264223c5235b1a0812b5e6ceaa7f4cee227578392f7984529ed8b8bbc775545c9b92358ef6663a9fdd7bbc5557fa62d254a9f9aa2e89074f7a8ffe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | fbb7f0896379f360d27614436353b915 |
| SHA1 | 3c0e387a0b8708090c22624e9f725f1320679eaa |
| SHA256 | 93fdfe13969ca26b8e6083104693bbe1958b51208c7f40f97fdbbab3f71445a0 |
| SHA512 | ac129ca14b8fdd4d7efc12df72236132e18ef7c52fd8b9546d64515f6e70ead2c4b50b5cf4c89696de89dbc07c292bdbf73a827507c967d3ba259d932d542368 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8ffd27e2a562b99882dcf2f73e06fe89 |
| SHA1 | 485078442b160c6f692355c86765676d5b561499 |
| SHA256 | 4b85cf99d58f3445617b28f64f3b15f8d3dbdee0df41a53b6dc6157a5a21918f |
| SHA512 | 6c7eed38afa9ce6890db9372f73b80d4eed290827be485737cfc8b723339ea941cea4d53f3a31f184fd037a1f8044ece70d3bf84f5dab86d749992fe28601b3d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_1
| MD5 | 65c8707d31f9d76463b4bf808bf1e57b |
| SHA1 | fdcecd64b511f88aab9f78bca1daebc68a2d2a61 |
| SHA256 | 43863f972a00ca437de968f6814e47324d8c9c2de5dfb3749601ebcec73ecfd1 |
| SHA512 | 259012649b8bfe1a7bfe46cc6588df6b149e68d1402ec0fdba1dd480dd4f3e5956397e32c965e2a299c2ee3ed9c6f2549a47c3db337ed135ced292439bda1a54 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1
| MD5 | 78ebfa31fc7f4f8af3a11794f855d253 |
| SHA1 | 0292d4393ee8399b868963fb5e3d987779d42809 |
| SHA256 | 1be196bbe01bc56926b2cc11b31a3fe5671c31e3d6c6e6457f40fd1fc9044f9d |
| SHA512 | d5aec9877105edc71d17a81399ef45e141695f5170f8b5b9e5835668cd0cc424b023b7b8807b12d53ca9d5fd326429e0ad7da588cf2b577f8f78ed4d416dcb1a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ecd2f3878d9f783b61813180f19b8255 |
| SHA1 | 5fd4feb412d34aa5c48af17824604eb013519bc6 |
| SHA256 | 2484dfab400edbf2d74c8be45d044145df045c9d6022380bdd881387fb5df034 |
| SHA512 | b91b3673d28e8261284247b9da3fd6a39ddcc4d53276fc7fb3f97f5db2e95bd67f4d270d8a2a8676721f516e579f96f2d5f0dd9882cb4ab33ccdd8f7d1ef6231 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f60d9e3e5ad0cfdf0fdff746ab5e1cac |
| SHA1 | ce88c681946298f5fc9c11448e1f437b2777e9eb |
| SHA256 | c4e85ef7629c13d1b98b102304bdd0a13e9906497bb38809f033bd6cf30bb609 |
| SHA512 | ff2301c0aaa90fed4eefe471efc89f5eb6da35bf036174916cbe57555bf711306ae2024cf817731eb23f0d1bb106fe58224b77143c0ab84cd16033fbba6f587e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ad2d8201865dd130bcee3e81435bc288 |
| SHA1 | 6dde18c03d445f48ffbedb6c918c9c1eda3e126e |
| SHA256 | e425ca1396acbdec5130ba6a873bd4ffc15c262ac1415aad50f358b71f25c4de |
| SHA512 | ca5645dc24c5cec91a945843598b0696aa18d8fdfa1638a726e2cf271ea5553b6c581b4b00d28341200d3a03453b5a1e9272355fde5f8ca3cab7059614d2d48f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000fd
| MD5 | a4ec887f154491063e12e75705a2cc39 |
| SHA1 | b4b8263889a2384fb66e4a380bc0cc6e79c61a7a |
| SHA256 | 08504d49adb7ac7198aab77676dab4d6c9da3d6390168cf139cd6cb361cdd617 |
| SHA512 | 1a45a7151ba6a61345c79c3b216aec02bde70a254399c534b30f7914cd5281fa1f97e3ce5cf6e4d48d80ff128c175dfc54ef04af8c78f685a771a1f6a528d4f6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 95c6955179cfd3f5e0f2792a1653706d |
| SHA1 | 37e8b2ecbc01b30a062e11a113bb24a6960a9f00 |
| SHA256 | 04b84e464c6952aa710c2826e4d9099f6e08eac00551b29b34e3636a83724b05 |
| SHA512 | 4302750caeaf96917ead169a78b33cc7e0fe50f5980daa7e0ee22c7a19752a2e196b3b1a501a3d1fc9191b6cd1479a4643a19dcf4257440843ae02957b69b5b5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 90c8db8563fcac8fde95aaabff7d29ee |
| SHA1 | 9a2439f10ab7913cea66f41c46c512faaf81f55e |
| SHA256 | 17c87240731e0be338b7ca23f220e5bcdd1a3684243f285d60c44a14792e3656 |
| SHA512 | ecff465ce6e09252c450d3358db9db290143b970bb9dad7ffa7ad9a77c170a6d2cb1d80684264581a00c2782d062167ee17bca498f4a88cc415704e88d9d47a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 12199173975d1160384debb542070e5e |
| SHA1 | 3419ac865f5668091f0116a8ba04b0d70c3f6a00 |
| SHA256 | 9b8609ce17ef86a31189cb645868497883e1a641c161d6cd95703db48300f5df |
| SHA512 | eb94be1405e837eb1a338b657833c02cc6ed83ddea81eed67388c999b12836a8ae554d729d3ab63655f2d1d4ac2c43364aaf6c3802f923f1eda94b660d886428 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6eda922f57f81b319be12f738336c97e |
| SHA1 | 1c04e4bfc3f46ad58103b31513cfcec9e6b2aafc |
| SHA256 | 995522a2d54e3ebd3995404cf31082319328bd0540039f15aeb34ddd6ac71786 |
| SHA512 | 3b1bc1ed51be46a2b9425899c262d7b55a385c1a5f45f8624a6dd073c0e56af17da4d6a29f0e134dc66fe9275dd0be229b04369578e044a2febb60fb9783d526 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 70d7b6a9b6b82bcbdac05ace13adb457 |
| SHA1 | 435e107c89cc6ca02407cba778df05aef435fc4b |
| SHA256 | cede6a9f200117645a0603311c4a445e1a8a667f95bdbeaa9e328f22c27d56d1 |
| SHA512 | 2bf8ccfa657e640ba6aa59bd316867543c07adcbe61199f5d72a3aad791f013cbd758473a4523ca992c7fef0a497cca0658e6818644ab803980b5692bf2d83aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9b8b5c86c27a1967895a068b07302887 |
| SHA1 | 1b1b4bef1f44f1aae7d03de242f08a54c92689f9 |
| SHA256 | f367b4a6447381e292caf2d750ed0a5db172d92ea3f2c1e7621ced27d31d3d68 |
| SHA512 | 56149b447acac5367eca3ccab3e4deb13627b57b89f4aeda2e58a09adad88c5bdb86adb290a60e8ac21bbef4081774db02ac66463b1d8fc117d54c868d723a7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 40afdd2f97f54445c67bfd850a3300e7 |
| SHA1 | f0d40bdd870e1ddefef893f03db824a67e5fcb0a |
| SHA256 | 216d52344579f788c2e0686e3bb1ec98359a75311a8e19d292de0b60492915c7 |
| SHA512 | 06f7a1d83f26768cfec3a3ff259f1067767f4042a0da08d0664b5a9513579e6f10f7fa4f40cc49e6ce9f512fc74e76474f8efeedcf63b3cb671d9f580cf927f7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6fc13cbab63dabafdfd29dc7dd806291 |
| SHA1 | 2101305a5a6852c91b0a637939343ae2ee02a734 |
| SHA256 | ab77a1102b820a56f7904846b27695189952eaa223ab4912b2d49b0d03999770 |
| SHA512 | 6e645cbabc9002a5b113d21f45088306f920fd59d8d623ef877b2fe2e33487f6e4ecd002aa4618b235c83b4ad5d7f1272b2f7066ae60b55d61209ee001014c40 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bbb128e2a7a93be74318cf238c93ef0e |
| SHA1 | 3fd3a94f1501737f5e5e02cfcf4734b0c9840fe6 |
| SHA256 | fc5c86f0955ffd6b2977c221e355df03ef90b252a74fa683ffa2db6665d49db2 |
| SHA512 | c8e4bef4c29210fdf42cd3de93fea788169987abe1f843eaf3d4c8d185a5e25136ccb4719691f7c2504d693906d9628f7c419e667bd99c92313f77b712f74fb9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | aa4297c6eb8a7175b8bba0e764a7ddde |
| SHA1 | e183aaab8d7de2c4ff779edc1920e3f6d1d822be |
| SHA256 | b0993c10439528022010e8ffc50492d87c1f37541c345f0d1252dc277278e7d2 |
| SHA512 | 9206c2fcd8e7ef35eaf268a6b5fb78e0d39885a256837e9e4ac64bb5ceb7b9512d9db959a699fe909a3de1073c20ee0393d349a7e20066669306633d462680bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000fe
| MD5 | 994cd374e90e98c3b6bc84d2cb0b996c |
| SHA1 | 30f83a99ae90b18d604435ae043f522930fbb9b4 |
| SHA256 | c8b0195ec06c0959d92a9a255c594cd257f9d6e16f76006e39eb2b14c2278ccf |
| SHA512 | 3173bb02cb09fde047b1a5e0754ea4616b1c5518b3173439106145981abd5551e903700cf202bc73be6f645bbfbfc1e7659f2fa55d2f0f407f1e9503e7509fac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fe47ffd763363fd87d6e8e5b7eec0226 |
| SHA1 | cb33f60d3d95c37cc00b6bfae62596c0e1a934d5 |
| SHA256 | 339a1a661fad06360d066cd5bb4603257ec60b3a78496171c4333642325ce086 |
| SHA512 | 6f8cafe7e581665f03fc331a8946282e7db505252eba4ed0a56e9d650a9754663f47321297a7bbf1888bb2f761b651ef1b1fc4a8410ebd11aa5cf25699c4f172 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 286b65253baa5fcc8b34436358f5a097 |
| SHA1 | f3344ddad9695b8a033afac25b81d252fe53ff6b |
| SHA256 | 16d98a53d6d21347729602934a1e6a767fb838a990091b5820bde7991984abce |
| SHA512 | bebe0b244e61ffc73d1edc39cde3dfced8801a1f5fc8d4168625fc3e3b242116756cdc3b31582b7d25a3534105e5e77aae894e841d43238f0ead33e6ec8b1630 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f34aa7cc51540db639dfb443fbcd61c8 |
| SHA1 | 66f12dc58d0fb0af9a43ef5397e43c1313b8aad3 |
| SHA256 | 9d126c4de699d5fdf8e618fabb0e41f2208a44757659db18497b1db58e8caf8e |
| SHA512 | bdebe497e767b6a5b2947ffe62f12d2490f1fc1095c604be5c99d5350824a5d44f165d1eae9e2bc456137cd37335eea51b0c27bf996e1d578589d64a23975c54 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 49d85bc99a84060a733f1cc10f55b938 |
| SHA1 | 2e6623379047f4f71b0e034728626bb810102160 |
| SHA256 | 0a893a39c05bb058298aa9eba8738255b407d74c10ba562593dada281cdda776 |
| SHA512 | 76e5aebf7dd4d0e4961196d8b040c89854861b61022cacddf3e9d44e6eca5cd7015c716451ad4bbf576ba0a2c831186c184b66ade995d8b598ca818fbe11a222 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ce2e6252620bd361b77bc88ef4ac0fe8 |
| SHA1 | cd2e5fd5ed93122f35204d8583910c3459bd76aa |
| SHA256 | b8753c2a55106924c1995b48883c2ac7bd84162b33e3b2daa817e8df8f502956 |
| SHA512 | 4fab4196bf4d3549cfb19602533304c1e156c4f9475739f0d1e04af9efe88b707321b7aa9781a04fd1cef588417d49c0d2c09892646f0e344143dafff916fbcf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7a9b58487fadbe383e99096961ddd8cf |
| SHA1 | b45b90cbae576fd5a7891bc76bf78777e9ce4c87 |
| SHA256 | e0c25eb38886adc5d9c0d84dad05184fc830417b5ac9b50bef3e10c12a76b207 |
| SHA512 | 191238a3ee176bd61d3a525425b98a99498289b9158480b436171745f50cf93f7458bf188d89d9fa4a2f617a3c8a418f923efa724fa389e74aae0f9656f12d13 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 58da06cda29151f2416a061c458fae7c |
| SHA1 | 008b864f98bd9be5816cf7a55de1fd40e9138b52 |
| SHA256 | b9719adf4eb5f2158a08089a15ed890bd32ef50fd6fefe5b33a2196f4a63dbaf |
| SHA512 | 44dbc9498f1b3820510236d16899c6354d100c87a3ae6d206c1ebfeb1b06166a5c1a57691628e5dbecef5c1e2fdd81ddf40692b4f3a3374c046358a7c9d4a38f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7a75df02d5550d1186abd9fe54bb0a7a |
| SHA1 | 0f029570b1e3791bab139e6b112ec6bf15281469 |
| SHA256 | 14b94804d212e90a94642fb820f3753eb89f312b4860368290cc90e6f2661aeb |
| SHA512 | fa7dd605ccaf6296d03b8941bc2e3a3755f291096f244ca86488f28d6660a235a5e41a3fc02b806fef68d31fc24727b1c9f77956bd2af178e5ae04b7fa149963 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-11-09 11:25
Reported
2024-11-09 11:55
Platform
win11-20241007-en
Max time kernel
1680s
Max time network
1684s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://example.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe19223cb8,0x7ffe19223cc8,0x7ffe19223cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1884,4168070046908890464,2657764456392716640,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1896 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1884,4168070046908890464,2657764456392716640,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2348 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1884,4168070046908890464,2657764456392716640,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2860 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,4168070046908890464,2657764456392716640,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,4168070046908890464,2657764456392716640,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1884,4168070046908890464,2657764456392716640,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5308 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,4168070046908890464,2657764456392716640,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,4168070046908890464,2657764456392716640,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,4168070046908890464,2657764456392716640,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,4168070046908890464,2657764456392716640,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1884,4168070046908890464,2657764456392716640,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6108 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1884,4168070046908890464,2657764456392716640,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5272 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | example.com | udp |
| US | 93.184.215.14:80 | example.com | tcp |
| US | 93.184.215.14:80 | example.com | tcp |
| GB | 51.11.108.188:443 | x.urs.microsoft.com | tcp |
| US | 8.8.8.8:53 | 188.108.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.108.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.197.79.204.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 051a939f60dced99602add88b5b71f58 |
| SHA1 | a71acd61be911ff6ff7e5a9e5965597c8c7c0765 |
| SHA256 | 2cff121889a0a77f49cdc4564bdd1320cf588c9dcd36012dbc3669cf73015d10 |
| SHA512 | a9c72ed43b895089a9e036aba6da96213fedd2f05f0a69ae8d1fa07851ac8263e58af86c7103ce4b4f9cfe92f9c9d0a46085c066a54ce825ef53505fdb988d1f |
\??\pipe\LOCAL\crashpad_1136_PGZNSVQYNHSWYODP
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 003b92b33b2eb97e6c1a0929121829b8 |
| SHA1 | 6f18e96c7a2e07fb5a80acb3c9916748fd48827a |
| SHA256 | 8001f251d5932a62bfe17b0ba3686ce255ecf9adb95a06ecb954faa096be3e54 |
| SHA512 | 18005c6c07475e6dd1ec310fe511353381cf0f15d086cf20dc6ed8825c872944185c767f80306e56fec9380804933aa37a8f12c720398b4b3b42cb216b41cf77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b45ec3ed950b4c34f3d656f35de19d39 |
| SHA1 | 79c029f9e56457304d9257b84311889beac6805a |
| SHA256 | e46699964ee573409836ba3fb0e827668c860a02415544a9c802336742db1b8f |
| SHA512 | 6d080862bed9c3957db355dd442039860c81a88075f86524ae6388ee1055c195388e44255c9b06b99d18351bbaa4e736f2a730e419b8f0f39680797be77d0a79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ba3ce9c82500b1477dffbd0f7f31f504 |
| SHA1 | f3175c05e3dc38fff5353cc5f0a885af27b99baf |
| SHA256 | 488f2f40d3f032ec42320a76802d1bb93b29a9002c681435b898af90b22dbbb9 |
| SHA512 | 0fe5d0150030d7d19d0db54e9884e46c3c76d4321d1841238200d787e87473bb52af4e5d5bd64dfa289451d4fe01d5fb76dd07646a5b63a6e309aff9029bda89 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 74573e816c311c97b966a035e39f5659 |
| SHA1 | e5a6cd2de143015dfe8e118fc283661c34bac265 |
| SHA256 | 34ef355f04032c5bc3a2a01cedc86e1922d28df36ce7639d0bd909d9fe7f9512 |
| SHA512 | d1740c66497c08f7270ef97794a5994ae4b5a9dbd07851a4cc1d9ba2654db3ba39528fd81df6a735abdae35047f4d66025a3cf0855afb2cd462fd2b219896a40 |