Analysis Overview
SHA256
8279696c1d78b14618500e9135886a3667b9decc65946f3729002e4bfdbb20ab
Threat Level: Known bad
The file rufus-4.6p.exe was found to be: Known bad.
Malicious Activity Summary
Wannacry family
Wannacry
Deletes shadow copies
Modifies file permissions
A potential corporate email address has been identified in the URL: [email protected]
Drops startup file
A potential corporate email address has been identified in the URL: [email protected]
Enumerates connected drives
Downloads MZ/PE file
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
Legitimate hosting services abused for malware hosting/C2
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Adds Run key to start application
UPX packed file
Drops file in System32 directory
Sets desktop wallpaper using registry
YARA rule for Mozi IoT Botnet
Drops file in Program Files directory
Drops file in Windows directory
Executes dropped EXE
Loads dropped DLL
Browser Information Discovery
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Checks whether UAC is enabled
Reads user/profile data of web browsers
NTFS ADS
Uses Volume Shadow Copy WMI provider
Enumerates system info in registry
Modifies registry class
Suspicious use of AdjustPrivilegeToken
Views/modifies file attributes
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
Checks processor information in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Uses Task Scheduler COM API
Suspicious use of SendNotifyMessage
Modifies registry key
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Suspicious use of FindShellTrayWindow
Uses Volume Shadow Copy service COM API
Checks SCSI registry key(s)
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-11-11 14:29
Signatures
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-11 14:29
Reported
2024-11-11 14:46
Platform
win10ltsc2021-20241023-en
Max time kernel
1049s
Max time network
1051s
Command Line
Signatures
Wannacry
Wannacry family
Deletes shadow copies
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
Drops startup file
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\~SDEA1A.tmp | C:\Users\Admin\Downloads\WannaCry.EXE | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Word\STARTUP\~SDEA31.tmp | C:\Users\Admin\Downloads\WannaCry.EXE | N/A |
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\crprhppmuiqza511 = "\"C:\\Users\\Admin\\Downloads\\tasksche.exe\"" | C:\Windows\SysWOW64\reg.exe | N/A |
Downloads MZ/PE file
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\F: | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | N/A | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\System32\GroupPolicy | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| File opened for modification | C:\Windows\System32\GroupPolicy\gpt.ini | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| File created | C:\Windows\System32\GroupPolicy\Machine\Registry.pol | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| File opened for modification | C:\Windows\System32\GroupPolicy\GPT.INI | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| File opened for modification | C:\Windows\System32\GroupPolicy\Machine\Registry.pol | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
Sets desktop wallpaper using registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Desktop\\@[email protected]" | C:\Users\Admin\Downloads\WannaCry.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Desktop\\@[email protected]" | C:\Users\Admin\Downloads\@[email protected] | N/A |
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
YARA rule for Mozi IoT Botnet
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\5e8a1874-db19-4786-b10d-8da069a95b46.tmp | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\20241111143034.pma | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\logs\StorGroupPolicy.log | C:\Windows\system32\svchost.exe | N/A |
| File opened for modification | C:\Windows\logs\StorGroupPolicy.log | C:\Windows\system32\svchost.exe | N/A |
Executes dropped EXE
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
Browser Information Discovery
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
Enumerates physical storage devices
Reads user/profile data of web browsers
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\reg.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\attrib.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\attrib.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cscript.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\attrib.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\attrib.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\attrib.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\attrib.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\attrib.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry.EXE | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\System32\vds.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Service | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\UpperFilters | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\HardwareID | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 | C:\Windows\System32\vds.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Windows\System32\vds.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Filters | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\UpperFilters | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\System32\vds.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000 | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\LowerFilters | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\LowerFilters | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Service | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Filters | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\1\0\0\NodeSlot = "10" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02 | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6 | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\1\0\0\MRUListEx = ffffffff | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202020202 | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\1 = 78003100000000006b59ca741100557365727300640009000400efbe874f77486b59ca742e000000fd0100000000010000000000000000003a00000000000829150155007300650072007300000040007300680065006c006c00330032002e0064006c006c002c002d0032003100380031003300000014000000 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\NodeSlot = "2" | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16" | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 00000000020000000300000001000000ffffffff | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7 | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202020202020202 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202 | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 0100000004000000000000000200000003000000ffffffff | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4074627901-37362009-3519777259-1000\{BA6CE0BB-0C50-4104-844F-10EE5CC33389} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257" | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\Shell | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10\Shell\KnownFolderDerivedFolderType = "{885A186E-A440-4ADA-812B-DB871B942259}" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259} | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10\Shell | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 = 14001f50e04fd020ea3a6910a2d808002b30309d0000 | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14" | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "2" | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "48" | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\Shell\SniffedFolderType = "Generic" | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 02000000000000000300000001000000ffffffff | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\1\0\0 = 84003100000000006b59cb741300444f574e4c4f7e3100006c0009000400efbe575938726b59cb742e00000004090400000002000000000000000000420000000000031f9f0044006f0077006e006c006f00610064007300000040007300680065006c006c00330032002e0064006c006c002c002d0032003100370039003800000018000000 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 00000000ffffffff | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\MRUListEx = ffffffff | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
Modifies registry key
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 840350.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 170087.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\@[email protected] | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Views/modifies file attributes
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\attrib.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\attrib.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\attrib.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\attrib.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\attrib.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\attrib.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\attrib.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\attrib.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\attrib.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe
"C:\Users\Admin\AppData\Local\Temp\rufus-4.6p.exe"
C:\Windows\System32\vdsldr.exe
C:\Windows\System32\vdsldr.exe -Embedding
C:\Windows\System32\vds.exe
C:\Windows\System32\vds.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s fhsvc
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -s WPDBusEnum
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1936 -parentBuildID 20240401114208 -prefsHandle 1864 -prefMapHandle 1856 -prefsLen 23681 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0a379abb-07a3-4216-acd0-6c65dc62660e} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2352 -parentBuildID 20240401114208 -prefsHandle 2340 -prefMapHandle 2336 -prefsLen 23717 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b4cceb2a-6264-4df0-8688-d1150e581dd0} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2728 -childID 1 -isForBrowser -prefsHandle 2928 -prefMapHandle 2536 -prefsLen 23858 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ced5137f-49ef-406d-8820-aec6befac05f} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2716 -childID 2 -isForBrowser -prefsHandle 2704 -prefMapHandle 1524 -prefsLen 29091 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {66bc6577-6760-445b-ada1-6ce267296598} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4796 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4836 -prefMapHandle 4832 -prefsLen 29091 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2a408db5-646f-45dc-9172-9b82d6abc7fa} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5420 -childID 3 -isForBrowser -prefsHandle 5432 -prefMapHandle 5428 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5b80f280-67a2-49e9-b9cb-f57e87acb853} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5564 -childID 4 -isForBrowser -prefsHandle 5572 -prefMapHandle 5576 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4531d724-49b2-409e-9213-4f867a7f0c77} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5768 -childID 5 -isForBrowser -prefsHandle 5848 -prefMapHandle 5844 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b2605187-990f-46ba-8609-9498048499e1} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5964 -childID 6 -isForBrowser -prefsHandle 5972 -prefMapHandle 5976 -prefsLen 27211 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fac9b3ab-3e96-4e1d-bac1-91d0e71cc0be} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x140,0x144,0x148,0x11c,0x14c,0x7ff8ec7746f8,0x7ff8ec774708,0x7ff8ec774718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2844 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3744 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5904 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x264,0x268,0x26c,0x240,0x270,0x7ff673a35460,0x7ff673a35470,0x7ff673a35480
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5904 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6032 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6728 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s fdPHost
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2860 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6152 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5428 /prefetch:1
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s fhsvc
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -s WPDBusEnum
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1940 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6048 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4004 /prefetch:8
C:\Users\Admin\Downloads\WannaCry.EXE
"C:\Users\Admin\Downloads\WannaCry.EXE"
C:\Users\Admin\Downloads\WannaCry.EXE
"C:\Users\Admin\Downloads\WannaCry.EXE"
C:\Windows\SysWOW64\attrib.exe
attrib +h .
C:\Windows\SysWOW64\icacls.exe
icacls . /grant Everyone:F /T /C /Q
C:\Windows\SysWOW64\attrib.exe
attrib +h .
C:\Windows\SysWOW64\icacls.exe
icacls . /grant Everyone:F /T /C /Q
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c 245951731335897.bat
C:\Windows\SysWOW64\cscript.exe
cscript.exe //nologo m.vbs
C:\Users\Admin\Downloads\WannaCry.EXE
"C:\Users\Admin\Downloads\WannaCry.EXE"
C:\Windows\SysWOW64\attrib.exe
attrib +h .
C:\Windows\SysWOW64\icacls.exe
icacls . /grant Everyone:F /T /C /Q
C:\Users\Admin\Downloads\WannaCry.EXE
"C:\Users\Admin\Downloads\WannaCry.EXE"
C:\Windows\SysWOW64\attrib.exe
attrib +h +s F:\$RECYCLE
C:\Windows\SysWOW64\attrib.exe
attrib +h .
C:\Windows\SysWOW64\icacls.exe
icacls . /grant Everyone:F /T /C /Q
C:\Users\Admin\Downloads\WannaCry.EXE
"C:\Users\Admin\Downloads\WannaCry.EXE"
C:\Windows\SysWOW64\attrib.exe
attrib +h .
C:\Windows\SysWOW64\icacls.exe
icacls . /grant Everyone:F /T /C /Q
C:\Users\Admin\Downloads\WannaCry.EXE
"C:\Users\Admin\Downloads\WannaCry.EXE"
C:\Windows\SysWOW64\attrib.exe
attrib +h .
C:\Windows\SysWOW64\icacls.exe
icacls . /grant Everyone:F /T /C /Q
C:\Users\Admin\Downloads\WannaCry.EXE
"C:\Users\Admin\Downloads\WannaCry.EXE"
C:\Windows\SysWOW64\attrib.exe
attrib +h .
C:\Windows\SysWOW64\icacls.exe
icacls . /grant Everyone:F /T /C /Q
C:\Users\Admin\Downloads\WannaCry.EXE
"C:\Users\Admin\Downloads\WannaCry.EXE"
C:\Windows\SysWOW64\attrib.exe
attrib +h .
C:\Windows\SysWOW64\icacls.exe
icacls . /grant Everyone:F /T /C /Q
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\@[email protected]
C:\Windows\SysWOW64\cmd.exe
cmd.exe /c start /b @[email protected] vs
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe
TaskData\Tor\taskhsvc.exe
C:\Windows\SysWOW64\cmd.exe
cmd.exe /c vssadmin delete shadows /all /quiet & wmic shadowcopy delete & bcdedit /set {default} bootstatuspolicy ignoreallfailures & bcdedit /set {default} recoveryenabled no & wbadmin delete catalog -quiet
C:\Windows\SysWOW64\Wbem\WMIC.exe
wmic shadowcopy delete
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3228 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5364 /prefetch:1
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Windows\SysWOW64\cmd.exe
cmd.exe /c reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "crprhppmuiqza511" /t REG_SZ /d "\"C:\Users\Admin\Downloads\tasksche.exe\"" /f
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Windows\SysWOW64\reg.exe
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "crprhppmuiqza511" /t REG_SZ /d "\"C:\Users\Admin\Downloads\tasksche.exe\"" /f
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6840 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4676 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=8472 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=8188 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6840 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x300 0x408
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8112 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7656 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8140 /prefetch:8
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7504 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7032 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7400 /prefetch:1
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3924 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9540 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10708 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9904 /prefetch:1
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9364 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2624 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7868 /prefetch:8
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=10104 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=10120 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1936 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7804 /prefetch:8
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8080 /prefetch:1
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2156,7034087329360190534,564570543998073982,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=7428 /prefetch:8
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4644 -childID 7 -isForBrowser -prefsHandle 5200 -prefMapHandle 1252 -prefsLen 28242 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a901d067-fd57-43ab-8750-da7a78384f8a} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4976 -childID 8 -isForBrowser -prefsHandle 4048 -prefMapHandle 4740 -prefsLen 28242 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3a86bcc0-c4ae-49e3-b5ba-c68b9471842a} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5644 -childID 9 -isForBrowser -prefsHandle 5868 -prefMapHandle 5584 -prefsLen 28242 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ddc7874d-9e53-4fc6-8c96-6146cab31df2} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6620 -childID 10 -isForBrowser -prefsHandle 6776 -prefMapHandle 6772 -prefsLen 28242 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {763c3522-8a2b-421a-84b9-b7c1f6d2a044} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7084 -parentBuildID 20240401114208 -prefsHandle 6756 -prefMapHandle 7096 -prefsLen 30911 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ddf6545e-8e1b-4d0b-877c-a6e0a0518cfc} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7244 -parentBuildID 20240401114208 -sandboxingKind 1 -prefsHandle 7236 -prefMapHandle 7232 -prefsLen 30911 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bff7db0e-0bc3-4596-97ff-c08433688594} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7472 -childID 11 -isForBrowser -prefsHandle 7448 -prefMapHandle 7392 -prefsLen 28242 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b864d23e-e795-440f-8091-aaa56f64ffda} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7400 -childID 12 -isForBrowser -prefsHandle 7704 -prefMapHandle 7632 -prefsLen 28242 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4de7cab1-5fac-4ef4-a5c3-8ae7f7dea31b} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6980 -childID 13 -isForBrowser -prefsHandle 6672 -prefMapHandle 7580 -prefsLen 28242 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {eb1c3c70-0f2a-4be3-983f-e0c8e35d8946} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7948 -childID 14 -isForBrowser -prefsHandle 7648 -prefMapHandle 6748 -prefsLen 28242 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b875acb3-0c83-4aec-9a59-c1a0f55696ba} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6824 -childID 15 -isForBrowser -prefsHandle 5856 -prefMapHandle 6700 -prefsLen 28242 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7cffc8ad-e80f-439c-bf87-b4b79b5aee6b} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7956 -childID 16 -isForBrowser -prefsHandle 6800 -prefMapHandle 6816 -prefsLen 28242 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d704a422-efdd-4b48-971a-2dd05008929f} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8504 -childID 17 -isForBrowser -prefsHandle 8372 -prefMapHandle 8384 -prefsLen 28242 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {787dbbd1-7587-4cc9-881f-be0ab0fa4df9} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8120 -childID 18 -isForBrowser -prefsHandle 8132 -prefMapHandle 7976 -prefsLen 28242 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b8197fb8-f9fd-4df3-b6d8-97f49ee4a699} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8828 -childID 19 -isForBrowser -prefsHandle 8824 -prefMapHandle 7068 -prefsLen 28242 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3238929b-a68f-4ff2-9b0d-89aab9462ad6} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8256 -childID 20 -isForBrowser -prefsHandle 7956 -prefMapHandle 5860 -prefsLen 28242 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f7bbfffc-237b-408c-9a7e-44019594f993} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8784 -childID 21 -isForBrowser -prefsHandle 8084 -prefMapHandle 8112 -prefsLen 28242 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {26ed47b4-ab18-4f04-8ad0-dd2e15b36640} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8056 -childID 22 -isForBrowser -prefsHandle 9020 -prefMapHandle 9028 -prefsLen 28242 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e2b300d8-41a4-4700-a247-562ff901e3ee} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9212 -childID 23 -isForBrowser -prefsHandle 8056 -prefMapHandle 9028 -prefsLen 28242 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3aa5c7e4-3a9a-4fdc-939d-b87c8b26f542} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8652 -childID 24 -isForBrowser -prefsHandle 6836 -prefMapHandle 8708 -prefsLen 28242 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9fb5f73c-564c-4e63-8279-3039fc63871d} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9072 -childID 25 -isForBrowser -prefsHandle 8292 -prefMapHandle 7092 -prefsLen 28242 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8ee765d1-94d1-4398-8478-8e976c630c03} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8808 -childID 26 -isForBrowser -prefsHandle 5168 -prefMapHandle 8348 -prefsLen 28242 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1f316653-bb1a-4201-bc21-b3b71b589dd6} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8844 -childID 27 -isForBrowser -prefsHandle 8112 -prefMapHandle 9452 -prefsLen 28242 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3dc7d734-260f-40d7-b8ae-b0ead8c742eb} 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.20.149.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | checkappexec.microsoft.com | udp |
| N/A | 127.0.0.1:49856 | tcp | |
| GB | 51.11.108.188:443 | checkappexec.microsoft.com | tcp |
| US | 8.8.8.8:53 | 188.108.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | tcp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 149.234.200.54.in-addr.arpa | udp |
| N/A | 127.0.0.1:49867 | tcp | |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 4.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 51.11.108.188:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 51.11.108.188:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | data-edge.smartscreen.microsoft.com | udp |
| GB | 51.11.108.188:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 51.11.108.188:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 51.11.108.188:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 92.123.128.139:443 | www.bing.com | tcp |
| GB | 92.123.128.139:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 139.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 216.72.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| GB | 142.250.200.14:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| DE | 23.55.161.185:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| GB | 142.250.200.14:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r2---sn-aigl6ned.gvt1.com | udp |
| GB | 173.194.183.71:443 | r2---sn-aigl6ned.gvt1.com | tcp |
| US | 8.8.8.8:53 | r2.sn-aigl6ned.gvt1.com | udp |
| US | 8.8.8.8:53 | r2.sn-aigl6ned.gvt1.com | udp |
| GB | 173.194.183.71:443 | r2.sn-aigl6ned.gvt1.com | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.161.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.183.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 92.123.128.185:443 | th.bing.com | tcp |
| GB | 92.123.128.175:443 | r.bing.com | tcp |
| GB | 92.123.128.175:443 | r.bing.com | tcp |
| GB | 92.123.128.185:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 185.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 40.126.32.138:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 138.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | linuxmint.com | udp |
| US | 192.124.249.53:443 | linuxmint.com | tcp |
| US | 192.124.249.53:443 | linuxmint.com | tcp |
| US | 8.8.8.8:53 | www.linuxmint.com | udp |
| US | 8.8.8.8:53 | 53.249.124.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mirrors.cicku.me | udp |
| US | 104.18.130.116:443 | mirrors.cicku.me | tcp |
| US | 104.18.130.116:443 | mirrors.cicku.me | tcp |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.130.18.104.in-addr.arpa | udp |
| N/A | 239.255.255.250:3702 | udp | |
| US | 8.8.8.8:53 | c.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa | udp |
| N/A | 239.255.255.250:3702 | udp | |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 88.16.208.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 13.87.96.169:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 169.96.87.13.in-addr.arpa | udp |
| GB | 92.123.128.181:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 181.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 92.123.128.146:443 | th.bing.com | tcp |
| GB | 92.123.128.161:443 | r.bing.com | tcp |
| GB | 92.123.128.161:443 | r.bing.com | tcp |
| GB | 92.123.128.146:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 146.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 172.165.61.93:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.110.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.110.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 22.112.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | checkappexec.microsoft.com | udp |
| GB | 13.87.96.169:443 | checkappexec.microsoft.com | tcp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 172.165.69.228:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 228.69.165.172.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| RO | 37.221.162.226:9001 | tcp | |
| US | 154.35.175.225:443 | tcp | |
| N/A | 127.0.0.1:53531 | tcp | |
| SE | 171.25.193.9:80 | tcp | |
| US | 8.8.8.8:53 | 9.193.25.171.in-addr.arpa | udp |
| FR | 78.138.98.42:9001 | tcp | |
| US | 8.8.8.8:53 | 42.98.138.78.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 92.123.128.164:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 164.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | reviewed.app | udp |
| US | 50.31.176.119:443 | reviewed.app | tcp |
| US | 50.31.176.119:443 | reviewed.app | tcp |
| US | 50.31.176.119:443 | reviewed.app | udp |
| US | 8.8.8.8:53 | unpkg.com | udp |
| US | 104.17.245.203:443 | unpkg.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 119.176.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.245.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 150.171.29.10:443 | bat.bing.com | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 216.58.201.110:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| GB | 216.58.201.110:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 10.29.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 51.140.242.104:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 216.58.212.194:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 104.242.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.212.58.216.in-addr.arpa | udp |
| GB | 142.250.179.225:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.179.225:443 | ep2.adtrafficquality.google | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 225.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| GB | 216.58.212.206:443 | syndicatedsearch.goog | tcp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.226:443 | partner.googleadservices.com | tcp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| GB | 216.58.212.206:443 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | 206.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cse.google.com | udp |
| US | 8.8.8.8:53 | www.adsensecustomsearchads.com | udp |
| GB | 216.58.201.110:443 | www.adsensecustomsearchads.com | tcp |
| US | 8.8.8.8:53 | clients1.google.com | udp |
| GB | 216.58.212.194:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | afs.googleusercontent.com | udp |
| GB | 216.58.213.1:443 | afs.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | afs.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 1.213.58.216.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | pcappstore.com | udp |
| US | 142.93.198.240:443 | pcappstore.com | tcp |
| US | 8.8.8.8:53 | 66.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.198.93.142.in-addr.arpa | udp |
| US | 142.93.198.240:443 | pcappstore.com | tcp |
| US | 142.93.198.240:443 | pcappstore.com | tcp |
| US | 142.93.198.240:443 | pcappstore.com | tcp |
| US | 142.93.198.240:443 | pcappstore.com | tcp |
| US | 142.93.198.240:443 | pcappstore.com | tcp |
| GB | 216.58.212.194:443 | ep1.adtrafficquality.google | udp |
| US | 142.93.198.240:443 | pcappstore.com | tcp |
| US | 8.8.8.8:53 | veryfast.io | udp |
| US | 161.35.127.181:443 | veryfast.io | tcp |
| US | 161.35.127.181:443 | veryfast.io | tcp |
| US | 8.8.8.8:53 | 181.127.35.161.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| IN | 142.250.199.195:443 | csi.gstatic.com | tcp |
| IN | 142.250.199.195:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | repcdn.pcapp.store | udp |
| FR | 185.93.2.12:443 | repcdn.pcapp.store | tcp |
| US | 8.8.8.8:53 | 195.199.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.2.93.185.in-addr.arpa | udp |
| US | 50.31.176.119:443 | reviewed.app | udp |
| GB | 216.58.201.110:443 | clients1.google.com | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | x.urs.microsoft.com | udp |
| GB | 172.165.61.93:443 | x.urs.microsoft.com | tcp |
| US | 8.8.8.8:53 | p4-fq7eh5bgyyytk-kmutmagfsckf6agm-if-v6exp3-v4.metric.gstatic.com | udp |
| GB | 142.250.180.3:443 | p4-fq7eh5bgyyytk-kmutmagfsckf6agm-if-v6exp3-v4.metric.gstatic.com | tcp |
| GB | 142.250.180.3:443 | p4-fq7eh5bgyyytk-kmutmagfsckf6agm-if-v6exp3-v4.metric.gstatic.com | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| GB | 92.123.128.138:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 138.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | fpt.microsoft.com | udp |
| US | 52.167.30.171:443 | fpt.microsoft.com | tcp |
| US | 8.8.8.8:53 | fpt2.microsoft.com | udp |
| US | 8.8.8.8:53 | 171.30.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | en.breakflip.net | udp |
| US | 104.21.77.72:443 | en.breakflip.net | tcp |
| US | 104.21.77.72:443 | en.breakflip.net | tcp |
| US | 8.8.8.8:53 | www.flashb.id | udp |
| US | 8.8.8.8:53 | fastcmp.com | udp |
| US | 8.8.8.8:53 | cdn.viously.com | udp |
| US | 104.18.28.119:443 | www.flashb.id | tcp |
| US | 104.18.9.229:443 | fastcmp.com | tcp |
| US | 8.8.8.8:53 | assets.respawn.fr | udp |
| US | 104.22.43.169:443 | cdn.viously.com | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cdn.pushmaster-cdn.xyz | udp |
| US | 104.21.8.192:443 | assets.respawn.fr | tcp |
| US | 104.26.14.80:443 | cdn.pushmaster-cdn.xyz | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 172.217.169.78:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 72.77.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.28.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.9.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.43.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.8.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.14.26.104.in-addr.arpa | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | platform.twitter.com | udp |
| US | 8.8.8.8:53 | sonar.viously.com | udp |
| US | 8.8.8.8:53 | sync.sparteo.com | udp |
| GB | 151.101.188.157:443 | platform.twitter.com | tcp |
| US | 104.18.31.80:443 | sync.sparteo.com | tcp |
| FR | 185.141.128.150:443 | sonar.viously.com | tcp |
| US | 8.8.8.8:53 | e.viously.com | udp |
| FR | 185.141.128.152:443 | e.viously.com | tcp |
| FR | 185.141.128.152:443 | e.viously.com | tcp |
| US | 8.8.8.8:53 | syndication.twitter.com | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| US | 104.244.42.200:443 | syndication.twitter.com | tcp |
| GB | 142.250.179.230:443 | static.doubleclick.net | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 142.250.187.225:443 | yt3.ggpht.com | tcp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 78.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.188.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.128.141.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.31.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.128.141.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| GB | 216.58.212.194:443 | ep1.adtrafficquality.google | udp |
| US | 104.21.77.72:443 | en.breakflip.net | tcp |
| GB | 142.250.179.225:443 | ep2.adtrafficquality.google | udp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ssum.casalemedia.com | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| DE | 18.197.30.174:443 | match.sharethrough.com | tcp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 185.89.211.116:443 | ib.adnxs.com | tcp |
| FR | 154.54.250.80:443 | ads.stickyadstv.com | tcp |
| GB | 2.23.204.244:443 | ads.pubmatic.com | tcp |
| US | 104.18.36.155:443 | ssum.casalemedia.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.204.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.30.197.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.250.54.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.211.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.245.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.136.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pbsj.bricks-co.com | udp |
| US | 104.18.18.35:443 | pbsj.bricks-co.com | tcp |
| US | 104.18.18.35:443 | pbsj.bricks-co.com | tcp |
| US | 104.18.18.35:443 | pbsj.bricks-co.com | tcp |
| US | 104.18.18.35:443 | pbsj.bricks-co.com | tcp |
| US | 8.8.8.8:53 | ssp-sync.criteo.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | sync.adotmob.com | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| NL | 178.250.1.57:443 | ssp-sync.criteo.com | tcp |
| DE | 148.251.20.73:443 | sync.richaudience.com | tcp |
| IE | 52.48.27.149:443 | ad.360yield.com | tcp |
| NL | 89.149.192.197:443 | ssbsync-global.smartadserver.com | tcp |
| FR | 45.137.176.88:443 | sync.adotmob.com | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| DE | 148.251.20.73:443 | sync.richaudience.com | tcp |
| GB | 216.58.212.194:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | eu-west-1-cs-rtb.openwebmp.com | udp |
| US | 8.8.8.8:53 | 36.92.85.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.18.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.176.137.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.27.48.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.20.251.148.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| DE | 52.85.92.32:443 | eu-west-1-cs-rtb.openwebmp.com | tcp |
| US | 104.18.7.198:443 | gum.aidemsrv.com | tcp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 52.44.40.191:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| DE | 51.89.9.251:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| GB | 2.19.117.84:443 | player.aniview.com | tcp |
| GB | 23.215.239.190:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | bc-sync.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 50.17.90.156:443 | api-2-0.spot.im | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 64.74.236.95:443 | b1sync.zemanta.com | tcp |
| US | 64.74.236.95:443 | b1sync.zemanta.com | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| US | 23.192.21.141:443 | eus.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 172.240.45.96:443 | sync.aniview.com | tcp |
| NL | 35.214.179.225:443 | csync.loopme.me | tcp |
| US | 54.88.211.52:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | sync-service.net | udp |
| US | 204.62.12.209:443 | sync-service.net | tcp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 8.8.8.8:53 | rtb.bid.com | udp |
| IE | 34.243.22.248:443 | ap.lijit.com | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | sync.contextualadv.com | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| NL | 35.214.179.225:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| IE | 52.31.108.193:443 | jadserve.postrelease.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| US | 8.8.8.8:53 | 32.92.85.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.7.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.40.44.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.239.215.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.21.192.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.90.17.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.236.74.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.211.88.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.22.243.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.12.62.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| DE | 18.155.153.108:80 | crt.rootg2.amazontrust.com | tcp |
| US | 192.132.33.69:443 | bttrack.com | tcp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 192.132.33.69:443 | bttrack.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.108.31.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.153.155.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ads.us.e-planning.net | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | hbx.media.net | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 8.8.8.8:53 | prebidtest.zemanta.com | udp |
| NL | 193.3.178.4:443 | ads.us.e-planning.net | tcp |
| DK | 37.157.5.141:443 | c1.adform.net | tcp |
| GB | 2.23.220.28:443 | hbx.media.net | tcp |
| US | 104.22.30.209:443 | csync.smilewanted.com | tcp |
| US | 172.67.36.125:443 | prebidtest.zemanta.com | tcp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| DE | 18.155.145.63:443 | s.ad.smaato.net | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| IE | 52.214.230.24:443 | ce.lijit.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 4.178.3.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.220.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.30.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.36.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.145.155.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.5.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.230.214.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | client.wns.windows.com | udp |
| GB | 20.90.153.243:443 | client.wns.windows.com | tcp |
| US | 8.8.8.8:53 | in.pushmaster-in.xyz | udp |
| SE | 13.53.155.131:443 | in.pushmaster-in.xyz | tcp |
| US | 8.8.8.8:53 | 243.153.90.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.155.53.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | sync.inmobi.com | udp |
| FR | 163.5.194.30:443 | prebid.a-mo.net | tcp |
| NL | 103.67.200.72:443 | sync.adkernel.com | tcp |
| US | 20.33.55.12:443 | sync.inmobi.com | tcp |
| US | 8.8.8.8:53 | assets.a-mo.net | udp |
| US | 20.33.55.12:443 | sync.inmobi.com | tcp |
| US | 104.19.159.19:443 | assets.a-mo.net | tcp |
| US | 8.8.8.8:53 | 30.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.200.67.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.159.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.55.33.20.in-addr.arpa | udp |
| FR | 185.141.128.152:443 | e.viously.com | tcp |
| US | 8.8.8.8:53 | girhub.com | udp |
| US | 173.239.5.6:80 | girhub.com | tcp |
| US | 173.239.5.6:80 | girhub.com | tcp |
| US | 8.8.8.8:53 | 6.5.239.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | srchassist.com | udp |
| US | 165.22.38.5:80 | srchassist.com | tcp |
| US | 165.22.38.5:80 | srchassist.com | tcp |
| US | 8.8.8.8:53 | todolistchecker.com | udp |
| US | 64.225.9.194:443 | todolistchecker.com | tcp |
| US | 64.225.9.194:443 | todolistchecker.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 5.38.22.165.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.9.225.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| GB | 142.250.200.17:443 | csp.withgoogle.com | tcp |
| US | 34.1.233.117:443 | csync.loopme.me | tcp |
| US | 34.1.233.117:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | 17.200.250.142.in-addr.arpa | udp |
| NL | 35.214.176.79:443 | csync.loopme.me | tcp |
| NL | 35.214.176.79:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | microsoftedge.microsoft.com | udp |
| US | 13.107.6.203:443 | microsoftedge.microsoft.com | tcp |
| US | 13.107.6.203:443 | microsoftedge.microsoft.com | tcp |
| US | 8.8.8.8:53 | edgestorewebpme.azureedge.net | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | ajax.aspnetcdn.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 152.199.19.160:443 | ajax.aspnetcdn.com | tcp |
| US | 23.192.22.93:443 | www.microsoft.com | tcp |
| US | 13.107.253.65:443 | edgestorewebpme.azureedge.net | tcp |
| US | 8.8.8.8:53 | extensions-loader.azurewebsites.net | udp |
| US | 8.8.8.8:53 | mem.gfx.ms | udp |
| US | 8.8.8.8:53 | statics-marketingsites-eas-ms-com.akamaized.net | udp |
| US | 8.8.8.8:53 | 203.6.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.22.192.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.253.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.19.199.152.in-addr.arpa | udp |
| US | 13.107.253.65:443 | mem.gfx.ms | tcp |
| US | 13.107.253.65:443 | mem.gfx.ms | tcp |
| US | 13.107.253.65:443 | mem.gfx.ms | tcp |
| US | 13.107.253.65:443 | mem.gfx.ms | tcp |
| US | 13.107.253.65:443 | mem.gfx.ms | tcp |
| US | 13.107.253.65:443 | mem.gfx.ms | tcp |
| US | 23.192.22.93:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | js.monitor.azure.com | udp |
| US | 13.107.253.65:443 | mem.gfx.ms | tcp |
| US | 13.107.246.65:443 | js.monitor.azure.com | tcp |
| US | 8.8.8.8:53 | 163.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ratingsedge.rnr.microsoft.com | udp |
| IE | 40.69.197.87:443 | ratingsedge.rnr.microsoft.com | tcp |
| US | 8.8.8.8:53 | acctcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | acctcdn.msauth.net | udp |
| US | 8.8.8.8:53 | logincdn.msftauth.net | udp |
| US | 152.199.21.175:443 | logincdn.msftauth.net | tcp |
| US | 13.107.246.65:443 | acctcdn.msauth.net | tcp |
| US | 152.199.21.175:443 | logincdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | acctcdnmsftuswe2.azureedge.net | udp |
| US | 8.8.8.8:53 | lgincdnmsftuswe2.azureedge.net | udp |
| US | 8.8.8.8:53 | acctcdnvzeuno.azureedge.net | udp |
| US | 8.8.8.8:53 | lgincdnvzeuno.azureedge.net | udp |
| US | 8.8.8.8:53 | 65.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.22.192.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.197.69.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser.pipe.aria.microsoft.com | udp |
| IE | 20.50.80.209:443 | browser.pipe.aria.microsoft.com | tcp |
| US | 8.8.8.8:53 | 209.80.50.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 104.208.16.91:443 | browser.events.data.microsoft.com | tcp |
| US | 104.208.16.91:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 91.16.208.104.in-addr.arpa | udp |
| US | 34.1.239.18:443 | csync.loopme.me | tcp |
| US | 34.1.239.18:443 | csync.loopme.me | tcp |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | extensions-loader.azurewebsites.net | udp |
| US | 173.239.5.6:80 | girhub.com | tcp |
| US | 173.239.5.6:80 | girhub.com | tcp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 172.165.69.228:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | ww9.girhub.com | udp |
| US | 76.223.26.96:80 | ww9.girhub.com | tcp |
| US | 76.223.26.96:80 | ww9.girhub.com | tcp |
| GB | 172.165.69.228:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | c.parkingcrew.net | udp |
| DE | 185.53.178.30:80 | c.parkingcrew.net | tcp |
| US | 8.8.8.8:53 | ifdnzact.com | udp |
| US | 8.8.8.8:53 | www.afternic.com | udp |
| US | 208.91.196.46:80 | ifdnzact.com | tcp |
| US | 8.8.8.8:53 | 30.178.53.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.26.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js-agent.newrelic.com | udp |
| US | 162.247.243.39:443 | js-agent.newrelic.com | tcp |
| US | 8.8.8.8:53 | bam.nr-data.net | udp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 8.8.8.8:53 | 46.196.91.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.243.247.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.243.247.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | microsoftedge.msiserver.lan | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | microsoftedge.msiserver.lan | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | www.mydomainbuy.com | udp |
| IE | 108.129.65.43:80 | www.mydomainbuy.com | tcp |
| IE | 108.129.65.43:443 | www.mydomainbuy.com | tcp |
| US | 8.8.8.8:53 | 43.65.129.108.in-addr.arpa | udp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| US | 8.8.8.8:53 | girhub.com | udp |
| US | 173.239.5.6:80 | girhub.com | tcp |
| US | 173.239.5.6:80 | girhub.com | tcp |
| US | 8.8.8.8:53 | girhub.com | udp |
| US | 8.8.8.8:53 | ww9.girhub.com | udp |
| US | 76.223.26.96:80 | ww9.girhub.com | tcp |
| US | 8.8.8.8:53 | 888950.parkingcrew.net | udp |
| US | 8.8.8.8:53 | 888950.parkingcrew.net | udp |
| US | 8.8.8.8:53 | c.parkingcrew.net | udp |
| DE | 185.53.178.30:80 | c.parkingcrew.net | tcp |
| US | 8.8.8.8:53 | c.parkingcrew.net | udp |
| US | 8.8.8.8:53 | ifdnzact.com | udp |
| US | 208.91.196.46:80 | ifdnzact.com | tcp |
| US | 8.8.8.8:53 | ifdnzact.com | udp |
| US | 8.8.8.8:53 | www.afternic.com | udp |
| US | 8.8.8.8:53 | e126871.dsca.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e126871.dsca.akamaiedge.net | udp |
| GB | 95.100.104.16:443 | e126871.dsca.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | 16.104.100.95.in-addr.arpa | udp |
| DE | 185.53.178.30:80 | c.parkingcrew.net | tcp |
| US | 8.8.8.8:53 | c.parkingcrew.net | udp |
| US | 208.91.196.46:80 | ifdnzact.com | tcp |
| US | 173.239.5.6:80 | girhub.com | tcp |
| US | 173.239.5.6:80 | girhub.com | tcp |
| DE | 185.53.178.30:80 | c.parkingcrew.net | tcp |
| DE | 185.53.178.30:80 | c.parkingcrew.net | tcp |
| US | 208.91.196.46:80 | ifdnzact.com | tcp |
| US | 8.8.8.8:53 | support.mozilla.org | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| GB | 216.58.213.17:443 | csp.withgoogle.com | tcp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 142.250.200.10:443 | ogads-pa.googleapis.com | tcp |
| GB | 142.250.200.10:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 216.58.213.17:443 | csp.withgoogle.com | udp |
| GB | 142.250.200.10:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 17.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 172.217.16.238:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 172.217.16.238:443 | consent.google.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 172.217.169.65:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.65:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.65:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.179.238:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.179.238:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.179.238:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.179.238:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.179.238:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.179.238:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 172.217.169.65:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.179.238:443 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 65.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 216.58.213.17:443 | csp.withgoogle.com | udp |
| US | 142.250.72.163:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 142.250.200.10:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 163.72.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.212.58.216.in-addr.arpa | udp |
| US | 142.250.72.163:443 | id.google.com | udp |
| GB | 216.58.212.246:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.179.230:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.180.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.180.10:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.180.10:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.179.230:443 | static.doubleclick.net | udp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.180.10:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | encrypted-vtbn0.gstatic.com | udp |
| GB | 142.250.180.14:443 | encrypted-vtbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-vtbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-vtbn0.gstatic.com | udp |
| GB | 142.250.180.14:443 | encrypted-vtbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| GB | 216.58.212.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | www.10bestvpn.co.uk | udp |
| US | 107.180.118.47:443 | www.10bestvpn.co.uk | tcp |
| US | 8.8.8.8:53 | 10bestvpn.co.uk | udp |
| US | 8.8.8.8:53 | 10bestvpn.co.uk | udp |
| US | 107.180.118.47:443 | 10bestvpn.co.uk | tcp |
| US | 8.8.8.8:53 | 47.118.180.107.in-addr.arpa | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| BE | 66.102.1.156:443 | stats.g.doubleclick.net | tcp |
| GB | 163.70.151.35:443 | star-mini.c10r.facebook.com | udp |
| BE | 66.102.1.156:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.1.102.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.cyberghostvpn.com | udp |
| US | 104.20.175.46:443 | www.cyberghostvpn.com | tcp |
| US | 8.8.8.8:53 | www.cyberghostvpn.com | udp |
| US | 8.8.8.8:53 | www.cyberghostvpn.com | udp |
| US | 104.20.175.46:443 | www.cyberghostvpn.com | udp |
| US | 8.8.8.8:53 | 46.175.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s3.eu-west-1.amazonaws.com | udp |
| IE | 52.92.36.200:443 | s3.eu-west-1.amazonaws.com | tcp |
| US | 8.8.8.8:53 | s3.eu-west-1.amazonaws.com | udp |
| US | 8.8.8.8:53 | lplandmedia.supreme.tools | udp |
| US | 104.18.8.46:443 | lplandmedia.supreme.tools | tcp |
| US | 104.18.8.46:443 | lplandmedia.supreme.tools | tcp |
| US | 104.18.8.46:443 | lplandmedia.supreme.tools | tcp |
| US | 104.18.8.46:443 | lplandmedia.supreme.tools | tcp |
| US | 8.8.8.8:53 | lplandmedia.supreme.tools | udp |
| US | 8.8.8.8:53 | s3.eu-west-1.amazonaws.com | udp |
| US | 104.18.8.46:443 | lplandmedia.supreme.tools | tcp |
| US | 104.18.8.46:443 | lplandmedia.supreme.tools | tcp |
| US | 8.8.8.8:53 | 200.36.92.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | assets.cyberghostvpn.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | lplandmedia.supreme.tools | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 151.101.130.137:443 | code.jquery.com | tcp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | assets.cyberghostvpn.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.20.1.14:443 | assets.cyberghostvpn.com | tcp |
| US | 8.8.8.8:53 | cdn.mouseflow.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.20.1.14:443 | assets.cyberghostvpn.com | tcp |
| US | 104.20.1.14:443 | assets.cyberghostvpn.com | tcp |
| US | 8.8.8.8:53 | assets.cyberghostvpn.com | udp |
| US | 8.8.8.8:53 | cdn.mouseflow.com.cdn.cloudflare.net | udp |
| US | 104.18.8.46:443 | lplandmedia.supreme.tools | udp |
| US | 8.8.8.8:53 | cdn.mouseflow.com.cdn.cloudflare.net | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | udp |
| US | 104.20.1.14:443 | assets.cyberghostvpn.com | udp |
| US | 8.8.8.8:53 | kapetracking.com | udp |
| US | 45.55.107.35:443 | kapetracking.com | tcp |
| US | 8.8.8.8:53 | kapetracking.com | udp |
| US | 8.8.8.8:53 | kapetracking.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 104.18.26.50:443 | cdn.mouseflow.com.cdn.cloudflare.net | tcp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | api.usercentrics.eu | udp |
| US | 8.8.8.8:53 | 46.8.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.130.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.1.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.107.55.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.26.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.usercentrics.eu | udp |
| US | 35.241.3.184:443 | api.usercentrics.eu | tcp |
| US | 35.241.3.184:443 | api.usercentrics.eu | tcp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | udp |
| US | 104.18.26.50:443 | cdn.mouseflow.com.cdn.cloudflare.net | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| US | 35.241.3.184:443 | api.usercentrics.eu | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | udp |
| US | 35.241.3.184:443 | api.usercentrics.eu | udp |
| US | 8.8.8.8:53 | app.usercentrics.eu | udp |
| US | 35.190.14.188:443 | app.usercentrics.eu | tcp |
| US | 35.190.14.188:443 | app.usercentrics.eu | tcp |
| US | 8.8.8.8:53 | app.usercentrics.eu | udp |
| US | 8.8.8.8:53 | app.usercentrics.eu | udp |
| US | 35.190.14.188:443 | app.usercentrics.eu | udp |
| US | 8.8.8.8:53 | aggregator.service.usercentrics.eu | udp |
| US | 34.120.28.121:443 | aggregator.service.usercentrics.eu | tcp |
| US | 34.120.28.121:443 | aggregator.service.usercentrics.eu | tcp |
| US | 8.8.8.8:53 | aggregator.service.usercentrics.eu | udp |
| US | 8.8.8.8:53 | aggregator.service.usercentrics.eu | udp |
| US | 8.8.8.8:53 | 184.3.241.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.28.120.34.in-addr.arpa | udp |
| US | 34.120.28.121:443 | aggregator.service.usercentrics.eu | udp |
| US | 8.8.8.8:53 | graphql.usercentrics.eu | udp |
| US | 34.120.238.166:443 | graphql.usercentrics.eu | tcp |
| US | 34.120.238.166:443 | graphql.usercentrics.eu | tcp |
| US | 8.8.8.8:53 | graphql.usercentrics.eu | udp |
| US | 8.8.8.8:53 | graphql.usercentrics.eu | udp |
| US | 34.120.238.166:443 | graphql.usercentrics.eu | udp |
| US | 8.8.8.8:53 | 166.238.120.34.in-addr.arpa | udp |
| US | 34.120.238.166:443 | graphql.usercentrics.eu | udp |
| US | 8.8.8.8:53 | consents.usercentrics.eu | udp |
| US | 34.117.78.32:443 | consents.usercentrics.eu | tcp |
| US | 8.8.8.8:53 | consents.usercentrics.eu | udp |
| US | 34.117.78.32:443 | consents.usercentrics.eu | tcp |
| US | 8.8.8.8:53 | consents.usercentrics.eu | udp |
| US | 34.117.78.32:443 | consents.usercentrics.eu | udp |
| US | 34.120.28.121:443 | aggregator.service.usercentrics.eu | udp |
| US | 8.8.8.8:53 | 32.78.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.clickcease.com | udp |
| US | 8.8.8.8:53 | d2no1x7oj2rkdb.cloudfront.net | udp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| DE | 54.230.206.12:443 | d2no1x7oj2rkdb.cloudfront.net | tcp |
| US | 8.8.8.8:53 | d2no1x7oj2rkdb.cloudfront.net | udp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | 12.206.230.54.in-addr.arpa | udp |
| GB | 163.70.151.35:443 | star-mini.c10r.facebook.com | tcp |
| GB | 163.70.151.35:443 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | www.afternic.com | udp |
| US | 8.8.8.8:53 | e126871.dsca.akamaiedge.net | udp |
| GB | 95.100.104.30:443 | e126871.dsca.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | 30.104.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | upera.com | udp |
| US | 8.8.8.8:53 | www.upera.com | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| GB | 216.58.213.17:443 | csp.withgoogle.com | udp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | udp |
| GB | 172.217.16.238:443 | youtube-ui.l.google.com | udp |
| US | 173.239.5.6:80 | girhub.com | tcp |
| US | 8.8.8.8:53 | girhub.com | udp |
| US | 8.8.8.8:53 | ww9.girhub.com | udp |
| US | 76.223.26.96:80 | ww9.girhub.com | tcp |
| US | 8.8.8.8:53 | 888950.parkingcrew.net | udp |
| US | 8.8.8.8:53 | 888950.parkingcrew.net | udp |
| US | 8.8.8.8:53 | c.parkingcrew.net | udp |
| DE | 185.53.178.30:80 | c.parkingcrew.net | tcp |
| US | 8.8.8.8:53 | c.parkingcrew.net | udp |
| US | 8.8.8.8:53 | c.parkingcrew.net | udp |
| US | 208.91.196.46:80 | ifdnzact.com | tcp |
| US | 8.8.8.8:53 | ifdnzact.com | udp |
| US | 8.8.8.8:53 | www.afternic.com | udp |
| US | 8.8.8.8:53 | e126871.dsca.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e126871.dsca.akamaiedge.net | udp |
| GB | 216.58.212.246:443 | i.ytimg.com | udp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.179.230:443 | static.doubleclick.net | udp |
| GB | 142.250.180.10:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| GB | 216.58.213.1:443 | lh5.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | googlehosted.l.googleusercontent.com | udp |
| GB | 216.58.213.1:443 | googlehosted.l.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | googlehosted.l.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | googlehosted.l.googleusercontent.com | udp |
| GB | 216.58.213.1:443 | googlehosted.l.googleusercontent.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| GB | 172.217.16.238:443 | encrypted-tbn1.gstatic.com | tcp |
| GB | 172.217.16.238:443 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | otx.alienvault.com | udp |
| DE | 52.85.92.126:443 | otx.alienvault.com | tcp |
| US | 8.8.8.8:53 | otx.alienvault.com | udp |
| US | 8.8.8.8:53 | otx.alienvault.com | udp |
| DE | 52.85.92.126:443 | otx.alienvault.com | tcp |
| DE | 52.85.92.126:443 | otx.alienvault.com | tcp |
| DE | 52.85.92.126:443 | otx.alienvault.com | tcp |
| DE | 52.85.92.126:443 | otx.alienvault.com | tcp |
| US | 8.8.8.8:53 | snap.licdn.com | udp |
| US | 8.8.8.8:53 | sjrtp3-cdn.marketo.com | udp |
| US | 8.8.8.8:53 | cdn.walkme.com | udp |
| US | 8.8.8.8:53 | cdn.bizible.com | udp |
| US | 8.8.8.8:53 | cdn5.alienvault.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| GB | 23.44.65.252:443 | cdn.walkme.com | tcp |
| US | 8.8.8.8:53 | e12923.a.akamaiedge.net | udp |
| FR | 152.195.15.58:443 | cdn.bizible.com | tcp |
| US | 8.8.8.8:53 | fp2c5c.wac.kappacdn.net | udp |
| US | 8.8.8.8:53 | a1916.dscg2.akamai.net | udp |
| US | 104.16.64.67:443 | cdn5.alienvault.com | tcp |
| US | 8.8.8.8:53 | cdn5.alienvault.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | e12923.a.akamaiedge.net | udp |
| US | 8.8.8.8:53 | fp2c5c.wac.kappacdn.net | udp |
| US | 8.8.8.8:53 | a1916.dscg2.akamai.net | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | cdn5.alienvault.com | udp |
| US | 8.8.8.8:53 | e8999.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | cdn-cybersecurity.att.com | udp |
| DE | 18.155.145.20:443 | cdn-cybersecurity.att.com | tcp |
| US | 8.8.8.8:53 | d2tobj9dlmyzd8.cloudfront.net | udp |
| US | 8.8.8.8:53 | d2tobj9dlmyzd8.cloudfront.net | udp |
| DE | 52.85.92.126:443 | otx.alienvault.com | tcp |
| US | 8.8.8.8:53 | 252.65.44.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.64.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.145.155.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.bizibly.com | udp |
| FR | 152.195.15.58:443 | cdn.bizibly.com | tcp |
| GB | 2.19.117.135:443 | a1916.dscg2.akamai.net | tcp |
| GB | 23.43.66.156:443 | e8999.b.akamaiedge.net | tcp |
| DE | 18.155.153.43:443 | cdn.amplitude.com | tcp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 8.8.8.8:53 | l-0005.l-msedge.net | udp |
| US | 13.107.42.14:443 | l-0005.l-msedge.net | tcp |
| US | 8.8.8.8:53 | 135.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.66.43.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.153.155.18.in-addr.arpa | udp |
| US | 44.237.188.58:443 | api.amplitude.com | tcp |
| US | 44.237.188.58:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 8.8.8.8:53 | l-0005.l-msedge.net | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 58.188.237.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | l-0005.l-msedge.net | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 8.8.8.8:53 | 17ebook.com | udp |
| US | 208.91.196.152:80 | 17ebook.com | tcp |
| US | 208.91.196.152:80 | 17ebook.com | tcp |
| US | 8.8.8.8:53 | 17ebook.com | udp |
| US | 8.8.8.8:53 | 17ebook.com | udp |
| US | 8.8.8.8:53 | 152.196.91.208.in-addr.arpa | udp |
| US | 208.91.196.152:80 | 17ebook.com | tcp |
| US | 208.91.196.152:80 | 17ebook.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 216.58.213.17:443 | csp.withgoogle.com | udp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | proxyscrape.com | udp |
| US | 104.18.13.254:443 | proxyscrape.com | tcp |
| US | 8.8.8.8:53 | proxyscrape.com | udp |
| US | 8.8.8.8:53 | proxyscrape.com | udp |
| US | 104.18.13.254:443 | proxyscrape.com | udp |
| US | 8.8.8.8:53 | cdn.proxyscrape.com | udp |
| US | 104.18.12.233:443 | cdn.proxyscrape.com | tcp |
| US | 8.8.8.8:53 | cdn.proxyscrape.com | udp |
| US | 8.8.8.8:53 | cdn.proxyscrape.com | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | widget.trustpilot.com | udp |
| US | 8.8.8.8:53 | widget.trustpilot.com | udp |
| US | 8.8.8.8:53 | widget.trustpilot.com | udp |
| DE | 52.222.191.16:443 | widget.trustpilot.com | tcp |
| US | 8.8.8.8:53 | embed.typeform.com | udp |
| DE | 52.222.191.56:443 | embed.typeform.com | tcp |
| US | 8.8.8.8:53 | d3n2zv395ut2nb.cloudfront.net | udp |
| US | 8.8.8.8:53 | d3n2zv395ut2nb.cloudfront.net | udp |
| US | 8.8.8.8:53 | 233.12.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.191.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.191.222.52.in-addr.arpa | udp |
| DE | 52.222.191.56:443 | d3n2zv395ut2nb.cloudfront.net | udp |
| US | 8.8.8.8:53 | api.proxyscrape.com | udp |
| US | 104.18.11.5:443 | api.proxyscrape.com | tcp |
| US | 8.8.8.8:53 | api.proxyscrape.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | consent.cookiebot.com | udp |
| US | 8.8.8.8:53 | static.hotjar.com | udp |
| US | 8.8.8.8:53 | api.proxyscrape.com | udp |
| US | 8.8.8.8:53 | snap.licdn.com | udp |
| US | 8.8.8.8:53 | script.tapfiliate.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | cdn-4.convertexperiments.com | udp |
| US | 8.8.8.8:53 | cdn.userway.org | udp |
| US | 8.8.8.8:53 | js-eu1.hs-scripts.com | udp |
| US | 8.8.8.8:53 | assets.apollo.io | udp |
| US | 8.8.8.8:53 | eu-assets.i.posthog.com | udp |
| GB | 95.100.104.20:443 | consent.cookiebot.com | tcp |
| US | 8.8.8.8:53 | e110990.dsca.akamaiedge.net | udp |
| DE | 54.230.206.122:443 | script.tapfiliate.com | tcp |
| US | 8.8.8.8:53 | static-cdn.hotjar.com | udp |
| US | 8.8.8.8:53 | script.tapfiliate.com | udp |
| FR | 185.93.2.11:443 | cdn.userway.org | tcp |
| GB | 104.78.166.172:443 | cdn-4.convertexperiments.com | tcp |
| US | 8.8.8.8:53 | a1916.dscg2.akamai.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 172.67.2.155:443 | assets.apollo.io | tcp |
| US | 104.22.59.181:443 | eu-assets.i.posthog.com | tcp |
| US | 8.8.8.8:53 | 1667503734.rsc.cdn77.org | udp |
| US | 172.65.208.22:443 | js-eu1.hs-scripts.com | tcp |
| US | 8.8.8.8:53 | cdn.livechatinc.com | udp |
| US | 8.8.8.8:53 | e5289.dscb.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e110990.dsca.akamaiedge.net | udp |
| US | 8.8.8.8:53 | assets.apollo.io | udp |
| US | 8.8.8.8:53 | eu-assets.i.posthog.com | udp |
| US | 8.8.8.8:53 | 2acdb9b66bb242618283aadb21ede6c1.pacloudflare.com | udp |
| US | 8.8.8.8:53 | static-cdn.hotjar.com | udp |
| US | 8.8.8.8:53 | 1667503734.rsc.cdn77.org | udp |
| US | 8.8.8.8:53 | script.tapfiliate.com | udp |
| US | 8.8.8.8:53 | e5289.dscb.akamaiedge.net | udp |
| US | 8.8.8.8:53 | eu-assets.i.posthog.com | udp |
| GB | 2.16.247.142:443 | cdn.livechatinc.com | tcp |
| US | 8.8.8.8:53 | 2acdb9b66bb242618283aadb21ede6c1.pacloudflare.com | udp |
| US | 8.8.8.8:53 | a1916.dscg2.akamai.net | udp |
| US | 8.8.8.8:53 | assets.apollo.io | udp |
| US | 8.8.8.8:53 | e39296.f.akamaiedge.net | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | e39296.f.akamaiedge.net | udp |
| US | 8.8.8.8:53 | aplo-evnt.com | udp |
| FR | 185.93.2.11:443 | cdn.userway.org | tcp |
| US | 8.8.8.8:53 | js-eu1.hsadspixel.net | udp |
| US | 8.8.8.8:53 | js-eu1.hscollectedforms.net | udp |
| US | 8.8.8.8:53 | js-eu1.hs-banner.com | udp |
| US | 8.8.8.8:53 | js-eu1.hs-analytics.net | udp |
| US | 8.8.8.8:53 | consentcdn.cookiebot.com | udp |
| US | 8.8.8.8:53 | api.livechatinc.com | udp |
| US | 34.107.133.146:443 | aplo-evnt.com | tcp |
| US | 8.8.8.8:53 | aplo-evnt.com | udp |
| US | 172.65.219.229:443 | js-eu1.hsadspixel.net | tcp |
| US | 8.8.8.8:53 | c23f1bb1b6d0420a94d3aeebea36c4c1.pacloudflare.com | udp |
| US | 172.65.192.122:443 | js-eu1.hscollectedforms.net | tcp |
| US | 8.8.8.8:53 | 7c7b02d4bc3d48dd81a7c7738d4de1ab.pacloudflare.com | udp |
| US | 8.8.8.8:53 | 15e49451d4884c2582b2c780d1077dd0.pacloudflare.com | udp |
| US | 8.8.8.8:53 | 18ea70d2d9a945cfb97d818ba71817dc.pacloudflare.com | udp |
| US | 95.100.195.45:443 | api.livechatinc.com | tcp |
| US | 8.8.8.8:53 | e39296.b.akamaiedge.net | udp |
| GB | 104.78.173.108:443 | consentcdn.cookiebot.com | tcp |
| US | 8.8.8.8:53 | e3849.dsca.akamaiedge.net | udp |
| US | 8.8.8.8:53 | aplo-evnt.com | udp |
| US | 8.8.8.8:53 | 18ea70d2d9a945cfb97d818ba71817dc.pacloudflare.com | udp |
| US | 8.8.8.8:53 | c23f1bb1b6d0420a94d3aeebea36c4c1.pacloudflare.com | udp |
| US | 8.8.8.8:53 | 15e49451d4884c2582b2c780d1077dd0.pacloudflare.com | udp |
| US | 8.8.8.8:53 | 7c7b02d4bc3d48dd81a7c7738d4de1ab.pacloudflare.com | udp |
| US | 8.8.8.8:53 | e39296.b.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e3849.dsca.akamaiedge.net | udp |
| US | 8.8.8.8:53 | 5.11.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.206.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.104.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.2.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.166.78.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.2.93.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.59.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.208.65.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.133.107.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.247.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.219.65.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.192.65.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 45.195.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.173.78.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 34.107.133.146:443 | aplo-evnt.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | api.userway.org | udp |
| US | 8.8.8.8:53 | forms-eu1.hscollectedforms.net | udp |
| US | 8.8.8.8:53 | eu.i.posthog.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 54.185.168.114:443 | api.userway.org | tcp |
| US | 8.8.8.8:53 | api.userway.org | udp |
| US | 172.65.192.122:443 | forms-eu1.hscollectedforms.net | tcp |
| US | 8.8.8.8:53 | api.userway.org | udp |
| US | 8.8.8.8:53 | posthog-ingress-prod-eu-1819302861.eu-central-1.elb.amazonaws.com | udp |
| DE | 3.76.21.131:443 | posthog-ingress-prod-eu-1819302861.eu-central-1.elb.amazonaws.com | tcp |
| DE | 3.76.21.131:443 | posthog-ingress-prod-eu-1819302861.eu-central-1.elb.amazonaws.com | tcp |
| US | 8.8.8.8:53 | posthog-ingress-prod-eu-1819302861.eu-central-1.elb.amazonaws.com | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
Files
memory/3600-0-0x00007FF6A3EA0000-0x00007FF6A430E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rufus.ini
| MD5 | 88a819435b44a4dc42894cd776bba8c3 |
| SHA1 | c38e313ac66000ceaa1d05d3d88e1daf4466f45d |
| SHA256 | e9e016863c0e046bab878996a1fc7f266b88bc3b3e34c58cb222331ba228e9fa |
| SHA512 | 910eb9ec4030fd301f5dc0465cb6a723ab0dfc4e04c89c3111ebeb5d78944d114fd479f033b8c2e8895fbdc70096c2255ca74bc8ebfc685659a4c3e7667283c6 |
memory/3600-24-0x00007FF6A3EA0000-0x00007FF6A430E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rufus.ini
| MD5 | 0f1a741d51a1606b77649c77eb8fd142 |
| SHA1 | 6e9bf4bc1b87e781685d4d8070208af11836608a |
| SHA256 | 6811c5d78510dcd5bc399f227a9a2ac5d2e50eac03b63842a7e3b38a7dd8678e |
| SHA512 | 9a1dc710a58f219ee730d2465654daf98cfc7ed4c82922f71d7c59ebea016d76e692481fcbca5fd7ae9a861e7524dd15430fc260664fb79f6be90e00e5cd60cd |
memory/3600-40-0x00007FF6A3EA0000-0x00007FF6A430E000-memory.dmp
memory/3600-42-0x00007FF6A3EA0000-0x00007FF6A430E000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\datareporting\glean\pending_pings\30b4ac48-9ba0-4f95-b50b-48e0be021da2
| MD5 | 2e2c58ad85cb2d71a5401dfd04d5a0c0 |
| SHA1 | 94847d052db3106b9f98afc9da23ed32de204622 |
| SHA256 | da81e13da671898b10b99846f45e5bded89bb1f75f5c8b602bb0aeb732e9f2b2 |
| SHA512 | 328432502d836412a689c8b1554a705d8191acc73136bb7e32b875ea69fb9218c3b2ed14836704b285fcf4b3b1b58352a72b352d2643c26585ff6526a564ad1f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\datareporting\glean\pending_pings\8578bcee-64f7-4dfa-8587-20099c6453af
| MD5 | 0a4bbe2b7fdf231251225b18f303e1cd |
| SHA1 | a24d7705f792064febf6af3b0f95a38668ebecdd |
| SHA256 | 00bd72be9d512ddb97a327377fecc570cc576220c2a36a5520ca3229fd7e2d15 |
| SHA512 | 21e0e7c26241552909239bb06a5137b4e6dceae6c8c1625d5f2628a6ceff7888d493fbe8ac524a87aad99871733a34b01066f354633e1b1c03ef66f42a9037b5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\datareporting\glean\pending_pings\2f43cd35-b40c-4e20-b1fd-8dee90e0212c
| MD5 | 67d8545736bfc2c70167b900784a98c5 |
| SHA1 | 71985a480598cfd6cb50372ab78a1b790115ec94 |
| SHA256 | 6b1c17a2dd169ca0d7d466c8c6b6c0531e63ca61de122dc9e290c97597b117d2 |
| SHA512 | 100905688100a7ff4d06c79d4c2c4ae7675e7251a1fc977f53a239f62290cccabe8b13f376c0cc7ffb20acb98f01324bd5ffdc92a8a3a8c33c28b15459d04db6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | e21e8e7d35477f447fc48bb70ba63ec7 |
| SHA1 | 03c123f37fcd6958e4caa6acd55d34dc726abcb1 |
| SHA256 | 09ab2cc8770a6b7789df5b24bf158f1085ac1e3c67541cd6ab37224989598be9 |
| SHA512 | cbbf40efab1d8a50533a3bd0f0c88bd819fd57c62d49134e446933ca6f1260e652154ed41e5407314efab6596b948658d34c6f3586428883fd6dde024d848c1b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\mfuo34j5.default-release\activity-stream.discovery_stream.json
| MD5 | 768f3380743b33ed6d2aff6523b478eb |
| SHA1 | f89a5603ae9b0d461a1b2a3379f89474064fed7a |
| SHA256 | 2da5685f500fb6619505dba888e2be65fb24db90a3e646251ae35fc055b76c03 |
| SHA512 | b4c3a99811f4554d967b4605a0a7efa35969a441ba2a425d74ec150c135a2041fdc4d620ca0573307a1c38d794f53cfb9602f6b6746f22bcebc9449621eafc1d |
memory/3600-327-0x00007FF6A3EA0000-0x00007FF6A430E000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\prefs.js
| MD5 | d7e51218e347dabe78dbed94dd4433cd |
| SHA1 | 2ff5151a4ccb78c45f832f54ea400f746d905739 |
| SHA256 | 5326de7c88aa3814a61087cdefd048c84b7b38036d312085ea127db0348db07e |
| SHA512 | b593eac9b01680e9dbf015dfcef15962a48e47e3bb93977ed9c086a65ba8b758b4ad338056c882258a3fcd9c9259479f2e92e20ebf619be527faafdb058fae3e |
C:\Users\Admin\AppData\Local\Temp\rufus.ini~
| MD5 | 2b503d9e7de8336de89ffbad494b9bde |
| SHA1 | 6cc10416b8691b5b909aaa4c80a52d60cf33ef33 |
| SHA256 | 893d7588bdcc512582840220aa916d88ff6e22bf58e63b24d622fb52e577f40f |
| SHA512 | c99083aa41aee2a72a76fbf6fd8c0d9b5776dab269e0f3c75b83eeb1ae2d55ab8050dbfcee761c439ca565fa7526a05055d49a8158ecc53e1a86b59d3feea2a9 |
memory/3600-351-0x00007FF6A3EA0000-0x00007FF6A430E000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\prefs-1.js
| MD5 | 4106576aaa4f4a7151f39caac669a274 |
| SHA1 | 55bcb332925d1dfdf09594795381076c093daa92 |
| SHA256 | 8a76181f0359c28dad4148e7284bd9c398e76852981411c5161fe18c9095b5a5 |
| SHA512 | 4970309ded2e5ff0f3dd2516ff9d017aed4806037b3cc00dbf0c273d6fd21c4ce571afefb69c8d522e6c0e9b5c1a2b7cd2ff678e687b6b0b92591c13af7e652e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\AlternateServices.bin
| MD5 | 123b6be79184db2acec6a770ea2e55d7 |
| SHA1 | bdbd4636b550888064534cd22dfe7fab3d5e0657 |
| SHA256 | 2ce3dd3cd0a654cf259f16d14973352828f1674bf6c32f6e38c0ffa58eb9d0ef |
| SHA512 | 913cf7b1a6e251bafdc40da67b366ab3365216467471867c1d053eebd4e4a2a329a7529a689a29cbcadf4da8a03c5aead5355095c80a6cfa0ab1ee539b89e970 |
memory/3600-421-0x00007FF6A3EA0000-0x00007FF6A430E000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | fccab8a2a3330ebd702a08d6cc6c1aee |
| SHA1 | 2d0ea7fa697cb1723d240ebf3c0781ce56273cf7 |
| SHA256 | fa39b46c6f11977f5a2e6f4cd495db424063320fbac26a2eae7466e82ffeb712 |
| SHA512 | 5339b52bad5dff926b66044067aa3e1a6147c389a27ebd89b0f16e1267621d7ce7af9810010bee81cba7b08c77a33ede8ef4675fe049b9fb2ed510fcaef93d6e |
\??\pipe\LOCAL\crashpad_2936_GLCUKOZVOSMRDTOC
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico
| MD5 | e5e3377341056643b0494b6842c0b544 |
| SHA1 | d53fd8e256ec9d5cef8ef5387872e544a2df9108 |
| SHA256 | e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25 |
| SHA512 | 83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 9d533e1f93a61b94eea29bf4313b0a8e |
| SHA1 | 96c1f0811d9e2fbf408e1b7186921b855fc891db |
| SHA256 | ae95a7d192b6dfed1a8a5611850df994c63ba2038018901d59ef4dae64b74ed3 |
| SHA512 | b10de657d0cef4255e96daa1b6ad0c99c70b16c13b8e86790ea226e37e9ded1a8f8bed1e137f976d86ebc3ea9a4b5eb67ce2f5b0200025d35dc8e94c947ff3f5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8b90247bd2dfb7d69c811140e0812cdd |
| SHA1 | 0c83b4063de7bf6b5305aec98dd634dd31d3d084 |
| SHA256 | 3b0acff2741ba3cb2d1add30261a305811f823280890d05b7dd3b28b371ab766 |
| SHA512 | 74353c35781100f137214ba7ad786250f4495d4dc6f86d743fb488e05f3326ed7370f8400c1d31b7368105f5435aa64afda97235b2db77eb661fb4321d8c95ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | ed659b1d7a51e558246bd24f62fff931 |
| SHA1 | 84685d6f04379c290e4261ff04e9e1879d54d42c |
| SHA256 | 23fafd9073812d5ff8b523b84bc981e4cb410bebbf3675db2b29cfac0dae9690 |
| SHA512 | 1c3203328583241895db9fb165fcfd595f642e218ee3a453ab6873cbac10ddab693cd2f913bab15c8bb7b5a12c5768b3dfcb278aad754dec1fbffe66b81843cc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 09372174e83dbbf696ee732fd2e875bb |
| SHA1 | ba360186ba650a769f9303f48b7200fb5eaccee1 |
| SHA256 | c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f |
| SHA512 | b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info
| MD5 | 2a461e9eb87fd1955cea740a3444ee7a |
| SHA1 | b10755914c713f5a4677494dbe8a686ed458c3c5 |
| SHA256 | 4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc |
| SHA512 | 34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll
| MD5 | 842039753bf41fa5e11b3a1383061a87 |
| SHA1 | 3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153 |
| SHA256 | d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c |
| SHA512 | d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\prefs-1.js
| MD5 | 8e6560c6cdaf0a4673697a80311345a9 |
| SHA1 | 31220ec56a7f879234581db7d7dda788f139b15b |
| SHA256 | 38b1ad10ee77896a7dfb9e108b5d4b3321c05173b4953ad08180676523da91b9 |
| SHA512 | 4b09db24d662eaeecd07ddec8c488d9fc69ae77abf9ebd762f381127d95c406878a901cab29fa10bc3a66d0484cebbecb68115f91dc2ce97734f7d3211568e17 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\AlternateServices.bin
| MD5 | 2f811d1cc7d6a2f5e6a8610a1b92353a |
| SHA1 | 67562fcdabeb3508b13330ad5552fbdaeeb16eed |
| SHA256 | 3535bfccad6f2090dd67ddf6914814706e25b54cdf13c0c3ae3a4c6090da0edb |
| SHA512 | 775899e29027902f1627b03472d3f502261e2320fae4640520b16200967b3b7c6c903c127c0732d2d52c70a8840781199fa81a015b9cdbf20806be364710c7da |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 1d5ed019e1ae0905bed43470266998e6 |
| SHA1 | c7a44c88c282799a4d36910369747f10213d1877 |
| SHA256 | 9cc4778e7f6d4a915e80804114904dd63cc206bc313ae18929ee101515e4e1eb |
| SHA512 | 5bfb960764a1ecce914c736c62dd35d54759f39846591fd3133622c94fa0162782ae2186be4f2b261b8c736c0cbda7171429efae3a817b841d8a649412de8116 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 9f6b09611131133869c6670bf6a64a16 |
| SHA1 | c3d5b7c71afc764b7f616dba70c0f9edda552304 |
| SHA256 | b67770fea2c0d9a292696255a099313a832f035c77f77de0658745f161f1c108 |
| SHA512 | 3d3723ef84b89360503c2f013d7507b07d5d97a117afc10fbdb21136cce22a709802e439d0adf87e15bc955e4a59647d92e9a6451eace333693ec6dd05d9f27a |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | fba3a2cc4c9be82b1c8e06b788b615db |
| SHA1 | 1861ad6bc076d545dc77a098c8fee2c17abcbc01 |
| SHA256 | 81e826acd0cf0ac7be9299c656f87ca0159d6f3f8c37d2876d554a922c91abbf |
| SHA512 | a17b1e0a3db114f866d3c337fea708ddd0e058aa1c72483f8fca853cb77e4cce21dc66ada0d64657582f4f9856e80efa00eafcc81d8967d275fb2364a81d6f25 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | 0a8747a2ac9ac08ae9508f36c6d75692 |
| SHA1 | b287a96fd6cc12433adb42193dfe06111c38eaf0 |
| SHA256 | 32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03 |
| SHA512 | 59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json
| MD5 | bf957ad58b55f64219ab3f793e374316 |
| SHA1 | a11adc9d7f2c28e04d9b35e23b7616d0527118a1 |
| SHA256 | bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda |
| SHA512 | 79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll
| MD5 | daf7ef3acccab478aaa7d6dc1c60f865 |
| SHA1 | f8246162b97ce4a945feced27b6ea114366ff2ad |
| SHA256 | bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e |
| SHA512 | 5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 87b0a2a2815e3ed7251af6094f2193ad |
| SHA1 | d4f768c3437a8298633bca4b72a5a995ce16559e |
| SHA256 | 516db0ca5ae06e1940e97ac073d71caeb3e6b992d9fddc0d80d747e092aa6eb1 |
| SHA512 | e3dd1ddbabb34a6f4797ddec8818ed6736f8fc2777d8fa27f3b3b54e2b9bde56a070156082018cb94949e0994b5d0a766a772b3cf9841cac339a710ce087abad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2ebcfdbb58cd56524129466f3f441fb7 |
| SHA1 | 602ebe6080e336ca16ec52d04ee8b414b177e4bd |
| SHA256 | 7edeb779516fc268337c891f03752ed6c30f1e2e2a0fb341d5f32cad289f15a5 |
| SHA512 | df7211263da4f93b630add6ac4c25fb2331a5f0ed4f750e9a021db79ef2a134667f1b904a7fbadb3b86476f52c8611325e89f7636a3cf4235dae6a4c63cfe5c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 7ec09c7cbd7cb0b8a777b3a9e2a1892e |
| SHA1 | 3b07979e57b6c93be7d5a6cd8fa954dee91bd8dd |
| SHA256 | a623633f34a241b0dbc9fd26f34446d716955f94e90b2ff9ac8b9df801bdae5e |
| SHA512 | 5fff0a38a3b6e4b29d402eef2650011e4d9df514e0624767c84ea31cb73cbba10c7e0b5711cb487976d637f0f60a85c431cf0db54b519411245684c116c07b7b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 09918e65c9c19c10042d6034a13088f8 |
| SHA1 | 61829cc8c97a2ac74352d0694109aca4693e9cc4 |
| SHA256 | bb2d93c1069643070e8256ecbd491613c43f5622c812b36bd61983e0da727fa1 |
| SHA512 | 484dbc287caf00cb4d2feae5b2a0177a259e67386ae296134947e3e923beb56b75ed2ab7db62f5ba98a9eb38b5476485d7470cd81eca5063ffc728346710010b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3b5f1b038693d0730b7847ff6f88bc10 |
| SHA1 | 423027bdca1ea1a9dff89d41e5a43e55b23de38f |
| SHA256 | db65ea9bb7c31ab96e6d97d507115dfdd2750dd98ad4208616455d1e43df80e6 |
| SHA512 | 0042b1d0c8b219f483a67a269b7e0b3ef776f5c47881012fa31364c7d5b706645b7424aeb5d165c8cdf5e1582912c306cc0bba4a1be01a62018ffb6bc2b04de9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c2b46ee2a8db2cf79770e9830e1d7167 |
| SHA1 | d8cc46a7667a558889abae6a936763ec0d57b81f |
| SHA256 | 53a77444df9db1c8630eec924eed92831cf84235e10c506d260e20188c967791 |
| SHA512 | 40c42dd39e0adb554aed0ca7f945ad3de9137ab6b9b06135d18ffe63c73b0018362dde7afc6bb6f4e72fde389c862829eb986fa7d2c8ae77a5d641db6a908f4e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe594dd8.TMP
| MD5 | c44bdf1f2f6da3067c288861f1abf602 |
| SHA1 | de0395439875b5962cc115a6b83ed9d092a07710 |
| SHA256 | dec0564dbccc387dff25ea7a13c3463c51d200bf1a52d4ea8772e30d9e970144 |
| SHA512 | e96ff9d0ec801a807a88f8e792e5343d442930fcf016ef2de260d3cd5f6135f6a66e423c127ed87d9d38a6ad8f3da9c79fa3239bf34941b9762dd6e686ca112a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 70dbf0358c2218d5cb05449722ac33c6 |
| SHA1 | 2c21f188552a5361685679c71fc92803dbebe578 |
| SHA256 | 2f00118f6ab3938f3f59f95d246f67a885cc14662a6271204088e26db61894fe |
| SHA512 | e2c896fa8bea0eba28da8e6a21ea2ecd0b84099739f3832b6ca7ca6c5fe62933381b61cd587d77154bd3b42fab14d448a9b23a5e8b5692955cca76e60f85bd43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0a0b698b5d40051e6db6555b1ea3007c |
| SHA1 | 9225c480183051eec61b6981d863a500bebdbd77 |
| SHA256 | 693594a3b94c7b9db2835b51439cfe1bc3a1ce6605f573ddef0f838cdf87ed87 |
| SHA512 | 68705deb8905a0f439d6a8c4d310e3dec36da71b7553876417aef6f6038c930b030873cf20091bc9edec611fe09eec826593edec7ac3be9051c0250e81276db6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c839823b72a61e4ce3d78f3c9206937d |
| SHA1 | cfc103a858782ce7ed7be53aae2c93a82d8e6ba9 |
| SHA256 | bac0bd3500f938c04726d6e33c44c528ad07ca4af433d4a4817a8681db540146 |
| SHA512 | 03d06531f746f5dad2d15c5672ecf95c7144cf9f871dc8440741f328d4e2f142316f6a293663513165f704023b1f3c98331a920878266968555dda0d08175011 |
memory/3600-976-0x00007FF6A3EA0000-0x00007FF6A430E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\rufus.ini
| MD5 | 833f6829ad0d9bf765f10bd13561c41b |
| SHA1 | cc48aed28fccb8b16403f27e5b581f9d6e78a42d |
| SHA256 | 73c47883c4db417022c5c931fe7c64992eea051e4037844ae9eeb77af3cdf316 |
| SHA512 | b2f2cab2900a99ebeb043b0c3364cac24ce1dac1d7d783250432f19349d39b66bf2b7feb419c9691cebd1e5fb3c3d39ff33c91a46f19e3a24a072a375a5c3e68 |
memory/3600-990-0x00007FF6A3EA0000-0x00007FF6A430E000-memory.dmp
memory/3600-999-0x00007FF6A3EA0000-0x00007FF6A430E000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0991bee524c58f363454362999d9b09a |
| SHA1 | 05470181c5eca610057dfdff6691eacb94f2d28f |
| SHA256 | 887806a81e27aaf1d6a5bd6a22ecf7f897767ba464761924a23375a2c7c1c649 |
| SHA512 | 6b0fa0610607a11d7844735c9153a8e1338c9cc5cbf090b3687d23e4e726ad5aa6b24d7dfbd9362544a9b06db7e0e248ee9c2b463d62eba4a9c07ce123baa44a |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\1WS8MUAXXBD42NMQ5PPG.temp
| MD5 | 08d6de3d63e22a88abe6537f55ac7a87 |
| SHA1 | 9e800bc5e40eba4c017b6622bac80d6dbf7b0bd3 |
| SHA256 | 2cf67667ca7cc446b07c145c77a6ab46e8a17b14645ae843da6b29905cba6416 |
| SHA512 | 9891b5fbc7cd1ec62ea38984c680cba1ddb02aaf47d5b11e81017bcfeb9daefc7b7c7dd96d599afad9a0bddeb52c76826d589518b4f3263e53e8c59b4357d0e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b8baeca73e9892ecfa7a45e55a6a83ae |
| SHA1 | 2839353449a2cbf8641647d06dcb27aefd717847 |
| SHA256 | 526991e0870c7d0f8498bc16282e39e4adb3141a06f9334f95d83a2c0a6b8dc5 |
| SHA512 | 78b5a4a86804df05467c5cecd58b99cd5ba606a95686e33d5a93090d126b733c0cd6c56847f1a470fad5263fee299c3fee104ea7a5be0915d3fb0dfa38694c90 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | b48265096e7a333f5034f4dea977b1e2 |
| SHA1 | 6326c70edf1379edba844a576d80094cf48f1edd |
| SHA256 | 2001892b5eb360ea9db033e1c3a78065f86fa338ee89451edcc09397f3455987 |
| SHA512 | ded11d233b290fd6c3228973ad319b09a86654998816b6220bc4478d0517c585486c02801ae8bdd8d64a75397313a9434fa6235a7ca361beb272992256468b43 |
memory/3600-1110-0x00007FF6A3EA0000-0x00007FF6A430E000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\prefs-1.js
| MD5 | a1d1ca303d1522f0d076e20bec1aaed4 |
| SHA1 | 531d98c9219be90b7f873f913e75c5a2a5821542 |
| SHA256 | fea2b17323cd09fe6235eab05f60fddddd27237c063367ad79251a1b4f211f6b |
| SHA512 | 5bcd13ea6c1a94a674f4adff7045ffaa61da2f0089e7e032bde3b9edde7ff89849d15679fc5c119107926f6425ea72ccbdbd28a6e4b632d0fa0951ad1b011a34 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5870b3e051db0ee170e46f6e2583558c |
| SHA1 | 5b9824d80252fe444b9f9c62419613a2aa13e1dc |
| SHA256 | e77154e9e5e7a25d16b6ccad59bf241d44b9e73eedd4d4260212fa5a85cd4226 |
| SHA512 | 357ed34393c365e173a1133d7566b9394641aacd577d2dc9fa9ac3849c43099a0ad97c16a136976b7f782b2976eb622236baf28f60576f4d9097e1a914bacc34 |
memory/3600-1157-0x00007FF6A3EA0000-0x00007FF6A430E000-memory.dmp
memory/3600-1160-0x00007FF6A3EA0000-0x00007FF6A430E000-memory.dmp
memory/3600-1161-0x00007FF6A3EA0000-0x00007FF6A430E000-memory.dmp
memory/3600-1170-0x00007FF6A3EA0000-0x00007FF6A430E000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ea5200ddf38d8cadc5038ca9358e9a86 |
| SHA1 | 3df6e37bdca2262bdc381c259fb489df0d18b747 |
| SHA256 | 4220ec04bb728a937faf06a8613e64f987fc0178bee46fe301afa6a761840008 |
| SHA512 | 5342c3fbe121ab77698b3d2c66c2ec27f8cb89cfc64009dbb8702105d98f9e495837fc6c0814d89e39efe3391d9705c885b59cf216e30d081da86e52202a7c18 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 05b268a2bda485a9b36266e9d6fac107 |
| SHA1 | 1e829d90647db7e266fd6e265428045d6241ee0e |
| SHA256 | d978472ea86167072e5164d2f99752cc16f1049d1626945ae629f4460615b48a |
| SHA512 | 7db3f821b7e47597fbd83beac893c2f19431fd2140dfd2cb9c112256811f9da24fb5962abb3c2edf22f830cda41ae895d572bdb134057f1e31b2b840f23f146f |
memory/3600-1210-0x00007FF6A3EA0000-0x00007FF6A430E000-memory.dmp
memory/3600-1211-0x00007FF6A3EA0000-0x00007FF6A430E000-memory.dmp
memory/3600-1236-0x00007FF6A3EA0000-0x00007FF6A430E000-memory.dmp
memory/3600-1256-0x00007FF6A3EA0000-0x00007FF6A430E000-memory.dmp
C:\Windows\logs\StorGroupPolicy.log
| MD5 | fee6896d0e895e2fe5ef1e23bed60be4 |
| SHA1 | dce921d5c4f74de968b4a19c41d8cba84599c6ed |
| SHA256 | b04be1b0949e870c70d1f4b3cc42037a5ef700d68f7eda22bc8301a8ac33e118 |
| SHA512 | cdc336bbb3df7649e7b6ec60bc3a779828a90090d62d7e6a7331797ccab4a9b23da7cdc41ff8d55bbeaa9295c19ec8d8b0a3a89bc181b3308efa6b44316fbcc9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | fb2f02c107cee2b4f2286d528d23b94e |
| SHA1 | d76d6b684b7cfbe340e61734a7c197cc672b1af3 |
| SHA256 | 925dd883d5a2eb44cf1f75e8d71346b98f14c4412a0ea0c350672384a0e83e7a |
| SHA512 | be51d371b79f4cc1f860706207d5978d18660bf1dc0ca6706d43ca0375843ec924aa4a8ed44867661a77e3ec85e278c559ab6f6946cba4f43daf3854b838bb82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | c3c0eb5e044497577bec91b5970f6d30 |
| SHA1 | d833f81cf21f68d43ba64a6c28892945adc317a6 |
| SHA256 | eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb |
| SHA512 | 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | 56d57bc655526551f217536f19195495 |
| SHA1 | 28b430886d1220855a805d78dc5d6414aeee6995 |
| SHA256 | f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4 |
| SHA512 | 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 76a3f1e9a452564e0f8dce6c0ee111e8 |
| SHA1 | 11c3d925cbc1a52d53584fd8606f8f713aa59114 |
| SHA256 | 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c |
| SHA512 | a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ab37782130b1fa4e8fea0633c90b804e |
| SHA1 | f16b7c24b053a1b04a0defc2839d808e0c5be73f |
| SHA256 | 474a0ea035e1e15a17e21bc74dd680fb307fedac7ceb118979a4d38ea5258ec6 |
| SHA512 | 79ad3681ea073b1a34b6410045c4340aa125918c173f47d8cdd40ce513faf9634fc444d17ff285474583dfb8d475232590e36210dc9312ea8650af11561b3063 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0408dbf9730f020bc9852c3a79212ea5 |
| SHA1 | adeaf933bb7d0bc15807c19227e8cee89b136b3b |
| SHA256 | c61733b9f96bd253b45f1104aeaeb4bc5941397e25040cc44877931129f26c21 |
| SHA512 | 570597250cb70c580363a6d05521721f5b7564fe8c53aa727fc7444fc4c2b13ec2621352fce9d9332c02a5812ef2d66270d11840623d5b464f41a9155088dc8f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5f654b.TMP
| MD5 | c1acaae4cd6be8ed92bdd24872448eed |
| SHA1 | 384c10948f7aef36a63054fd4ab925df288ef058 |
| SHA256 | 4271673942b57c30650838987c18be16d0d8cc7610901c7778e88444d7749237 |
| SHA512 | 6eb2e7e9d51cda427439e1ca48096f5aa9b979d0363c6ef362b3377342f52a4ffbaddc83572811ccecd2770b22b3fd4fbfbcc8ddbd1c1d7e2223de23636ba32b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 06ddbc0d8093f85d9f212ecf1bc1feac |
| SHA1 | 1ed81dae2aeb329e151b638810973a84d19da9c8 |
| SHA256 | b03ef831ac9287b2d92a2dc84039a21c65169adb4091b8906313a71658639e4b |
| SHA512 | fc476101dbcfd634fcf48d51a421138fa59379acb4981f03e35fd2aaff846bcea9ae79b02dbe8d719fb3edcdb3f4ffbcb0efc634e19d044f0da19091c8b0e515 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3c9db36ab278b3c9deb78d57e14ea0ed |
| SHA1 | 5b3a22201283552c88f5e2ed1cdf7fbfa4afd387 |
| SHA256 | 444768f64a49839ccffcd2a054c25ca2f1ba999421678ac3ebd5bed21a73964f |
| SHA512 | bfb3b8f3c2864fd9a46d9986936b4ff4b2c30f5338510d39dab69b722f7859e7ecc9d9d1555b33826fb7d45218c250a86896867567498617b1559035b9feb3e0 |
C:\Users\Admin\Downloads\Unconfirmed 642009.crdownload
| MD5 | 84c82835a5d21bbcf75a61706d8ab549 |
| SHA1 | 5ff465afaabcbf0150d1a3ab2c2e74f3a4426467 |
| SHA256 | ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa |
| SHA512 | 90723a50c20ba3643d625595fd6be8dcf88d70ff7f4b4719a88f055d5b3149a4231018ea30d375171507a147e59f73478c0c27948590794554d031e7d54b7244 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 517db4157c8922b9650ebbbc5ab20309 |
| SHA1 | 731e91ae82f4110b0aa33180508553937b03177c |
| SHA256 | 4a48581f76094a99c9b716f5d2834f88165bc56d4a73a080089162d4538b225c |
| SHA512 | 5e944059174108dc6f687b3c8fdc5b531fe4487d1d615b76823179cabd953e5d6f9ba94ab4981a917776f1ca8f60694e77586d32f1844aff8f7af6d5a7eefccc |
C:\Users\Admin\Downloads\b.wnry
| MD5 | c17170262312f3be7027bc2ca825bf0c |
| SHA1 | f19eceda82973239a1fdc5826bce7691e5dcb4fb |
| SHA256 | d5e0e8694ddc0548d8e6b87c83d50f4ab85c1debadb106d6a6a794c3e746f4fa |
| SHA512 | c6160fd03ad659c8dd9cf2a83f9fdcd34f2db4f8f27f33c5afd52aced49dfa9ce4909211c221a0479dbbb6e6c985385557c495fc04d3400ff21a0fbbae42ee7c |
C:\Users\Admin\Downloads\msg\m_chinese (simplified).wnry
| MD5 | 0252d45ca21c8e43c9742285c48e91ad |
| SHA1 | 5c14551d2736eef3a1c1970cc492206e531703c1 |
| SHA256 | 845d0e178aeebd6c7e2a2e9697b2bf6cf02028c50c288b3ba88fe2918ea2834a |
| SHA512 | 1bfcf6c0e7c977d777f12bd20ac347630999c4d99bd706b40de7ff8f2f52e02560d68093142cc93722095657807a1480ce3fb6a2e000c488550548c497998755 |
C:\Users\Admin\Downloads\msg\m_swedish.wnry
| MD5 | c7a19984eb9f37198652eaf2fd1ee25c |
| SHA1 | 06eafed025cf8c4d76966bf382ab0c5e1bd6a0ae |
| SHA256 | 146f61db72297c9c0facffd560487f8d6a2846ecec92ecc7db19c8d618dbc3a4 |
| SHA512 | 43dd159f9c2eac147cbff1dda83f6a83dd0c59d2d7acac35ba8b407a04ec9a1110a6a8737535d060d100ede1cb75078cf742c383948c9d4037ef459d150f6020 |
memory/5972-1781-0x0000000010000000-0x0000000010010000-memory.dmp
C:\Users\Admin\Downloads\msg\m_spanish.wnry
| MD5 | 8d61648d34cba8ae9d1e2a219019add1 |
| SHA1 | 2091e42fc17a0cc2f235650f7aad87abf8ba22c2 |
| SHA256 | 72f20024b2f69b45a1391f0a6474e9f6349625ce329f5444aec7401fe31f8de1 |
| SHA512 | 68489c33ba89edfe2e3aebaacf8ef848d2ea88dcbef9609c258662605e02d12cfa4ffdc1d266fc5878488e296d2848b2cb0bbd45f1e86ef959bab6162d284079 |
C:\Users\Admin\Downloads\msg\m_slovak.wnry
| MD5 | c911aba4ab1da6c28cf86338ab2ab6cc |
| SHA1 | fee0fd58b8efe76077620d8abc7500dbfef7c5b0 |
| SHA256 | e64178e339c8e10eac17a236a67b892d0447eb67b1dcd149763dad6fd9f72729 |
| SHA512 | 3491ed285a091a123a1a6d61aafbb8d5621ccc9e045a237a2f9c2cf6049e7420eb96ef30fdcea856b50454436e2ec468770f8d585752d73fafd676c4ef5e800a |
C:\Users\Admin\Downloads\msg\m_russian.wnry
| MD5 | 452615db2336d60af7e2057481e4cab5 |
| SHA1 | 442e31f6556b3d7de6eb85fbac3d2957b7f5eac6 |
| SHA256 | 02932052fafe97e6acaaf9f391738a3a826f5434b1a013abbfa7a6c1ade1e078 |
| SHA512 | 7613dc329abe7a3f32164c9a6b660f209a84b774ab9c008bf6503c76255b30ea9a743a6dc49a8de8df0bcb9aea5a33f7408ba27848d9562583ff51991910911f |
C:\Users\Admin\Downloads\msg\m_romanian.wnry
| MD5 | 313e0ececd24f4fa1504118a11bc7986 |
| SHA1 | e1b9ae804c7fb1d27f39db18dc0647bb04e75e9d |
| SHA256 | 70c0f32ed379ae899e5ac975e20bbbacd295cf7cd50c36174d2602420c770ac1 |
| SHA512 | c7500363c61baf8b77fce796d750f8f5e6886ff0a10f81c3240ea3ad4e5f101b597490dea8ab6bd9193457d35d8fd579fce1b88a1c8d85ebe96c66d909630730 |
C:\Users\Admin\Downloads\msg\m_portuguese.wnry
| MD5 | fa948f7d8dfb21ceddd6794f2d56b44f |
| SHA1 | ca915fbe020caa88dd776d89632d7866f660fc7a |
| SHA256 | bd9f4b3aedf4f81f37ec0a028aabcb0e9a900e6b4de04e9271c8db81432e2a66 |
| SHA512 | 0d211bfb0ae953081dca00cd07f8c908c174fd6c47a8001fadc614203f0e55d9fbb7fa9b87c735d57101341ab36af443918ee00737ed4c19ace0a2b85497f41a |
C:\Users\Admin\Downloads\msg\m_polish.wnry
| MD5 | e79d7f2833a9c2e2553c7fe04a1b63f4 |
| SHA1 | 3d9f56d2381b8fe16042aa7c4feb1b33f2baebff |
| SHA256 | 519ad66009a6c127400c6c09e079903223bd82ecc18ad71b8e5cd79f5f9c053e |
| SHA512 | e0159c753491cac7606a7250f332e87bc6b14876bc7a1cf5625fa56ab4f09c485f7b231dd52e4ff0f5f3c29862afb1124c0efd0741613eb97a83cbe2668af5de |
C:\Users\Admin\Downloads\msg\m_norwegian.wnry
| MD5 | ff70cc7c00951084175d12128ce02399 |
| SHA1 | 75ad3b1ad4fb14813882d88e952208c648f1fd18 |
| SHA256 | cb5da96b3dfcf4394713623dbf3831b2a0b8be63987f563e1c32edeb74cb6c3a |
| SHA512 | f01df3256d49325e5ec49fd265aa3f176020c8ffec60eb1d828c75a3fa18ff8634e1de824d77dfdd833768acff1f547303104620c70066a2708654a07ef22e19 |
C:\Users\Admin\Downloads\msg\m_latvian.wnry
| MD5 | c33afb4ecc04ee1bcc6975bea49abe40 |
| SHA1 | fbea4f170507cde02b839527ef50b7ec74b4821f |
| SHA256 | a0356696877f2d94d645ae2df6ce6b370bd5c0d6db3d36def44e714525de0536 |
| SHA512 | 0d435f0836f61a5ff55b78c02fa47b191e5807a79d8a6e991f3115743df2141b3db42ba8bdad9ad259e12f5800828e9e72d7c94a6a5259312a447d669b03ec44 |
C:\Users\Admin\Downloads\msg\m_korean.wnry
| MD5 | 6735cb43fe44832b061eeb3f5956b099 |
| SHA1 | d636daf64d524f81367ea92fdafa3726c909bee1 |
| SHA256 | 552aa0f82f37c9601114974228d4fc54f7434fe3ae7a276ef1ae98a0f608f1d0 |
| SHA512 | 60272801909dbba21578b22c49f6b0ba8cd0070f116476ff35b3ac8347b987790e4cc0334724244c4b13415a246e77a577230029e4561ae6f04a598c3f536c7e |
C:\Users\Admin\Downloads\msg\m_japanese.wnry
| MD5 | b77e1221f7ecd0b5d696cb66cda1609e |
| SHA1 | 51eb7a254a33d05edf188ded653005dc82de8a46 |
| SHA256 | 7e491e7b48d6e34f916624c1cda9f024e86fcbec56acda35e27fa99d530d017e |
| SHA512 | f435fd67954787e6b87460db026759410fbd25b2f6ea758118749c113a50192446861a114358443a129be817020b50f21d27b1ebd3d22c7be62082e8b45223fc |
C:\Users\Admin\Downloads\msg\m_italian.wnry
| MD5 | 30a200f78498990095b36f574b6e8690 |
| SHA1 | c4b1b3c087bd12b063e98bca464cd05f3f7b7882 |
| SHA256 | 49f2c739e7d9745c0834dc817a71bf6676ccc24a4c28dcddf8844093aab3df07 |
| SHA512 | c0da2aae82c397f6943a0a7b838f60eeef8f57192c5f498f2ecf05db824cfeb6d6ca830bf3715da7ee400aa8362bd64dc835298f3f0085ae7a744e6e6c690511 |
C:\Users\Admin\Downloads\msg\m_indonesian.wnry
| MD5 | 3788f91c694dfc48e12417ce93356b0f |
| SHA1 | eb3b87f7f654b604daf3484da9e02ca6c4ea98b7 |
| SHA256 | 23e5e738aad10fb8ef89aa0285269aff728070080158fd3e7792fe9ed47c51f4 |
| SHA512 | b7dd9e6dc7c2d023ff958caf132f0544c76fae3b2d8e49753257676cc541735807b4befdf483bcae94c2dcde3c878c783b4a89dca0fecbc78f5bbf7c356f35cd |
C:\Users\Admin\Downloads\msg\m_greek.wnry
| MD5 | fb4e8718fea95bb7479727fde80cb424 |
| SHA1 | 1088c7653cba385fe994e9ae34a6595898f20aeb |
| SHA256 | e13cc9b13aa5074dc45d50379eceb17ee39a0c2531ab617d93800fe236758ca9 |
| SHA512 | 24db377af1569e4e2b2ebccec42564cea95a30f1ff43bcaf25a692f99567e027bcef4aacef008ec5f64ea2eef0c04be88d2b30bcadabb3919b5f45a6633940cb |
C:\Users\Admin\Downloads\msg\m_german.wnry
| MD5 | 3d59bbb5553fe03a89f817819540f469 |
| SHA1 | 26781d4b06ff704800b463d0f1fca3afd923a9fe |
| SHA256 | 2adc900fafa9938d85ce53cb793271f37af40cf499bcc454f44975db533f0b61 |
| SHA512 | 95719ae80589f71209bb3cb953276538040e7111b994d757b0a24283aefe27aadbbe9eef3f1f823ce4cabc1090946d4a2a558607ac6cac6faca5971529b34dac |
C:\Users\Admin\Downloads\msg\m_french.wnry
| MD5 | 4e57113a6bf6b88fdd32782a4a381274 |
| SHA1 | 0fccbc91f0f94453d91670c6794f71348711061d |
| SHA256 | 9bd38110e6523547aed50617ddc77d0920d408faeed2b7a21ab163fda22177bc |
| SHA512 | 4f1918a12269c654d44e9d394bc209ef0bc32242be8833a2fba437b879125177e149f56f2fb0c302330dec328139b34982c04b3fefb045612b6cc9f83ec85aa9 |
C:\Users\Admin\Downloads\msg\m_finnish.wnry
| MD5 | 35c2f97eea8819b1caebd23fee732d8f |
| SHA1 | e354d1cc43d6a39d9732adea5d3b0f57284255d2 |
| SHA256 | 1adfee058b98206cb4fbe1a46d3ed62a11e1dee2c7ff521c1eef7c706e6a700e |
| SHA512 | 908149a6f5238fcccd86f7c374986d486590a0991ef5243f0cd9e63cc8e208158a9a812665233b09c3a478233d30f21e3d355b94f36b83644795556f147345bf |
C:\Users\Admin\Downloads\msg\m_filipino.wnry
| MD5 | 08b9e69b57e4c9b966664f8e1c27ab09 |
| SHA1 | 2da1025bbbfb3cd308070765fc0893a48e5a85fa |
| SHA256 | d8489f8c16318e524b45de8b35d7e2c3cd8ed4821c136f12f5ef3c9fc3321324 |
| SHA512 | 966b5ed68be6b5ccd46e0de1fa868cfe5432d9bf82e1e2f6eb99b2aef3c92f88d96f4f4eec5e16381b9c6db80a68071e7124ca1474d664bdd77e1817ec600cb4 |
C:\Users\Admin\Downloads\msg\m_english.wnry
| MD5 | fe68c2dc0d2419b38f44d83f2fcf232e |
| SHA1 | 6c6e49949957215aa2f3dfb72207d249adf36283 |
| SHA256 | 26fd072fda6e12f8c2d3292086ef0390785efa2c556e2a88bd4673102af703e5 |
| SHA512 | 941fa0a1f6a5756ed54260994db6158a7ebeb9e18b5c8ca2f6530c579bc4455918df0b38c609f501ca466b3cc067b40e4b861ad6513373b483b36338ae20a810 |
C:\Users\Admin\Downloads\msg\m_dutch.wnry
| MD5 | 7a8d499407c6a647c03c4471a67eaad7 |
| SHA1 | d573b6ac8e7e04a05cbbd6b7f6a9842f371d343b |
| SHA256 | 2c95bef914da6c50d7bdedec601e589fbb4fda24c4863a7260f4f72bd025799c |
| SHA512 | 608ef3ff0a517fe1e70ff41aeb277821565c5a9bee5103aa5e45c68d4763fce507c2a34d810f4cd242d163181f8341d9a69e93fe32aded6fbc7f544c55743f12 |
C:\Users\Admin\Downloads\msg\m_danish.wnry
| MD5 | 2c5a3b81d5c4715b7bea01033367fcb5 |
| SHA1 | b548b45da8463e17199daafd34c23591f94e82cd |
| SHA256 | a75bb44284b9db8d702692f84909a7e23f21141866adf3db888042e9109a1cb6 |
| SHA512 | 490c5a892fac801b853c348477b1140755d4c53ca05726ac19d3649af4285c93523393a3667e209c71c80ac06ffd809f62dd69ae65012dcb00445d032f1277b3 |
C:\Users\Admin\Downloads\msg\m_czech.wnry
| MD5 | 537efeecdfa94cc421e58fd82a58ba9e |
| SHA1 | 3609456e16bc16ba447979f3aa69221290ec17d0 |
| SHA256 | 5afa4753afa048c6d6c39327ce674f27f5f6e5d3f2a060b7a8aed61725481150 |
| SHA512 | e007786ffa09ccd5a24e5c6504c8de444929a2faaafad3712367c05615b7e1b0fbf7fbfff7028ed3f832ce226957390d8bf54308870e9ed597948a838da1137b |
C:\Users\Admin\Downloads\msg\m_croatian.wnry
| MD5 | 17194003fa70ce477326ce2f6deeb270 |
| SHA1 | e325988f68d327743926ea317abb9882f347fa73 |
| SHA256 | 3f33734b2d34cce83936ce99c3494cd845f1d2c02d7f6da31d42dfc1ca15a171 |
| SHA512 | dcf4ccf0b352a8b271827b3b8e181f7d6502ca0f8c9dda3dc6e53441bb4ae6e77b49c9c947cc3ede0bf323f09140a0c068a907f3c23ea2a8495d1ad96820051c |
C:\Users\Admin\Downloads\msg\m_chinese (traditional).wnry
| MD5 | 2efc3690d67cd073a9406a25005f7cea |
| SHA1 | 52c07f98870eabace6ec370b7eb562751e8067e9 |
| SHA256 | 5c7f6ad1ec4bc2c8e2c9c126633215daba7de731ac8b12be10ca157417c97f3a |
| SHA512 | 0766c58e64d9cda5328e00b86f8482316e944aa2c26523a3c37289e22c34be4b70937033bebdb217f675e40db9fecdce0a0d516f9065a170e28286c2d218487c |
C:\Users\Admin\Downloads\msg\m_bulgarian.wnry
| MD5 | 95673b0f968c0f55b32204361940d184 |
| SHA1 | 81e427d15a1a826b93e91c3d2fa65221c8ca9cff |
| SHA256 | 40b37e7b80cf678d7dd302aaf41b88135ade6ddf44d89bdba19cf171564444bd |
| SHA512 | 7601f1883edbb4150a9dc17084012323b3bfa66f6d19d3d0355cf82b6a1c9dce475d758da18b6d17a8b321bf6fca20915224dbaedcb3f4d16abfaf7a5fc21b92 |
C:\Users\Admin\Downloads\t.wnry
| MD5 | 5dcaac857e695a65f5c3ef1441a73a8f |
| SHA1 | 7b10aaeee05e7a1efb43d9f837e9356ad55c07dd |
| SHA256 | 97ebce49b14c46bebc9ec2448d00e1e397123b256e2be9eba5140688e7bc0ae6 |
| SHA512 | 06eb5e49d19b71a99770d1b11a5bb64a54bf3352f36e39a153469e54205075c203b08128dc2317259db206ab5323bdd93aaa252a066f57fb5c52ff28deedb5e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | da6644707bbe86032880b0d377f98678 |
| SHA1 | f3989094994513a27cf879305fb89ac00036c081 |
| SHA256 | 65796aa4e331d437c30cad469fabe291a6a5b2fb20de37238016d3b00678c70a |
| SHA512 | f4d52b4cd2992fa715765ddd25460d2b8134a770d5502b0a1719c6ef08c2a0ca98616e335568360513e0055e15242cd99031e914a827007836cf0d208381f619 |
C:\Users\Admin\Downloads\r.wnry
| MD5 | 3e0020fc529b1c2a061016dd2469ba96 |
| SHA1 | c3a91c22b63f6fe709e7c29cafb29a2ee83e6ade |
| SHA256 | 402751fa49e0cb68fe052cb3db87b05e71c1d950984d339940cf6b29409f2a7c |
| SHA512 | 5ca3c134201ed39d96d72911c0498bae6f98701513fd7f1dc8512819b673f0ea580510fa94ed9413ccc73da18b39903772a7cbfa3478176181cee68c896e14cf |
C:\Users\Admin\Downloads\c.wnry
| MD5 | 93f33b83f1f263e2419006d6026e7bc1 |
| SHA1 | 1a4b36c56430a56af2e0ecabd754bf00067ce488 |
| SHA256 | ef0ed0b717d1b956eb6c42ba1f4fd2283cf7c8416bed0afd1e8805ee0502f2b4 |
| SHA512 | 45bdd1a9a3118ee4d3469ee65a7a8fdb0f9315ca417821db058028ffb0ed145209f975232a9e64aba1c02b9664c854232221eb041d09231c330ae510f638afac |
C:\Users\Admin\Downloads\u.wnry
| MD5 | 7bf2b57f2a205768755c07f238fb32cc |
| SHA1 | 45356a9dd616ed7161a3b9192e2f318d0ab5ad10 |
| SHA256 | b9c5d4339809e0ad9a00d4d3dd26fdf44a32819a54abf846bb9b560d81391c25 |
| SHA512 | 91a39e919296cb5c6eccba710b780519d90035175aa460ec6dbe631324e5e5753bd8d87f395b5481bcd7e1ad623b31a34382d81faae06bef60ec28b49c3122a9 |
C:\Users\Admin\Downloads\taskse.exe
| MD5 | 8495400f199ac77853c53b5a3f278f3e |
| SHA1 | be5d6279874da315e3080b06083757aad9b32c23 |
| SHA256 | 2ca2d550e603d74dedda03156023135b38da3630cb014e3d00b1263358c5f00d |
| SHA512 | 0669c524a295a049fa4629b26f89788b2a74e1840bcdc50e093a0bd40830dd1279c9597937301c0072db6ece70adee4ace67c3c8a4fb2db6deafd8f1e887abe4 |
C:\Users\Admin\Downloads\taskdl.exe
| MD5 | 4fef5e34143e646dbf9907c4374276f5 |
| SHA1 | 47a9ad4125b6bd7c55e4e7da251e23f089407b8f |
| SHA256 | 4a468603fdcb7a2eb5770705898cf9ef37aade532a7964642ecd705a74794b79 |
| SHA512 | 4550dd1787deb353ebd28363dd2cdccca861f6a5d9358120fa6aa23baa478b2a9eb43cef5e3f6426f708a0753491710ac05483fac4a046c26bec4234122434d5 |
C:\Users\Admin\Downloads\s.wnry
| MD5 | ad4c9de7c8c40813f200ba1c2fa33083 |
| SHA1 | d1af27518d455d432b62d73c6a1497d032f6120e |
| SHA256 | e18fdd912dfe5b45776e68d578c3af3547886cf1353d7086c8bee037436dff4b |
| SHA512 | 115733d08e5f1a514808a20b070db7ff453fd149865f49c04365a8c6502fa1e5c3a31da3e21f688ab040f583cf1224a544aea9708ffab21405dde1c57f98e617 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027
| MD5 | 17a3b62be9665b1d0e411a8d87565ecc |
| SHA1 | be09b90a1a121126dab9689f156c51f77bee1ac9 |
| SHA256 | 038deabc8e304a2d574cfd4ed4aa515f8f174f7b3f8b80b416a4354d60b4f311 |
| SHA512 | 6de650c1d46b2d19c14f1b8d21c8589ee276caa2a30654436176295dccea7f619c450ff1cbd01fe94d174cb032eebffed18036fbae4e10dcb17fa228d23850fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 642c3a322ad9c28a980cc12f300fb15e |
| SHA1 | 57f6ee767bdf621978b320835cd103762acd256e |
| SHA256 | ba951d966db3041065a6abb149b9f7737fe0fe5c7a67349df4ee0fe8b336a92d |
| SHA512 | 9187e5b7ae838f626d95b2b144ebc88072fc34801dd207ad277f1cc4fafd105eee15f93d15c493d6ed3868cf98150823e28ba07d1f46c84cc11f7bc49cee2c79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e0762e602d83cef492a24efc512d285d |
| SHA1 | e0ac3afb54368bf475c50ae0d85b4b9a2d757688 |
| SHA256 | 075cd33952600532857c0c91b2db28c40c37535bd5fc38340854b3c864c70efb |
| SHA512 | 9936b5c85e7cb40fad30a462304e27bd8607492016c8f2a71be13b3ce14e6bc62f87528705cca975bf776746b781074ed933623245e662c552f8008a6179bcbf |
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new
| MD5 | 310f4632ecc5c0eecb4de9f173b5340c |
| SHA1 | 31d4098e21cacef9e1da315c0ebdcfc6a37a20ee |
| SHA256 | ed2f9f226f6c2a0768bb7ee03c204f73b804d359a0bc0cad6383b20f67236414 |
| SHA512 | 9a3d2cff7a3e97a5aa1a29fc103dbc4ac659f186a870a284cbad4d0b00512c8f26150c8d95eb92d178c7ad383899aacc795c46eb57eebc565df1797f96f8f4c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | cf50944d36798f8dd46b999c9e1257ba |
| SHA1 | 37ce7e5484583dfa6ddabd61b07d75fc7bacec7d |
| SHA256 | 4b1c904c40cc014b25874a6c8515718139caf205933bf5cd60aed803f1f5d2ea |
| SHA512 | 2b581cff4a3f38be6ca343d03687d00c006fd0fbf4ba03c6491f45ff825dc964eff9b0739b7a796779c5d9cc1d5f083206c5f067ccb40640b1866798d3bf7e4c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | 55a93dd8c17e1019c87980a74c65cb1b |
| SHA1 | 4b99f1784b2bb2b2cc0e78b88c5d25858ff01c5d |
| SHA256 | 4925dd477b8abf082cb81e636f8d2c76f34d7864947114fc9f1db0e68b5a9009 |
| SHA512 | f9ade542c593067dbcd13ed94da1ba17a84782575355396db8fd7c28aa70a3120d0c0a22d3ca3d2f0774c1dcb06b9319e243b36001c618c92e0af25cb9c8e46b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | cd74fa4f0944963c0908611fed565d9b |
| SHA1 | c18033d8679d742e2aab1d6c88c28bd8f8a9e10d |
| SHA256 | e432edfafbd52fcdbd59ef74892aa2e2ab19df6647ae723b368fca529066a804 |
| SHA512 | b526216bdbc73a97db41edbec6fdfd09b7b4ae149d415fb5811dde03ad4b1b0247950abd78fef807ae47674ab1b56ff0b971fa5e305b26bc92dc07871313b750 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f4d446e2a9c4f30ab4d0558fb3a29981 |
| SHA1 | fd92b8020836508074cd35577476ad00b0ae7ae1 |
| SHA256 | c53fcd8ad13d4fe614a81ff3066f2249417fd7cd17d2e772b9a86dc2116c8258 |
| SHA512 | 50414cb9aca77adcdc6beb3cc44ffb98ef006bd82447a99993b02577b92624e3b766b7dfd832d06c21c45ac8579c93e087c3b753d3964c6c98891c2b56ed8942 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1c853d3f7e53586648995c52afa016ed |
| SHA1 | 28421cd37620514ededb7d307794509ec11f1dd9 |
| SHA256 | f11dc0b35b17dc1d1fc74dffeb9ce92ecb10c0e87ea969c8d4638b5c2e2160dc |
| SHA512 | f5b87d643209bebf9bb980567ddfb092633d0e6594611fd4c5a42db2323c56bad85917fb7aac292d94d3733be9938eb5d7d4e4b9566f0e60f72aac3f71415226 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e376bb6c1ea1ba75dda2bced8ea97ee7 |
| SHA1 | d23094e4c3cb06762bb91352a90397cae33f4774 |
| SHA256 | c1871515e18b10c49630ff5c1f501207e5902a211892adb456b51842e4505c92 |
| SHA512 | 43c927461cf49baa5a71915db15a4ec243b2c1eb16e249553c072d2a9adc152dfafc221113eb2aaefc2e7f1dd4c7a7b3d4ed08ff2de06433c402ad9874e82dc0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 42f943e3c678f4da49289fa5a1fbb1f1 |
| SHA1 | 8bda65322b014f26209211b7f5c42471fffa05ee |
| SHA256 | 7ad0f294c1fc251b6c78361882644d3ead5f8afcb33161fe6c7e9e9c17f7ed7a |
| SHA512 | 44c12435f4d36b17087f90b9a4c452c8646fd021b439324e9736dba0d20c32ed207ff99b4a8a7d5ba595d2655df6918d38d958868776f0b66b294470af4becb9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8d7d602fc50eb62429ca0e53ba97d05b |
| SHA1 | 7987befb2c4a4d5603a1b3ba5257ea3ca7512c61 |
| SHA256 | edbda8e2c31a002c53098c27f563abee0d0079a7eddb6316ab85ceecb1098c6a |
| SHA512 | d395485c38f2cc2920ea5cb534b11c284bd2f54c4c6c95c73bbf9324581672252b030b143cfff89f3f99a89b661ed0478c9132dafca3e9b79ac8275c8c0c3247 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\79908dfd-631a-4ec6-9c3b-ecdbe60c91e9.tmp
| MD5 | 9a86aca4787c73d3a2efa45e17fd0683 |
| SHA1 | 0b6064aa259218ce147d005385048ed2cd593a60 |
| SHA256 | 1077ec407dc0e35b389a52f9ce2c786177c75d5f54fc451647cf334dcb044016 |
| SHA512 | 657771bf8b41be4c45c13ff53c0fda49ffd8c33fb657039ca590119e47e9318ac688cd3b80baa70411148b8110012961b007cf7457746df23888919549dc0cdc |
C:\Users\Admin\Downloads\Setup.exe
| MD5 | 180563d014f6f8ffe0ebba87201367bd |
| SHA1 | 190adf8e6885bea8722d36c2907d0dee91cbcea7 |
| SHA256 | 5e6f72b4573fcb0ff01a12878201a7625bd6e19b58fad49756cff15109101f94 |
| SHA512 | 6873430188ea187a168c07e498c3e0e73510e6f0166d15bb2611d150dac7d7173e8a9ab727fcc99dbde128b20fd444b5c70faa54100bd7b3ca18dea3c6295993 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 61d80cd26fd173f7cec4fa290da0f221 |
| SHA1 | bfa0fbfb2d7bf459ea6aead77ea4de1ab79adbdf |
| SHA256 | be96f7fba1e943214576bebd39f8d2ba1297949473ce80cd5c9400b85f3779e5 |
| SHA512 | b9e0e20ef725bd19bdbcc033a140664558481d8b076fdd422356931e941efbf09a0c6b70031b557d7a43582f41c77e075e9f393467817bfefb5746cd7c67b43b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f7a7832ab90a3877281812452f9c8dc0 |
| SHA1 | 91e9a463048724a7e9d65909e122f094dafe4cfd |
| SHA256 | bf7d61f875e50870e4df15de5e07b65578133070310c00c4954ed76444a6c3bf |
| SHA512 | 858ac6e30dc3010c2d8bc5b8dad8cb3e0182f310d95a77fef6847c5c7e5097a6b4236dd5b2465d2b07348f3d7dcbd22c71935d16309f2a85d8ba7497634edf63 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005a
| MD5 | dee46781c0389eada0ac9faa177539b6 |
| SHA1 | d7641e3d25ac7ac66c2ea72ac7df77b242c909d3 |
| SHA256 | 35f13cf2aef17a352007ab69222724397e0ec093871ff4bd162645f466425642 |
| SHA512 | 049b3d8dcfb64510745c2d5f9e8046747337b1c19d4b2714835cc200dc4ba61acaa994fec7c3cd122ba99d688be6e08f97eb642745561d75b410a5589c304d7d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005f
| MD5 | 54460939adee2ae735d8ac184402558d |
| SHA1 | e9b88020fc803bc449f95cb1221294ce00590367 |
| SHA256 | 23b04b0b2a9bf4c2146efe04f0614aeb76fc0d62fa72adc436baed7a37cc0312 |
| SHA512 | 0a994da0fcb85a1b519ce3c783dc3f7da047a7d66f00b377c3a87cc1e5948f6bf2000349b9cb43214363fe3072e78c9e778075db183dc8a1eff829b4cf4bf685 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000062
| MD5 | 7820868733f40be1532c203ddef29dac |
| SHA1 | b05284788e05da2048eafe2d32ae82d72cc7bf20 |
| SHA256 | 697fe36c8e350ba203e98a5b319be12ac8c3c4b1b0c7b0659d32b0d8210f5c12 |
| SHA512 | 34ea94632c42798d74da4bae84839889bb071a6545e20e6732523f1b1f8357a9db9b5002c897307bcbcfcdacaab3a7939f069d8b8c8ab2d04c5bc39ffdcb795c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f1094c25ec107f3d_0
| MD5 | dcf07c6cd62eadae23690caee6ed0bf7 |
| SHA1 | a302f44aa0ee10d8efd76a6353fd5c4e855cd632 |
| SHA256 | a9d4434893f354bed8361d5c1456f3c21c77495520cc33a4b7d3aadc0ce2984b |
| SHA512 | e70edba53e5d0ccb0096de398be6d0c5dc841b532f0b753df4394445b0f6e40cc343950aa849abf4c833468611e9d155098c3d3f4c1d3e3d5a5526f89be12330 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000068
| MD5 | 4d8b471a2271ac4e3b5d25b5683964d0 |
| SHA1 | 67b52c3bfabc09bc4f99d259de43213dfebbb5c8 |
| SHA256 | d0947470db9c332a7e6abf959a45cbdaa82e6e032e325c512cc9a3cd32dbae65 |
| SHA512 | d734faac61756e2fc07821704a9ebc5c5a0e7a7dec601b3c8ac4ad6b1cec59cd6446f38e4df41f9c51cf5a45bc7c6241801fa945023bec1a735c0bf450a0c0f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2ccec4d8b60cbd1d032d829b095f8b21 |
| SHA1 | ff07600eb6d40bb224df890e5e748d00dcf9a80a |
| SHA256 | 8ae48497542ca33835125c61e74a81dd6d77e7b44cbb9d2a8afffc9ed15090bd |
| SHA512 | 2b868a63f2f00b82df3943113e5828ef18fa6116661764d6d72301b1a65d09ad9ce77690fd4737d959e118c21776a8379f77db2e124d73e3709d7af82122e663 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 306ca0454c9f2feff490c35633a35178 |
| SHA1 | 12ea375354d9a389c255302f8795525dad49c76c |
| SHA256 | 5e7b46650368b4e36d9c0a5e3ed8dbcb6bb7d4bda3a38a42fb9b179f588a2fa8 |
| SHA512 | 60fc2e5e5eef75a39937b6b2b769e4f890049cea8ac863f334bcfcf2167cc3b13da6be9b79bb08f4a365d9f738d581f683a2ad72769a995f72f27e201a7ba5f4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7cf9843337c39c04_0
| MD5 | 477ef3de7cb1f77cd37ede06bbb310b9 |
| SHA1 | cc5cd18d3e09800c218edff241a66883a07df292 |
| SHA256 | 9bea4fdd24a80e7e7ac9d95676943481f68ff33284bb4638c6528d68ca7c5c2d |
| SHA512 | cdd035a779d413b12e954ebc6739598429005ed1db31dc871707195d1e7126ad16cc7d65eb263f6909014c99407e3eb5ac34c62c8100db8287eae0b8944b1ebb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8908012b8e4a5af1_0
| MD5 | 1e0f08f2946d5f39e71661777781f8c2 |
| SHA1 | 1abab23d9d086803f51084f321cdff6e795c6f08 |
| SHA256 | 2f6ed7b69d9bdaf119e67f8e8d5acf25618982e71e6fa03bed56005a1d18811e |
| SHA512 | fa4f59d7610a6fdf033b2a69e2a1488f91237dcced955d20c599e8e09f061f152465fa4da3c6b676dd4d314db9dd9f5cb2848d9b7070246e340b502cbe7d276d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6b7644cb858ee390_0
| MD5 | aef2b19de2e032824edd20d1e41ce219 |
| SHA1 | 623f6f749d8f8ce02b29e1d17fc3f77b8239dbcb |
| SHA256 | bd3314da51f956d8bd66491154e2375dd33b44204b38ae7b3d6eff9b71c6503b |
| SHA512 | 5b0d3557ca74ed315d047cd68ff05e3f2c944963f6ec0d14292d335979ae0f0e6ccd1abd59f6ad558ccfbba000825a89cdc396870c501ed82b814381123475e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6d3b0ad57bdf7db9_0
| MD5 | 7caf99c2c8533494b3f6e8c9929dc68d |
| SHA1 | 214b9e025ad1a4b279f4b5fc821cb3a2534d5be7 |
| SHA256 | 38357c3063dfc7c88477fcdbfc780252329cb59ecbf07ef7bca96da01f045424 |
| SHA512 | 207dedf7126757b959e7baffa5a19de2cc49dd12ae54a0f7ceabb41d7a16d418e33d0ae895ffeb02488c597cd61be2c3634b9c6f41a79afb1f562aa2a4744d76 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\580fd9376c2d4a3e_0
| MD5 | 4672f927758bf41a2103e0fe3caba720 |
| SHA1 | 25dae916fdc4ec9aad9720e8e7c171f2bf0e8622 |
| SHA256 | ec0ca5f54ea34eed675f2e06a569958fa05f87e92a642831c53425eb93fd2927 |
| SHA512 | 54fc1f390fbdc0c58f2fc95e3f3351cbcc5720b4bfed4197a2f5dddf83dada62d56213be0fd508458fb9a3c46380fa5cc373b4e656f74946acca5424713a8e21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5a994fe24b451732_0
| MD5 | 043103a2414c22d90948a2bbf19cbfcb |
| SHA1 | e546af32860acb500ac66e8e606a359678091546 |
| SHA256 | 26455f32f4613d364d0c43e3bf2c6656c632f1ff479a98d1a981078d6d4ca603 |
| SHA512 | eccab173ce570a26f3dfc1933f51cf674c74957150dd0a9ff9f985eee343f9e329f6ef954f6498d76a922a43f53558f52e3be9c2831d4fb1161121c1c315afc9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0bbe00d9bf7b798e_0
| MD5 | b7d691972cd11264e73623d0b03ddb8f |
| SHA1 | 54357e3ab496383885716c62fe8d19c0275a5074 |
| SHA256 | f68fad20a02dab50b2c37fc759b0b5ac0adbc3ab316c8dfede32dae64b2e8c1f |
| SHA512 | 4ff9b5f47fc4c081e45918792103f0aa0202372862fc5d7fe19e6c74ab776fb8a3a36ca0023b02ab7c9b91d3585aee85a0f9c1c204951854d28637c403bbcebe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f9f54d7f2e6cf0b1_0
| MD5 | df7614093c7465632bc382f53c6421ac |
| SHA1 | 62b0bc4bf5cb97c46b11b87091534ebdede563b7 |
| SHA256 | cf007a9533591c1aaeb00f1efc5d7305ba45e4723a82862824ebcbad1a613b6a |
| SHA512 | 7592be2fa6ce6b468d9d5fd5d4c8bdf552c268d9ef8b515d2dcde5b382fbc152643a4a3c13ab80818b69a2010ecbc23fd5ac9bde9c07039798a666b70a36b8e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6e1427d19ff38087_0
| MD5 | ac14a358b3ed79102e7d1f32d5aee0a6 |
| SHA1 | 95be9822fc3969bb4c4523420613807183c71402 |
| SHA256 | 89fc8dec6eeedc96db0d73b17c3ff787dba700774bb0f4f89622f07501f19a94 |
| SHA512 | 34eed78e47332e3b3438f641ac28dce6caf6c543013ef09fd2ae90b014720841ef196c25132ac01d1ba6d19ebc21a4a405fab40ee777bd53b2a294de7260d285 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\605167868572c6c4_0
| MD5 | ba9ad98d079aa6e835b49a11ad4c66b3 |
| SHA1 | 7a1ff069067049c99c3e33b7de817c33a2faf4e0 |
| SHA256 | aec82085321cbfac17668866eb805f048f80859c786dca20e4d8b755c1e6f20b |
| SHA512 | 81b108c17bf005f90ac8a03efccd573e6a0381b7c19c8071ca1167cd996bdea5f605f8a7433a88006361cd5e273ea42952b746b3c05bcf3f9bc01bd423a974d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5c63983b10e3c69f_0
| MD5 | d3d57f01b82851c4924d0922ead72568 |
| SHA1 | a17caf9590eaac46536157625cf337dd61ab487a |
| SHA256 | 4ddf8cf54f60117cb1b1d8ed9b604480526cb31491ab9f2e26feb2837fb694d7 |
| SHA512 | 62996825bd410a16726710c8fa95702f3893688d75f00dde307d3994c1c007009f0bd0eb4334da996c90b25a4b3b3f286cd5eca683caed51e4c178f8fb0beb61 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d7a29efad91a1117_0
| MD5 | f5e08824ec0a9d824d7fe1d3644e22db |
| SHA1 | c2c60e4e8c7866906013ed0ccea122bf40fadc5b |
| SHA256 | 7a225b749a3f74b94bfb871c2e68bbebc6807af4f4e87949ad17a0db666e4075 |
| SHA512 | 73a43660e83e5b7ce30ae76609031376a4baa93317cb1da6d0e84b59c73be8f833761f8741591b3a6da0eec27f5a212266183a534d4ede79ba840a68f2c76d8d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0
| MD5 | 889507f3166d003de1a8259c81b78dc9 |
| SHA1 | 8bfe63adf4ffb4c0007c3a358c2b11f3514bbd1a |
| SHA256 | af622d4827079b081846b3b5a5d48a6a80fe0edb95c8a21d480a078f25893d73 |
| SHA512 | db78a257df43488ac008db8532e68fc0d59c0d06bc36ea2ecb7d5b73c330f81cbdd1032740bbd6f2fb1e0ed0d6e62cbf6fe16fa7bd6529d40cfb3a3502555880 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0
| MD5 | 26c395e56d7ec74b11b01449b0244144 |
| SHA1 | c693497b653999b381bca2dca796e4ce1952b7ad |
| SHA256 | 3a6ceb725b94120deb57a0e05eabb3ff146c14f217170d3ed8eca7bf1c6a5808 |
| SHA512 | dd957d6962751a2ca76b1ff041edc17eefc9579c73844c62e761c06ee1a031a9a89540dc803b54a0b46106a07dfc318944cae23af1478e4ca64f9e0272a24e66 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ee73a31bd0cce7d_0
| MD5 | 65ae44a0f9ab4e366c3be773dedfdfe3 |
| SHA1 | 65589fe149891f05936d89d8117bd9718d6b11d1 |
| SHA256 | af92fe6a630c093fe508a22d80ec136b36f884ae3b4a2f262df89bb036d60cff |
| SHA512 | 93a276e4a72d4c0a0bf4c399435a175312b46f85ce209e172d7925c52f90edd302d1b1376e04d817c3729103ff989dc100ae3a1e07ab8ff9633550db9d513211 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9412c8b664751f90_0
| MD5 | bbc2dcb10678c5fd0382b03614b27190 |
| SHA1 | db7f23c1a9146efac6f73306ec4866408b5a54b7 |
| SHA256 | fe6b3457b55da863c9793e162e551cf8f49f231c349aaffb8551a53e32841143 |
| SHA512 | e0985ba80d43906b50f201f0fe639c04fb7d8b1c9eb98a5c0f2fc98a11facbd8eeec1421b43050cf5e4c064c270b9da1c7ea979797430f09a5865c4f068f7994 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0
| MD5 | 1fd375fe26367289bef6d14885ff7f9e |
| SHA1 | 3146e8152e9f430e99909dea8d7099a75f974fcb |
| SHA256 | 5297bd62948ed036fa498f7dd6e5c190d78223769f9048eeff751b5df739189f |
| SHA512 | 44a132f0b160a928f4ed3a2f152497de66090755714628f33aacf8696d7513839ec134d9c5d479b74f47e2abf222dde6c6c2c7f3047265112b3db5eba6dba2f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0
| MD5 | c5f001bab7ffaa69e6d49d99fe5bd80d |
| SHA1 | 249556b22af4aae05f86a76aa73679130cd8f27b |
| SHA256 | e7c1b4f9e7193fb77760dc932a1848f7260f39f4ca5c7ac97434cb6986914e8c |
| SHA512 | e3dc1da22400c6786a40ebadd6dcb17b8dec6898f715deeb8a153fb34904afd6bfe93888fb32c664dac910165b9c9f31bf5095959309fae8e1dcec16ed793d75 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d0c04f9998369cd_0
| MD5 | 2a0ff41b17b6c299cd158b872c8159ee |
| SHA1 | fc1d1e3a196b97ef314d47818cce410ef924cd2a |
| SHA256 | 263ab80b8d8dde3c719275d41f7d4425295f78b5b60305acfdd8f63b28c3db4f |
| SHA512 | 7245d9c09053721bb45df5f9a6287c850779ec19d1ef3fc26f2e711f5860a7a1aae5ba7c74595d4176ce09457d806fb9e7cd2d97082a2cd732add2ba9135bd37 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\83d6d3a772bbc707_0
| MD5 | 5bb8c9d7415cdf69058dbb488b8008eb |
| SHA1 | 1a6f7586449453dad9dba6bfd3fd444288cb8b34 |
| SHA256 | 0de12e8061753fe21363f733f1d2c3c120ed19b8cb671a377b2f5f683173891b |
| SHA512 | 500061dd41cde707affa7404a925237853f68039755910825b75864e561af2343ddfa529c2f06cc92a1fd97b24ddc40dd4acec60dccfa8649e7c6d32f68e8a85 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5dd1e579c9681f95_0
| MD5 | cf73d4999a1f883cbe9d75e35b747cc4 |
| SHA1 | ea1e05602973a6a77ea1d0d7dd72ea7d4563717a |
| SHA256 | 525f6a6fb093319b1f42f626e0482d228780c1ffe207945a51d9fad4e0f27a30 |
| SHA512 | e8cdd140a6867d0d25334644d2a6f87b34f5e2815ecf86df20d3d77e828652156c04f7becd5aae0693affe54dea9cb1cbfb5e46d212dc432ffed18803aaf119b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e55f0a6d1b533c66_0
| MD5 | 2d4a6ed777a1aba5247a290ce7d1da93 |
| SHA1 | 31f11d9938bfe3af8d3bcd619dc4aecbdb33fa59 |
| SHA256 | 381574582867fe69505fb5bf772cf0260d969afe8913e07b0b7c799c7120804d |
| SHA512 | a0a2907fa4805852f2e2800de95975b27a82d2edbed03630968233f1f827a78ed69f1d7dfd827eb3214483e7e5361edeedfdfd73de787a58954bb675b16f2875 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0
| MD5 | 4a15244880d4f434f4cf005bb2b3a250 |
| SHA1 | 4c311eb643b2d2dde044d8be4725cf9c59cddbbe |
| SHA256 | 426bff04db1c89072264c34834e43fc6ac215e825d9006562f712dd850685a76 |
| SHA512 | fcf4b1eb02eb022c9cfffbe201ebe3ab34a51131774913d075776fc0dee8f6d4930f57cf925b22335cc1933a96a075eb3fd89b3dfd7e3f9f079d9546a7417c52 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a267b7c21d8b8c9c_0
| MD5 | 3bc61a797cb0495cbbf817091e4626b6 |
| SHA1 | 7191bea2c8806c9e05992f3c8ab62cfc0cb1f099 |
| SHA256 | 9b1dda8975284b4c7a340e30621bfb63b48bd4a0b359026ca74046984bcdd90a |
| SHA512 | 8361a8f0316acc85eacbf3a68a02e25cade0ee0785d8dfa1702c178c4fc888953fbfb31ea7ef2912e91bdefe90e46e539db39668b157abbc116394a4fa7c27a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7d369a64d6dc70a5_0
| MD5 | bfe6b4fb23574cf6df488d9e6553a589 |
| SHA1 | c0e8ab384cc8b34eaeed489ed466052b74eec097 |
| SHA256 | ec00aad286e885bf29cc8684316087a1b36528098efd12e3e9d1c9d0f4613ec8 |
| SHA512 | 00ebd720f7ff32539856a39e0dd81e74ae4f06f0424484fa3ad9062397a24fd0ab03cd86d9a09254b09a092109c4faea63d2105bfd36609fc440789aa9c9d0d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d3dbb3008455b523_0
| MD5 | e876aa5d0459a6cd414a6b44dbd980f4 |
| SHA1 | 25dbc5e0a4e865eed5cfe6800af2a1f5c0cea920 |
| SHA256 | 82a2c6f5cc1148b765998915ade3a0451d47e5e1d1af9d14faf2a91d4b0af6fa |
| SHA512 | 3f80024587750990cfe87904fb835175d7770980ef9547835796aa495cce375055c4e12db97ef4de167a72fc2ff16cf31878df27c3724c1f4b257d07f500d9ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a09f6271ad0c4092_0
| MD5 | 319f7580d6f061a47ee945d531534873 |
| SHA1 | 9e084b41f4da35e95e53050c42c9b4fa6d929a36 |
| SHA256 | 2df24be6087975d2413ecc79c12a783f0a48195356be5890880f81f712c42e5b |
| SHA512 | 0ca0a4f0b2a19dcfc2852581f06f32a09b4fcd68a12e1e5e61a24300e0e2e5aaba403937d911ce12fd9d0159c15d11204bb808502a05898736632443dda36bf7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7a66a1246c4f29f4_0
| MD5 | e019dc03312d518563f20856aac88000 |
| SHA1 | 91facded212ad71d186fbc2bc8e95d419a725c66 |
| SHA256 | 18d192b6f4e9162397535e452b1f985ebc145c74af80193fe13beca11b724adb |
| SHA512 | ef516c51b5412bf4dfdef476ee67d4d93bf2e4228f620dd92a9a4df9c29c8f4efb9ed4c3fed82e2922eb342eb7538424abc39c8cd09ae16f96e632070889df84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9dbb949d27873cbc_0
| MD5 | c9b94211c5bb97350248e92956a83c3a |
| SHA1 | d6058dbd9551c8766df615c87b1593e5401a99ab |
| SHA256 | 83210c2a76c9694f9d3f9bbf30e3f89599f621d32f1ef48f5b3d571ffcb24974 |
| SHA512 | b7ff9571115050881c6dbe0fd3e9676d12fa27f65f1656e1bf2ec797c7595be5d9fa3845624768bc7794cf7967e4dcb36b4e17d8d9e3a6ceafbe49fb032fdee4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b3e82669a81c981d_0
| MD5 | ba85291b3acec2175ce432a4aadcad9f |
| SHA1 | 22a77a492b4d22f6ff35cda836f0d46b7875a164 |
| SHA256 | 71e4a830eea9394308c1cd36eaeed83137d078c3c95b72e8f83adce4619c3c77 |
| SHA512 | 14ef4d526dce618f8d4873d2990aa6715d82311ebbcbcc232f669ac8f9ac6a382cedd8c1b11005073a7511050d28f91a9b684fb53ccc55017f87b7f43b89c1db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e4f85019800026a2_0
| MD5 | c1d917dcff2d7c4f0baa969d32c7a98a |
| SHA1 | 9b4bc90761ba170c9239125749b05c52eb839fbc |
| SHA256 | 56b5a10db6b6085821b2feb8d256f1c56a75cbd3a53fbbc16289fa16b5fc513a |
| SHA512 | 5950346ab25e3ec6eb5a2cd30d932297bfe3753bab8302ded1e5c0a9f9acdf3b902b5b217706bac92b7dd4da5a970b6f642346776741b4cca6f38076bec89241 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa5fe3b36e22e31b_0
| MD5 | ccd98bd23972923585efcab2a6cbd05d |
| SHA1 | e2821b03fcdd140bb42c0ccc6ab72406ebb8f69e |
| SHA256 | eb5ac96c9dd07142dab707dd60f47aa28f2f5e457bd36216ec7e646095281d43 |
| SHA512 | 2cd1b7a2186018f0b960f42a931e37f8a89e76220be1b30a5a3a80527cca873fc5911780b705d4d65345429abe292788ded16c79f470aa804074ade94a227063 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\46d8591239c0d052_0
| MD5 | 1adcb85e7c27dfa7a2f408dff248f160 |
| SHA1 | 42e88937f251f54fc813772e5b0e2020f90228c3 |
| SHA256 | da0ce29095556facdde96e9334c4a4296dc31e4b1d9597916b5f1cd67ec59801 |
| SHA512 | a2d8f3771ccc9aa97a596128b48980b0c5ba3af0dafad5ffc16332daac8e97632e91025bfd96e0af682e0b0527d375a7d335777c3291fb1dd9c3d0aebb677f69 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daea348421cbc209_0
| MD5 | d5992925cd01f865a21b595f96a850c2 |
| SHA1 | 345e4e2c47a9e2a03fa182a72df8294510fcc5a8 |
| SHA256 | 8e4ee0d4a26fb4cd0116344f93b6313cf386a390eda4de22f73d6cfde2726c5c |
| SHA512 | 4cb6e1c5ae4561109250439d93c571dda11e779f8bb7b6d7394a1f731411dc52fa662699e1457f29801d02af188cbcdbb622470465efa3a49d235ca14d1533f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | dd241de8b468f4cca35fabc1af69ba80 |
| SHA1 | 33711b0f1bc7b1a7dede94ac2633fd7687364b69 |
| SHA256 | 797be8e60cd14ea60e4a12e81766877f030f8cd3fdff89992f74bacad70095c6 |
| SHA512 | 3beaae9acc13653271299cf2a0ed00c61689f5885f1f492ad4c5aa7450bc59f191a8c3fd50cc8a3a77fe64ba6979b6abb8c4f4b106e74ae154e3608c0e2b598f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 11a18f1e92d733f274c6650e99974c0c |
| SHA1 | 6b20e5d5aee72d947da7ed902877cbf92ea57868 |
| SHA256 | cfdf2aef091747b3e0a6294d5b21e148b7216b6db3e3cab143a1c9c6995d1492 |
| SHA512 | 26675651bd133aabeda817da09dfd535ef252a362df0a4dfd9b8330ce49cc926c3a0f30e60dc5f3b054c26501dd2e3211ab09b57336e3ca64d3e2232a1ad2ee5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 3ae4872bcf693178d851032fd01e1df8 |
| SHA1 | f8220ffa1aacc7a79b9b9d2a77bd32be95565ea4 |
| SHA256 | 0217a19991f1be939ab4ad551e00ae0c23768c07b7681122e8d8e73eef806c7b |
| SHA512 | 03efec4a6331f871de6bc0dc54465e2cf1586281f54d2e4f3560f31920b89ef4d92163ec54c5f84e920aa5de7d9f34f7eb4c42503c12a6e1e9960290c11849c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 529bb028bb862276caaf3f90c1cb88ba |
| SHA1 | 69b93a7a74a688aef26074d7844ae74396155cc0 |
| SHA256 | d92f51a05260bec9ebcc43d0daf4dc8f1dcf61784f0b1ee2e167b32b7d593531 |
| SHA512 | ccd6e431a9b69c7497197239f78051325d37e2c4c377833256f5d09a657d1afff88a7dece13cb32452bd6e98d46e9ee2c4199c9ba17ed6c294cd8e9dd3c0fb5e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4eb39018f895d4230ac9af39c5d57050 |
| SHA1 | 8f6bc5ee2f5d66cd10d403fa0713435a7d6cb910 |
| SHA256 | 42b59fd16f5ef21e7376732224a81732ddc50acfae2d5a62531180bb90608ecd |
| SHA512 | e07e2bbd3a1b24d59c0098735c4988d4902fa554e5e55bb0f709af12ff46d3d9a14b7be7446ea9d6637121b78cd90b26a873030398e607ef8bdefc6848484da7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 0a799c6f09cb7c591159e08bc6977e7d |
| SHA1 | 74c0fa2ca29896bf4e0b0cbdbdea27aa873eadd1 |
| SHA256 | 12f2c4c780e5c18ae1cd68aee9a8c2da2805315d7b71012177884930bb6d3848 |
| SHA512 | 34e192225e5b7e2fa82fd63ada478680ccfe6be580042f7c4bc2173d8a9b4ac49105cc2ede976bee52a4f37fdc0418f38e6b9339203afdd51ff313ad2763533d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe623543.TMP
| MD5 | a6415ae7dde80d1388cd4518a9c3cf15 |
| SHA1 | 3f4aa00b1202c7edca345851f65347b7fe6f5084 |
| SHA256 | 671251e295bcc64dd66942e1db98782c0c4fba1c4f6a1c5f45d3b1e726b5bd2f |
| SHA512 | 50b170feee92ccbe4530acccbfcbf345377734e7999f4dce25c0a9c423418eb3873cf20d8dad1b0b7a152a2a42b9747cebb688e572b16906a2d776fc2a4077cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7a39aa9b57096d8ca412ba7a7b2dcb25 |
| SHA1 | 253fd3849935d7d790deb2597ef1b86e376b56a3 |
| SHA256 | a1b14d107b2a4c0eb8ab08cffd830e035cfd64a37f5aa75d0b8bac6667ed13af |
| SHA512 | 9e4f5086cd1197113a10879301c8920b374c3eefe58b529e687265fb54f559ebe48182118723ac4bdca49a5a4f076b06d2c7a98267b3c89249a0a676147b8e26 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9829ea89b80086163de9d4102cbc7bb6 |
| SHA1 | f6cb5bc37612f08d5638ce81b4f0f243167ea6b3 |
| SHA256 | 21a3396f7ef4200377f6fa1b0b60613ca3e6bea8f1741c0092dc48c4bec22eda |
| SHA512 | 47236ba8f48f4e1c606bfe371e52e12673b5db2ac1f691709f8e6cd09e51786d40bfac689b9ea7e21d32a77de87006cfae9b5c90ed4c6913a31897842651f9b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b3
| MD5 | e579aca9a74ae76669750d8879e16bf3 |
| SHA1 | 0b8f462b46ec2b2dbaa728bea79d611411bae752 |
| SHA256 | 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf |
| SHA512 | df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9da6b8f856bc362bee43051ed2aefe5c |
| SHA1 | 5f8874e30b01e3200777a9ca2c1d4dccbe9879a8 |
| SHA256 | 5b042ca3771bd76f23c8fe023b6e183bb83d70751c12f66a0e0bb640581c0756 |
| SHA512 | d63db13c7d1be1d44ab1a5aee85296de49cdfade31e23ad8c50325b280d3334a31aecbf1cdb17bf70d76f64997efaf2bf7ee0aa8bb71509e4101925ce1f6d40d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 34a1673c087368786d6155019b0ba552 |
| SHA1 | 42b6fe8676a1aa9b609ef1bd77cf3058e06f464c |
| SHA256 | 6339b686d492acee88abfbe9cce79288e88f1036a3fd869d65c202a3fb5c42e0 |
| SHA512 | a2ee09f8fbcc8659f0d48bfbf2567adfca8d66c2199973b56f6c98d529bae95177355806c262f2185c414813fc21d6804726b279829b3ab86bb25e2e8d11e770 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3c24dcd413921a9ced76467bb8f4130e |
| SHA1 | 273231ea4aaf9d864b5dd4e9804c3f4a4c72ed9f |
| SHA256 | e6c6d403b4a0b8e56e14115fa9406b36e2be62047ed2c480f0b9438d5fff02b6 |
| SHA512 | a26df1a51f83f295e3f933ef70bf300c9142d868ca9541ab8e6a6c59d5054f82c333003b02aa282a58756493607b5b7c23903324d8d03f91eebb5c3e57ff128b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 3b6c13d6a6a55a7a00633e6f3d2ad495 |
| SHA1 | 47e8b775ed78f25c57d43cf22ae7b0467aed5710 |
| SHA256 | a56ca72207906d72b6952dfee5d7fbeb6e4adbb64592be364bc00e9510e269ec |
| SHA512 | 2dc868e67c4f74b1e5ba5a6dbf65df5f191ca876cedde56b8b975f2d53d869e1f725d956839e7e8f9f7574856ef60fae6df5aaacacac645fd32438f42233e95f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c66148f545bcf9a885d8ba8b38b830b7 |
| SHA1 | 9c03475211f1b34ffc821ed0b099990c786dcb00 |
| SHA256 | 0a1018d27cfc4558a7931b39c76d1218c93e268ee21f573f511d147259e84022 |
| SHA512 | 197cd0103dab94419816379ae836445b09f2a3c1846a044765f6929afe264996993a9d9e8c305fab71a8f9de20569a8fa6f8998dbf645b9dde63c08a1de446e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7cf72b6620934ce2591a8aaffff31745 |
| SHA1 | 3ec2ff40ee2ccfb8d47726040a41f5944f9a2b97 |
| SHA256 | 08dbed3e3c23ed695bae2ccb7b1971baf24d4458be6c6df517171d241a320a16 |
| SHA512 | cfeba16908ce586b6d273d0ef96dd222455e7d9e3bbab3c11dd316b7095773e17b6265f09b7629c51503c5650c548a94dd9dbb3b46e9d3cc6d9fea09a4d5ca02 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cd3a2a0bd70cb9f2e5c36de813c574f0 |
| SHA1 | 77c88bffdea712b727851b3bfcadc54237f955e4 |
| SHA256 | c9b8d8a2505b207c5ea1640d20bd7323344155aeac31135d01b4d159b68c3fc2 |
| SHA512 | 0e7ab5830bf5e877d3963b2f9f9cc182be2d7c87032d6cb5a046b829a61ed49bae720036a3b50824d25292644eb28ae3642a90101f360b4a249c6e6d51ed6ab4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 868f665d4c50ba1f5f85fb4afaa791f4 |
| SHA1 | 9120a6cde6e54c4262a37d9bf66b358d1fa66077 |
| SHA256 | 9558374b5f695e9f17c95bac9b9142af8e44af37a3a48510ca6dc747976669e4 |
| SHA512 | 0931ec2a09b96c93717d728243d6f035cf8cdaec3de40d34c7d802c1e395c2495bb3da0adae04bee30778ead3af0e84b6ff005ad630ddc4f17919c944e007337 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6154d974f85cd30f1c789c119414a64b |
| SHA1 | e371e85af5128afa3684efd83e2a161eea924be9 |
| SHA256 | 86b2387aa68a616639222e1f3c06f7e49482f5c0f3575682fa1781900f53f62e |
| SHA512 | 0e2a2dfc565137acb8f5821b6d040f1769f179df22aad344c789ce3e75ad65db3f9e4e89baa9adfbdd1e871d4d8b82c1918ced0550fd3b8b13d949b9b12935a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 673a559ee4f46d4d960d8d0dccbb2bae |
| SHA1 | 6b385e31c9a4a23578ce754f964291fd87f2bb61 |
| SHA256 | a6cdf186f8c79a8b5d254362b0d4afcf1f5abf82260e38307ddae1879327e11e |
| SHA512 | 5e8702216100b5c12968f643cc6d2a3db6a47fefb528398978617904d2b7222c3e2704b69d93609e6dfd5b3bd0683010c8606f96d9b3d46835457aed5e1ef50b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 16c4fd912d336fd4d89f886ee6f9fc8e |
| SHA1 | c7d754d02ff6be3b03180e5e612ed22691b0f7d9 |
| SHA256 | 9c39638800b51e92dc643bcee5dd55155519e60949adb548863c04ad0f7a8183 |
| SHA512 | bc6024abcecabb250df4ed6a628598ef6ec04bd3c2c83df157eb51727f091f4e921971df8cae442332efb4700ac9a9bb96e15d128209cda5717f1bb78ed454b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | dcd4501d92e40f2e281dafb24241d0d9 |
| SHA1 | 56efa7246bc10eb9a8054699e5c908202281da70 |
| SHA256 | 1c951bb1b8efafb858dfc1bfea44f562058a5df5bfdb08f4be1229e730e18147 |
| SHA512 | a1a925004634e1fd51d075cef388a980c229b578d83c5380b4afd495144881b9c74fed06fe675ff688688216e4b7752500f5ccf0e3ea174d5f5e6f98dff98e4d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 002dc2562346a18aa4772d393c2e02d5 |
| SHA1 | f045c288d542137cc04bf292432f3cad29bc6812 |
| SHA256 | f1de6504ae3bb5f841a4ae716009306dec3a891fec4a409d9696d71c34be2628 |
| SHA512 | 51b15220a6a820a48fe2547cecbc9b06a05b0fb396327a04d38359a57f2c224a045a815c83d28c6d5fdaf4dc085b35f77aa529bd18bd9e89f97f9588db6f8697 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ecf6162ef9a58ddbaa2be7d39f357f9f |
| SHA1 | 45f689e51082494345bb07be638c49ca8db6d9eb |
| SHA256 | 3c1f9b83379772b6e427eee7af3d9ffd83b6696837b20a1182b107ed2f5ce30e |
| SHA512 | 9d0b6607dc0dbe99bbc7e937b7b1ead7087fa75b9fb25295b11604946d2d7a933633aa6961800ea41a72aac515105786fa43cf588545d52822b241ac8517eed3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | bd5491967efc6f20bfab05031c2641ef |
| SHA1 | 48158093a6b9a2e2a27718f5c28228601f46f43f |
| SHA256 | 5993bcb7a0cf81453740ca8aa90549608af50cb7c3067febd1157704eef08fde |
| SHA512 | 70a719f1793da2f50e0da2ba34bc7bf504d9c8de7d6a6c9e549c82c88ae10e2992d66d375bfb723a957b25300626e94905a2b5e50729e56944f590c02b501c71 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 5f370f974bb63170b475485938c8bd81 |
| SHA1 | 21be94373e9d7fff8ca2c9f56095a86d4cb043e2 |
| SHA256 | a509ecc387854b4b6fc73932f62a1f22b667b9c11036aecfd90c9d72016517b3 |
| SHA512 | 119e5b7c4811eb32a64e38af27aee756f3a3afda27f393e16d51fc5c56ef5c7a6a31b4388ccfafb5532243fe06ae659ced3febd3b71a9cba9017f966960f4526 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e69160343beb28a8b05ee99bacd6ac73 |
| SHA1 | 9fceee9a48faccfcef6204510d5a0f89b176830a |
| SHA256 | 2f04c9e48b481545c058dd821849f3eb53f990667029c5c481f4406793878703 |
| SHA512 | fce5f70c964d37e646e93dc9f611c3ff65e28f1e1ff24886d54afa0f25dd14190a3b74c9e1501761f4db4166b5daaa32defd9cd38a180c3943ada9ecea703bbd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 290d699eef42dc55bba1e5224b7f44b4 |
| SHA1 | 551d7509bff11b069f1fd0b87cdad83f320936c1 |
| SHA256 | d67494b6c9bf6cd98a7976c99d6e4ca4d4f71a630c3e4c75783f5f366cacc669 |
| SHA512 | 127bc4201cf2228e986a84e965b6fec89b4f745f7953645717a3e3413d90c465ca83636715701c7905b4c16148e97ab5f194c2c201544edbb0856b2922fa6130 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 47c589d7daecdb2e254fcf64197b3f1c |
| SHA1 | 2ec521c1e8e4649d9ea98fce195b772c596b39ed |
| SHA256 | 9b9ebab7ce4443fae7329fa1faca5c327d653c7c9c4dc8c91528f8b0419ee2ef |
| SHA512 | 0c4500750b0d7d4dffcca4b0d128d1609e670435ccc57e187a18d3c64eb0804765f35afd797dec2f6d9457924a23c49ec7c0aa83182f14d221a4e885b06fc5d8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 99dff956bc50b3e8fe0a30072aecf7f2 |
| SHA1 | 800ecc2d02ab72f7c451b71ae0adff212a9f921d |
| SHA256 | 177dda91df2243c37358aa5ffb80b6ec6a4ffc7947ea9f4b9e4d02fb2e61e6a6 |
| SHA512 | 7f2af68f2ec8a1bcbd5d4939910e4fb996ce8937a7453b1d997c5e0cfafe50235c8baed0562eed888b6b157c8f01f421b773a72c220bf6896ddf0fff5565e9b7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 643285e04458e609d7829db399b41062 |
| SHA1 | 1caa20473a439db646fbf310f770d1329e55ca99 |
| SHA256 | b4d26d0892fbb16934accf75331053a670a4366790aa9ff8f691272e37dc64af |
| SHA512 | 308663794e80ee0501970959c13228135f0e3121eae4c03f5fe2d0453c4dee7ab71949c6c77a4b70e90c7e0350222ebf2c7bd7dc47129119721c3dfb966591a2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\mfuo34j5.default-release\cache2\entries\5B23235D54208C34AFF88FC6F18585FD8A8F8FAD
| MD5 | aafc6afdc489638d02ed4cfee527c392 |
| SHA1 | f68b01839c7cf5e393f6d8303d4fcfeed6970194 |
| SHA256 | e9e05e119db9ae1a145f2c85bc2528bfb776d855e28af31e86797f4931a640f1 |
| SHA512 | 3fa449aa407b137041949a387431f8cee1d66d81414c7426a6a4bafd8815d4342d8ede7cf3b935e12de846b1e376233dc61bfefd9f9c9f87c2b14597f979b990 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\mfuo34j5.default-release\cache2\entries\7D55F73D961C78D9EF6CAC8E40765073A3BDD7CF
| MD5 | 89c46eb72030f2263720b06320a51ead |
| SHA1 | fd8c553e7e124c9e48de4808bf0ccf7165160514 |
| SHA256 | 6e809eb937c2e6e2c8641c6e4e4460f2e8c55bade28b82e2928d70f55b5afc5a |
| SHA512 | 95ec4b977bfa421c552d158c1238360aa64ec7bb4b130eab67a8078881dd827da2a8dc7517a0ad43d9e1abfd98ee1b505a41e039f16e6e646903170f5a054606 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\mfuo34j5.default-release\cache2\entries\A28956283C96A06AB1F311D446882AA1B37CFEA8
| MD5 | 035e1b7a608a27053594ab92bc509cae |
| SHA1 | 84db74de96910cc9c7b63e1c42328420fbdd9049 |
| SHA256 | cd21c9d1c3a0213bf26877ffd31318292af6bc23d88df6917a34b7b5fe492444 |
| SHA512 | 6b6f64cdded860430537c7996ee0113e84ae36a40a403097824c5fc5d8794e1088833d0095281b25075d3f92f50727827a541ee27e567c6d30a48ae4211cd2d6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\mfuo34j5.default-release\cache2\entries\BE38EBDE0378FEA6189CD0DFD705EA972C71130D
| MD5 | 2484498eb9092e06ad695d9ec04dad3d |
| SHA1 | 1ae04f68f2de825084a7b1a8b99221373cf74d90 |
| SHA256 | 198d53c51ee23851da046f5635978dd2e6ae5b3ee84db9c2d3a4abfa486187a9 |
| SHA512 | 4a84ff4586bcd67db49bc78fb785daccc0de1396f921796027181a0804380cee7dba22fbe0fd4847c0f5800e12881a8aedbd3578b808c02466f3508cd49f67bc |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\datareporting\glean\events\events
| MD5 | b199fa4033fd0a6e74d1752b1fad8896 |
| SHA1 | 5c598e38af5cf9b631ff1531b74ba17be6b2ff90 |
| SHA256 | 8c3814f185fa785b7be431faf957d5b5278a7a9f55e12accdb3c3fc88f33b233 |
| SHA512 | fc5b1005c111352c592c1ab91c0302e88949176458e583d38b2b01801fb95642f1655177497f1f2ba25977566b7f340a0a35a0a4560c72e16133e8fc94c1eb6e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\storage\default\https+++www.youtube.com^partitionKey=%28https%2Cgoogle.com%29\idb\2232182701SeesravbiacteaWDosrgk.sqlite
| MD5 | daa230cf0db44b71718a1a4fb2dc2673 |
| SHA1 | 18f080757796f511c6962a4d6766b3e2e3e7a007 |
| SHA256 | 3bf22c38c9d28bc58a353192fb7484c0e08090fe8467d76cb652e845edd2b82f |
| SHA512 | 3d2d4a2a6d6b1513d94567eb0d8e27cdc448c2fa198aa1a7945e99767f11f52b017057474703df6803007d5092e377405e32defdd1d409a4a4c8671a5daeb985 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\mfuo34j5.default-release\cache2\entries\16FA58E424A93B65E58D276BFFF84962DE8018E8
| MD5 | f5b1f406143d7af2e94f8475fc037744 |
| SHA1 | 01a9b14c85cf3541cc3ba0b0829e297f1f550f33 |
| SHA256 | 0522a00686a937e4f877284cb42f1abd31fb52870ff889471ffff6a9f867c4bd |
| SHA512 | 6e9efc1d565fee8a5510ca0b7f6a6eb928e261dc69227f6db09fa4714efa6fcc3d9593ae8974738795a8f74988c41c20a889a1e1366416d31170608ddf280c20 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\mfuo34j5.default-release\cache2\entries\EDA553ADCC2D82F30977EF3868FCE6A29F703BEA
| MD5 | 1fee28a03a5a42304ee2f47be4095fbd |
| SHA1 | 4c1fc8f7109c3f63c93c37e11d4003894ef24b03 |
| SHA256 | 7ba9ddbfaad57fec4d2a01ee923675a3fccb5aa1a4bfb6330ad02c041120720c |
| SHA512 | 1b9cd9249ca72bf74fd390ee5ab6725c4cf13db455590eaea4fa948843a9f3870ad0253f4c6b72ad9eaa47b6c1f3f69c75caaed42e62ee104f3a2a3c3fb8ffbb |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\mfuo34j5.default-release\cache2\entries\34DE216029C2895FBF7D96F785A5EF8B07BDDAAC
| MD5 | 971ad408aafda16934344be8e36c0883 |
| SHA1 | bc48eac8ba066ce0c1239af0f5f933dd8ad04f83 |
| SHA256 | f6afb43a9e5a13d6bb611c17d256628014072670ba892a6d8e1ca79f40dbc603 |
| SHA512 | c334dc9933d614b4525ad7030571be95afe7969a4fe931fbdf2faf648435f3a2ab1325d7313aee639e5b0452b9a3ca3838636913d10384cc73c17d2aec3a670b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\mfuo34j5.default-release\cache2\entries\9AE79A927D2CF934BB19752D6BE9D1AB125BC167
| MD5 | 1efa0b1e5ab863d5777985ff30b2c9b4 |
| SHA1 | 123ee8285ac222eeefb93366da4c0b3e45a9d47f |
| SHA256 | 78460da398cf2d23c804edfbd870c9814f4630ebcf8da833b97b07be6242d967 |
| SHA512 | c90cfb368a31458e27dc2c03fd04edce8be1c044f8b4519e79d6fef7ab2a4d6e19b0f0c24066af528843eea8e3a95787d5fdf7f9f049729ecc0b9c71720b03c5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\mfuo34j5.default-release\cache2\entries\86AF72651CF6A9FBC3EC3B6DFED5C3C14853AE3B
| MD5 | 4e9dc7a1837257806dc31be3605bb915 |
| SHA1 | 36d1214cef0cd9d5100c620dbcee3854fdaebca8 |
| SHA256 | b250277d060dc51479b96fd0f140cd06b8c1789cf3f491c0585f70b7a30e497e |
| SHA512 | 96f717755e277237cb1cd8e745c00efdbcb9c68de7af3ee025297bda2943b0d619608f1c0279ef3a750c3627730776e68d47d63455a977afb0df6b86b223ea52 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\mfuo34j5.default-release\cache2\entries\D50A322C173FDD039A1C99247CDCF0FE9B80972B
| MD5 | 9a506194363a6ddc2c883a37292a3050 |
| SHA1 | 18feb2b91d488e1fa2e32a25af1646d29cbe3f62 |
| SHA256 | 01d192c8131b3f95d194c36103a392f70f358afb5f640882a497cf40ed5b3c00 |
| SHA512 | 1e42bcaeab242edccbafd5be374ed31d64a4d9aa5b6f7a3ed51e1ab285d12954f84b64bb3c35a3b82fd76e96130ab1c4fa8a9940716dae383e8540b563134af7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\sessionstore-backups\recovery.baklz4
| MD5 | afe902764d6d4f575a938ca36946b513 |
| SHA1 | 0628fb127e8c242fb8ff08f5469eb0e2a7f48659 |
| SHA256 | 2190bbd51c608927beace3fdefa03a4a185e77f0c186f020a8f9efa249aeac50 |
| SHA512 | 9612fb9432e6d8646e25e05262674ff3b60e156a49d96038bb324635eca265847cccb6dfee314b86fc756ca731875859469b86bcab1633e5dd983ab2dc3d0e1e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\storage\default\https+++www.googletagmanager.com^partitionKey=%28https%2C10bestvpn.co.uk%29\cache\morgue\38\{00d4d310-eec7-4782-b1fd-9e90627e1426}.final
| MD5 | 7fd116230491d5754c0b8b21d8aac3a4 |
| SHA1 | 505c970507e1ee607f55221d72dd3c8d5c34a006 |
| SHA256 | c7e87cc66882a9f33a088046f6bccf88d71b3c746c737cd922845e4f964ddc3a |
| SHA512 | 2d782cac56b3691bb4189b85a4f2882ab30a5d23eb71e5db4aa04f27d19956cedc246213fcf66c333ce86cdd57a808a1cbebba54f885bc2e85b601d02a9c943c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 9b4cc157ec3b483b390089d404e39494 |
| SHA1 | 05a1a99b0f91b86e877e9a8cc5ed49ee5b60e18d |
| SHA256 | 8da734c3370dbb241d3755fc200fbadde9c40443ebce5eb7c82d8ddea30ac8b7 |
| SHA512 | 9963629c666d4c8716ab74b137bc72e1d8434725eda4a0e81c2c4d3fba39b86d6353c10d182a994b7e15f2b0849176d7ad1a3637d2447d32d1c4c0929cc961e4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\serviceworker-1.txt
| MD5 | 35d7acff38d4178cdcfdedc34824bdc0 |
| SHA1 | ce2ac7903dc4ec9e5ccf98afc0385a25d6b868ab |
| SHA256 | 07e277863344073db580a719125b275773d5d686733a6580e0481f394f4cd12c |
| SHA512 | 4b863d4104f4eb9b2d4cbc4416cf22dd07e7471807c9fe60f97b24d9c983b4dd864e7c7935490ce3fa87ec2238ee57b3c0c908928b9442b35b139d1668007488 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\serviceworker.txt
| MD5 | 6adebbac14e6b06f6227082f9136d064 |
| SHA1 | 9b4c128e548e01465a38a40870b5f020696348ea |
| SHA256 | b7d9f9a5867a93d02033975a2b7c2925bf000c14cbc72c7e7eae5253e24d665d |
| SHA512 | b170912a90a07f521c24eb00a74aae2f954801ccdce9816a70daa49ac1d58fa4cb4263892b78a738babd0e5518b872049fdf1079683e524bc808c9465d89db19 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\mfuo34j5.default-release\cache2\entries\747F839A5D55C74E4C03BF3302EF9B7E15115DCD
| MD5 | d733042f49e649407a5b8488146d3d25 |
| SHA1 | 8f26de5ca8f85ac2d15d0675ca88680987a5f932 |
| SHA256 | 36ad525d77bddac643478a69ff3e9c32ec52e752e316fac87ca178b75053bbbd |
| SHA512 | 8c4e8b5d8a480a49b899f1297e0d75ca7e0d0b08661d417a7e02a356d282ea1c66f8eae063399a9514128848916766c8165c7ef0066d4175d36bb7a60af1111a |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | ab946987ee553d1ddd9285945bd5b987 |
| SHA1 | eee441a5638465cbc2513c04e429afcb164da2d7 |
| SHA256 | 46e84faf0a3d21ff8d5a020c7fd6fb8229c9a373cab7b8a5bd44c0f255459992 |
| SHA512 | 9fce0f3ed0ced4d4ecfa42896a2fa5894be984aea578238cabde7a866b9899c7eca6d8bc847c0be7fe95bbb9f62dbf363f3f3263a77f95d93b26162ca2f8cdf1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 793d0e4c255f50b2c91c976855c5a346 |
| SHA1 | d0a9e0fd3875bab87a2c2d77cb5fe10dbde16583 |
| SHA256 | 1dd605dc1269fe6fd86d44e512c16f0128d88004ef37cad04732e65ee87c5537 |
| SHA512 | 5291b66d3836ec0f07ff91ca8d2bd81699bc93bc837df390442f2499952d4d5c4896e693af8fdc703e652f453209decc535c5a1c0dbf147f54d5d33ebb7bdde2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\sessionstore-backups\recovery.baklz4
| MD5 | bb7984daeb0b7ae1e1f51d603abb3fb3 |
| SHA1 | 545171fddfbd9ae1de60cf4b4f9615e2366ae209 |
| SHA256 | dd9401e2e4ede941b51a8edb1d4a3146cecd2422e265f5501705912ae15d7bdd |
| SHA512 | 2ca5354e47bd6128c0ad496ab70749daa988b4bb13dd04d674516da0ad4adadc5e3e97e076298bfaa98f02cdf7b622acc931dba2c2a1f4419f796989564d5943 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\mfuo34j5.default-release\cache2\entries\4A2DAC658D0F319F388A52E8C7495E3D4D3D4658
| MD5 | e75999965d5a50afa4e3b20317065fa1 |
| SHA1 | fda734646c20a00abfbde443990f90ce56fd84f1 |
| SHA256 | 6035debf1d191a135a6b78fcfe825d7218df26a26fb9e317873a91d6d3e6bb2c |
| SHA512 | 397f32a16bc8977e2f1040bfbd3bfdfbd0e3100bfcd02a08b87b0f7d35cae88a31dd0c3fbff1109deadfa0ca4815652e51013ff182e3360abe79c8149ea7a639 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\sessionstore-backups\recovery.baklz4
| MD5 | c70fcd6ff67e2225a87bdecd155578e2 |
| SHA1 | d283ebbaa73244ce07abd1668adab18b085d4bab |
| SHA256 | e17c173c819c901a26dcdc73aaec695e16ae1a78316e96d6438f887275d25fe0 |
| SHA512 | fb6d955627f8f785e3d4050abf903c1da600105d6fffcc427708861e2cb6bb5269422ca1b90af2a75ce85a0c86fa0b188765d4a0d648aebdf668a2450d105214 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\mfuo34j5.default-release\cache2\entries\B7D6AF82AE33A55604CB025A40133A452D20340D
| MD5 | a445352cf2978e9742060d880859b0c2 |
| SHA1 | 1fe1c900d1774e2b758aecfd4a70e7d89e023e54 |
| SHA256 | 0d99e4c1befe2430c563190b8b2196e439c7a4c39e6464ca59fb1fb8ceb4faa2 |
| SHA512 | 37a030acce2bac271b14f9267c548d2343fbf61cd1c6f5d719018ae2bab98a17dfa1204e53b765cdbce3789155a6be6046ffbbe741676683d875b1f5004f8149 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\sessionstore-backups\recovery.baklz4
| MD5 | f373141a450c1b89fb6e6dff0b6f9634 |
| SHA1 | 29fced93122ab06c73ba85556f95b9ed937ca579 |
| SHA256 | 8165e984a4c317d64fc134aefde6d46c90f83fb85f1e9c0c9efa24f157814c3c |
| SHA512 | 9c96de115067414061beff4744d8b1a378cd5154aa01a142da6c4a33eedc86ebaa195a9c118f56b11ee4133007d8916e7c4817d8b25b1d6443b0197f315be5d8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\sessionstore-backups\recovery.baklz4
| MD5 | a4b10cc9aaed13c03a5bcdbdd82cdded |
| SHA1 | 0d4f2bbe3fc0f1a5d572710e53f5c56cc0a20b0b |
| SHA256 | 384d0ed8698356450dcfcce50c7971494bf17d89f869857acd972b7f97707c70 |
| SHA512 | 73345b16b67f9c78d1b57b0c18278ef955788f16ca0f3da133412cae8a24392c4fef8439e5c9f2d8d61a52b608225b9a1e4b7f9e5fa3a17972a248b84c82bffc |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | 2a148387f93bd0e664998c09c857ca50 |
| SHA1 | e74b28791df7f3e4b0ea467f1566001f17acf4f3 |
| SHA256 | 89f309e3cd4d3baf15c070edd8c83a04c2d0601fcf15556730b56973df682e3f |
| SHA512 | 899f748fe5d460a0bad9cc625ce0bf3d59502e6b6e29c552d98c58d820a44a1d0e3bcb701228b0eaf5bcda98ad3c5d40f4e6a1c66fee437ac78d78e9b052572c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\storage\default\https+++www.youtube.com^partitionKey=%28https%2Cgoogle.com%29\ls\usage
| MD5 | a4b57866747aa8bc0828ccb259689903 |
| SHA1 | b77c045f5580c81a6cd07a5e5d2271064aa52233 |
| SHA256 | 395c2160a5f25f4ebff4939482f032465544c7d1105b8f93b529552a1f8f7b88 |
| SHA512 | f5e9b04e525e1bb7a913c3e02504f98b1f860cbc487029075c668cfb560bcf85855d7e48ad19586368becbb6157872b70a083a40081c2c109314ccbe9e5825b0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 0a4f13b77e7cdd207b2cb90f0d4ef458 |
| SHA1 | 92e7a445966139398b102bd0985f5fa1e5617aef |
| SHA256 | b5a823fe3c57fcc82e514610fc6657bbedccfb5976056c1119d7cc621f2abedf |
| SHA512 | 9c3a7205474b6f26ffb3eb470f8702955832db9ba8f613f0887fda46e850fbdcc9b5c7fcb71764e079e68f04491e26dc637993607662e9d8401195becb60b40e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 2ee59533a741048a2e0f05c39819e12b |
| SHA1 | 906ceb76129808453d3873250ecd4decf2d2b4c7 |
| SHA256 | 6de930434312a2c38552a2613fd1bb2f1e05ca91ed21f4dc451a35873103499b |
| SHA512 | 808110896b904833a1a98a3ad5311191dd9d035a16b16a22c0a9f01dc48cf9eb65140365c40a3aff98eb49191cf81560490bad7006575dd978f41921be73355d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\mfuo34j5.default-release\cache2\entries\045F8290E9E820840827E8E9979195453B327749
| MD5 | c03ab75fdb979bd1412ee5691a00cab2 |
| SHA1 | d850a256891bebad239b7fd53b2002e8b3025624 |
| SHA256 | dbae24190f2736cda17d4e861170ec7392f214cfaab99e51f9ded664f2a6a179 |
| SHA512 | f8a32c40e5d6e461d459553206610ac8b3b5d7b52e5b60c8b430bba547dfcf921819a848b70cb6d923c1a7f10b00dd87740e2c3fad4b05f34473bd0b5f3f0e68 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 130c8a0ec4e0dd3e6e75c4f9e48b88ff |
| SHA1 | b92abf3ae103dd0e243f9afdc5c7ba1f4f29b264 |
| SHA256 | 64fe74fb867bcbb8bb4439ec313d8bcf0222e6d8041c8271583bb4648d13900d |
| SHA512 | 06cd7afa87d3c7463647f7aa6feaa90038bc1674b20600d75e057402af2e51e0d3aa9370e3a44d4600fa1c256a685246510b10e560d44b956e6d4e61dd1a181c |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 9958104d7433e729312ca6b2ad688572 |
| SHA1 | 5f5d4452e06239c260d69321df781772ffa02fc2 |
| SHA256 | 3df0d70a0b36b3aa2c8b7a99b727aa84e0c6d47bb8de702cab7066cb16fa8ee9 |
| SHA512 | a635f3d8ab80ff87efb860bd2b797212bcea34d3a077b60e65e3565abf2eab01ef41bf3cd1ba783f625fc73320f6cc13fcd8bbd914d6880b913b295bd911ac63 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\mfuo34j5.default-release\jumpListCache\W3RP57mc4MNcrNSjVqdn4Vixha_S5ey2HOfNiGkHC5A=.ico
| MD5 | 42ed60b3ba4df36716ca7633794b1735 |
| SHA1 | c33aa40eed3608369e964e22c935d640e38aa768 |
| SHA256 | 6574e6e55f56eca704a090bf08d0d4175a93a5353ea08f8722f7c985a39a52c8 |
| SHA512 | 4247460a97a43ce20d536fdd11d534b450b075c3c28cd69fc00c48bdf7de1507edb99bef811d4c61bed10f64e4c788ee4bdc58c7c72d3bd160b9b4bd696e3013 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 1361f0a20c1d8b29aee7bbb4cca04fc5 |
| SHA1 | 37918ce5b673ed8eb6ab37d9ca367658d525eb2e |
| SHA256 | 07e9a6206ea87168f652121e497b964da4b81818ac13ae9fa3e973de03af05bf |
| SHA512 | c8dc39573fe3bcadac507517f048c8f562cfce80bd55ef47cd10e4a948dfe4396444889800751788c570adbd800bec9ee7f2cb2a722197d1531033ae4e6ecf35 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\mfuo34j5.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 43a2fdedc6d13bddceb189db37d8fb5a |
| SHA1 | 292cc39f1a540ead15d3ab2dc874bdae91958885 |
| SHA256 | bfb1b974fd4695da1431e2c8332de5e3f137feb6a3b4a816acbd367c6dc8972e |
| SHA512 | 04fbf819a159559cc801fec13670fa86e325e0b67692986d51d03fa4115647fa9c0ee0a33c0d3abb79a17fbab3f56f48f538571a563850214ed2fb1588b9088e |