Analysis Overview
Threat Level: Known bad
The file https://www.bitdefender.com/nl-nl/consumer/free-antivirus was found to be: Known bad.
Malicious Activity Summary
Suspicious use of NtCreateProcessExOtherParentProcess
UAC bypass
Downloads MZ/PE file
Event Triggered Execution: Image File Execution Options Injection
Boot or Logon Autostart Execution: Active Setup
Executes dropped EXE
Checks computer location settings
A potential corporate email address has been identified in the URL: [email protected]
Loads dropped DLL
Event Triggered Execution: Component Object Model Hijacking
A potential corporate email address has been identified in the URL: 0E920C0F53DA9E9B0A490D45@AdobeOrg
Checks installed software on the system
Installs/modifies Browser Helper Object
Drops file in System32 directory
Checks system information in the registry
Drops file in Windows directory
Drops file in Program Files directory
Subvert Trust Controls: Mark-of-the-Web Bypass
Launches sc.exe
System Network Configuration Discovery: Internet Connection Discovery
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Modifies Internet Explorer settings
Opens file in notepad (likely ransom note)
Suspicious use of FindShellTrayWindow
Uses Task Scheduler COM API
Checks SCSI registry key(s)
Suspicious use of WriteProcessMemory
NTFS ADS
Suspicious behavior: GetForegroundWindowSpam
Runs net.exe
Suspicious use of AdjustPrivilegeToken
Checks processor information in registry
Suspicious behavior: EnumeratesProcesses
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Modifies registry class
Modifies data under HKEY_USERS
System policy modification
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-13 10:19
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-13 10:19
Reported
2024-11-13 10:56
Platform
win10ltsc2021-20241023-en
Max time kernel
2211s
Max time network
2044s
Command Line
Signatures
Suspicious use of NtCreateProcessExOtherParentProcess
| Description | Indicator | Process | Target |
| PID 1452 created 1532 | N/A | C:\Windows\system32\taskmgr.exe | C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-27-A235C832-B47F-4A81-9517-DF632965C84F\Installer.exe |
| PID 1452 created 1532 | N/A | C:\Windows\system32\taskmgr.exe | C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-27-A235C832-B47F-4A81-9517-DF632965C84F\Installer.exe |
UAC bypass
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA = "1" | C:\Windows\System32\sdiagnhost.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin = "5" | C:\Windows\System32\sdiagnhost.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\PromptOnSecureDesktop = "1" | C:\Windows\System32\sdiagnhost.exe | N/A |
Boot or Logon Autostart Execution: Active Setup
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\130.0.2849.80\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
Downloads MZ/PE file
Event Triggered Execution: Image File Execution Options Injection
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EU38E8.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EUCAFF.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EUCAFF.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EU38E8.tmp\MicrosoftEdgeUpdate.exe | N/A |
A potential corporate email address has been identified in the URL: 0E920C0F53DA9E9B0A490D45@AdobeOrg
A potential corporate email address has been identified in the URL: [email protected]
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-1361837696-2276465416-1936241636-1000\Control Panel\International\Geo\Nation | C:\Windows\TEMP\bd_9CCC.tmp\alh9CCD.tmp | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1361837696-2276465416-1936241636-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\bitdefender_avfree.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1361837696-2276465416-1936241636-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\RarSFX0\agent_launcher.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1361837696-2276465416-1936241636-1000\Control Panel\International\Geo\Nation | C:\Windows\TEMP\bd_2C75.tmp\pbn2C76.tmp | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1361837696-2276465416-1936241636-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\bitdefender_avfree.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1361837696-2276465416-1936241636-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\RarSFX0\agent_launcher.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Checks installed software on the system
Installs/modifies Browser Helper Object
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EUCAFF.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EUCAFF.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EU38E8.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EU38E8.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8EC9B1D0ABBD7F98B401D425828828CE_8A3EB3B0E837053838683939C2047254 | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8EC9B1D0ABBD7F98B401D425828828CE_8A3EB3B0E837053838683939C2047254 | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E534EE129F27D55460CE17FD628216_1130D9B25898B0DB0D4F04DC5B93F141 | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E534EE129F27D55460CE17FD628216_1130D9B25898B0DB0D4F04DC5B93F141 | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Microsoft\Temp\EUCAFF.tmp\msedgeupdateres_kn.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2EEB5FFC-777D-4025-B71A-3933FFE90062}\MicrosoftEdgeUpdateSetup_X86_1.3.195.35.exe | N/A |
| File created | C:\Program Files\Bitdefender Agent\27.0.1.287_0\lang\ko-KR\productagentui.txtui | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\Locales\gl.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\Trust Protection Lists\Mu\Entities | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\Locales\mr.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\edge_feedback\mf_trace.wprp | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EUCAFF.tmp\msedgeupdateres_sq.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2EEB5FFC-777D-4025-B71A-3933FFE90062}\MicrosoftEdgeUpdateSetup_X86_1.3.195.35.exe | N/A |
| File created | C:\Program Files\Bitdefender Agent\27.0.1.287\installer\bdnc.dll | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\Locales\sk.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files\Bitdefender Agent\27.0.1.287\skin\images\b-icon.svg | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\identity_proxy\win11\identity_helper.Sparse.Internal.msix | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files\Bitdefender Agent\27.0.1.287_0\bdnc.client_id | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File opened for modification | C:\Program Files\Bitdefender Agent\27.0.1.287_0\lang\ko-KR\productagentui.txtui | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File created | C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-27-A235C832-B47F-4A81-9517-DF632965C84F\additional.dll | C:\Users\Admin\AppData\Local\Temp\RarSFX0\installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.80\Locales\sk.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| File created | C:\Program Files\Bitdefender Agent\27.0.1.287\skin\images_2\common\bitdefender_logo.svg | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File created | C:\Program Files\Bitdefender Agent\27.0.1.287_0\lang\pt-PT\productagentui.txtui | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File opened for modification | C:\Program Files\Bitdefender Agent\27.0.1.287_0\lang\sv-SE | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File created | C:\Program Files\Bitdefender Agent\27.0.1.287_0\settings\UPNPService.xml | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\Locales\en-US.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\Locales\kok.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\identity_proxy\canary.identity_helper.exe.manifest | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| File created | C:\Program Files\Bitdefender Agent\27.0.1.287\lang\tr-TR\productagentui.txtui | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\EBWebView\x64\EmbeddedBrowserWebView.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\Locales\sr.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe | N/A |
| File created | C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-27-A235C832-B47F-4A81-9517-DF632965C84F\unrar.dll | C:\Users\Admin\AppData\Local\Temp\RarSFX0\installer.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU38E8.tmp\MicrosoftEdgeComRegisterShellARM64.exe | C:\Windows\TEMP\bd_2F94.tmp\xrf2F95.tmp | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\Locales\it.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe | N/A |
| File created | C:\Program Files\Bitdefender Agent\27.0.1.287_0\installer\lang\ja-JP.txtui | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File created | C:\Program Files\Bitdefender Agent\27.0.1.287\x64\bdnc.client_id | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File created | C:\Program Files\Bitdefender Agent\redline\bdec.dll | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\Locales\lt.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files\Bitdefender Agent\27.0.1.287_0\skin\images\btn-minimize-w.svg | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\mip_core.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe | N/A |
| File created | C:\Program Files\Bitdefender Agent\27.0.1.287_0\installer\lang\fr-FR.txtui | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File created | C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-27-D410C992-1EE6-42D1-A3A0-0DE2E1DE1F61\sciter.dll | C:\Users\Admin\AppData\Local\Temp\RarSFX0\installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\Locales\hr.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe | N/A |
| File created | C:\Program Files\Bitdefender Agent\27.0.1.287_0\skin\images\load_big.png | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File created | C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-27-A235C832-B47F-4A81-9517-DF632965C84F\lang\nl-NL.txtui | C:\Users\Admin\AppData\Local\Temp\RarSFX0\installer.exe | N/A |
| File created | C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-27-A235C832-B47F-4A81-9517-DF632965C84F\lang\es-ES.txtui | C:\Users\Admin\AppData\Local\Temp\RarSFX0\installer.exe | N/A |
| File created | C:\Program Files\Bitdefender Agent\27.0.1.287_0\bdreinit.exe | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File opened for modification | C:\Program Files\Bitdefender Agent\27.0.1.287\lang\it-IT | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File created | C:\Program Files\Bitdefender Agent\ProductAgentDP.dll | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\Locales\as.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\Locales\ca-Es-VALENCIA.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\Trust Protection Lists\Sigma\Cryptomining | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\Locales\kk.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\edge_game_assist\EdgeGameAssist.msix | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files\Bitdefender Agent\27.0.1.287_0\skin\images\loader.svg | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File opened for modification | C:\Program Files\Bitdefender Agent\27.0.1.287_0\skin\images_2\common\close_hover.svg | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File opened for modification | C:\Program Files\Bitdefender Agent\27.0.1.287\BitdefenderLogin.exe | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File opened for modification | C:\Program Files\Bitdefender Agent\27.0.1.287\lang\tr-TR | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File created | C:\Program Files\Bitdefender Agent\27.0.1.287\installer\agentpackage.exe | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File opened for modification | C:\Program Files\Bitdefender Agent\27.0.1.287_0\bdch.dll | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File opened for modification | C:\Program Files\Bitdefender Agent\27.0.1.287_0\ui | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\Locales\nb.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-27-D410C992-1EE6-42D1-A3A0-0DE2E1DE1F61\bdch.json | C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-27-D410C992-1EE6-42D1-A3A0-0DE2E1DE1F61\Installer.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\VisualElements\Logo.png | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe | N/A |
| File created | C:\Program Files\Bitdefender Agent\27.0.1.287_0\bootstrap_token.conf | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File opened for modification | C:\Program Files\Bitdefender Agent\27.0.1.287_0\FixSfp32.exe | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File created | C:\Program Files\Bitdefender Agent\27.0.1.287_0\settings\ProductAgent.json.md5 | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File opened for modification | C:\Program Files\Bitdefender Agent\27.0.1.287\skin\images\btn-minimize-w.svg | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\Trust Protection Lists\Mu\Content | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files\Bitdefender Agent\27.0.1.287_0\skin\images\minimize_hover.svg | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
Drops file in Windows directory
Launches sc.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\sc.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\bitdefender_avfree.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\bitdefender_avfree.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Bitdefender Agent\27.0.1.287\DiscoverySrv.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\TEMP\bd_9CCC.tmp\alh9CCD.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\Temp\EU38E8.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\RarSFX0\bddeploy.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Bitdefender Agent\27.0.1.287_0\WatchDog.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\bitdefender_avfree.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Bitdefender Agent\redline\bdredline.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Bitdefender Agent\ProductAgentUI.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Bitdefender Agent\27.0.1.287_0\WatchDog.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Bitdefender Agent\redline\bdredline.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Bitdefender Agent\27.0.1.287\ProductAgentUI.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\TEMP\bd_2C75.tmp\pbn2C76.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Bitdefender Agent\redline\bdredline.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\setuppackage.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\TEMP\bd_2F94.tmp\xrf2F95.tmp | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Bitdefender Agent\27.0.1.287\WatchDog.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\RarSFX0\bddeploy.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Bitdefender Agent\27.0.1.287_0\DiscoverySrv.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Bitdefender Agent\27.0.1.287\DiscoverySrv.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\Temp\EUCAFF.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\RarSFX0\agent_launcher.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\setuppackage.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Bitdefender Agent\27.0.1.287_0\ProductAgentUI.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\RarSFX0\agent_launcher.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Bitdefender Agent\27.0.1.287_0\ProductAgentService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Bitdefender Agent\27.0.1.287_0\DiscoverySrv.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2EEB5FFC-777D-4025-B71A-3933FFE90062}\MicrosoftEdgeUpdateSetup_X86_1.3.195.35.exe | N/A |
System Network Configuration Discovery: Internet Connection Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\130.0.2849.80\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\130.0.2849.80\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files\Bitdefender Agent\27.0.1.287\DiscoverySrv.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files\Bitdefender Agent\27.0.1.287\DiscoverySrv.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files\Bitdefender Agent\27.0.1.287\ProductAgentUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files\Bitdefender Agent\27.0.1.287_0\DiscoverySrv.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files\Bitdefender Agent\27.0.1.287\DiscoverySrv.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\ROOT | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files\Bitdefender Agent\27.0.1.287_0\ProductAgentUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files\Bitdefender Agent\27.0.1.287\DiscoverySrv.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files\Bitdefender Agent\27.0.1.287_0\DiscoverySrv.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files\Bitdefender Agent\27.0.1.287_0\DiscoverySrv.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files\Bitdefender Agent\27.0.1.287_0\DiscoverySrv.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge\InstallerPinned = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files\Bitdefender Agent\27.0.1.287\DiscoverySrv.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files\Bitdefender Agent\27.0.1.287_0\ProductAgentUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files\Bitdefender Agent\27.0.1.287_0\WatchDog.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files\Bitdefender Agent\27.0.1.287\DiscoverySrv.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files\Bitdefender Agent\27.0.1.287\DiscoverySrv.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files\Bitdefender Agent\27.0.1.287_0\ProductAgentUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files\Bitdefender Agent\27.0.1.287_0\DiscoverySrv.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files\Bitdefender Agent\27.0.1.287_0\ProductAgentUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files\Bitdefender Agent\27.0.1.287\ProductAgentUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files\Bitdefender Agent\27.0.1.287_0\DiscoverySrv.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files\Bitdefender Agent\27.0.1.287_0\DiscoverySrv.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files\Bitdefender Agent\27.0.1.287_0\ProductAgentUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files\Bitdefender Agent\27.0.1.287\WatchDog.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files\Bitdefender Agent\27.0.1.287_0\DiscoverySrv.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files\Bitdefender Agent\27.0.1.287\WatchDog.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files\Bitdefender Agent\27.0.1.287_0\WatchDog.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files\Bitdefender Agent\27.0.1.287\ProductAgentUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files\Bitdefender Agent\27.0.1.287_0\ProductAgentUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files\Bitdefender Agent\27.0.1.287_0\WatchDog.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files\Bitdefender Agent\27.0.1.287\DiscoverySrv.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files\Bitdefender Agent\27.0.1.287\WatchDog.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files\Bitdefender Agent\27.0.1.287_0\DiscoverySrv.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files\Bitdefender Agent\ProductAgentService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files\Bitdefender Agent\27.0.1.287_0\ProductAgentUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files\Bitdefender Agent\27.0.1.287\DiscoverySrv.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files\Bitdefender Agent\27.0.1.287\WatchDog.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files\Bitdefender Agent\27.0.1.287_0\DiscoverySrv.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\ProgID\ = "MicrosoftEdgeUpdate.Update3WebMachineFallback.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ = "IAppBundleWeb" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\AppID = "{A6B716CB-028B-404D-B72C-50E153DD68DA}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ = "ICoCreateAsync" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\VersionIndependentProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebSvc.1.0\CLSID\ = "{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ = "IAppVersion" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1AFD8852-E87E-49F5-89B4-4214D0854576}\InprocHandler32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.195.35\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ = "IPolicyStatus2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ = "IBrowserHttpRequest2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ = "IJobObserver" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\Elevation | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32\ = "{3316A154-AC5C-4126-9021-B201E9C33D7B}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\130.0.2849.80\\BHO\\ie_to_edge_bho_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32\ = "{35725228-BF11-429E-B5B8-ED0F2BCABF82}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ = "IAppCommand2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED}\VERSIONINDEPENDENTPROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\NumMethods\ = "41" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32\ = "{35725228-BF11-429E-B5B8-ED0F2BCABF82}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ = "IJobObserver" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebSvc\CLSID\ = "{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\LOCALSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{753FDF26-44A2-47B5-B65E-2E207BD5BC0C}\TypeLib\ = "{D19631EE-4E47-4BA9-BA2E-C5FF909E2C61}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1361837696-2276465416-1936241636-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32\ = "{35725228-BF11-429E-B5B8-ED0F2BCABF82}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32\ = "{3316A154-AC5C-4126-9021-B201E9C33D7B}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32\ = "{3316A154-AC5C-4126-9021-B201E9C33D7B}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Interface | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32\ = "{35725228-BF11-429E-B5B8-ED0F2BCABF82}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\ELEVATION | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\LocalService = "edgeupdate" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32\ = "{3316A154-AC5C-4126-9021-B201E9C33D7B}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1361837696-2276465416-1936241636-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257" | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods\ = "5" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\PROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ = "IProcessLauncher" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.ProcessLauncher\ = "Microsoft Edge Update Process Launcher Class" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\PROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\DisplayName = "PDF Preview Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ = "ICoCreateAsyncStatus" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\VERSIONINDEPENDENTPROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\Elevation | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\bitdefender_avfree.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\MSIXPackagingtoolv1.2024.405.0.msixbundle:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Runs net.exe
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
System policy modification
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe | N/A |
Uses Task Scheduler COM API
Processes
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://www.bitdefender.com/nl-nl/consumer/free-antivirus"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url https://www.bitdefender.com/nl-nl/consumer/free-antivirus
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2012 -parentBuildID 20240401114208 -prefsHandle 1928 -prefMapHandle 1920 -prefsLen 23681 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8cff855a-b878-4bc0-98c8-d612e4fe9dbf} 2292 "\\.\pipe\gecko-crash-server-pipe.2292" gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2464 -parentBuildID 20240401114208 -prefsHandle 2432 -prefMapHandle 2428 -prefsLen 24601 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b5d7de03-2781-4d37-81e8-75f344094455} 2292 "\\.\pipe\gecko-crash-server-pipe.2292" socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3024 -childID 1 -isForBrowser -prefsHandle 3016 -prefMapHandle 3012 -prefsLen 22652 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ef18cc80-0a58-4c42-98b2-38833a52dcf5} 2292 "\\.\pipe\gecko-crash-server-pipe.2292" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3660 -childID 2 -isForBrowser -prefsHandle 3652 -prefMapHandle 2776 -prefsLen 29091 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2b01bc4c-1bef-4c86-8ed3-992e7d5b79d5} 2292 "\\.\pipe\gecko-crash-server-pipe.2292" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4804 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4768 -prefMapHandle 4756 -prefsLen 29091 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1b233789-b107-4592-b8e3-d28ee3cdd73a} 2292 "\\.\pipe\gecko-crash-server-pipe.2292" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5384 -childID 3 -isForBrowser -prefsHandle 5376 -prefMapHandle 5368 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {91cb0c4f-815d-45a8-acc8-b3d4cd1ef92b} 2292 "\\.\pipe\gecko-crash-server-pipe.2292" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5532 -childID 4 -isForBrowser -prefsHandle 5540 -prefMapHandle 5296 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7fcc06e4-6e3d-42ad-8151-3c767622af4b} 2292 "\\.\pipe\gecko-crash-server-pipe.2292" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5804 -childID 5 -isForBrowser -prefsHandle 5724 -prefMapHandle 5728 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {521c66ef-12fb-4f5f-a8a5-0e6ddea61990} 2292 "\\.\pipe\gecko-crash-server-pipe.2292" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6136 -childID 6 -isForBrowser -prefsHandle 6120 -prefMapHandle 6132 -prefsLen 27174 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e5e313f9-c547-40c2-941a-580135979331} 2292 "\\.\pipe\gecko-crash-server-pipe.2292" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6712 -childID 7 -isForBrowser -prefsHandle 6380 -prefMapHandle 6876 -prefsLen 27224 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {295c78d1-04b5-4e6c-a702-5383215da2e2} 2292 "\\.\pipe\gecko-crash-server-pipe.2292" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7016 -childID 8 -isForBrowser -prefsHandle 7100 -prefMapHandle 7096 -prefsLen 27224 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {79a8267e-6970-4aa5-8756-e44404316bc3} 2292 "\\.\pipe\gecko-crash-server-pipe.2292" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7056 -childID 9 -isForBrowser -prefsHandle 7208 -prefMapHandle 6668 -prefsLen 27224 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e7c02aba-5280-4ed4-8bfa-e0af59984839} 2292 "\\.\pipe\gecko-crash-server-pipe.2292" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7504 -childID 10 -isForBrowser -prefsHandle 7212 -prefMapHandle 7244 -prefsLen 27224 -prefMapSize 244658 -jsInitHandle 1260 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {78477673-367b-4691-a46b-3083e28b2a5f} 2292 "\\.\pipe\gecko-crash-server-pipe.2292" tab
C:\Users\Admin\Downloads\bitdefender_avfree.exe
"C:\Users\Admin\Downloads\bitdefender_avfree.exe"
C:\Users\Admin\AppData\Local\Temp\RarSFX0\agent_launcher.exe
"C:\Users\Admin\AppData\Local\Temp\RarSFX0\agent_launcher.exe"
C:\Users\Admin\AppData\Local\Temp\RarSFX0\bddeploy.exe
"C:\Users\Admin\AppData\Local\Temp\RarSFX0\bddeploy.exe"
C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\setuppackage.exe
"C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\setuppackage.exe"
C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe
"C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe"
C:\Program Files\Bitdefender Agent\ProductAgentService.exe
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe" protect
C:\Program Files\Bitdefender Agent\redline\bdredline.exe
"C:\Program Files\Bitdefender Agent\redline\bdredline.exe"
C:\Program Files\Bitdefender Agent\ProductAgentService.exe
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe" install
C:\Program Files\Bitdefender Agent\ProductAgentService.exe
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe" enable
C:\Program Files\Bitdefender Agent\ProductAgentService.exe
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe" start "C:\Users\Admin\Downloads\bitdefender_avfree.exe"
C:\Program Files\Bitdefender Agent\ProductAgentService.exe
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe"
C:\Program Files\Bitdefender Agent\27.0.1.287\DiscoverySrv.exe
"C:\Program Files\Bitdefender Agent\27.0.1.287\DiscoverySrv.exe" install
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Program Files\Bitdefender Agent\27.0.1.287\DiscoveryComp.dll"
C:\Program Files\Bitdefender Agent\27.0.1.287\DiscoverySrv.exe
"C:\Program Files\Bitdefender Agent\27.0.1.287\DiscoverySrv.exe"
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s upnphost
C:\Program Files\Bitdefender Agent\27.0.1.287\ProductAgentUI.exe
"C:\Program Files\Bitdefender Agent\27.0.1.287\ProductAgentUI.exe" show=progress event_retry=Global\7295237F-E98C-4C46-A4A4-07F0D66278C2 app_name="Bitdefender Security"
C:\Windows\TEMP\bd_2F94.tmp\xrf2F95.tmp
"C:\Windows\TEMP\bd_2F94.tmp\xrf2F95.tmp" /silent /install
C:\Program Files (x86)\Microsoft\Temp\EU38E8.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EU38E8.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMzEiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuMzEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NUY1NzMzMzUtMDdFOS00NTIyLUJCREUtQjZGRTAyMEM0MTI5fSIgdXNlcmlkPSJ7QTNCMTI1NTQtODE2RS00QkEwLUJFRDctQzM3RjBGRjQ2REMzfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntFMjRBODFFQy1GQTkyLTRERjEtOENGNi0wM0FERERFMTc4N0Z9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQ0LjQ1MjkiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSIxMjUiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O1ZQUW9QMUYrZnExNXdSemgxa1BMNFBNcFdoOE9STUI1aXp2ck9DL2NoalE9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xOTUuMjUiIG5leHR2ZXJzaW9uPSIxLjMuMTk1LjMxIiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1ODQ0NzY5MTQ5IiBpbnN0YWxsX3RpbWVfbXM9IjczMyIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{5F573335-07E9-4522-BBDE-B6FE020C4129}" /silent
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMzEiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuMzEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NUY1NzMzMzUtMDdFOS00NTIyLUJCREUtQjZGRTAyMEM0MTI5fSIgdXNlcmlkPSJ7QTNCMTI1NTQtODE2RS00QkEwLUJFRDctQzM3RjBGRjQ2REMzfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7MUREMjVFQjAtRkU0Qy00MUFBLThBQ0QtNjk4MzRFQzU5MDk4fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0NC40NTI5IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iMTI1IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9Ins4QTY5RDM0NS1ENTY0LTQ2M2MtQUZGMS1BNjlEOUU1MzBGOTZ9IiB2ZXJzaW9uPSIxMjMuMC42MzEyLjEyMyIgbmV4dHZlcnNpb249IiIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMjAiIGluc3RhbGxkYXRldGltZT0iMTcyOTY5NDEyOCIgb29iZV9pbnN0YWxsX3RpbWU9IjEzMzc0MTY2NzExNTgyMDAwMCI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjIxNzk4NjIiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU4NDg3NDQ3NDciLz48L2FwcD48L3JlcXVlc3Q-
C:\Windows\TEMP\bd_2C75.tmp\pbn2C76.tmp
"C:\Windows\TEMP\bd_2C75.tmp\pbn2C76.tmp" /source:web /attach
C:\Users\Admin\AppData\Local\Temp\RarSFX0\installer.exe
"C:\Users\Admin\AppData\Local\Temp\RarSFX0\installer.exe" /kitArchive
C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-27-D410C992-1EE6-42D1-A3A0-0DE2E1DE1F61\Installer.exe
"C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-27-D410C992-1EE6-42D1-A3A0-0DE2E1DE1F61\Installer.exe" /attach /source:web /setup-folder:"CL-27-D410C992-1EE6-42D1-A3A0-0DE2E1DE1F61" /step=new_install
C:\Windows\system32\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\MicrosoftEdge_X64_130.0.2849.80.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\MicrosoftEdge_X64_130.0.2849.80.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\MicrosoftEdge_X64_130.0.2849.80.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=130.0.6723.117 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5753454B-F1EF-49C6-B3FB-779530C50004}\EDGEMITMP_EE5DB.tmp\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=130.0.2849.80 --initial-client-data=0x248,0x24c,0x250,0x224,0x254,0x7ff7257bd730,0x7ff7257bd73c,0x7ff7257bd748
C:\Windows\system32\msiexec.exe
msiexec
C:\Program Files\Bitdefender Agent\27.0.1.287\WatchDog.exe
"C:\Program Files\Bitdefender Agent\27.0.1.287\WatchDog.exe" install
C:\Windows\system32\msiexec.exe
msiexec /quiet bitdefender_avfree.exe
C:\Windows\explorer.exe
explorer.exe
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMzEiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuMzEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NUY1NzMzMzUtMDdFOS00NTIyLUJCREUtQjZGRTAyMEM0MTI5fSIgdXNlcmlkPSJ7QTNCMTI1NTQtODE2RS00QkEwLUJFRDctQzM3RjBGRjQ2REMzfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntGRTY2QzRFNC0wNzM5LTQwNDMtQUNGQi1BRjU5N0RGQUZBMDN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQ0LjQ1MjkiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSIxMjUiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O2RsNHhKM2NKU1RNRHVuM0pkTC80WnhHOWpKTEJuQ1Z2K3NMZkhWNnVTWTQ9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjEzMC4wLjI4NDkuODAiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU4NjU0NDk3NTgiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1ODY1NTMxNTE0IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjg5MDcxOTgyMSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmYudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvMjdjYjcyOWQtZmY5NC00ZDM0LWFhZTQtMzM4NWZhMDljNDRjP1AxPTE3MzIwOTgwNjAmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9S1Q2R21mSTQ0WnoxYUJ6NFRIQ0phbmtJM3B3M2kxUTExaDZPU1JnQ1J4YU9oeWtOd0V4eHZwTmJTOXp4T0JIcUdlSTVTJTJiQnk5YmN5diUyZkl0ejhJRiUyYlElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNzUwNzY5MjAiIHRvdGFsPSIxNzUwNzY5MjAiIGRvd25sb2FkX3RpbWVfbXM9Ijk1Mjg1Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjg5MDg0NDgxOCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjY5MDc1OTA2OTIiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc0OTc3NTgxOTIiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIxMDQ5IiBkb3dubG9hZF90aW1lX21zPSIxMDI1MTgiIGRvd25sb2FkZWQ9IjE3NTA3NjkyMCIgdG90YWw9IjE3NTA3NjkyMCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iNTkwMTciLz48L2FwcD48L3JlcXVlc3Q-
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\mybash.sh
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Windows\system32\msiexec.exe
msiexec /quiet bitdefender_avfree.exe
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\system32\msiexec.exe
msiexec /quiet bitdefender_avfree.exe
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Windows\system32\msiexec.exe
msiexec /i bitdefender_avfree.exe /quiet
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Program Files\Bitdefender Agent\redline\bdredline.exe
"C:\Program Files\Bitdefender Agent\redline\bdredline.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2EEB5FFC-777D-4025-B71A-3933FFE90062}\MicrosoftEdgeUpdateSetup_X86_1.3.195.35.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2EEB5FFC-777D-4025-B71A-3933FFE90062}\MicrosoftEdgeUpdateSetup_X86_1.3.195.35.exe" /update /sessionid "{66DE606F-B09F-42AD-854E-DE4B16AF7E9E}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMzEiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuMzEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NjZERTYwNkYtQjA5Ri00MkFELTg1NEUtREU0QjE2QUY3RTlFfSIgdXNlcmlkPSJ7QTNCMTI1NTQtODE2RS00QkEwLUJFRDctQzM3RjBGRjQ2REMzfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntFNDcyODIxMC05RTBFLTQzRjktQjIxQi0xNEI0MDJGQTE0MzF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQ0LjQ1MjkiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSIxMjUiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O1ZQUW9QMUYrZnExNXdSemgxa1BMNFBNcFdoOE9STUI1aXp2ck9DL2NoalE9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xOTUuMzEiIG5leHR2ZXJzaW9uPSIxLjMuMTk1LjM1IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9IklzT25JbnRlcnZhbENvbW1hbmRzQWxsb3dlZD0lNUIlMjItdGFyZ2V0X2RldiUyMC1taW5fYnJvd3Nlcl92ZXJzaW9uX2NhbmFyeV9kZXYlMjAxMzEuMC4yODcxLjAlMjIlNUQiIGluc3RhbGxhZ2U9IjIwIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjEyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5MjQ1NTI0MTIzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjkyNDU2ODAwODUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijk0NzU3MjY5OTYiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImRvIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy82OGQ1NzdhMC0xZjRhLTQzNGYtYmRjZS0xNDhlZGMxZTRhNDA_UDE9MTczMjA5ODM5OCZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1PV2hLNXglMmJ2OTJZZ0tMUld3Z3RRbzZKSndlV3NoZTFIdWs2N3laNG5MN3h5QVZ5Mks1UVBaczZBSnMxbEVZNWVMRjgzUGRJd050aUtqM25PaEpFR0NnJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTQ3NTcyNjk5NiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNjhkNTc3YTAtMWY0YS00MzRmLWJkY2UtMTQ4ZWRjMWU0YTQwP1AxPTE3MzIwOTgzOTgmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9T1doSzV4JTJidjkyWWdLTFJXd2d0UW82Skp3ZVdzaGUxSHVrNjd5WjRuTDd4eUFWeTJLNVFQWnM2QUpzMWxFWTVlTEY4M1BkSXdOdGlLajNuT2hKRUdDZyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE2MzU5MjAiIHRvdGFsPSIxNjM1OTIwIiBkb3dubG9hZF90aW1lX21zPSIxODY2MSIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5NDc1NzI2OTk2IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijk0ODEwMzk5NTAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48cGluZyByPSIyMSIgcmQ9IjY1MDUiIHBpbmdfZnJlc2huZXNzPSJ7NEU2NTFDMDYtRDVGMC00MDUyLTg2ODctRDBENEEwNjM4NkRGfSIvPjwvYXBwPjxhcHAgYXBwaWQ9Ins1NkVCMThGOC1CMDA4LTRDQkQtQjZEMi04Qzk3RkU3RTkwNjJ9IiB2ZXJzaW9uPSI5Mi4wLjkwMi42NyIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSIyMCI-PHVwZGF0ZWNoZWNrLz48cGluZyBhY3RpdmU9IjEiIGE9Ii0xIiByPSIyMSIgYWQ9Ii0xIiByZD0iNjUwNSIgcGluZ19mcmVzaG5lc3M9IntCMzI3QzQ1Mi1BMkJELTQwOTgtQjU5MC05MUYzODk5MjE3RUR9Ii8-PC9hcHA-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IjEzMC4wLjI4NDkuODAiIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZT0iNjUyNCI-PHVwZGF0ZWNoZWNrLz48cGluZyByPSItMSIgcmQ9Ii0xIiBwaW5nX2ZyZXNobmVzcz0ie0RCMkRGMjVGLTI0NEMtNEY2OS1CNjNFLTU1OTczRkNFMEE5MH0iLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Microsoft\Temp\EUCAFF.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EUCAFF.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{66DE606F-B09F-42AD-854E-DE4B16AF7E9E}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMzUiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuMzEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NjZERTYwNkYtQjA5Ri00MkFELTg1NEUtREU0QjE2QUY3RTlFfSIgdXNlcmlkPSJ7QTNCMTI1NTQtODE2RS00QkEwLUJFRDctQzM3RjBGRjQ2REMzfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7Rjk5QkEyQUMtM0I5Qy00MEIwLTg0QUQtMjlBN0JGMTBCODQwfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0NC40NTI5IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iMTI1IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtkbDR4SjNjSlNUTUR1bjNKZEwvNFp4RzlqSkxCbkNWditzTGZIVjZ1U1k0PSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTk1LjMxIiBuZXh0dmVyc2lvbj0iMS4zLjE5NS4zNSIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjIwIiBpbnN0YWxsZGF0ZXRpbWU9IjE3Mjk3MTc2NTUiPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijk0OTU1NzExOTIiLz48L2FwcD48L3JlcXVlc3Q-
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\system32\msiexec.exe
msiexec /ij bitdefender_avfree.exe /quiet
C:\Windows\system32\msiexec.exe
msiexec /j bitdefender_avfree.exe /quiet
C:\Windows\system32\msiexec.exe
msiexec /i bitdefender_avfree.exe /quiet
C:\Users\Admin\Downloads\bitdefender_avfree.exe
bitdefender_avfree.exe /s /x /b C:\Users\Admin\Downloads /v /qn
C:\Users\Admin\AppData\Local\Temp\RarSFX0\agent_launcher.exe
"C:\Users\Admin\AppData\Local\Temp\RarSFX0\agent_launcher.exe"
C:\Users\Admin\AppData\Local\Temp\RarSFX0\bddeploy.exe
"C:\Users\Admin\AppData\Local\Temp\RarSFX0\bddeploy.exe"
C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\setuppackage.exe
"C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\setuppackage.exe"
C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe
"C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe"
C:\Program Files\Bitdefender Agent\27.0.1.287_0\ProductAgentService.exe
"C:\Program Files\Bitdefender Agent\27.0.1.287_0\ProductAgentService.exe" update_ready "C:\Users\Admin\Downloads\bitdefender_avfree.exe"
C:\Program Files\Bitdefender Agent\ProductAgentUI.exe
"C:\Program Files\Bitdefender Agent\ProductAgentUI.exe" stop
C:\Program Files\Bitdefender Agent\ProductAgentService.exe
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe" install
C:\Program Files\Bitdefender Agent\ProductAgentService.exe
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe" enable
C:\Program Files\Bitdefender Agent\ProductAgentService.exe
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe"
C:\Program Files\Bitdefender Agent\27.0.1.287_0\DiscoverySrv.exe
"C:\Program Files\Bitdefender Agent\27.0.1.287_0\DiscoverySrv.exe" install
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Program Files\Bitdefender Agent\27.0.1.287_0\DiscoveryComp.dll"
C:\Program Files\Bitdefender Agent\27.0.1.287_0\DiscoverySrv.exe
"C:\Program Files\Bitdefender Agent\27.0.1.287_0\DiscoverySrv.exe"
C:\Program Files\Bitdefender Agent\27.0.1.287_0\WatchDog.exe
"C:\Program Files\Bitdefender Agent\27.0.1.287_0\WatchDog.exe" install
C:\Program Files\Bitdefender Agent\27.0.1.287_0\ProductAgentUI.exe
"C:\Program Files\Bitdefender Agent\27.0.1.287_0\ProductAgentUI.exe" show=progress event_retry=Global\7295237F-E98C-4C46-A4A4-07F0D66278C2 app_name="Bitdefender Security"
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Windows\TEMP\bd_9CCC.tmp\alh9CCD.tmp
"C:\Windows\TEMP\bd_9CCC.tmp\alh9CCD.tmp" /source:web /attach
C:\Users\Admin\AppData\Local\Temp\RarSFX0\installer.exe
"C:\Users\Admin\AppData\Local\Temp\RarSFX0\installer.exe" /kitArchive
C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-27-A235C832-B47F-4A81-9517-DF632965C84F\Installer.exe
"C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-27-A235C832-B47F-4A81-9517-DF632965C84F\Installer.exe" /attach /source:web /setup-folder:"CL-27-A235C832-B47F-4A81-9517-DF632965C84F" /step=new_install
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\bitdefender_avfree.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files\Bitdefender Agent\27.0.1.287_0\WatchDog.exe
"C:\Program Files\Bitdefender Agent\27.0.1.287_0\WatchDog.exe" install
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\MicrosoftEdge_X64_130.0.2849.80.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\MicrosoftEdge_X64_130.0.2849.80.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\MicrosoftEdge_X64_130.0.2849.80.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=130.0.6723.117 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=130.0.2849.80 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff61814d730,0x7ff61814d73c,0x7ff61814d748
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=130.0.6723.117 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=130.0.2849.80 --initial-client-data=0x248,0x24c,0x250,0x224,0x254,0x7ff61814d730,0x7ff61814d73c,0x7ff61814d748
C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.80\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.80\Installer\setup.exe" --msedge --channel=stable --register-package-identity --verbose-logging --system-level
C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.80\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.80\Installer\setup.exe" --msedge --channel=stable --remove-deprecated-packages --verbose-logging --system-level
C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.80\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.80\Installer\setup.exe" --msedge --channel=stable --update-game-assist-package --verbose-logging --system-level
C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.80\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.80\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=130.0.6723.117 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.80\Installer\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=130.0.2849.80 --initial-client-data=0x248,0x24c,0x250,0x224,0x254,0x7ff6472ad730,0x7ff6472ad73c,0x7ff6472ad748
C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.80\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.80\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=130.0.6723.117 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.80\Installer\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=130.0.2849.80 --initial-client-data=0x248,0x24c,0x250,0x224,0x254,0x7ff6472ad730,0x7ff6472ad73c,0x7ff6472ad748
C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.80\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.80\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=130.0.6723.117 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.80\Installer\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=130.0.2849.80 --initial-client-data=0x25c,0x260,0x264,0x238,0x268,0x7ff6472ad730,0x7ff6472ad73c,0x7ff6472ad748
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k AppReadiness -p -s AppReadiness
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1928 -parentBuildID 20240401114208 -prefsHandle 1856 -prefMapHandle 1848 -prefsLen 27679 -prefMapSize 245294 -appDir "C:\Program Files\Mozilla Firefox\browser" - {30c951ff-8d6e-414e-a107-0a45e8ec336e} 2528 "\\.\pipe\gecko-crash-server-pipe.2528" gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2284 -parentBuildID 20240401114208 -prefsHandle 2276 -prefMapHandle 2272 -prefsLen 27679 -prefMapSize 245294 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {779310db-6909-4e3c-904f-1e1fd4c7245f} 2528 "\\.\pipe\gecko-crash-server-pipe.2528" socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3068 -childID 1 -isForBrowser -prefsHandle 3024 -prefMapHandle 3052 -prefsLen 28178 -prefMapSize 245294 -jsInitHandle 1420 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6ca8d578-48cd-42b7-afd8-55881076c4f6} 2528 "\\.\pipe\gecko-crash-server-pipe.2528" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4028 -childID 2 -isForBrowser -prefsHandle 4020 -prefMapHandle 4016 -prefsLen 33411 -prefMapSize 245294 -jsInitHandle 1420 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3ce0ed42-9a69-4eca-a249-936c01b8ac6c} 2528 "\\.\pipe\gecko-crash-server-pipe.2528" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4888 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 3568 -prefMapHandle 4488 -prefsLen 33518 -prefMapSize 245294 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b25151fc-b3dc-489d-95e8-6ca6d1dfe7e0} 2528 "\\.\pipe\gecko-crash-server-pipe.2528" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5260 -childID 3 -isForBrowser -prefsHandle 5280 -prefMapHandle 5276 -prefsLen 30461 -prefMapSize 245294 -jsInitHandle 1420 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {01fe5ae5-cf58-43cc-9b07-49dc2417309f} 2528 "\\.\pipe\gecko-crash-server-pipe.2528" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5300 -childID 4 -isForBrowser -prefsHandle 5292 -prefMapHandle 5288 -prefsLen 30461 -prefMapSize 245294 -jsInitHandle 1420 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7234ee21-0c5c-4bee-9e40-0eb92ab8a98c} 2528 "\\.\pipe\gecko-crash-server-pipe.2528" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5528 -childID 5 -isForBrowser -prefsHandle 5520 -prefMapHandle 5432 -prefsLen 30461 -prefMapSize 245294 -jsInitHandle 1420 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {222a2b54-b475-4189-9165-b11977490969} 2528 "\\.\pipe\gecko-crash-server-pipe.2528" tab
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMzUiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuMzEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NDlDMTAyRUUtNDg2Ni00RDZGLUJGQkYtNjEyQzk5NjNEMTRDfSIgdXNlcmlkPSJ7QTNCMTI1NTQtODE2RS00QkEwLUJFRDctQzM3RjBGRjQ2REMzfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins2Q0Y0NzVBRi02OTZDLTQzNDgtQUIyMC1BODk3NTIxODEwODN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQ0LjQ1MjkiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSIxMjUiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O2RsNHhKM2NKU1RNRHVuM0pkTC80WnhHOWpKTEJuQ1Z2K3NMZkhWNnVTWTQ9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xOTUuMzUiIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iSXNPbkludGVydmFsQ29tbWFuZHNBbGxvd2VkPSU1QiUyMi10YXJnZXRfZGV2JTIwLW1pbl9icm93c2VyX3ZlcnNpb25fY2FuYXJ5X2RldiUyMDEzMS4wLjI4NzEuMCUyMiU1RCIgaW5zdGFsbGFnZT0iMjAiIGNvaG9ydD0icnJmQDAuODEiPjx1cGRhdGVjaGVjay8-PHBpbmcgcmQ9IjY1MjYiIHBpbmdfZnJlc2huZXNzPSJ7NkIyNEY5NEQtOTlFOC00NDFFLUJCQ0MtOUY5Q0M0QUE0M0VDfSIvPjwvYXBwPjxhcHAgYXBwaWQ9Ins1NkVCMThGOC1CMDA4LTRDQkQtQjZEMi04Qzk3RkU3RTkwNjJ9IiB2ZXJzaW9uPSI5Mi4wLjkwMi42NyIgbmV4dHZlcnNpb249IjEzMC4wLjI4NDkuODAiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iMjAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyNzYxMTkzMzgxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyNzYxMTkzMzgxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyNzkwNTY4MDE0IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyODA0MTYyMTAwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzMzNDI4NzAwNiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjEwOTQiIGRvd25sb2FkZWQ9IjE3NTA3NjkyMCIgdG90YWw9IjE3NTA3NjkyMCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjIiIGluc3RhbGxfdGltZV9tcz0iNTMwMTIiLz48cGluZyBhY3RpdmU9IjAiIHJkPSI2NTI2IiBwaW5nX2ZyZXNobmVzcz0iezMzQjNFM0ZDLUU1RDktNDI3MC05OUQ3LTY2RkQ1NTNDRkY2OH0iLz48L2FwcD48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iMTMwLjAuMjg0OS44MCIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiIGluc3RhbGxkYXRlPSI2NTI0IiBjb2hvcnQ9InJyZkAwLjQxIj48dXBkYXRlY2hlY2svPjxwaW5nIHJkPSI2NTI2IiBwaW5nX2ZyZXNobmVzcz0iezlCMjM5MDZCLTQ1MDEtNEE1MS04OTU3LUM2NTdBMjNDRDIyMX0iLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4536 -childID 6 -isForBrowser -prefsHandle 5084 -prefMapHandle 4496 -prefsLen 30540 -prefMapSize 245294 -jsInitHandle 1420 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {48cfc540-0dd4-4482-bf63-d15e00f7d650} 2528 "\\.\pipe\gecko-crash-server-pipe.2528" tab
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\06adb53083ff4a329cf6d3ae8bab5d82 /t 5744 /p 1532
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "C:\Users\Admin\Downloads\MSIXPackagingtoolv1.2024.405.0.msixbundle"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url C:\Users\Admin\Downloads\MSIXPackagingtoolv1.2024.405.0.msixbundle
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5168 -childID 7 -isForBrowser -prefsHandle 4556 -prefMapHandle 7180 -prefsLen 33653 -prefMapSize 245294 -jsInitHandle 1420 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b8758711-ab56-42c8-a8f8-6af4e1feb03f} 2528 "\\.\pipe\gecko-crash-server-pipe.2528" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6968 -childID 8 -isForBrowser -prefsHandle 6768 -prefMapHandle 6724 -prefsLen 30596 -prefMapSize 245294 -jsInitHandle 1420 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b8c44c8d-c3d0-441c-9539-72f2551e94c1} 2528 "\\.\pipe\gecko-crash-server-pipe.2528" tab
C:\Windows\system32\msdt.exe
"C:\Windows\system32\msdt.exe" -id AppsDiagnostic -ep CortanaSearch
C:\Windows\System32\sdiagnhost.exe
C:\Windows\System32\sdiagnhost.exe -Embedding
C:\Windows\System32\sdiagnhost.exe
C:\Windows\System32\sdiagnhost.exe -Embedding
C:\Windows\system32\sfc.exe
"C:\Windows\system32\sfc.exe" /scanfile=C:\Windows\system32\Qmgr.dll
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4467_none_7e0f83e07c8c1985\TiWorker.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4467_none_7e0f83e07c8c1985\TiWorker.exe -Embedding
C:\Windows\system32\sc.exe
"C:\Windows\system32\sc.exe" sdshow bits
C:\Windows\system32\bitsadmin.exe
"C:\Windows\system32\bitsadmin.exe" /reset /allusers
C:\Windows\system32\net.exe
"C:\Windows\system32\net.exe" start bits
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 start bits
C:\Windows\system32\sfc.exe
"C:\Windows\system32\sfc.exe" /scanfile=C:\Windows\system32\Qmgr.dll
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\MSIXPackagingtoolv1.2024.405.0.msixbundle"
C:\Windows\system32\msiexec.exe
"C:\Windows\system32\msiexec.exe"
C:\Program Files\Bitdefender Agent\redline\bdredline.exe
"C:\Program Files\Bitdefender Agent\redline\bdredline.exe"
Network
| Country | Destination | Domain | Proto |
| N/A | 127.0.0.1:49748 | tcp | |
| US | 8.8.8.8:53 | www.bitdefender.com | udp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy.cdn.mozilla.net | tcp |
| US | 104.18.0.169:443 | www.bitdefender.com | tcp |
| US | 104.18.0.169:443 | www.bitdefender.com | tcp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | www.bitdefender.com | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | www.bitdefender.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 169.0.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.208.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.234.200.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | support.mozilla.org | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | assets.adobedtm.com | udp |
| GB | 2.23.205.29:443 | assets.adobedtm.com | tcp |
| US | 8.8.8.8:53 | e7808.dscg.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e7808.dscg.akamaiedge.net | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| IE | 54.217.213.106:443 | dpm.demdex.net | tcp |
| US | 8.8.8.8:53 | dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | app.usercentrics.eu | udp |
| US | 35.190.14.188:443 | app.usercentrics.eu | tcp |
| US | 8.8.8.8:53 | app.usercentrics.eu | udp |
| US | 8.8.8.8:53 | app.usercentrics.eu | udp |
| US | 35.190.14.188:443 | app.usercentrics.eu | udp |
| US | 35.190.14.188:443 | app.usercentrics.eu | tcp |
| US | 8.8.8.8:53 | euob.ofgreencolumn.com | udp |
| US | 8.8.8.8:53 | sstats.bitdefender.com | udp |
| FR | 3.164.163.55:443 | euob.ofgreencolumn.com | tcp |
| US | 8.8.8.8:53 | euob.ofgreencolumn.com | udp |
| IE | 66.235.152.225:443 | sstats.bitdefender.com | tcp |
| US | 8.8.8.8:53 | bitdefender.com.ssl.sc.omtrdc.net | udp |
| US | 8.8.8.8:53 | 29.205.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.213.217.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 188.14.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bitdefender.com.ssl.sc.omtrdc.net | udp |
| US | 8.8.8.8:53 | euob.ofgreencolumn.com | udp |
| US | 8.8.8.8:53 | api.usercentrics.eu | udp |
| US | 35.241.3.184:443 | api.usercentrics.eu | tcp |
| US | 35.241.3.184:443 | api.usercentrics.eu | tcp |
| US | 8.8.8.8:53 | api.usercentrics.eu | udp |
| US | 8.8.8.8:53 | api.usercentrics.eu | udp |
| US | 8.8.8.8:53 | cdn.scarabresearch.com | udp |
| US | 8.8.8.8:53 | cdn.scarabresearch.com | udp |
| US | 8.8.8.8:53 | starget.bitdefender.com | udp |
| US | 35.241.3.184:443 | api.usercentrics.eu | udp |
| IE | 66.235.152.225:443 | starget.bitdefender.com | tcp |
| IE | 66.235.152.225:443 | starget.bitdefender.com | tcp |
| IE | 66.235.152.225:443 | starget.bitdefender.com | tcp |
| IE | 66.235.152.225:443 | starget.bitdefender.com | tcp |
| IE | 66.235.152.225:443 | starget.bitdefender.com | tcp |
| US | 8.8.8.8:53 | adobetarget.data.adobedc.net | udp |
| US | 8.8.8.8:53 | cdn.scarabresearch.com | udp |
| US | 8.8.8.8:53 | bitdefender.demdex.net | udp |
| US | 8.8.8.8:53 | cm.everesttech.net | udp |
| US | 8.8.8.8:53 | adobetarget.data.adobedc.net | udp |
| US | 8.8.8.8:53 | cm.everesttech.net.akadns.net | udp |
| US | 8.8.8.8:53 | cm.everesttech.net.akadns.net | udp |
| US | 8.8.8.8:53 | starget.bitdefender.com | udp |
| IE | 52.212.192.25:443 | bitdefender.demdex.net | tcp |
| US | 8.8.8.8:53 | 55.163.164.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.152.235.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.3.241.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | obseu.ofgreencolumn.com | udp |
| US | 35.241.3.184:443 | api.usercentrics.eu | udp |
| US | 8.8.8.8:53 | assets.adobetarget.com | udp |
| GB | 104.82.230.10:443 | assets.adobetarget.com | tcp |
| US | 8.8.8.8:53 | e10573.dscf.akamaiedge.net | udp |
| IE | 54.75.69.192:443 | obseu.ofgreencolumn.com | tcp |
| US | 8.8.8.8:53 | obseu.ofgreencolumn.com | udp |
| US | 8.8.8.8:53 | e10573.dscf.akamaiedge.net | udp |
| US | 8.8.8.8:53 | obseu.ofgreencolumn.com | udp |
| US | 8.8.8.8:53 | checkout-service.bitdefender.com | udp |
| US | 104.18.169.222:443 | checkout-service.bitdefender.com | tcp |
| US | 104.18.169.222:443 | checkout-service.bitdefender.com | tcp |
| US | 8.8.8.8:53 | checkout-service.bitdefender.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | checkout-service.bitdefender.com.cdn.cloudflare.net | udp |
| FR | 99.86.91.70:443 | cdn.scarabresearch.com | tcp |
| IE | 52.16.193.179:443 | cm.everesttech.net.akadns.net | tcp |
| US | 8.8.8.8:53 | 25.192.212.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.230.82.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.69.75.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 222.169.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.91.86.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 179.193.16.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent-api.service.consent.usercentrics.eu | udp |
| US | 8.8.8.8:53 | uct.service.usercentrics.eu | udp |
| US | 35.201.111.240:443 | consent-api.service.consent.usercentrics.eu | tcp |
| US | 8.8.8.8:53 | consent-api.service.consent.usercentrics.eu | udp |
| US | 35.201.111.240:443 | consent-api.service.consent.usercentrics.eu | tcp |
| US | 34.95.108.180:443 | uct.service.usercentrics.eu | tcp |
| US | 8.8.8.8:53 | uct.service.usercentrics.eu | udp |
| US | 8.8.8.8:53 | consent-api.service.consent.usercentrics.eu | udp |
| US | 8.8.8.8:53 | uct.service.usercentrics.eu | udp |
| US | 35.201.111.240:443 | consent-api.service.consent.usercentrics.eu | udp |
| US | 34.95.108.180:443 | uct.service.usercentrics.eu | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| GB | 172.217.169.34:443 | ade.googlesyndication.com | tcp |
| GB | 172.217.169.34:443 | ade.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| N/A | 127.0.0.1:49756 | tcp | |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| GB | 172.217.169.34:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 240.111.201.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.108.95.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| DE | 23.55.161.185:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.161.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 216.58.212.238:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 216.58.212.238:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r2---sn-aigl6ned.gvt1.com | udp |
| GB | 173.194.183.71:443 | r2---sn-aigl6ned.gvt1.com | tcp |
| US | 8.8.8.8:53 | r2.sn-aigl6ned.gvt1.com | udp |
| US | 8.8.8.8:53 | r2.sn-aigl6ned.gvt1.com | udp |
| GB | 173.194.183.71:443 | r2.sn-aigl6ned.gvt1.com | udp |
| US | 8.8.8.8:53 | 238.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.183.194.173.in-addr.arpa | udp |
| US | 34.117.121.53:443 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 35.201.111.240:443 | consent-api.service.consent.usercentrics.eu | udp |
| US | 34.95.108.180:443 | uct.service.usercentrics.eu | udp |
| US | 34.95.108.180:443 | uct.service.usercentrics.eu | tcp |
| IE | 34.251.101.162:443 | obseu.ofgreencolumn.com | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 35.190.72.216:443 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | 162.101.251.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.20.149.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.72.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.42.69.40.in-addr.arpa | udp |
| US | 104.18.0.169:443 | www.bitdefender.com | tcp |
| US | 8.8.8.8:53 | assets.adobedtm.com | udp |
| US | 35.190.14.188:443 | app.usercentrics.eu | tcp |
| FR | 3.164.163.55:443 | euob.ofgreencolumn.com | tcp |
| FR | 99.86.91.70:443 | cdn.scarabresearch.com | tcp |
| IE | 52.16.193.179:443 | cm.everesttech.net.akadns.net | tcp |
| US | 8.8.8.8:53 | cdn.scarabresearch.com | udp |
| GB | 2.23.205.29:443 | assets.adobedtm.com | tcp |
| US | 8.8.8.8:53 | cm.everesttech.net.akadns.net | udp |
| US | 8.8.8.8:53 | e7808.dscg.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e7808.dscg.akamaiedge.net | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | graphql.usercentrics.eu | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 34.120.238.166:443 | graphql.usercentrics.eu | tcp |
| US | 34.120.238.166:443 | graphql.usercentrics.eu | tcp |
| US | 8.8.8.8:53 | graphql.usercentrics.eu | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | graphql.usercentrics.eu | udp |
| US | 34.120.238.166:443 | graphql.usercentrics.eu | udp |
| US | 8.8.8.8:53 | 166.238.120.34.in-addr.arpa | udp |
| GB | 2.23.205.29:443 | e7808.dscg.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | assets.adobedtm.com | udp |
| US | 35.190.14.188:443 | app.usercentrics.eu | udp |
| IE | 66.235.152.156:443 | starget.bitdefender.com | tcp |
| US | 8.8.8.8:53 | adobetarget.data.adobedc.net | udp |
| US | 35.190.14.188:443 | app.usercentrics.eu | udp |
| FR | 3.164.163.55:443 | euob.ofgreencolumn.com | tcp |
| US | 35.241.3.184:443 | api.usercentrics.eu | udp |
| US | 8.8.8.8:53 | 156.152.235.66.in-addr.arpa | udp |
| FR | 99.86.91.70:443 | cdn.scarabresearch.com | tcp |
| US | 104.18.169.222:443 | checkout-service.bitdefender.com.cdn.cloudflare.net | tcp |
| US | 8.8.8.8:53 | assets.adobetarget.com | udp |
| GB | 104.82.230.10:443 | assets.adobetarget.com | tcp |
| US | 8.8.8.8:53 | e10573.dscf.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e10573.dscf.akamaiedge.net | udp |
| IE | 66.235.152.225:443 | starget.bitdefender.com | tcp |
| GB | 172.217.169.34:443 | ade.googlesyndication.com | udp |
| GB | 172.217.169.34:443 | ade.googlesyndication.com | tcp |
| GB | 172.217.169.34:443 | ade.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | download.bitdefender.com | udp |
| GB | 2.19.117.102:443 | download.bitdefender.com | tcp |
| US | 8.8.8.8:53 | a1270.dscd.akamai.net | udp |
| US | 8.8.8.8:53 | a1270.dscd.akamai.net | udp |
| US | 8.8.8.8:53 | 102.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.208.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | upgrade.bitdefender.com | udp |
| US | 104.18.169.222:80 | upgrade.bitdefender.com | tcp |
| N/A | 127.0.0.1:53923 | tcp | |
| US | 8.8.8.8:53 | obseu.ofgreencolumn.com | udp |
| US | 8.8.8.8:53 | obseu.ofgreencolumn.com | udp |
| US | 8.8.8.8:53 | obseu.ofgreencolumn.com | udp |
| US | 8.8.8.8:53 | nimbus.bitdefender.net | udp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 8.8.8.8:53 | 241.68.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.215.54.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.211.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa | udp |
| US | 8.8.8.8:53 | nimbus.bitdefender.net | udp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| GB | 2.19.117.80:443 | a1270.dscd.akamai.net | tcp |
| US | 8.8.8.8:53 | msedge.sf.dl.delivery.mp.microsoft.com | udp |
| GB | 2.19.117.102:443 | msedge.sf.dl.delivery.mp.microsoft.com | tcp |
| N/A | 127.0.0.1:53951 | tcp | |
| N/A | 127.0.0.1:53953 | tcp | |
| US | 8.8.8.8:53 | 80.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 172.169.87.222:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 222.87.169.172.in-addr.arpa | udp |
| N/A | 127.0.0.1:53969 | tcp | |
| N/A | 127.0.0.1:53971 | tcp | |
| US | 8.8.8.8:53 | msedge.f.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 84.201.209.69:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 69.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.117.168.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nimbus.bitdefender.net | udp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 8.8.8.8:53 | mclb-gcp.nimbus.bitdefender.net | udp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| N/A | 127.0.0.1:54346 | tcp | |
| N/A | 127.0.0.1:54348 | tcp | |
| US | 8.8.8.8:53 | checkappexec.microsoft.com | udp |
| GB | 51.140.242.104:443 | checkappexec.microsoft.com | tcp |
| US | 8.8.8.8:53 | 104.242.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | obseu.ofgreencolumn.com | udp |
| US | 8.8.8.8:53 | obseu.ofgreencolumn.com | udp |
| US | 8.8.8.8:53 | obseu.ofgreencolumn.com | udp |
| US | 8.8.8.8:53 | obseu.ofgreencolumn.com | udp |
| US | 8.8.8.8:53 | obseu.ofgreencolumn.com | udp |
| US | 8.8.8.8:53 | download.bitdefender.com | udp |
| GB | 2.19.117.102:443 | download.bitdefender.com | tcp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| IE | 4.245.161.190:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 190.161.245.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 84.201.209.104:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 104.209.201.84.in-addr.arpa | udp |
| N/A | 127.0.0.1:54611 | tcp | |
| US | 8.8.8.8:53 | upgrade.bitdefender.com | udp |
| US | 104.18.169.222:80 | upgrade.bitdefender.com | tcp |
| US | 8.8.8.8:53 | nimbus.bitdefender.net | udp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 8.8.8.8:53 | nimbus.bitdefender.net | udp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| N/A | 127.0.0.1:54860 | tcp | |
| N/A | 127.0.0.1:54862 | tcp | |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| N/A | 127.0.0.1:55204 | tcp | |
| N/A | 127.0.0.1:55207 | tcp | |
| US | 8.8.8.8:53 | nimbus.bitdefender.net | udp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| N/A | 127.0.0.1:55242 | tcp | |
| N/A | 127.0.0.1:55245 | tcp | |
| US | 8.8.8.8:53 | nimbus.bitdefender.net | udp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 8.8.8.8:53 | download.bitdefender.com | udp |
| GB | 2.19.117.80:443 | download.bitdefender.com | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| N/A | 127.0.0.1:55270 | tcp | |
| N/A | 127.0.0.1:55272 | tcp | |
| US | 8.8.8.8:53 | nimbus.bitdefender.net | udp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 34.54.215.149:443 | elb-ned-gcp.nimbus.bitdefender.net | tcp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| US | 34.149.211.227:443 | mclb-gcp.nimbus.bitdefender.net | tcp |
| US | 8.8.8.8:53 | mclb-gcp.nimbus.bitdefender.net | udp |
| US | 34.120.68.241:443 | eu.nimbus.bitdefender.net | tcp |
| N/A | 127.0.0.1:55472 | tcp | |
| N/A | 127.0.0.1:55474 | tcp | |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 4.155.164.36:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 36.164.155.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | checkappexec.microsoft.com | udp |
| GB | 13.87.96.169:443 | checkappexec.microsoft.com | tcp |
| N/A | 127.0.0.1:55540 | tcp | |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| N/A | 127.0.0.1:55546 | tcp | |
| US | 8.8.8.8:53 | learn.microsoft.com | udp |
| US | 23.192.22.89:80 | learn.microsoft.com | tcp |
| US | 8.8.8.8:53 | e13636.dscb.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e13636.dscb.akamaiedge.net | udp |
| US | 23.192.22.89:443 | e13636.dscb.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | 89.22.192.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | js.monitor.azure.com | udp |
| US | 13.107.246.65:443 | js.monitor.azure.com | tcp |
| US | 8.8.8.8:53 | s-part-0037.t-0009.t-msedge.net | udp |
| US | 13.107.246.65:443 | s-part-0037.t-0009.t-msedge.net | tcp |
| US | 8.8.8.8:53 | s-part-0037.t-0009.t-msedge.net | udp |
| US | 8.8.8.8:53 | 65.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| DE | 20.52.64.200:443 | browser.events.data.microsoft.com | tcp |
| DE | 20.52.64.200:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | onedscolprdgwc02.germanywestcentral.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprdgwc02.germanywestcentral.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | 200.64.52.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 23.192.22.93:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | e13678.dscb.akamaiedge.net | udp |
| US | 23.192.22.93:443 | e13678.dscb.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | 93.22.192.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprduks03.uksouth.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprduks03.uksouth.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | download.bitdefender.com | udp |
| GB | 2.19.117.102:443 | download.bitdefender.com | tcp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprduks03.uksouth.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprduks03.uksouth.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprdeus09.eastus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprdeus09.eastus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | download.microsoft.com | udp |
| GB | 2.23.221.208:443 | download.microsoft.com | tcp |
| US | 8.8.8.8:53 | e12671.dscd.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e12671.dscd.akamaiedge.net | udp |
| GB | 2.23.221.208:443 | e12671.dscd.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | 208.221.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprdcus01.centralus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprdeus07.eastus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprdeus07.eastus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprduks03.uksouth.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprduks03.uksouth.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprdeus07.eastus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprdeus07.eastus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprdeus07.eastus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprdeus17.eastus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprdeus17.eastus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprdeus18.eastus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprdeus18.eastus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprdwus22.westus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprdwus22.westus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprdeus02.eastus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprdeus02.eastus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | e13678.dscb.akamaiedge.net | udp |
| US | 8.8.8.8:53 | apps.microsoft.com | udp |
| US | 13.107.246.65:443 | apps.microsoft.com | tcp |
| US | 8.8.8.8:53 | s-part-0037.t-0009.t-msedge.net | udp |
| US | 8.8.8.8:53 | s-part-0037.t-0009.t-msedge.net | udp |
| US | 8.8.8.8:53 | images-eds-ssl.xboxlive.com | udp |
| US | 8.8.8.8:53 | sparkcdneus2.azureedge.net | udp |
| US | 8.8.8.8:53 | store-images.microsoft.com | udp |
| US | 8.8.8.8:53 | musicart.xboxlive.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| GB | 2.23.204.8:443 | musicart.xboxlive.com | tcp |
| US | 8.8.8.8:53 | e12564.dspb.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e87.dspg.akamaiedge.net | udp |
| US | 152.199.19.161:443 | sparkcdneus2.azureedge.net | tcp |
| US | 8.8.8.8:53 | cs9.wpc.v0cdn.net | udp |
| US | 8.8.8.8:53 | e12564.dscg.akamaiedge.net | udp |
| GB | 2.23.205.200:443 | e12564.dscg.akamaiedge.net | tcp |
| GB | 2.23.204.8:443 | e87.dspg.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | e87.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | onedscolprdcus00.centralus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | e87.dspg.akamaiedge.net | udp |
| US | 8.8.8.8:53 | cs9.wpc.v0cdn.net | udp |
| US | 8.8.8.8:53 | e12564.dspb.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e12564.dscg.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e87.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | onedscolprdcus00.centralus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.65:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.68:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | www.tm.ak.prd.aadg.trafficmanager.net | udp |
| US | 8.8.8.8:53 | www.tm.ak.prd.aadg.trafficmanager.net | udp |
| IE | 20.190.159.68:443 | www.tm.ak.prd.aadg.trafficmanager.net | tcp |
| US | 8.8.8.8:53 | www.tm.v4.a.prd.aadg.trafficmanager.net | udp |
| US | 8.8.8.8:53 | www.tm.v4.a.prd.aadg.trafficmanager.net | udp |
| US | 8.8.8.8:53 | 100.5.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.204.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.205.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.19.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | apps.microsoft.com | udp |
| US | 8.8.8.8:53 | northcentralus-0.in.applicationinsights.azure.com | udp |
| US | 52.240.245.67:443 | northcentralus-0.in.applicationinsights.azure.com | tcp |
| US | 52.240.245.67:443 | northcentralus-0.in.applicationinsights.azure.com | tcp |
| US | 8.8.8.8:53 | gig-ai-prod-ncus-0-app-v4-tag.northcentralus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | gig-ai-prod-ncus-0-app-v4-tag.northcentralus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.129.153.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.245.240.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | onedscolprdcus00.centralus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | northcentralus-0.in.applicationinsights.azure.com | udp |
| US | 8.8.8.8:53 | gig-ai-prod-ncus-0-app-v4-tag.northcentralus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 8.8.8.8:53 | gig-ai-prod-ncus-0-app-v4-tag.northcentralus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 4.153.129.168:443 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | tcp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 13.107.246.65:443 | apps.microsoft.com | tcp |
| US | 8.8.8.8:53 | js.monitor.azure.com | udp |
| US | 8.8.8.8:53 | learn.microsoft.com | udp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | e13636.dscb.akamaiedge.net | udp |
| US | 13.107.253.65:443 | js.monitor.azure.com | tcp |
| US | 8.8.8.8:53 | s-part-0037.t-0009.fb-t-msedge.net | udp |
| US | 13.107.253.65:443 | js.monitor.azure.com | tcp |
| US | 8.8.8.8:53 | 65.253.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprdeus07.eastus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprdeus07.eastus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | s-part-0037.t-0009.fb-t-msedge.net | udp |
| US | 8.8.8.8:53 | e13636.dscb.akamaiedge.net | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprdfrc03.francecentral.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprdfrc03.francecentral.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprdcus01.centralus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprdcus01.centralus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprdwus12.westus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprdwus12.westus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprdcus10.centralus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprdcus10.centralus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprdcus15.centralus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprdcus15.centralus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprdcus15.centralus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprdcus15.centralus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprdwus12.westus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprdwus12.westus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprdcus01.centralus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprdcus01.centralus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprdwus12.westus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprdwus12.westus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | onedscolprdcus07.centralus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | onedscolprdcus07.centralus.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | fd.api.iris.microsoft.com | udp |
| FR | 20.74.47.205:443 | fd.api.iris.microsoft.com | tcp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | upgrade.bitdefender.com | udp |
| US | 104.18.168.222:80 | upgrade.bitdefender.com | tcp |
| N/A | 127.0.0.1:57024 | tcp | |
| US | 8.8.8.8:53 | 222.168.18.104.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\datareporting\glean\pending_pings\f05bd1ac-8d99-4a09-949e-eac185fe96b1
| MD5 | 447f3b7b4f7158e972bb0ca072ee0d0d |
| SHA1 | df47f4ca6ce74c62ec3c57ad7dd23aa71d86d97c |
| SHA256 | 6b2015914406a4ad39d4ce609817c4a78457889df3166879176fd38377d9afc4 |
| SHA512 | 17d09399635f153eb8aa29ae71c420b522b9c6131175e3b1b719c8fb003436c3194964fdaa060719c22aa241d523bc9b0b0862dbaf017d7c6b3b05f1e4fa9e2f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\datareporting\glean\pending_pings\6c665960-e448-4711-8b75-e37f705c88a3
| MD5 | d3ec26379675d808fbc1cb531daf4d64 |
| SHA1 | d832ae26e69928de95e7476e5c1ba2896ceed76f |
| SHA256 | 79e5f7761083b6753902a8a93d06baee559ef760991e3b65e5dfa8e4ca0a3991 |
| SHA512 | 5bc3e8cbe34aebaeabed1e6343fb1098618cfb3377b3b03364adc45f727c273d21f9e5fdb641f62ae4159a049a025ea4c52a2661c4902344fb2a969ef8d7ea55 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\datareporting\glean\pending_pings\075845a1-0d1e-4f03-b4ae-830fc150d3a8
| MD5 | 123736791ab53d62596466ed367eb08d |
| SHA1 | 4d18c4d74aa3d4b7fe4708ea0c2e7529d79fdcee |
| SHA256 | 315321433120ad0b0d84a3e39f27338293f0a047cc0eb0425dae6a305ecbed0a |
| SHA512 | 6af125e57264f36e2911d6931d6e9939c7c444c9e2011414ebbcfd451c1f15594828e652e225a4d9ca8cb39e700658c05c7da498f838a240d38717487a69676c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 02008adbe1900733d1d74048aa33860e |
| SHA1 | 4342e2405f16ae91c2511371de6aeaaaf2133643 |
| SHA256 | 149aa72d37502e42c9fbe1be586df3dc3224db06de4dee0c8dc0087fe2c0c9b7 |
| SHA512 | 5e3a25c90c490d4c0c779b4b20e3a42d452d6f582f2d85636fc76d53b3b8623ba1230250bafe5c35259b59ded93067e0ba130b3a987b9fd796e66c2bc262ee14 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\prefs.js
| MD5 | 1ce6300fe93f6f8d7f62dcc6deb944c8 |
| SHA1 | 2cd3e4493e13c393199b7e09a607e261e51984c9 |
| SHA256 | 9b5045e92810f8c075ede29b3ab500c1f26a6d17a0177d41f1a0bb36f453b45e |
| SHA512 | ce0c1be356f0a2100000e2bdc2372abb9bb713b9c672e71878fdb919f604e8baac4f33e3419bcf24bf01c565f09e02f35fc02f671414a3e0fdc732f19843f6fa |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\prefs-1.js
| MD5 | 72ba6b211a2e61ecb5128a383aff2e54 |
| SHA1 | b10741c07c54346be3712b2ba1ae3c6a05bfbf89 |
| SHA256 | c4663a78c83d36d66e20e822dad36cd91c9297e7913eba3b2c81cf10d40d258a |
| SHA512 | c97cf5fde38c475c166bc870e9abd8a6d12a189b7a902d02f9d1a5a502a1898b3bead3c2b121989b700f9d56c6a6a785bb9fcd3d1143c69f83d9af3788231ab9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\AlternateServices.bin
| MD5 | 2dea6faf31cad75a08a54081d55d230c |
| SHA1 | 3d7eae8339283801e8a9aa2758767a36eb680f2b |
| SHA256 | 36b6ccd9096a39543c47b15c8e080c1b183c0b42de65d9c4273490cc4c06aadc |
| SHA512 | 6e7b609b729b24b6db5617aceb6cb313e70cf62d9a7f9db11a017d10038a7ea6c828c46cab91fb50429dc9c83300d71277e6eef4e748cf5695b5e7abf711d68d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\storage\default\https+++www.googletagmanager.com^partitionKey=%28https%2Cbitdefender.com%29\cache\morgue\190\{9bb336f1-be3a-4944-99c9-a50a9bcef4be}.final
| MD5 | 7fd116230491d5754c0b8b21d8aac3a4 |
| SHA1 | 505c970507e1ee607f55221d72dd3c8d5c34a006 |
| SHA256 | c7e87cc66882a9f33a088046f6bccf88d71b3c746c737cd922845e4f964ddc3a |
| SHA512 | 2d782cac56b3691bb4189b85a4f2882ab30a5d23eb71e5db4aa04f27d19956cedc246213fcf66c333ce86cdd57a808a1cbebba54f885bc2e85b601d02a9c943c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | e85a72c23f6a80408e68207d60d61315 |
| SHA1 | db30f7c83f4f35763e3e607e1943dca7b7c0cff3 |
| SHA256 | 9821120f6194b361af17a5e83b05ddf0965708f55866695798fa71fbf9344030 |
| SHA512 | da8da669dbae6e79238e22667bb6c6049437480e9d522e6e1e2b8a3f27c07485c6ea3480d1841b7e65c88d1778b2d5025ebe3d4b26b31630eadf714914c75b85 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 09372174e83dbbf696ee732fd2e875bb |
| SHA1 | ba360186ba650a769f9303f48b7200fb5eaccee1 |
| SHA256 | c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f |
| SHA512 | b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info
| MD5 | 2a461e9eb87fd1955cea740a3444ee7a |
| SHA1 | b10755914c713f5a4677494dbe8a686ed458c3c5 |
| SHA256 | 4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc |
| SHA512 | 34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll
| MD5 | 842039753bf41fa5e11b3a1383061a87 |
| SHA1 | 3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153 |
| SHA256 | d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c |
| SHA512 | d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\cache2\entries\39DB9E847E680B765D7B04FCCE6BF5BC0225F878
| MD5 | 3ed7c55b3fb2936d424fd24b95a0cb14 |
| SHA1 | a4f06325284cb817f8d6b540572344019147fa5e |
| SHA256 | 45a902fd58aa770f6d1827567e80b7b16aa4ee970a402cde17441dbeed0ed8d4 |
| SHA512 | 26025f14ec4f3e2ba7f29055542acbbe92302d69e26adf969614e3ebb6c8e491e07ff7f81e8d40bb24092c47baf2e0ecde43243a2b0acdbd76e001523f2c21db |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\prefs.js
| MD5 | 1f620f26595c056026f6ea00c1459abd |
| SHA1 | d2be87b9baebfa156f5781bdc4726af727404751 |
| SHA256 | 710c6412272f0ccb9b1dddfa615022f7afe548402232aa235e054c19576d42b3 |
| SHA512 | 420b560ebf79e383887c591076bacd6687b06ae2cb4de41574f5019e32707b7bbad669acae02d39e324b9937526f9e8d0b6a09180ad6865a25a29dd1e18aed97 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | 0a8747a2ac9ac08ae9508f36c6d75692 |
| SHA1 | b287a96fd6cc12433adb42193dfe06111c38eaf0 |
| SHA256 | 32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03 |
| SHA512 | 59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json
| MD5 | bf957ad58b55f64219ab3f793e374316 |
| SHA1 | a11adc9d7f2c28e04d9b35e23b7616d0527118a1 |
| SHA256 | bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda |
| SHA512 | 79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll
| MD5 | daf7ef3acccab478aaa7d6dc1c60f865 |
| SHA1 | f8246162b97ce4a945feced27b6ea114366ff2ad |
| SHA256 | bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e |
| SHA512 | 5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\cache2\entries\D500AD994A7515157BB2A6ADD5B18B754E4D2F99
| MD5 | bab00ec5bc9ed945c75ba0702f6230a1 |
| SHA1 | 9bbe3120592e30b304323aecf77150496a750516 |
| SHA256 | 14af3823cfab5701cb0c798b01b0e30f1525d32c2f38bb1d9ba49286f2d3e406 |
| SHA512 | 0dd739ad89f02f7b92a6960baa716ce781df5690d1063aac58262548d9c43dc602ad4b7f7fb9630e4f9fce4b78043fc3caac1eccaed7d5bc7da9afc7f9464dcb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | e8854e4c2711d34c024d434850e17b13 |
| SHA1 | 77fff2bdd114ff071450fbbd428875a967938942 |
| SHA256 | ef74380a5bb588ba80305166ac5429293cb8a625158b1444811fded0d869dfc8 |
| SHA512 | ca69d3284c3839c2f1d7679cc862f3e1add26f3d7a32f54a6540e8a5fa87692ed8d795df4b277537e0b09c0362462baf73d906cd0fcacf429538db55d6d9e733 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\prefs-1.js
| MD5 | f85bc84e4e50de0628a71db00304a3b2 |
| SHA1 | 1c06ba22ae7a0f73166e59b8fcce7bdb21e09ad9 |
| SHA256 | ddca3859dbd503e4f93034e48795d05b84aed4c8609c968c79c3de02dc2c4a0e |
| SHA512 | de2cabb35b62796bcd03359db220d55e21d72a5feeb1f324122ea8652121cdba412c8f7ede06296c0801611eb4dc496d2487a21c7d356ea91eaf6ef509fbb442 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\cache2\entries\E4F82694A2AA40D9C6146F8DD3715095F57898C9
| MD5 | 06a174567308222ab6e67d39311df072 |
| SHA1 | 70e18ecd0f5625b7790992d501b842ae58bb9d86 |
| SHA256 | 5ae8a19a7eafa90e96e55c8a84c9ce107d78e32ece3618d124029b91e2493220 |
| SHA512 | 9f9abdd1f699aca10e5c4ca4bbca6eb39402e043746fae8c50dc78474ee9fb1bf946b427b7642ce3546cd7d560a573de83d6c57f384f0746ba7ea9da3dd69899 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 5397ffb5783a582bf0bc3d4980b2a557 |
| SHA1 | d39a6b4d836b83d74644947ef362b69944b95dc1 |
| SHA256 | d028c30127e154dfe179c15acf7dfc3af0ef73a9639f337b47a4eb7e77ed75ca |
| SHA512 | 82e5c389918744f2c002123a552d1ca7c233545395d34999293c844f20158d11289192357e22aba53d9e6be233538f14e7d5f74be303d58b1fd6282b596179d1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\cache2\entries\23C6099D020FF67CE555CEFA442F6BE91AEB7BC7
| MD5 | 7aa263f1499577c59df2edb7eca72fdb |
| SHA1 | a64d3bae31ab175740dcf6536afcf48d6e30cf66 |
| SHA256 | 4e9aff2a38fb61a2fcf84ac9829a7c5ae4840661096c718b3204c887b62d0c88 |
| SHA512 | 01aaad9e15f45d7ab7f422387c6f7548d6dd31905e23b1ad55219381e5146e9ed7e9ed9ff2b7523e8922aa8f3554ac3b0f33e39e8530b6c2230e8a4693d1c55c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\AlternateServices.bin
| MD5 | 273aacf6f4a41b4152f27aba5d0414d7 |
| SHA1 | 2d7fd7a91f3dc471d404d5b3c85ed1f55bb0ea4d |
| SHA256 | d963e4695785c85aa1c71753b660c04b7f067c6051a780005e2d6a54990bfff2 |
| SHA512 | 65769c318abbdac8f39e9a2aeb1639db30d20c4a329a04b08bb32ea838331a27d3afaf60f7cc8d93b8aa09a45ca1e22311b4dd10c50cce0794ecb7532bff98f2 |
C:\Users\Admin\Downloads\bitdefender_avfree.figbbPTt.exe.part
| MD5 | f39097e364ae35570ec2ca444895d676 |
| SHA1 | 2932f658f703e48fb7c43515544417f6baeda29b |
| SHA256 | 0ada3bd28946aecce32b63d0af12792db9a908a327a9a4bf388e0dae7e658aa1 |
| SHA512 | f213cce237d05dbaeafb48b0c415a1c380de8c2888efb81d9430afce3c0d90694ba31c46dc447b0a53b1ff057be4dff17ecf436595b1876b1877fb7eac8b01ae |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 7893a762617bb6082f6642c804703815 |
| SHA1 | e458c2b8d903eb2fd0d2c13e969084c1c917ac0a |
| SHA256 | f2b40054e6c220573647d64d99821ae41684c3e8f9ae6923cdce5a32193ecc1f |
| SHA512 | 4c0c60a6b5f0a3a073965ae3ea3441508ca31f81852295fca878e7f229b0b8840614cbc972bc346dddc1b24d1122727337a930923173177cf52c5e88a5a70cbc |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | d5061fec2699868d1c7f5d0b3592b9e3 |
| SHA1 | 0e3cabdee81428047c84d2dd168639a403dafb3b |
| SHA256 | 53f5b9c5354dc2667c9878d27c661b6f5d09696a0c05295e8bd5b907061b34be |
| SHA512 | 4e7a03adf6f235dd861e4b8034e6b7853cae0666913c476b547399748a3b7edd4031b461da0aa9e460da6fe73ca66135c38c99ddf2ea894d0f368c52fc619933 |
C:\Users\Admin\AppData\Local\Temp\RarSFX0\agent_launcher.exe
| MD5 | 4bca0f07339c76e5345ced0cf2568b92 |
| SHA1 | 6838eca1db2de090ddaa5a439fc57abd82230995 |
| SHA256 | 3c28c75123a2e4044a8a43b251d671f08276520bd56e72bef5764ef4e7716293 |
| SHA512 | 4848041f8de83bd4173cadd683e256a947f0fb1b1bb274db968d5e48d887ffe8f128b7a85ac2e4e7d10ca18ac42deaab8028cbc6eb987143f55529a09c1684c2 |
C:\Users\Admin\AppData\Local\Temp\RarSFX0\bddeploy.exe
| MD5 | e88fb642dd4615d118dc9034dcf58c05 |
| SHA1 | 24f8349f5d308935bebf97b7f1c95d61bda1d1d2 |
| SHA256 | 353fd4f0b37c23842f071d1d1400e90260308a304b119c3acab40b760ac2f474 |
| SHA512 | 469b1f6053d4e47ad0d8f92b7a8ccca38b00a4b3771dbe7a9ba365ff85be7014a3c260e6374a80be90953cc9ec2d4d177c59f387c28e9a94ce40f4b420237176 |
C:\Users\Admin\AppData\Local\Temp\RarSFX0\deploy.dll
| MD5 | 1bbc86dde7f1585009075c8cd9ec0525 |
| SHA1 | f259a015cd44a3b60bfe96c31c30b1fc374e38c6 |
| SHA256 | 84dcc27c38b9747a9acb683a2531126235ae68bf695bcc55cf2f0c81146a6b96 |
| SHA512 | 4830bdfa745e843a97d73259edce83c83488db901f4bd4332fe30cf25ed75c3300fbe6b51e0392f818c2551e7686dfa1364a7f2d024bdfcbb03640b18d86e30d |
C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\agentpackage.exe
| MD5 | 2f9012c65e83f2729c24d97b3c5bb2e2 |
| SHA1 | 81ab9f66864a3a1a4bb54e03865f2db957bb14ea |
| SHA256 | d10cdf404cbcc4b028d2429c57701a8f1f898b68478862b925f408238b598e98 |
| SHA512 | 0314ae9136c9b74c46ecd4a1ea0582b058b0f352a5a6887341f6189c63dca22ce887262f3dfeaca66745ea9d3dd26303d212628264246f2de1925a892af24b15 |
C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\setuppackage.exe.md5
| MD5 | ce3ad05cd95000f856b731b762a60ded |
| SHA1 | dd83c700dfb494faf3d3e49f0d369233f28e2de6 |
| SHA256 | 1a64ca066a6a2a9f045a6b19a648c3a451b071ed44331f42931db9ac397df2b7 |
| SHA512 | d6413f16ea43a544551363ead649879898d8aae4bec5b4fdecd9cd03ed2831bf78ca504e0e02948600881e8ed0087a88c26f1d9d971b257d431dbc8efe1c6a9f |
C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\agentpackage.exe.md5
| MD5 | 175dcad1cf405a495b1ff9395a067156 |
| SHA1 | 79607e1d65220b648ee3f6bfd2dccf4f7add90e6 |
| SHA256 | ef041296c6ce6cf9d1faaa129e00d9e84d8d8f63e351854ce39496eeb0a980e6 |
| SHA512 | c35d04777ed7511a1853014e7a79a9c388b65e78667b7897754fb671c68f0f7536a33792f02cea3ee19b6052f3c53812ff8e8f3e3a814a0ccbc9c155860f888c |
C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\setuppackage.exe
| MD5 | 059596d1a8d61238928630576879fc4b |
| SHA1 | 8dfc6d7a1fd11a6413ff5911cff0b5538e3d9da9 |
| SHA256 | ed9037a6f78f6b38f2369d11009a3a0c265f087e574f1eb3c9a67dcd642e82b7 |
| SHA512 | 20e5ddd911da79a5c7d07083247d7e7655045a775944a16d0e066e95f32281e8f2419abe71d2be6b33c14b71eb38b4cd764feef006a3cf30d9bff67a634baade |
C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\installer.exe
| MD5 | 7b1ae14cdf1915616c338193ebc36195 |
| SHA1 | a2bce94f353722ef09e457424ffd54e9bd7c9c7c |
| SHA256 | 30528cc96b2837a2ea8fc3eb94f90e365be7fda436be08c5219cbe6b8dd66f12 |
| SHA512 | bd4c86006e623e42234a3a2507b96a97225fce9c33010a90203d7ffc49c9a7a5ef4485cfc214382d3bf3b82b0c7e9652246cfa1deb51788161266255306e14ac |
C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\additional.dll
| MD5 | 3f6e2741154e05a101973fe4ec250653 |
| SHA1 | e8cea2f46b97cec0bea7a7e14b2a3be668bcf964 |
| SHA256 | 66e1949c63163f54e11c543144e7a0e33147ee2be4a883baa20ff84e7df45834 |
| SHA512 | 6853376125154cb55a58543a4aa9f3900b4ad66f1c635db19ff1943adccf2b6b62a085ae81143e95f7ba5797ca6b69363e866f9a009bfc283512b8620a6a9b6c |
C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\unrar.dll
| MD5 | c29c18b6f7514d976de9022728b49c25 |
| SHA1 | 47e84ee98b4b3e18deefb66921f868551663a6e8 |
| SHA256 | c5e2a7b36549147a27cbe124d711acde80069e963242c34063880bc5b6ff492b |
| SHA512 | 49a6895fac2a8997cc992e1cfe0fc2ae34d41d7c5363f0dc9760fb7dc5123df5ed64a029bfa371cbe180fc3875feafb91638724d147d8e77dd62941126ea9ef2 |
C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\sciter.dll
| MD5 | e19e3712b26b596319812fcd77088f0a |
| SHA1 | 06f561d6d17876a141216871763c98c070899079 |
| SHA256 | 52828afebb9bf3d544c54fc795e780f031bcd9f86f2c3f471b0bb04211712957 |
| SHA512 | 937bc9b182dd7ee251bd84d40d6d98d49af106d93594571e6082d3a0083586e2edbb8750cf95e0e5a393ec02371d7cd552b8afe17be832b0e8e1f7dd3891f9ca |
C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\lang\ltr\resources.dll
| MD5 | 686faf641e54b0bd8cb31afc651a9561 |
| SHA1 | 49bc96537f2f1aee63261788c3028e9c0773c2b6 |
| SHA256 | 8bebdfc015b35459cf5d94f8df5a8d91ffeb96a98cb998593728d510450e2be8 |
| SHA512 | c9116204d30e720a040a0d200a370d3645415af87aed4217a9e4b2623190204c28050cd1bebcb07c31507e8d353790cfe02f37cb2b8192d55cc536125dc0bbed |
C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\data\params.json
| MD5 | fd2ff955bc4291a433528157c195f57a |
| SHA1 | c7444121a44c6d084f73c067c750b0ea04b563b9 |
| SHA256 | eed4f75204a965a1c99e082698c8b76b93c847e8a3982bfc563c26860ba8a179 |
| SHA512 | fdd80e27de5123f8189b00800786fd873be6c7ba44ed3911909661759b319040d05b6c36a9017bd8e3658350ff6be45262cb50ebe4a5ebfc535fb8cbaae2e065 |
C:\Program Files\Bitdefender Agent\27.0.1.287\bdec.ini
| MD5 | 96d15c4f3db04429631866751a1d2890 |
| SHA1 | 61066ffead2b6859e4d3fd497a78b05343ccf25e |
| SHA256 | e8d31c1de790f738ef75daa0402584560a0672402d0d3ded0899d2dbc95fb911 |
| SHA512 | 2e5c94e2d92eadd28f604ed1f04d6e2dc9d9a4ffb3c2270e9d19792ad41c0c536260616a17b433f4f2bc57b31b116ffa06eefb61955b98029f15593db4122189 |
C:\Program Files\Bitdefender Agent\27.0.1.287\x64\bdnc.client_id
| MD5 | f4c2784aa289f17d144a589751c7980d |
| SHA1 | b414dd690863acf3614c25c911697f1b16c24c62 |
| SHA256 | e6e827f81840ce8975cd5e30467ddc1661c3f407cd9d342d00800f32c01dcc26 |
| SHA512 | 3f3f8f8ae91d679745189722c88d97d19e8728ce3289deda2e89a79061ad06d0a627a9783a9ef2a833f6a7843d882bebdae77d178f3d810b581093b299f2b70e |
C:\Program Files\Bitdefender Agent\27.0.1.287\settings\LoggerConfig.xml
| MD5 | bda7be337da35949bb617c42de5fd811 |
| SHA1 | bf5e6c6a7dc9f9ccdb6207ac0d31a1aa76ec93e6 |
| SHA256 | 54e2f0d07609a40a45bb12d3a271eec1fb9021f62b756a4bdbdc42191fd79dcd |
| SHA512 | 19b96b62a4055bdf254b13acba70fb8a4ec606a45abfe4fbf97c29aeb16a9e12d4e2529339f7571f62558559111f493bc52797388bfe629194cc89fb9d1b275e |
C:\Program Files\Bitdefender Agent\ProductAgentService.exe
| MD5 | 5ced9d48d0cf9378bd8f4216936d0505 |
| SHA1 | 3a69986fb58bc013ae2b374fbbb1f33ed91fe4b9 |
| SHA256 | c3c0ea3e851c9717cda8623020df152b4d768daea095ed3fb52cbda37e349fc5 |
| SHA512 | dc4303d659db642700aa8588b78dc4be5227ceca98ede117421707ed43da1232978f90be166599a23317ea041f967086674c3cb5f9dbd16d4f14215bd4b552f4 |
C:\Program Files\Bitdefender Agent\27.0.1.287\bdch.dll
| MD5 | 9234df28fd37cc4ead48d98a9fb36856 |
| SHA1 | 0754f13bc7e2f1f862e65a1d81023f65cf431a43 |
| SHA256 | ea8dbbb625c8079c011ebd5886086584d1b4260dee4752917d93e384729c78c7 |
| SHA512 | 4100f18c038d2d44ec0fd5bb566568adb0d742a0a51d3bac0eceafa5d9588ac317ec53c7ba7f541eede3008e3ed2ab922813b6f39dd446ee1c8624f6098047b1 |
C:\Program Files\Bitdefender Agent\version.json
| MD5 | 9a62f62aec4dc735ee757e0198efc656 |
| SHA1 | 278471c6e3ae68a9ad3b7b920e1b50a84d09e835 |
| SHA256 | 968678827a251628930d9dbe25b9d0aa0d80b4eed6a6c3bb13a8fc2c651d11e5 |
| SHA512 | 41675e27409f807d0d2463e7009c2b064b7bcabad540d2eb616b1ad0da8f187b00a6ceb811fff56642a703982fa58fc2c5197dbcc522f09e202ead4f87659082 |
C:\Program Files\Bitdefender Agent\27.0.1.287\log.dll
| MD5 | ffa6c749fa201e032f383128a95d0d17 |
| SHA1 | e9e9c8715754980e4db77420d6dd58fa01c68b04 |
| SHA256 | ad299d337784634b483ba4e92e14b4034e9ea8270cbecc6b5cf6bbc965087bbe |
| SHA512 | b069f987771f7c96ed5a0a4db771b49f7d067a4121a18f8dea56cece271679526ecc9bf26bc43a72cf2206122f1b322abfe4149472b33db267c4708f1181985d |
C:\Program Files\Bitdefender Agent\27.0.1.287\ProductAgent.dll
| MD5 | 5954df12d83ff387e54e1d0556834158 |
| SHA1 | 076f96d8f1bd75d92d0f2a4e2586054ce9db97ce |
| SHA256 | d4c4554ff4ede708d5e1c6d7c6c20ac34aff680a2b409bbc71d54364692c7956 |
| SHA512 | 5ce4e3a7133267c1bb2956d97e816a005fe4538712504cef0d0008a505258e5cccc6b0e535e53415367c73339f7ff7ba2947e946f21f8426b08cfb36f20006ae |
C:\Program Files\Bitdefender Agent\WebView2Loader.dll
| MD5 | df6b6e71cb65552cd9fb283b91ef9908 |
| SHA1 | e10f9cccaa4666f070db8209fb99f6fcaf9d9075 |
| SHA256 | 256510c2872a3a96a8e0a7db0db6c6e7b31ebed34cd6b7c430712ca640c73842 |
| SHA512 | 80561a65c7dc7dee4517240718d85ffa59782fb8c5be744862d041759db8fd818fefcdeff87a98f904ded0674b873e7f39b1e53d549aab96ff15a88cc85c93a0 |
C:\Program Files\Bitdefender Agent\27.0.1.287\settings\ProductAgent.json
| MD5 | c40251554544c9f8632da819da1db9c9 |
| SHA1 | 8422bf0fe7a98f700a3243ed4849d317a52a9ed8 |
| SHA256 | 7abc6e1e5f1c99dc70a888bc1a7f962e7d0d7f886fdce6ec300674c6e86a82fe |
| SHA512 | d1eda516e2a30936a724fe59fc890471fc1c20fbfb72963f8a75f74010124eb34a39988180ea338958c9ed996645dffce437de2b798fb230aa447aafd73071f2 |
C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\productagentdp.dll
| MD5 | 8a8e8746ab1396c36d280fc1a48aaa9f |
| SHA1 | ba106caefedb1e047b6a90ff3aa2f1ac5633dcb3 |
| SHA256 | 0b913f0c6e756bc51fd15cb8e78ba3e3b5994bc14b5b3d506188be505f9b2a8f |
| SHA512 | d53a5d68b0e1e7451b6670963169858949395bdc06c8d580d6651eeea50d92bb95622e6c058053ce9c1a846be337bfdf81528d4012e2c8c6a230293dcc54b3d5 |
C:\Program Files\Bitdefender Agent\27.0.1.287\bdch.json
| MD5 | 768e79baa4d68953f2ab8d51fa25e83e |
| SHA1 | d7c6086029db0bc44ff5efee3ce6e250b0628e19 |
| SHA256 | d1b1962858a6807560cf5e36b239a2db962f7418a1d09d20188c13aa94c73fb1 |
| SHA512 | f3850a3711e509d4779f3befac55b4640450fad1e6fd9c016ec94aa8812c6721b1f83653e9b3bb1323092d1c14d0603d9f57d8121a60bd023668ce5463a1f41d |
C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\bdredline.bdch.json
| MD5 | 3266bd308834ee8d251433b44ee0a48d |
| SHA1 | c271fbb539824ff577752d2f82b1b498a9ac91b7 |
| SHA256 | a773cf585925921309cc117e59ee87c56ae7e9f7e7532b4fb153e4ac72dac76e |
| SHA512 | edcba4498e553b4e6d9eb28b7c29e880b04ab531435c50685d638769ac5ae74c6e3de8c02ecdcb385d05f347b27f2e1e6bab72ff45a16642013b28b44fe85321 |
C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\bdredline.exe
| MD5 | 5f96023d8a216c406bd0f6e8c4444168 |
| SHA1 | 40f953aaae733baec3bbf20f6c91d0647ad23f05 |
| SHA256 | d42eb285408ed7279bacae51c085f4030a11bec300e6e05a1023468f148be680 |
| SHA512 | 89027878245943dee170a60a77302059408f9c88cd9441667b7f2ea3558dec962e055b108846ba13d2fd02688c104a1b5a1a96f4f51968632ec35a00655dcfd8 |
C:\Program Files\Bitdefender Agent\27.0.1.287\bdnc.dll
| MD5 | d749b56a1088f9eac5be0f655676c6ea |
| SHA1 | 5c87dde52a03e3b30ac0eb237adaa60aaf5b9851 |
| SHA256 | dece8f3bc6b6043775871adc3b3729ae6d3518c208576300d970e2afd1e539d5 |
| SHA512 | d968a3b838f7324d86dc48bdd22ac9eff089345f5e30d78fe6e94644bbdb0c81da8f034f257ee37abf7c3f659fbeb816865886704cccaea43467f5745bfb76e0 |
C:\Program Files\Bitdefender Agent\27.0.1.287\bdec.dll
| MD5 | eda97e87cd956aa6b843683c5d22dceb |
| SHA1 | c1cbc192fcfc1db9c17a56d803f9074acadb9a2b |
| SHA256 | 260f3384c93390b2022993fb43a89f8a2723386278035dae0236d70be264b6e9 |
| SHA512 | a415561c15d62c17394d9d53c27d3d9af19f146b463ec77df28c44957ac2182cdd67f4a61b26d51a6015c879f5fb110203ced5414c13fbd49244886e234a01a5 |
C:\Program Files\Bitdefender Agent\27.0.1.287\bdnc.ini
| MD5 | 758591d297b16ee7b5127f2fe3e67a27 |
| SHA1 | d782a572579a9f52e31bef5377997c7f9be28790 |
| SHA256 | 2c6224951714e685114b51c4e598c2bad8c7bc16975f7401ac51e101afcab837 |
| SHA512 | 808f47903ee90c68939aca97ca06b1523bc5355d7de6c1b3ec14d0cd560b3bf77abe7c429964176711b91bf6a9bb2a1a9fe22206daa465ff2ec55e55ccc2eff3 |
C:\Program Files\Bitdefender Agent\redline\bdredline.conf
| MD5 | 359c00356b7b0e3a871dccf4f5b7e17b |
| SHA1 | 2d12be84f3db7a11becc6838b13764103809924f |
| SHA256 | 6017a4af984473cb2c626419304c79f1dc33b1632e9601510a5c85323b319a55 |
| SHA512 | c6891cbb382983f605457f0ab11d33971b53eb305eb3ce9f518cb329a7f042da6f7634c13e9a8fc02c696e4295d95b5f2a2eb8ce3492b50654740617c900d1b3 |
C:\Program Files\Bitdefender Agent\redline\bdredline.bdch.json
| MD5 | 183c397397510931d2dbf3fa9ad3b1db |
| SHA1 | 14f2dec327fe71b7c064e0a2c141446f9206deed |
| SHA256 | 131dd1361d3b4ebbd21ba6fe0baf8a18ce7a5b546fcdd15e891b45a5f8f9b681 |
| SHA512 | 215c35ad609060e25a9e6c5c108bfe306b7d41148ea3122e3fde306b4a74e53052cb1154c043d426569e26f12acb3141d6119b5b4a4d5fcf6ec6b1238364b700 |
memory/6080-4105-0x000000006F340000-0x000000006F350000-memory.dmp
C:\Program Files\Bitdefender Agent\27.0.1.287\ProductAgentUI.exe
| MD5 | 470e6747c3e50171b99d9af0d9c6c7ef |
| SHA1 | fdef6881f0adb2901969382374029080f6e04076 |
| SHA256 | d2136232edbf1da110ae60a99750daa2aae8637f94e5532c1c756c885514736a |
| SHA512 | 3739bb4ff0e12ba1b58869dc08c2eef1aea9736b34e78dccf24579a1522125b296fadd8329f064befc23194bcdc7e7e3bf25f2cecce6deb07eca1038ab08a907 |
memory/5072-4132-0x000000006F340000-0x000000006F350000-memory.dmp
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | 3e76706f80a6a3521ef89ccd813340c9 |
| SHA1 | c621e88fc9dcfa890acb13f7cb4d395e503ab10e |
| SHA256 | 3e9214dd05afd89b0e263f36413b0ccdfe993f83e958ea125d3b18212cf47eb2 |
| SHA512 | 34f0b9cc419ed3b95f1eac9e04c075e2a35358f6faa5ed66e7d4678c95815645aee913e73d22d9199b357bb77d6321ad4a632689585ac0cf0d8189cbecf4a1c5 |
memory/5432-4251-0x0000000000F30000-0x0000000000F65000-memory.dmp
memory/5432-4252-0x0000000072440000-0x0000000072666000-memory.dmp
memory/5432-4267-0x0000000072440000-0x0000000072666000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\RarSFX0\installer.exe
| MD5 | 16f7652136b9c17c6a42c01d7b08e21d |
| SHA1 | 2fbf1d056eaebb284aa8067209a59a318e408fb6 |
| SHA256 | 481d7bf0705a4b5aa62585c6e0e508a1fa4dc3d459d133094f5ef9f5862ab206 |
| SHA512 | 11efb7b052dc0b7c2717cc2fdbdffcc6a4a200ab389dd11cdc53693001321f1b8fb87d284ca7243e0c60df42f4e0f78a3b847d2d556cf802d5c6ed19a8a6720a |
memory/5272-4455-0x00000258D4820000-0x00000258D4D96000-memory.dmp
C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat
| MD5 | 24ed2c77f08067d0eff390a162c60bb3 |
| SHA1 | 82f502a69609adb931c9e6b7f49eacc7f1eed211 |
| SHA256 | f7215c4ca4a55b28fd98db97c116333dc97ececab498ff9631bfe77327a7ee06 |
| SHA512 | f8c0810e78cc57bcece6b50c69b928913c70dc6b884ed8a0b51717fce4f4b7941ea0b7d0340ac42092eb035fc584a2ac1300cd4428fa140f833bdd167470411d |
memory/3144-4488-0x000000006F340000-0x000000006F350000-memory.dmp
memory/5432-4505-0x0000000072440000-0x0000000072666000-memory.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\T3884WXDTETFHG576SKM.temp
| MD5 | e758097f9e4e1e4732c092aecab87daa |
| SHA1 | 70fa491fc2bd1f567668d08284d2361140c8135b |
| SHA256 | 86eb9bb863988f212f32c8ba6663e74970413c52c69775e25a731c04112a0d0b |
| SHA512 | 73192ebece6997c8095126f51fe91efe7a9866884c4236c034f11472739b3f607528aaf2c35ffbd5ff3ba55cde4a8baec22b1bbbad83f9dc8dbf29481988a49c |
memory/5432-4529-0x0000000000F30000-0x0000000000F65000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | d24854e9546c0722b000955f97adcd3a |
| SHA1 | 6174a8c72866c473cdf1a3fc012ddec6f1138b89 |
| SHA256 | a3432e90b5cc25fa29457bb8779800acfe64f7e7f8d194fb301d80d39979536a |
| SHA512 | 6828fb9f2ac7f93c207cf6c2a72f6507ebb42cd74bb1fd6b62b594a6fdccd453c9a49924be404fbf5e4a91c3578ed2264f8356f0207c14c788eb152fd2a1b762 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\datareporting\glean\pending_pings\108c5dab-8235-4c8b-8a24-b3e4c691342d
| MD5 | e62df62f2c9d3dc1457a5a4f02ae04cc |
| SHA1 | 9cd957061c6ffb27c298e362ee9c64f96371ca89 |
| SHA256 | f48906897c104021c4dc4d5d5a9cc21ab4b5900832639054bb47b8179f260be6 |
| SHA512 | 3b006ebc68feb2cb36ec13fb97101032cea34546f1a2cdcb7132f32f9ef0152b28cc7d7db0472fe9e753095afd8689c0ef2a260d4d4afb6077b95b75dcd44098 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\prefs-1.js
| MD5 | a0c301edd79d13b4c3ecee5c804afa77 |
| SHA1 | 5f30ec62bd66ae4a4b9e53052cd0bc19445d33ae |
| SHA256 | 9a7f19083090a4929721cce88ebc378bd207c3e1b9ad6f2c06cda71197a43ba5 |
| SHA512 | 04e267fca9554730106d287482fc32d460251c3a33192f57ccd7e3547332ce795e2223ded2bf25477d7efeb57d1c434a99c22ec6bd4f6e312b417984050d8d10 |
memory/5272-4643-0x00000258D4820000-0x00000258D4D96000-memory.dmp
memory/5272-4644-0x00000258D4820000-0x00000258D4D96000-memory.dmp
memory/3384-4655-0x0000026CED860000-0x0000026CED861000-memory.dmp
memory/3384-4657-0x0000026CED860000-0x0000026CED861000-memory.dmp
memory/3384-4656-0x0000026CED860000-0x0000026CED861000-memory.dmp
memory/3384-4662-0x0000026CED860000-0x0000026CED861000-memory.dmp
memory/3384-4661-0x0000026CED860000-0x0000026CED861000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\RarSFX0\bdch.json
| MD5 | e23cd876edbc979cfc1ae7d5d1dd902b |
| SHA1 | 6f52a18d99c18db29444d221edc4041531a3960b |
| SHA256 | ae4be069bd73dd564f6945515a3f50682f317dcd95c42a2c17e609576704c56f |
| SHA512 | 10c37b6459bd728d2863ddb9cb4089218e942caa3f0da5e00169869edb2dc4e30d678052840a0d4aa57f3f92a1caf0d395444118639322af72c440f42d3adb5b |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.195.35\MicrosoftEdgeUpdateSetup_X86_1.3.195.35.exe
| MD5 | dc1543edd0dcd56536304bdf56ef93f1 |
| SHA1 | 1a8b2c7791f2faa1eb0a98478edee1c45847075c |
| SHA256 | ccbb3d9a4877999a55b2ca6b8128481e91c4b56780f581226f916c0fb2db0772 |
| SHA512 | 2a6b4aa39bc3e4d234909077d5c6d75b9968c1778d505cc12431afd7aebd01eb65ed2f6f0c53c67f18eed7e97b67a93bab8c44574e3918ccd5cfcd8681767056 |
C:\Users\Admin\AppData\Local\Temp\RarSFX0\agent_launcher.exe.md5
| MD5 | 0380b7c126296e4830c3868f5c44b478 |
| SHA1 | 15d2550937c4737f95be44f49ab1083ab5df3308 |
| SHA256 | 2256098b5305bf36e9c759f167278ad3d047898c3b98a4225c88588a963b7625 |
| SHA512 | 74cd55371e02bde5e16eba2c4ad1161713d40b85475b9f2a45fc67f71ba8a99930a1378f89ef53c9ecf45c6a3964d9ba15b1a3a36109b65022802606d80e4277 |
C:\Users\Admin\AppData\Local\Temp\RarSFX0\bddeploy.exe.md5
| MD5 | 7017ae87644fce1ca5ce09c9d51b49a3 |
| SHA1 | 7d1befdec113dfe7291eee0689cf4a13db242f5a |
| SHA256 | 4259796eaf9312060cb60272d8cef6aad43592aa4a382755b4d01828df0ee8cc |
| SHA512 | 8e7d3678453ccdc93b5769fec9e559e44003b993bfc6e038f43182777060382bb1acf94b7311afa861a997f350ffc21043e07e97ee9d0816e62ee6572b182b14 |
C:\Users\Admin\AppData\Local\Temp\RarSFX0\deploy.dll.md5
| MD5 | 71d5ce6d126a1cfb6dd6cfe75b045a4d |
| SHA1 | e3b61295e232ba99b37377798b9dcd4de1f58cb3 |
| SHA256 | 3b544946d2100f3be47e2abc244be27008907d7b34d0549cceb9709bcf3c185e |
| SHA512 | 91faba30f7ceeca340dc8a4ce31ca003e34550ed815fee4a7eecf7bff87fd41e5d779754843f7e8866ad3a1883dd08504d1fbdae28112f390a3ac912e0f23ded |
C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\bdnc.ini.md5
| MD5 | 3a0a7d7823833be6e8af5ab1af295139 |
| SHA1 | 1895dea63fb05e7e6f90e052936de086874c4c75 |
| SHA256 | a5f15ba3b16384b584780f2bbb0ef3e7fd49ccabd0b9ca10437882f65f49c7f2 |
| SHA512 | 0d1377acaf8c5062e4ed7b3ad3fe0fbae594b6ce234aa9339471a31c63d6ea768c6cb2ca24820fc7726282c7fbbd41da29242cd3c288d7a0e8cc6b7e49c9835d |
C:\Program Files\Bitdefender Agent\27.0.1.287_0\bdicon.ico
| MD5 | b0074747b69fbcb62c6861dcd71a0b9d |
| SHA1 | a5bb500adad4557dd690a447b4abc55baeeb9d05 |
| SHA256 | d4ad680b92451ed53e4dbc6a978f8eb3f33a0a11adf9e0f1a1d816271dd83935 |
| SHA512 | 960cca765cdf5a364c30f228aa071b1d53f951162f33a1eabd5497fff60ee19db9cd7f311dd6e104b1bfb719bc001fe14bc4341b4f30b148afdf9258828c758a |
C:\Program Files\Bitdefender Agent\27.0.1.287_0\bdreinit.exe
| MD5 | 0f8f14d4ed882d65271be49e7bf97b4e |
| SHA1 | 23073529afe902e6c4e7500358b75e1cefc46371 |
| SHA256 | 924eb49dc2d70a240e271d7b79a50e3ffaafad67042c1350cde5a16edb6278f5 |
| SHA512 | 47246f6996b631a43a12d4fdd22b684b45b48eb6bedfff4524320dd13f80d3fc99e19c0a0995b6d1e32e6d57315c9394ef15b470d9aafd86f5bc39d33ffd4c2a |
C:\Program Files\Bitdefender Agent\27.0.1.287_0\DiscoverySrv.exe
| MD5 | 909e50a63c95c2c680924118d5515840 |
| SHA1 | d8d6d42cc63946319a8547ffa714eafa9b5e23de |
| SHA256 | c6122adba918e1b4b5e2c38325720e1f7a76b909fc10a4e5612fece0139880ee |
| SHA512 | 8b92f1f9c05305912d01f2add260fbfa1453fedc145d551eec475b3c6005395699722b09e6347a6aedab0537a287eeddf1054f68722daaf8d4cdc695ddc69ed9 |
C:\Program Files\Bitdefender Agent\27.0.1.287_0\settings\bdch.template.json
| MD5 | ac069508dbcfca57559254bbd1c3ca8e |
| SHA1 | 6f4336652a2c0e43ffd1ae6204acc49d0e503496 |
| SHA256 | 2348812b96af39133e42e0b68854167a2a8bf3c70d91a315e77d2018c3e247bd |
| SHA512 | ac09593349878abfe3ff41a4915c793532ce514c9ccd2e42eed0c98372c31bec077cfa2a7d4fe608cff2719d284670d8b524ba5632a2558d011c6a81f74e1431 |
C:\Program Files\Bitdefender Agent\27.0.1.287_0\skin\images\close_hover.svg
| MD5 | cff977a66f7d2ed1e24db0ad7495d696 |
| SHA1 | 042c8e321d94d3c95e0d2141f4a971bc64936c59 |
| SHA256 | 875880ec72cd8645b6c21bb479250c6e1244e6d950cce959ed8e449cfe03ebd5 |
| SHA512 | 0073869625283c29a937b72b7d00eec343c86d1924f3bceb32b52188aab38ae8d611ce05c34b592ee8fab5853722eb929dbb5ca4a6b1f8fd65df21a073ee6a01 |
C:\Program Files\Bitdefender Agent\27.0.1.287_0\skin\images\bitdefender-logo.svg
| MD5 | dcad56b500c0f5c6e936222156c83dd8 |
| SHA1 | 355481bc50d9adf4579a5dccb8aeba2bc159810a |
| SHA256 | e9022044a73b0332e686decd07ea3847127597d385b1adef86a8685acabf8cf6 |
| SHA512 | 7922e021be868c2991d8aeae606bc5f4823e7f4701d7cbeaca7f500089933e36ff5380b00b8c9ee3302d2b4053b90f0245b259aa4e1a31879f77c6d0172b02c0 |
C:\Program Files\Bitdefender Agent\27.0.1.287_0\skin\images\load-medium.png
| MD5 | a0ffa8e52e57a866a6711ca07decd8a3 |
| SHA1 | f68ba8934d496305263184f8c5a8d453db00d4db |
| SHA256 | 58f92552f323d24233ff477b7788069699de9746c0efe702f71816d9cbac09eb |
| SHA512 | 12abad66b6d9e32204e847ec9a2345000edc7936a3a3f6b50e916f1ff607b3dcba7f38cb3fc1cd7b06a1caa671f423d12d14bef819f7649b1e7a62e26416276f |
C:\Program Files\Bitdefender Agent\27.0.1.287_0\skin\images\minimize_hover.svg
| MD5 | 629ba02e6f5c7a3d8407993f15fca9cc |
| SHA1 | 43ca08900ee744eb5aa834e3e6b561b893872612 |
| SHA256 | c569ab8d023b87bae27d330b5d54ecbac5543b1bd8b81f6335d8619f87638fa1 |
| SHA512 | 37f945d4b068660e1e3325034c914f81dd1faf13b8dd8e9900c26a6a26b7bba1b7d243d50ed4fe80dda5c90aba73406edabbb81784a3d10e301b31661e0aba80 |
C:\Program Files\Bitdefender Agent\27.0.1.287_0\skin\img\icon-warn.svg
| MD5 | 98d39150576d27872d1413e7f07961e2 |
| SHA1 | 7cde899783a5a4e2a5b7b98498d6c4ef1e74e548 |
| SHA256 | 45aede5e3ff58a9f8f49a6c3dd8e0c80614e4708f9329608c4379c2ab92d5324 |
| SHA512 | 8f45f4b94d55bb38fbace7f1e752b39d63ef66ce211f67ef2f7cb00e5e094ce338bb8c52433db1e95bb5d6a27fca3016372eb0f59d5c72d7a0da10f8139d7254 |
C:\Program Files\Bitdefender Agent\27.0.1.287_0\WatchDog.exe
| MD5 | 33a847a761df191eb0255cbfba68cc05 |
| SHA1 | 481545b05168fcaaab2a76aaef67330c917af65c |
| SHA256 | af7451aabbe7b4a3f6168663fcd8b043f8b58c61bed53e8b7a391338d32c0379 |
| SHA512 | 5646134614949d04bf2d90ad8d090a9eaf7685bb297ccbf121c27545357c9eef97a4f1ea595408576c1a299227d3f72d74694361046fde4a8109b60aa11f7045 |
C:\Program Files\Bitdefender Agent\27.0.1.287_0\bdch.json
| MD5 | 2879696ef320d24f3da1a705833a389b |
| SHA1 | 26f35a0a583af32990ff735c19cf5a2da7a2a319 |
| SHA256 | 3edbcee6a0532d350304a14110a75456fb4462e000a6c1ea4d610184ab64b361 |
| SHA512 | 794e2b8f9de32d88faa9b2b311655956c2b87bb6a19197371e4d6d54371c0d6ca21806b57b323261f8491a393da63de3b11e42542a3c56f40df2454de4397cb7 |
C:\Users\Admin\AppData\Local\Temp\RarSFX0\packages\bdnc.uuid
| MD5 | 6d4af20809c3aa1bf68118852ba392ae |
| SHA1 | 44124b18df1ed9486a5775e0b6224baba001eda3 |
| SHA256 | 68b59a3270c320c2f154ad3d3e95e16bed480d69590eeb1716387d0f15e333de |
| SHA512 | 673a4b969608cf1dae1850ba3b11e4fc410859c4259bd9c5a7bebffdd18f5ed90dee3d566e60fdc408801fa616340d6040b604b95bc8b4f5c474b58d6891c38d |
C:\Users\Admin\AppData\Local\Temp\RarSFX0\temp\params.json
| MD5 | 28035528623c801d053c7cccf050c95a |
| SHA1 | 0eadb7031d8a2be36398ce109fe4f0e8e0c5b5cc |
| SHA256 | 2cf4b595962f9944268ca2d603a21e18dc3c4b6f6cb77c25292db6dd3eec61de |
| SHA512 | f6fc1524311e3c88e39059e7389c56b63df0609012134be12d7c15f02b83b580ba5f2cf3ef4a639bfdc08bfdbcbac52dfed4c716fd7b2a940f319e75a9a0aa23 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\setup.exe
| MD5 | b621cf9d3506d2cd18dc516d9570cd9c |
| SHA1 | f90ed12727015e78f07692cbcd9e3c0999a03c3a |
| SHA256 | 64050839b4a6f27d896e1194e902a2f7a3c1cab0ef864b558ab77f1be25145d6 |
| SHA512 | 167c73cf457689f8ba031015c1e411545550f602919c35aff6fd4d602bd591d34e8c12887a946902b798bf4cf98aadfce3c2de810bf16c7c24a216bfd8abec19 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8596B334-DDD2-44A1-B5B0-273A2B4A82E2}\EDGEMITMP_E17FE.tmp\SETUP.EX_
| MD5 | 958befee6afc25fa51e4bf538d0894c7 |
| SHA1 | 70a2f157988f6cef27048bc2b3c81e8ab4b41552 |
| SHA256 | 5422f0b35bac6fc926c6f537d42cfa4aaa7985e89e4e680acc467d804071a006 |
| SHA512 | 7ecf452f007d849268b4cc2644ecb239b2a4309a80f4350dfb215f6fc34950cabf1bb233f43bc6678547931af7b427517ed8c88cd214aa0358122777a5a8cce2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\sessionCheckpoints.json
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\activity-stream.discovery_stream.json
| MD5 | c9d051edb6a3067dc16893a5f893d403 |
| SHA1 | 72c53c80a29d12bbf7577a09f4a386ab778d079e |
| SHA256 | f6f3a0bbc4111dabc58008a04d8bc4337677e93bf90471588219edd5abd899fd |
| SHA512 | d7a43631b402e822d2d6f29831032735e4eb8330701da5369e03e27e50a1d108b14580ee82a89b18ccaca2004f447b418a84d67bd890213ed456cbd1c2079292 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\cache2\entries\0305BF7FE660AF5F32B4319E4C7EF7A7B70257A3
| MD5 | e702b4c51058b9564c7f873fa78e116c |
| SHA1 | 8d5b1a0c82d79048d6673761d778b7fba7643c1e |
| SHA256 | e36427c21452f017db6bd26ce0a84a27ccf388d1de57a659c933ef4e6788611a |
| SHA512 | 52f4abb159bb3082f0a157fd23530117710924bb2c5f0d3f0f71e732edf96ff96ff2104e553a70fca6972ce13b6c9ac41cf53d6858d270b7326ba7c954679d1e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | a3790f36dfa045904524a3cc0738e626 |
| SHA1 | 6e1f5b5e86ba4680ec2a0b0b76d0ceac4adb791a |
| SHA256 | 665da85d4c7e6a391e7f07b952bc263f1ab2bc6d6e44ffe6c2da353c986b45e2 |
| SHA512 | 4367ab21e8be87ffc35f7e711fc758fe6ec302a4056a8ade55ffc78849bfe87a8b5131c503f5cadd7def650094e8e65a02957904231f246a3fab73d315ed846f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 32cd2f1487621ffef618f7e57728e183 |
| SHA1 | f72d8ef522edbb8cae9383173d13a1a119205641 |
| SHA256 | 116b6cbaddd9722d21282d003a31bd907c1753e650940db59eb9e720e27449f5 |
| SHA512 | 7a5fbe8b0a3a0b97078cb21434bf7b6dcd87057157ccf6ace95ba6273b06f64387cb82fe4d0b6754bf03a763b22eb3c1cfa6b397edb5114039e732507c6a70d6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | fd94ee77b5b3bb87ee8406b57a2a8b36 |
| SHA1 | 90fd9f1348eef51107acad3dc48d0620245a26b6 |
| SHA256 | 19261c419f42ba7c3c3189521635ffca048c1ea569b8a450687e7a926185b429 |
| SHA512 | bd6836c9b4594952a8bbe9a87f3bdb29b00011bbecd1cc454acfbde31c08fb950125ae0a310c5af56735e8b67fb30eb84b54986c7e56f77021ab1d84809b1da7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\datareporting\glean\pending_pings\9e5cdfee-8612-44d9-a14b-8a91a606d77e
| MD5 | 67b4dde4d05a4f6c4d41f3be40f4baf7 |
| SHA1 | 3b06a19b20a2fa19246d3dc0fee6600736522326 |
| SHA256 | 8f1e22ad1a19f15c8f0d23fa4b3658780242af758d8ec89a8031be5b4c5cfab4 |
| SHA512 | c3451e5816f91f5df8ddcdf477073c7794fa52042c65d1a06140949b47ee6de6e485fbe2c24538f673b609882c7bd5d7f34f0f235f8935c5bc24da5272eb3ff4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\datareporting\glean\pending_pings\8b624e22-5cb4-4096-be29-4ac12f2a40d3
| MD5 | 10e91e8c0fd1acea9845bafeb94b1f5b |
| SHA1 | c9c64dc5b21a05abf5da57f5dd59ae7aa0bd5034 |
| SHA256 | 52f9f94cd8e5fc0650ddcc9307ccc9ee5791d41f302c13dcbadc062a58b7fe65 |
| SHA512 | b0c44b9437a36ffe8a40b7f48ce7fbb53aeb2612aa37a1a73b78622d036fc99965afb1ebebe3a89a03fa6d85052b2e2063e3fb51062898396ebc0357a806c2dc |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\datareporting\glean\pending_pings\a8d62309-a604-4def-bf26-07c1e5121106
| MD5 | 2c6b10fd587a38ae73edebafa9aeade6 |
| SHA1 | 31512714164176373ebce4dcc0a89166891483b8 |
| SHA256 | f1bc3a9af39e3b858dda92f87b22015d489693abba7cca0aedacdc71d7b1bff3 |
| SHA512 | 1be1145a5fc603c69f584685d3058549835ea9803489f0668144c587f1dc1d3c9f6b56e0bde916f590acb9eedfe405701fd2746eaa3eaf3356b5b213391dd22b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\prefs-1.js
| MD5 | 9da2f0c064aef3a45f3c3e1c64455640 |
| SHA1 | 1412c4c53cc7ef6c80990cd03e8d31ce7a09b70f |
| SHA256 | 8a53b16dde0e03881e015d2b52e26541e786f2080b317057c258e11ff25089b8 |
| SHA512 | 06fe41934c32e555323928eb69ddac90ed7edc1143f17e440c1865e5cf27e36deb1889309ad282e3daef41249fa8719f9aff5c999cb316c1baf333c4f38e38c3 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\startupCache\webext.sc.lz4
| MD5 | b3380c1a31aaf14b3ef4955c73cec573 |
| SHA1 | 783dc0c9d99e60e6eb20cacfcb804267e5410d50 |
| SHA256 | 2241122c9f7c26339ae9666b3c27118d81b42f7e5683f02c2a4cb37cedfff842 |
| SHA512 | bac0ace8e7af136a92d0f6d01d19126112dcb058cd157fad73ecd031c82338aba3ecf7978fa913486daa55ed925faa7b9c3648763e200a8666337a321f6d7319 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | e7a539d41aa9085856a135d1659972a1 |
| SHA1 | 80992d73018fbbd3577f46d70ecf80f40a314a00 |
| SHA256 | a0f3df86f8dfd91db009626f62ba13bb6ee0a2d148ef7512cf763b11f67821d4 |
| SHA512 | dfef96a9cbe368ae82e6d501b9a1f4817708b0e7596b459cd9215af83cec92cc2f51e0d47c0279368d828025f2c9168f9fd3f970b0a4dc8f2f920205d7915367 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 9cab63e559a046b80a27ee8015aceca9 |
| SHA1 | 91e31d34c8506406dbdf21f6a56fb9afb719865b |
| SHA256 | 84ed07c03c8e8c944beb63767ccfd9168f15dc54fe49ccda1d04ebbfb4fe0249 |
| SHA512 | 4fc9dbc8e044839fb96d15a2fb703224380e79ef99902d636f39322cb8561e363af4d1e8891cf4b7436d812bd250e193a5dd4fc96030854e5491dec858a13454 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 220743b4b085f39454e1da432a2c0be7 |
| SHA1 | e3084d3b3d971f39c27921f11100c766f6435930 |
| SHA256 | 6df58de386f89c1dd9419e8f795cc867b18cffa5240774588aa6925645b50b31 |
| SHA512 | bb51a2f9f77ff4ba757298de888b3ce1dad63c4de0d8b1c63856fd968687fb21c32bd91fb7dc759e4fe25163c5dbd0fbfe20d3ebf13d20c292c80f23e91bda35 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\crashes\store.json.mozlz4
| MD5 | a6338865eb252d0ef8fcf11fa9af3f0d |
| SHA1 | cecdd4c4dcae10c2ffc8eb938121b6231de48cd3 |
| SHA256 | 078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965 |
| SHA512 | d950227ac83f4e8246d73f9f35c19e88ce65d0ca5f1ef8ccbb02ed6efc66b1b7e683e2ba0200279d7ca4b49831fd8c3ceb0584265b10accff2611ec1ca8c0c6c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 5bc1ffd860865105b322ab8fe92af0c2 |
| SHA1 | 2d63fd9c3ffd24cfe18c658b91c04c6a1ef52cef |
| SHA256 | 886c697aa7e607364b846f8b7b80eda3a6088b47e81a1985699d5cf980792f69 |
| SHA512 | 37e2233e9dbf1d20101300a505bad70f12322294a03df870dd649b3cd29788c75c755f2dcb113f296d9025b85cb8db4d272919c3981eb349fbc1cd22fa04b3e2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\thumbnails\7edc6b89b2a2ea4da02e75ea1ad696f0.png
| MD5 | 33d1febcae190ad4eddf8dfe73d094f0 |
| SHA1 | 015d1a08201f61f2e74379e1a80b14a75eec8dd2 |
| SHA256 | 15303e7f37a504e63aa142c8b1e45d6199513e7d6842f1f74b1a30b87ed9aa34 |
| SHA512 | bd60ac37a143187dd751c4e15b59d60515dac876dac6689b47dce108a5182fa7bca049ef38899e00c2c7a6fbc246af8a3f9f97d0ccdf2b0be138274730354666 |
C:\Users\Admin\Downloads\MSIXPackagingtoolv1.eWFptmCH.2024.405.0.msixbundle.part
| MD5 | fc6a5d9972e5442e8287b66d7e9c79c4 |
| SHA1 | 11b33c5075e87692530a43db059abfa5f2360cc8 |
| SHA256 | 659ae7d062ce617329842ae25ef19b93551b75a0efe2a9d0702b6f8285888a90 |
| SHA512 | df01543f6c9619ded3ae2ec7ece450ad83785cf4e1680b2b2f8e932fb4d77a084fb3332f7527c174625ac6881ba6ea30544939c9bcd5635ed4087d11821df3fd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 0d5309ac4ee5db0ea1b44219035b9ff9 |
| SHA1 | 1fb5b2a0dd4097425921acee30268eb51edf1696 |
| SHA256 | 81f74d3928a8331941c15c22f83f039b3e189c1c95ef9cacd8216606565d6652 |
| SHA512 | 14201a1294ee6c4438f22f8f18b4d1138c6b974ec94ac2d13770f17a6d5841cd8ed83ddb515db7e9e7a0bbf8f1e532cb72f1363a6e9bf3f5de52fdcd0abec903 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 47ef815bf9f383e66c15b23977478f17 |
| SHA1 | a2972ce8e6eb9bf199fe87f237ec99252e0dd2a0 |
| SHA256 | 22ba453b807faf74fcc5a035a00cb87b7741fced7ed5d598e05fcf9bed1abfcf |
| SHA512 | e874db84815eaa5377a523b8a6a4f595b06b74b0a76809112f1d5b5c329084ebb3bc37d5a4227389749f27986b7dd555bf33d1bacdf074fb86a7e901899c8497 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\40371339ad31a7e6.customDestinations-ms
| MD5 | 77a23cc7a14534d6fab676c835013923 |
| SHA1 | e47e16556019e101971e412c432dbd0def1932a3 |
| SHA256 | 0efd7a7d67f57c90dce92fb4a2d554ed4badd8f6e425be99e343d1a504a144f1 |
| SHA512 | 55bd12a550930756c8f7b3a79f549a336478ed33c4245e379019dade0c2515e9dc7e686ea558af22f44d75c081fdca75d86b41e8c443e1e20ad0fda1542c9b1f |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 86f90fdf45c2ac563a766eb78c824a20 |
| SHA1 | f41bd70ae57d3818125325c4c6cece7e039e3101 |
| SHA256 | 93703b0e44fc5d655bd0fdf17942f5b5ce2f3d5e77f35b35d47aaad8f6e1ecea |
| SHA512 | 004d8d2f0bd9c035f3ca073847155f105281fef75522fd19f5c2f1f39315ef8f78d2c3352f4c565418574d4bdace3768ecd784efa0405f408a8856fa0aacfa44 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\storage\default\https+++apps.microsoft.com\cache\morgue\213\{8f6e2464-0c12-4d9d-b499-cd349f632bd5}.final
| MD5 | 4a7a812101b82a0bfa3f8ad2be2158a1 |
| SHA1 | 571c76aa6d9d7caee2ca7fb04f3f729f626cda74 |
| SHA256 | 6e078729878b9c4410776143ed314518371d6d1ac953bd61c8e0f10a6a4249bf |
| SHA512 | 8569bb96a85954cd525cea54fa4776d4561612b41e401068b99a9c635c9e12a5234fd9c0797f377e9d5b5500d2adc8fa169188da5c399b16a0af28a4dc9e779e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 8afb0c1c23b0153c71f92649d58a5bc6 |
| SHA1 | 976692784ac40197ca44fac9d77b9c585fb2af17 |
| SHA256 | 351fdaac958b7fb5e24f41844a54a14356aa57ae86f637eb70139ee6c8c3cfbf |
| SHA512 | 6f5e7aebdab2a6d24f85bc665fc23e75658fad0d267754274f1264423895b39aa92627954ce1404728d45f38ff50d0a0454cf672fcc177b63de7b5e71513a22b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 3dd66193bb651d1a1aa2db7ad0c094d6 |
| SHA1 | ff9f0856c884f0a7184c6231b7f4dcbae07068a9 |
| SHA256 | fe5045d8305f0ee77d5a1775f53d73af92146453459f22c1f71578425f06aa27 |
| SHA512 | c4ed559f2d99823bdc97a45e05f0f418ca62bae963a969fe0e86d9bf32a45afcbc8d99c118758b37dcf1426c5d044b99ebf729ed79658ec29c1b85e12cfd32da |
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_cvjuzw2u.oro.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/2992-6400-0x00000149AC5D0000-0x00000149AC5F2000-memory.dmp
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\cache2\entries\857A7443278A73849A835CED72352753558659A5
| MD5 | ef84f619e97aa2ab38bfbcc0c3172225 |
| SHA1 | 908d414d0bd03c914f64bb33bae3aefae3909661 |
| SHA256 | d11848c3315af81ca6ee6a738d27b65f9d039f416036abd223ef4f750c5a6c9d |
| SHA512 | 26f8efc7b9257eb1ef578eb6b7647083b40a3d656b0d29a588a37101a68a7676cc2360d975a854351e24330ca767b27a34f8ec4da23636c021ced3798bb51f78 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 579a6a330811ba08496261431654e866 |
| SHA1 | 5fe9c2b8c88db6d36b901853e0e181c941cb45ca |
| SHA256 | 8fd8dd5432a9c05dab5982588f26c09958713906b7ad2ace18365f437865e85e |
| SHA512 | d193d355c10e47a519572df476646b80c292f01fce77327fff4efbf6c352836a90af0cc3f07fcc053afd5d38d21a608f5e93ed783da64ec6790aea270f0f5550 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 15eb5ce5587860715953e11d910ff437 |
| SHA1 | a1b72db0e38e44e2e40c6de70867bd0bb1f28b2a |
| SHA256 | 844611016b5e285d122a6a68989ccdcf6d6c492bb08a6a7857f823a22cbe4933 |
| SHA512 | 3b336dffc88d9fdc02517566b4bff339c8fd371325a4d002223691f23fe9c606d603bc63ce3cb51daa15852aebf453c1dda06867d2721eae5d61ab345cea670d |
C:\Windows\Temp\SDIAG_7b27b74b-efbc-4eda-8b10-8c9647700a54\result\results.xsl
| MD5 | 310e1da2344ba6ca96666fb639840ea9 |
| SHA1 | e8694edf9ee68782aa1de05470b884cc1a0e1ded |
| SHA256 | 67401342192babc27e62d4c1e0940409cc3f2bd28f77399e71d245eae8d3f63c |
| SHA512 | 62ab361ffea1f0b6ff1cc76c74b8e20c2499d72f3eb0c010d47dba7e6d723f9948dba3397ea26241a1a995cffce2a68cd0aaa1bb8d917dd8f4c8f3729fa6d244 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | e59feae2bd8681cc3dfc315c7a08ae6d |
| SHA1 | 5cc13b3e15ea861b7e4f342ed153d3eb755d63e4 |
| SHA256 | 12d6d63d95109ca9615a80857054f158eac6ec1be28ebbcde073f1b62586c8fe |
| SHA512 | 3357de1d984683b6b982069ae4c52ad1b2cca48cee53fd9775854422454bacb905fd2fe4cdcaa8b3228f387ff5595e11d00b697f150cac5997b6443017186f77 |
memory/1620-6516-0x000001A6A3050000-0x000001A6A3094000-memory.dmp
memory/1620-6517-0x000001A6A3120000-0x000001A6A3196000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 18f4aa0a0679b7b9d4e32d39aa28627a |
| SHA1 | 1d72cbf81fddf26d6e1d061f1916c190eb6e3241 |
| SHA256 | fb750294d51036613c218faf7a79112e4d3a6515d10fbfe922d78f65063f3173 |
| SHA512 | d6ceceb9bf2cdaada83fb692ccc9ac199346b1716c1e3331ca7b3b4b4ef9c852144cb074068e4fc94a186f57f9405ddb530aa3b0fe7b63acfdae04b0e85d4684 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 0b7a04b604cf4797e4282233307529f8 |
| SHA1 | 0160dc5494f94f9471e8bd8e87bc58ea5d6617d1 |
| SHA256 | c0bb2789e7f1f769f1c0c9be4bed5fcc205fe18638b7eb9acb6b997098b39e64 |
| SHA512 | 1c07c9808dd11be1289b574e943f452c8b01860d638384c00d145ddaf475105513fe968ba6c709625a606565adcef79a1d46d93e26eb2c544917d7a4f6230f45 |
memory/1620-6542-0x000001A6A2BE0000-0x000001A6A2BFE000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 1954a3d5ad7909e051cf24795d39fa20 |
| SHA1 | f07bf1ba316c744085e071854a2b6cf1fc4ab45f |
| SHA256 | 5b2d6ec802d8023bca124a300f8d817bbcb410b20a74863e6c89b974e9b1a7b7 |
| SHA512 | 26473996a7e52c428b9a48dc6f16389b17d7e97efb6ee2876fe97ce5233be724caa3f6c1d8ed7ed73d6d75f2a2c41f4f54a0421732979f1070ae38d09856be35 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\prefs-1.js
| MD5 | 256d867e566d4df7da85d3508e8377c8 |
| SHA1 | badab29a66a4924eb27fd8ce6538821dbc8d9f4c |
| SHA256 | de325e841217ffa6113110ee41975f4c4ab577df73c62bdfd5120ae176d39d73 |
| SHA512 | 53a265e1022ccb7a35ab37b09c7e8ae2c468362ffe3e63de93015831aa5a624fe757418980775ffa7a39403f6915ed1035892e859a553daf1feb3bf5c0eaa2c8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\broadcast-listeners.json
| MD5 | 3eee2d8ee95f516c945ef38b289283bf |
| SHA1 | 78d87e794296670894a9433c6bbb14aed8169563 |
| SHA256 | 93f55dad5aa43bb61931dcc0a291a561f43a6545b62c0fa31b234084e04e545d |
| SHA512 | 76b3af87d6f550715729d6bbb5a98c2da6e5ba1abed5ed132b93329bb96b4a9f7c2b2e3be8c473c172f50f0b2863274fe2691721d3be615bc561e37fc8b5fb86 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\places.sqlite
| MD5 | d10849a9fa784fc28cf080378f05236f |
| SHA1 | 143619742b0a53ed90b8e36389876b48d95d7163 |
| SHA256 | b3c30bc8e10e13e11598a3886b492bdcef441408c25f15055bf5fb9d45c7eabb |
| SHA512 | 7160cef4eee3bb42df65f927251c83c3a0d3eba90e241e5cc48d1db576ab430a7d52d83809ede8b3bc41a296519757bd96ffb694900eae20d800371159562cb2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\recipe_attachment.json
| MD5 | be3d0f91b7957bbbf8a20859fd32d417 |
| SHA1 | fbc0380fe1928d6d0c8ab8b0a793a2bba0722d10 |
| SHA256 | fc07d42847eeaf69dcbf1b9a16eb48b141c11feb67aa40724be2aee83cb621b7 |
| SHA512 | 8da24afcf587fbd4f945201702168e7cfc12434440200d00f09ddcd1d1d358a5e01065ac2a411fdf96a530e94db3697e3530578b392873cf874476b5e65d774a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_business_and_industrial.json
| MD5 | a92a0fffc831e6c20431b070a7d16d5a |
| SHA1 | da5bbe65f10e5385cbe09db3630ae636413b4e39 |
| SHA256 | 8410809ebac544389cf27a10e2cbd687b7a68753aa50a42f235ac3fc7b60ce2c |
| SHA512 | 31a8602e1972900268651cd074950d16ad989b1f15ff3ebbd8e21e0311a619eef4d7d15cdb029ea8b22cf3b8759fa95b3067b4faaadcb90456944dbc3c9806a9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_sports.json
| MD5 | ce4e75385300f9c03fdd52420e0f822f |
| SHA1 | 85c34648c253e4c88161d09dd1e25439b763628c |
| SHA256 | 44da98b03350e91e852fe59f0fc05d752fc867a5049ab0363da8bb7b7078ad14 |
| SHA512 | d119dc4706bbf3b6369fe72553cfacf1c9b2688e0188a7524b56d3e2ac85582a18bbee66d5594e0fb40767432646c23bf3e282090bd9b4c29f989a374aeae61f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_computers_and_electronics.json
| MD5 | 6ccd943214682ac8c4ec08b7ec6dbcbd |
| SHA1 | 18417647f7c76581d79b537a70bf64f614f60fa2 |
| SHA256 | ab20b97406b0d9bf4f695e5ec7db4ebad5efb682311e74ca757d45b87ffc106b |
| SHA512 | e57573d6f494df8aa7e8e6a20427a18f6868e19dc853b441b8506998158b23c7a4393b682c83b3513aae5075a21148dd8ca854a11dabcea6a0a0db8f2e6828b8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_science.json
| MD5 | 7a8fd079bb1aeb4710a285ec909c62b9 |
| SHA1 | 8429335e5866c7c21d752a11f57f76399e5634b6 |
| SHA256 | 9606ce3988b2d2a4921b58ac454f54e53a9ea8f358326522a8b1dcc751b50b32 |
| SHA512 | 8fc1546e509b5386c9e1088e0e3a1b81f288ef67f1989f3e83888057e23769907a2b184d624a4e4c44fcd5b88d719bd4cca94dfb33798804a721b8be022ec0c6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_jobs_and_education.json
| MD5 | 2d69892acde24ad6383082243efa3d37 |
| SHA1 | d8edc1c15739e34232012bb255872991edb72bc7 |
| SHA256 | 29080288b2130a67414ecb296a53ddd9f0a4771035e3c1b2112e0ce656a7481a |
| SHA512 | da391152e1fbce1f03607b486c5dea9a298a438e58e440ebb7b871bd5c62d7339b540eed115b4001b9840de1ba3898c6504872ff9094ba4d6a47455051c3f1c5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_real_estate.json
| MD5 | 9899942e9cd28bcb9bf5074800eae2d0 |
| SHA1 | 15e5071e5ed58001011652befc224aed06ee068f |
| SHA256 | efcf6b2d09e89b8c449ffbcdb5354beaa7178673862ebcdd6593561f2aa7d99a |
| SHA512 | 9f7a5fbe6d46c694e8bc9b50e7843e9747ea3229cf4b00b8e95f1a5467bd095d166cbd523b3d9315c62e9603d990b8e56a018ba4a11d30ad607f5281cc42b4cd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_shopping.json
| MD5 | 97d4a0fd003e123df601b5fd205e97f8 |
| SHA1 | a802a515d04442b6bde60614e3d515d2983d4c00 |
| SHA256 | bfd7e68ddca6696c798412402965a0384df0c8c209931bbadabf88ccb45e3bb6 |
| SHA512 | 111e8a96bc8e07be2d1480a820fc30797d861a48d80622425af00b009512aacb30a2df9052c53bfbf4ee0800b6e6f5b56daa93d33f30fecb52e2f3850dfa9130 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_people_and_society.json
| MD5 | b1bd26cf5575ebb7ca511a05ea13fbd2 |
| SHA1 | e83d7f64b2884ea73357b4a15d25902517e51da8 |
| SHA256 | 4990a5d17bea15617624c48a0c7c23d16e95f15e2ec9dd1d82ee949567bbaec0 |
| SHA512 | edcede39c17b494474859bc1a9bbf18c9f6abd3f46f832086db3bb1337b01d862452d639f89f9470ca302a6fcb84a1686853ebb4b08003cb248615f0834a1e02 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_autos_and_vehicles.json
| MD5 | 39b73a66581c5a481a64f4dedf5b4f5c |
| SHA1 | 90e4a0883bb3f050dba2fee218450390d46f35e2 |
| SHA256 | 022f9495f8867fea275ece900cfa7664c68c25073db4748343452dbc0b9eda17 |
| SHA512 | cfb697958e020282455ab7fabc6c325447db84ead0100d28b417b6a0e2455c9793fa624c23cb9b92dfea25124f59dcd1d5c1f43bf1703a0ad469106b755a7cdd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_internet_and_telecom.json
| MD5 | 36689de6804ca5af92224681ee9ea137 |
| SHA1 | 729d590068e9c891939fc17921930630cd4938dd |
| SHA256 | e646d43505c9c4e53dbaa474ef85d650a3f309ccf153d106f328d9b6aeb66d52 |
| SHA512 | 1c4f4aa02a65a9bbdf83dc5321c24cbe49f57108881616b993e274f5705f0466be2dd3389055a725b79f3317c98bdf9f8d47f86d62ebd151e4c57cc4dca2487c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_pets_and_animals.json
| MD5 | 5b26aca80818dd92509f6a9013c4c662 |
| SHA1 | 31e322209ba7cc1abd55bbb72a3c15bc2e4a895f |
| SHA256 | dd537bfb1497eb9457c0c8ecbd2846f325e13ddef3988fd293a29e68ab0b2671 |
| SHA512 | 29038f9f3b9b12259fb42daa93cdefabb9fb32a10f0d20f384a72fe97214eff1864b7fa2674c37224b71309d7d9cea4e36abd24a45a0e65f0c61dc5ca161ec7c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_online_communities.json
| MD5 | 37a74ab20e8447abd6ca918b6b39bb04 |
| SHA1 | b50986e6bb542f5eca8b805328be51eaa77e6c39 |
| SHA256 | 11b6084552e2979b5bc0fd6ffdc61e445d49692c0ae8dffedc07792f8062d13f |
| SHA512 | 49c6b96655ba0b5d08425af6815f06237089ec06926f49de1f03bc11db9e579bd125f2b6f3eaf434a2ccf10b262c42af9c35ab27683e8e9f984d5b36ec8f59fd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_books_and_literature.json
| MD5 | df96946198f092c029fd6880e5e6c6ec |
| SHA1 | 9aee90b66b8f9656063f9476ff7b87d2d267dcda |
| SHA256 | df23a5b6f583ec3b4dce2aca8ff53cbdfadfd58c4b7aeb2e397eade5ff75c996 |
| SHA512 | 43a9fc190f4faadef37e01fa8ad320940553b287ed44a95321997a48312142f110b29c79eed7930477bfb29777a5a9913b42bf22ce6bb3e679dda5af54a125ea |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_games.json
| MD5 | 4182a69a05463f9c388527a7db4201de |
| SHA1 | 5a0044aed787086c0b79ff0f51368d78c36f76bc |
| SHA256 | 35e67835a5cf82144765dfb1095ebc84ac27d08812507ad0a2d562bf68e13e85 |
| SHA512 | 40023c9f89e0357fae26c33a023609de96b2a0b439318ef944d3d5b335b0877509f90505d119154eaa81e1097ecfb5aa44dd8bb595497cdecfc3ee711a1fe1d5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_beauty_and_fitness.json
| MD5 | 0ed0473b23b5a9e7d1116e8d4d5ca567 |
| SHA1 | 4eb5e948ac28453c4b90607e223f9e7d901301c4 |
| SHA256 | eed46e8fe6ff20f89884b4fc68a81e8d521231440301a01bb89beec8ebad296b |
| SHA512 | 464508d7992edfa0dfb61b04cfc5909b7daacf094fc81745de4d03214b207224133e48750a710979445ee1a65bb791bf240a2b935aacaf3987e5c67ff2d8ba9c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_finance.json
| MD5 | e95c2d2fc654b87e77b0a8a37aaa7fcf |
| SHA1 | b4b00c9554839cab6a50a7ed8cd43d21fdaf35dc |
| SHA256 | 384bf5fcc6928200c7ebb1f03f99bf74f6063e78d3cd044374448f879799318e |
| SHA512 | 9696998a8d0e3a85982016ff0a22bb8ae1790410f1f6198bb379c0a192579f24c75c25c7648b76b00d25a32ac204178acaccd744ee78846dfc62ebf70bf7b93a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_arts_and_entertainment.json
| MD5 | 6c651609d367b10d1b25ef4c5f2b3318 |
| SHA1 | 0abcc756ea415abda969cd1e854e7e8ebeb6f2d4 |
| SHA256 | 960065cc44a09bef89206d28048d3c23719d2f5e9b38cfc718ca864c9e0e91e9 |
| SHA512 | 3e084452eefe14e58faa9ef0d9fda2d21af2c2ab1071ae23cde60527df8df43f701668ca0aa9d86f56630b0ab0ca8367803c968347880d674ad8217fba5d8915 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_law_and_government.json
| MD5 | 80c49b0f2d195f702e5707ba632ae188 |
| SHA1 | e65161da245318d1f6fdc001e8b97b4fd0bc50e7 |
| SHA256 | 257ee9a218a1b7f9c1a6c890f38920eb7e731808e3d9b9fc956f8346c29a3e63 |
| SHA512 | 972e95de7fe330c61cd22111bd3785999d60e7c02140809122d696a1f1f76f2cd0d63d6d92f657cdec24366d66b681e24f2735a8aabb8bcecec43c74e23fb4f5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_health.json
| MD5 | 11711337d2acc6c6a10e2fb79ac90187 |
| SHA1 | 5583047c473c8045324519a4a432d06643de055d |
| SHA256 | 150f21c4f60856ab5e22891939d68d062542537b42a7ce1f8a8cec9300e7c565 |
| SHA512 | c2301ed72f623b22f05333c5ecc5ebf55d8a2d9593167cc453a66d8f42c05ff7c11e2709b6298912038a8ea6175f050bbc6d1fc4381f385f7ad7a952ad1e856b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_food_and_drink.json
| MD5 | 70ba02dedd216430894d29940fc627c2 |
| SHA1 | f0c9aa816c6b0e171525a984fd844d3a8cabd505 |
| SHA256 | 905357002f2eced8bba1be2285a9b83198f60d2f9bb1144b5c119994f2ec6e34 |
| SHA512 | 3ae60d0bf3c45d28e340d97106790787be2cc80ba579d313b5414084664b86e89879391c99e94b6e33bdc5508ea42a9fd34f48ca9b1e7adfa7b6dd22c783c263 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_reference.json
| MD5 | 567eaa19be0963b28b000826e8dd6c77 |
| SHA1 | 7e4524c36113bbbafee34e38367b919964649583 |
| SHA256 | 3619daa64036d1f0197cdadf7660e390d4b6e8c1b328ed3b59f828a205a6ea49 |
| SHA512 | 6766919b06ca209eaed86f99bee20c6dad9cc36520fc84e1c251a668bcfe0afcf720ea6c658268dc3bbaaf602bfdf61eb237c68e08d5252ea6e5d1d2a373b9fe |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_home_and_garden.json
| MD5 | 250acc54f92176775d6bdd8412432d9f |
| SHA1 | a6ad9ad7519e5c299d4b4ba458742b1b4d64cb65 |
| SHA256 | 19edd15ebce419b83469d2ab783c0c1377d72a186d1ff08857a82bca842eea54 |
| SHA512 | a52c81062f02c15701f13595f4476f0a07735034fcf177b1a65b001394a816020ee791fed5afae81d51de27630b34a85efa717fe80da733556fdda8739030f49 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_blogging_resources_and_services.json
| MD5 | c82700fcfcd9b5117176362d25f3e6f6 |
| SHA1 | a7ad40b40c7e8e5e11878f4702952a4014c5d22a |
| SHA256 | c9f2a779dba0bc886cc1255816bd776bdc2e8a6a8e0f9380495a92bb66862780 |
| SHA512 | d38e65ab55cee8fef538ad96448cd0c6b001563714fc7b37c69a424d0661ec6b7d04892cf4b76b13ddbc7d300c115e87e0134d47c3f38ef51617e5367647b217 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_hobbies_and_leisure.json
| MD5 | bb45971231bd3501aba1cd07715e4c95 |
| SHA1 | ea5bfd43d60a3d30cda1a31a3a5eb8ea0afa142a |
| SHA256 | 47db7797297a2a81d28c551117e27144b58627dbac1b1d52672b630d220f025d |
| SHA512 | 74767b1badbd32cacd3f996b8172df9c43656b11fea99f5a51fff38c6c6e2120fae8bdd0dd885234a3f173334054f580164fdf8860c27cbcf5fb29c5bcdc060d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\f1lggfg7.default-release\personality-provider\nb_model_build_attachment_travel.json
| MD5 | 48139e5ba1c595568f59fe880d6e4e83 |
| SHA1 | 5e9ea36b9bb109b1ecfc41356cd5c8c9398d4a78 |
| SHA256 | 4336ac211a822b0a5c3ce5de0d4730665acc351ee1965ea8da1c72477e216dfa |
| SHA512 | 57e826f0e1d9b12d11b05d47e2f5ae4f5787537862f26e039918cb14faff4bc854298c0b7de3023e371756a331c0f3ee1aa7cebbbf94ec70cdfc29e00a900ed1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\bookmarkbackups\bookmarks-2024-11-13_11_CXa9LH5pQfQmVU3+NElQWg==.jsonlz4
| MD5 | 5bf583cdc51ad307a22a3bf42a8a88b3 |
| SHA1 | 27d3e97446cc8e7923ff1c91c9092ed86d21ca88 |
| SHA256 | 29678f8c08f19b977dbb38723a070b86a6d70c4dfb5c5d310be8161650ab36a2 |
| SHA512 | 783ab0d6bead9ebb3e35c4b35f04728bc2b097d0602db502837e909159dd077138f6b402d224b3138ceb4132769232c933962bbd8ffe08ebcd630319f80e8a91 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f1lggfg7.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | d8bae6ee8abd849b905108248c617efe |
| SHA1 | 47bd7dfc45dd53edff3d472ee4c3e8ae3a289779 |
| SHA256 | 04c5973b1673f5478b5bdda978d516248116dd9bae25123b84c51bf7b5957650 |
| SHA512 | 57e9bd7edc8b1cba7bcde632821c327180db379845c8def6725b5c3bf84127c8aa27f0155a13bc32a0f5aaca4022fd922297a096dc63cb5c1748c5cc412b0cb4 |