Analysis Overview
Threat Level: Likely malicious
The file https://filedm.com/9SPZz was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Executes dropped EXE
Looks up external IP address via web service
Probable phishing domain
Subvert Trust Controls: Mark-of-the-Web Bypass
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Browser Information Discovery
Modifies Internet Explorer settings
Checks processor information in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Enumerates system info in registry
Suspicious use of SendNotifyMessage
NTFS ADS
Opens file in notepad (likely ransom note)
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-14 00:02
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-14 00:02
Reported
2024-11-14 00:05
Platform
win11-20241007-en
Max time kernel
172s
Max time network
173s
Command Line
Signatures
Downloads MZ/PE file
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\Atlantis Exploit_54255182.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Release\Release\atlantis.exe | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | api.ipify.org | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
Probable phishing domain
| Description | Indicator | Process | Target |
| HTTP URL | https://gateway.platoboost.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8e22bf01d8d9bd7c | N/A | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Atlantis Exploit_54255182.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Atlantis Exploit_54255182.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\NOTEPAD.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\NOTEPAD.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1537126222-899333903-2037027349-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1537126222-899333903-2037027349-1000_Classes\Opera GXStable | C:\Users\Admin\Downloads\Atlantis Exploit_54255182.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Opera GXStable | C:\Users\Admin\Downloads\Atlantis Exploit_54255182.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1537126222-899333903-2037027349-1000_Classes\Local Settings | C:\Users\Admin\Downloads\Atlantis Exploit_54255182.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1537126222-899333903-2037027349-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1537126222-899333903-2037027349-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Release.rar:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Release (1).rar:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 142241.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 19605.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Atlantis Exploit_54255182.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\NOTEPAD.EXE | N/A |
| N/A | N/A | C:\Windows\SysWOW64\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeRestorePrivilege | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: 35 | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://filedm.com/9SPZz
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffd11023cb8,0x7ffd11023cc8,0x7ffd11023cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1884,6635768363281941794,6225311738486230078,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1840 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1884,6635768363281941794,6225311738486230078,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1884,6635768363281941794,6225311738486230078,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2660 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,6635768363281941794,6225311738486230078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,6635768363281941794,6225311738486230078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1884,6635768363281941794,6225311738486230078,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4916 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1884,6635768363281941794,6225311738486230078,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4572 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,6635768363281941794,6225311738486230078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,6635768363281941794,6225311738486230078,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1884,6635768363281941794,6225311738486230078,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3412 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1884,6635768363281941794,6225311738486230078,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4716 /prefetch:8
C:\Users\Admin\Downloads\Atlantis Exploit_54255182.exe
"C:\Users\Admin\Downloads\Atlantis Exploit_54255182.exe"
C:\Windows\SysWOW64\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\link.txt
C:\Windows\SysWOW64\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\link.txt
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xa0,0x10c,0x7ffd11023cb8,0x7ffd11023cc8,0x7ffd11023cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1940,13604374784515508542,1583092555895704394,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1952 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1940,13604374784515508542,1583092555895704394,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2288 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1940,13604374784515508542,1583092555895704394,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2776 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,13604374784515508542,1583092555895704394,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,13604374784515508542,1583092555895704394,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3356 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,13604374784515508542,1583092555895704394,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,13604374784515508542,1583092555895704394,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,13604374784515508542,1583092555895704394,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3488 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,13604374784515508542,1583092555895704394,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1940,13604374784515508542,1583092555895704394,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4228 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1940,13604374784515508542,1583092555895704394,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5680 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,13604374784515508542,1583092555895704394,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1940,13604374784515508542,1583092555895704394,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5480 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1940,13604374784515508542,1583092555895704394,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5844 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1940,13604374784515508542,1583092555895704394,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5912 /prefetch:8
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\Downloads\Release.rar"
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=44CF565580C0A19514A4ADA498C06B97 --mojo-platform-channel-handle=1776 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=AB1B36F32DF662CB8A0D31B0AD5BC9CC --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=AB1B36F32DF662CB8A0D31B0AD5BC9CC --renderer-client-id=2 --mojo-platform-channel-handle=1780 --allow-no-sandbox-job /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=5F3C737B0060667A01C49FED0186D257 --mojo-platform-channel-handle=2336 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=493D52520BA5965ADAFDCC23BE627E45 --mojo-platform-channel-handle=2368 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=9339E38BF854C50B4D4085A1EEBAEC5C --mojo-platform-channel-handle=2528 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Release\" -ad -an -ai#7zMap25380:76:7zEvent31458
C:\Users\Admin\Downloads\Release\Release\atlantis.exe
"C:\Users\Admin\Downloads\Release\Release\atlantis.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x110,0x114,0x118,0xec,0x11c,0x7ffd11023cb8,0x7ffd11023cc8,0x7ffd11023cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2056 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2548 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3940 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4964 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5688 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3624 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3636 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2936 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,17269252795361663703,2377384639938799182,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3996 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | filedm.com | udp |
| US | 104.21.60.113:443 | filedm.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 104.21.65.91:443 | getfilenow.com | tcp |
| US | 104.21.65.91:443 | getfilenow.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.60.70:443 | dlsft.com | tcp |
| US | 35.190.60.70:443 | dlsft.com | tcp |
| US | 35.190.60.70:443 | dlsft.com | tcp |
| US | 104.21.60.113:443 | filedm.com | tcp |
| FR | 52.222.201.47:443 | dpd.securestudies.com | tcp |
| US | 165.193.78.234:80 | post.securestudies.com | tcp |
| GB | 88.221.135.34:443 | www.bing.com | tcp |
| DE | 167.235.218.62:80 | a.directfiledl.com | tcp |
| DE | 167.235.218.62:80 | a.directfiledl.com | tcp |
| GB | 88.221.135.33:443 | www.bing.com | tcp |
| US | 104.26.5.28:443 | api-gateway.platoboost.com | tcp |
| US | 104.26.5.28:443 | api-gateway.platoboost.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 41.94.18.104.in-addr.arpa | udp |
| US | 104.26.5.28:443 | api-gateway.platoboost.com | tcp |
| US | 104.19.230.21:443 | js.hcaptcha.com | tcp |
| US | 172.67.139.179:443 | a.workink.click | tcp |
| US | 104.21.91.188:443 | youradexchange.com | tcp |
| US | 104.21.8.108:443 | pubtrky.com | tcp |
| US | 8.8.8.8:53 | 108.8.21.104.in-addr.arpa | udp |
| NL | 88.208.46.156:443 | offergate-apps-download26.com | tcp |
| NL | 88.208.46.156:443 | offergate-apps-download26.com | tcp |
| NL | 185.26.182.112:443 | net.geo.opera.com | tcp |
| US | 172.67.216.54:443 | link-to.net | tcp |
| US | 172.67.216.54:443 | link-to.net | tcp |
| US | 172.67.216.54:443 | link-to.net | tcp |
| US | 104.22.23.72:443 | linkvertise.com | tcp |
| US | 8.8.8.8:53 | cdn.exmarketplace.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | maxst.icons8.com | udp |
| US | 8.8.8.8:53 | stackpath.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | p.typekit.net | udp |
| US | 8.8.8.8:53 | js.chargebee.com | udp |
| IT | 95.110.204.9:443 | cdn.exmarketplace.com | tcp |
| GB | 2.19.252.197:443 | use.typekit.net | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| GB | 84.17.50.9:443 | maxst.icons8.com | tcp |
| US | 104.18.11.207:443 | stackpath.bootstrapcdn.com | tcp |
| US | 104.18.11.207:443 | stackpath.bootstrapcdn.com | tcp |
| GB | 2.19.252.218:443 | p.typekit.net | tcp |
| FR | 3.164.163.117:443 | js.chargebee.com | tcp |
| GB | 216.58.212.194:443 | securepubads.g.doubleclick.net | tcp |
| GB | 95.100.244.20:443 | contextual.media.net | tcp |
| US | 8.8.8.8:53 | 194.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.244.100.95.in-addr.arpa | udp |
| US | 172.67.31.186:443 | publisher.linkvertise.com | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| US | 172.67.74.152:443 | api.ipify.org | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| GB | 173.194.76.156:443 | stats.g.doubleclick.net | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| GB | 172.217.16.226:443 | ep1.adtrafficquality.google | tcp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| US | 13.107.21.237:443 | c.bing.com | tcp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | tcp |
| GB | 142.250.187.193:443 | ep2.adtrafficquality.google | udp |
| GB | 172.217.16.226:443 | ep1.adtrafficquality.google | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 34.120.195.249:443 | o1051356.ingest.sentry.io | tcp |
| GB | 172.217.16.226:443 | ep1.adtrafficquality.google | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | f1d2c7fd2ca29bb77a5da2d1847fbb92 |
| SHA1 | 840de2cf36c22ba10ac96f90890b6a12a56526c6 |
| SHA256 | 58d0f80310f4a84f687c5ce0adaa982eb42fe4480510399fa2ae975d40bb8bc5 |
| SHA512 | ede1fafea2404f16948fe0b5ea5161ccee3ee6e40c55ff98c337eac981a6776b9c73dc030a5c59e4347aec91259f497539206e71949c33adcecbf2c846709e14 |
\??\pipe\LOCAL\crashpad_3356_LJRWKCLSRUZJQTLU
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4c1a24fa898d2a98b540b20272c8e47b |
| SHA1 | 3218bff9ce95b52842fa1b8bd00be073177141ef |
| SHA256 | bbcc378fcbf64580e7a48b4e7ca9be57fa0a1f2e747f488325685bdb18d73a95 |
| SHA512 | e61f196e7f1c9a5fe249abe9b11eea770fb2f4babc61f60b12c71f43e6fe9354cf14869daf46abc2c2655bce180252acd43c10562a2dcd31fa7d90d33253820e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 15c4b84ef639ec46fc30379541ebca62 |
| SHA1 | 6544dcdf8d761aee404ae931e5d493f4bb03a51a |
| SHA256 | e91a806bc934f21208a58806a6fb838fa8e7b7225606b7b47e3ca75dbab56ad7 |
| SHA512 | b14a747856c70e8452d53a919a9c4db09179916c7813445d6c3275da4db2eac1f817279ff382a825095dab5bf5883ddd52d382c5375b4cf4a21309ca2c6c617b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | eb81f31e5edce07ad299674d509cb831 |
| SHA1 | 71e3516b9b05689ea66fcaa69224c0ed04d07286 |
| SHA256 | 893718f73f34ae3e9e4bf19833c51849a853c6b3f5f2e0a8f0e7eb362c8abd3f |
| SHA512 | 4b0f356c9bbb88506ae5b01380a1e42903b2245b35070ddf7bfa54d3bbf44a3d7b613dca4ba905f112abeb9bd6b888a8b3e04db82e1023c610ace402d1ee4f7e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 48827de1499195939e9b29ec0267b340 |
| SHA1 | 9b5e3d404e6b454a9b99974d86450c0e69a75ea2 |
| SHA256 | 368489f24b64921735c06db1983db3a1f2b1891196cd0757168d1ff24ce8281e |
| SHA512 | 76588f9c810360d59c80733d0244890b2a8b5a59a887cfb73b7b026cb68f2c9d7b3cebea87986855290b9448174b4dd76dd1adf5ae0fee230ea93d5770b910bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8a26e79e2975ff42d11f38b2ce774df0 |
| SHA1 | 45bfcd5e72050cf4144d21f68cd3d189fca93f22 |
| SHA256 | faea9923020f600f1ac361e4cc462bf6860d0397d33c8cf08932decec2aadf8a |
| SHA512 | 34065b5eafb4ea03f3524369be440f4d71da73d5cc202e817f8b239851e8ec519e0a6e538ae40742f77b573a4ac41024af28d7e758764be7a042f6192a2a47e1 |
C:\Users\Admin\Downloads\Atlantis Exploit_54255182.exe:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\Downloads\Atlantis Exploit_54255182.exe
| MD5 | 15d1c495ff66bf7cea8a6d14bfdf0a20 |
| SHA1 | 942814521fa406a225522f208ac67f90dbde0ae7 |
| SHA256 | 61c2c4a5d7c14f77ee88871ded4cc7f1e49dae3e4ef209504c66fedf4d22de42 |
| SHA512 | 063169f22108ac97a3ccb6f8e97380b1e48eef7a07b8fb20870b9bd5f03d7279d3fb10a69c09868beb4a1672ebe826198ae2d0ea81df4d29f9a288ea4f2b98d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 43e374c74a687f1ea7084aa181fd3996 |
| SHA1 | aa8e9f9922807176db941b6c9ca4f3b325f353a5 |
| SHA256 | ac71113a400fc97d73a79b9819be2c5d65ff799ff8ea9f279169ca9e39851803 |
| SHA512 | c417c525c2f6611dedb4d72adcf21789085dbf6b4f7c4ab0d27b245f447690a80447325777ad4b4e97d003949d2a044ec45e06d2f7f3b38648b20c8c23f76c9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 581cc8818d953b0606d6b6743b3fde44 |
| SHA1 | 0bba79b268f81bba4467481cfd5a723d36cc971c |
| SHA256 | 1bf1f7dee920118fdd538bd2157bb6f899795da966779039ed28fe479e18d2e6 |
| SHA512 | c8cf65d9a4ee7e00b488976d7491ac4550ecbac9a58798c514d7895f1e1778b5366ab1b133db20642a88435704fa11eacbd12be0cf3747b607bf2877f68d63d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 3f2ad2c22d190fa9c30c46b56f65a331 |
| SHA1 | 29721727a38e3174731d4dbcdfce37b3127b81d8 |
| SHA256 | e39704537a5e4f64f0ec7b67e35ae10701a94f5b464fccfe9f4fad0ae4e091b8 |
| SHA512 | d61dde376da80968ae0de604f12701e949707c50a5b4f5f34147dfdf1c882c0433dbebe09c8ba2e27c87447e3307ab753d60c7b03dfeb422a4a8762cee1fe267 |
C:\Users\Admin\AppData\Local\link.txt
| MD5 | 7f3b40093c73307142329fd06bb7ed4b |
| SHA1 | da18cdbe3d2501ea9bcbe7aeafbc53f48ffc4f61 |
| SHA256 | 8b4c51887ec78fd0d8d2845cf949c97f7509a89df69b112e3946db64fe007eb2 |
| SHA512 | 065b1e082393a50c2c87474516f5591d3393462c0934fcf2b0c430071e553533fb8bd0e06799dfcff92e5ea16e4af7083c97538cd7306b65ad60e0d2f8eefe91 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | fefbdfeae44ba4530ca5a9ee292e8748 |
| SHA1 | e4c8ac4c23f9cddf59603f897b82d5b7840b94d4 |
| SHA256 | 8e676d6ae55c0b3e19a8c493d0393366f0c33a1cf1b6edf1817b18ee8768efc3 |
| SHA512 | 9aea448b582149ae6b672b11724fe28bf79e556ab948fcf22d1d13c2a14ef130de0b35dc73eb36060110dc14fac77b2325ec5f3750f58a063f6a2ede74072cfa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | b29bcf9cd0e55f93000b4bb265a9810b |
| SHA1 | e662b8c98bd5eced29495dbe2a8f1930e3f714b8 |
| SHA256 | f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4 |
| SHA512 | e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13376016152798820
| MD5 | ac201adc3a4b17f986558f42d42ece1a |
| SHA1 | 918a690e9eb978c16ea10cc091d48ce2ac7ad655 |
| SHA256 | 31e6bc67c8fac3db20582ca0e291ebb514cda120093179953622fe08721e8c75 |
| SHA512 | 5070e740c4b2b3c7265f846710ae710ec9da8046920227f1f2434f37ea8f6973ef06a222070a7b75fa30e12ac16e08a9fdda6cc39d389bd1b28aecc2750f7183 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 99e7e8ef3e4d24b74fc229f78bcc7df5 |
| SHA1 | da60170094ffb8506c072dd0012469e0a9f1e87b |
| SHA256 | 44df9af4260bd369a659c5d8f648f8c241dd9e2a91cef54faad22bbb4addac26 |
| SHA512 | ef0d2bb4037bd8e9355e4ece1aa7102a6825c7be6686d198b8b46f6038f74e826925cb95bf4dcb5f7da28fec61d093a5a9e620daf23b9b9828370ca595c3115f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
| MD5 | fa1af62bdaf3c63591454d2631d5dd6d |
| SHA1 | 14fc1fc51a9b7ccab8f04c45d84442ed02eb9466 |
| SHA256 | 00dd3c8077c2cca17ea9b94804490326ae6f43e6070d06b1516dfd5c4736d94d |
| SHA512 | 2c3184f563b9a9bff088114f0547f204ee1e0b864115366c86506215f42d7dbf161bc2534ccaee783e62cc01105edffc5f5dabf229da5ebd839c96af1d45de77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
| MD5 | 76da186c07810993b7fb0af7e4ec33f9 |
| SHA1 | c7e60e58afa2af05ae1216e26762ec141389b36a |
| SHA256 | b483e4daf9046f800bba5bc9c9a0b3fd8070a2053adf494292b00a8eb8f08246 |
| SHA512 | bef339511b5ff16cf4fcf6e7b94eec3205718a3ed39058d523c5ed6892c48749663c7a617bc7093b40d559a654c5801861fff33fb007225bf19215be159c041a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
| MD5 | c116892a0e9a053f9b7ee665f11854b0 |
| SHA1 | b7fa9b37b5557bb8663854e541d28c557da5991c |
| SHA256 | 1c0b1d985964fd83ded332b9c100aa6564bd09041051e13ec25e691dfebac64f |
| SHA512 | d0d79fff25a1ad1bafddd2da25bcd94c1b36c2477082b490f63d3524b4d6912a735f01b20826f80ad51ffb15f9391a720c86878c1d8fc634f1f0c4aa96e798be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
| MD5 | 3c0ba1780c7857e79663e1fad1284794 |
| SHA1 | dcdaa3b7aae981ecac319fa2d64fd6462113a2bb |
| SHA256 | 13f5c604237531694fc593923b77adf0baf013c4b725c9b5d58ef27fd7a9ad32 |
| SHA512 | a1febdaea7353af62147c818d45f88e95e43ca5e205490d62110dfba29a8d36fd01f6545fc149f7147bd23839999732c548a762efe3b68ada87a81d9db7aadbd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
| MD5 | aba744adbe1bed93b3b1a066b872cd46 |
| SHA1 | e0ebc4508b82fd1bd2a8af52060e69a5bceb09d1 |
| SHA256 | 545b54c9ef2ca5e05347cd058ed925038ef38bbbbe05fdd27f5ec79c6a27ec62 |
| SHA512 | 08f55500d3aaa1e1daf9014c67b103814f6216c0b37a16c74540215e968460a6cf907ae7c4e231fa04168a5983a615a5ee0fce64be4bea317161be128f7b6642 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
| MD5 | cbc17bb48b28c8d0752a359e46e926d6 |
| SHA1 | c9b5abde39d0eb13d64225faf38e43c6dcf7f542 |
| SHA256 | 5cb50a22d12ce65995c55f6a490ae995ac850cbf8caac58540f01ce8db40c19b |
| SHA512 | f1cb51a1ca1ab0d19633ef07879e5f58dc1394168c3003bcdbedbc5968a9bd45e53cfc48a35951dbc9b15e62c40f64e5cde8add60784e70d17d5d5acc059e89b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
| MD5 | 925abb15e0e5664853e144a2af370de1 |
| SHA1 | d073a02b57191573bdcb966284c3b065d220bd6f |
| SHA256 | 7536cc1d83ded4c4d819ce85ddfe6fb9bd38b02719e0ecfb7aa8552a13ea1f6f |
| SHA512 | d5e76aaadef4f9b28f4cc2309807e0634fafc83b64b81ec8b79256606242a774a1d0e95e9c0b7a6e2053a5c5f38fa5f5b60e970ad15a63883069641596d260cc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
| MD5 | 9dff9286aeb2c94f21f3659fbfe42538 |
| SHA1 | 6c81617346955abd5a3ee3742934cd4368f4f123 |
| SHA256 | c73d35de6d21273ac1ed993f8360b2133e8a701c91b43aaf4968d20020e907de |
| SHA512 | 3a152d8807580d44a2d731f3a335ae7526605dc938f27163740d081ab9f1f8737e085d90f073fa4f85ec3c3a0675f12acaec4024e41a2bea65e9b88a778d8ebc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 09cc742ae466fe669e38155eb9b2852b |
| SHA1 | 905e475b036b2157ac9f62c3008e1837e0b97fbf |
| SHA256 | f98fb9cca3f05391c346459a77efc0f6753cd0cf59352ed54482842dd0961df4 |
| SHA512 | 8726cbecf571c41bc69b9fb2d99d524f693e2e6d69b7f106185c0251a06a37c8fac4b925ec58997c05241d89aef9ae201beadc661203da2ed9b2d79bb69584cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
| MD5 | 2009c3c85a0e5eeaf1ce438a6a4b20bc |
| SHA1 | 4a512fdc7f5badc8781432611a334d4d4cc811f3 |
| SHA256 | 38fb9ad06bb6059e251c18b5f0a03a401ca4338d8c1d426bd1bed687fa290df2 |
| SHA512 | 6b0b98eae9fc902093d542240774f1d38938903c33daa7b7b094010f25358354d1a37707e341e96709bb62a1d1e3876bd008cf8e20260826154b46dd93581f5d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
| MD5 | 2694392ac55bf1319dd9f03b370fe25a |
| SHA1 | eaf1acae818fb6a54fc36f51081a53f61becf4d3 |
| SHA256 | b589b0e63b53f2327c7f531b78e71e9c38276072920a7aaa60eec23da49b0f56 |
| SHA512 | e6f85587e9fcda0327b452a497120ab130258b160bc92eac3ecece7a782de6293de8ce5edd54126313d548c3b8c514d28b1fa57d55c7489f97b8edcee83429e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies
| MD5 | 26f427c3df24d6b4977cb623caf417df |
| SHA1 | cb92323002f231e31054d220f2d096940b6b607c |
| SHA256 | e480b56cecaf2555d0062b9b1b3ba3e0fd885bc2f6a1b309d8319f8803b36cd5 |
| SHA512 | 35598ec12f726eb3c25909d38ac5553bbe34ae52d431cb36ec30ebaefcf4a6395b43f6accabce7b348fed3f7ce397a23eb57a8a45c0f01b6dd103de24e9a904b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | ea246618c12f44786fec7d412d03be8a |
| SHA1 | 14f803c473ec90f34c4a9a500132cdee4dcb6a39 |
| SHA256 | ad414b6fe990808d385d95196c5634a6d6a63e525d5947ff172811927c0ed0f5 |
| SHA512 | 6f21a11eec5a1ac2814606c9ec47200a8f9f218d1f12fa5f9c391bbcde65171df18731254d141f39e8b9fac7648e807c6b7983c0b1765d5ffd9e79f9a66eb3e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
| MD5 | 00934b08c95efa9e150528ffe9d9ffc4 |
| SHA1 | 88ad61faf1901fae0908913271898a26504bd408 |
| SHA256 | c1f172a138b31819792751c6d3fd02cb2ba38788781b4fac0cd993a0c48ca9cd |
| SHA512 | 1c335eceaf062ece8c558958c411a49a843455792be7b1d78891e0272320bb0f7c116406b42656c276c79687284a1829dfba67545d047dcc3ba7736a38eb9a97 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies-journal
| MD5 | dd38f5a318c57224c364bdcc086e3a8f |
| SHA1 | 806e1d1a3a1e8959a0dd3b60dc4faea6ef7f7527 |
| SHA256 | d732fff70205420ebec47cead4d24afa73110cdbf2e4a871a4fa2941c15fad94 |
| SHA512 | cc8ea3b489dd8bd4dc20fbd696b101ab5a17dc069226752f018992389989daacd0a2e462e19b040c606b761418e0099615995a14b745cbf88c7707f99477e012 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 1ea73ab5fda47ab6a60392b2b600307d |
| SHA1 | 5f90d25ce9498561bad43881c97df2c6dd83cab5 |
| SHA256 | 14eec07e95bc4748ea7337db45c1101d666064ba904c19ee1663f16fd27811ce |
| SHA512 | 3cc387760838be4c798487eef722df566fbaa8086ca2399ddb88859080f6799f3bf6c08b9f150895abca8aecb0915f2697041811e8c2c72afea96d435f5afe59 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
| MD5 | bf4e85b17acb721cd2d9fc024cccab2c |
| SHA1 | 1af2fc389c308762fa0799047bc66f510cb6115f |
| SHA256 | 7ac72aa3dae936c7413e9f3b27856dece45c17290be1124549259ccb91f88765 |
| SHA512 | be631d47249ccacfe0fb6b1cf4e62c724efca233b0136d4186f2a94fbd6f841c693d04ce87921d37474979939f1e51ee0aafcf4a7088bed03f629b3617e31c10 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | a24bb8b5a660d53003796636e242570b |
| SHA1 | fd2f5bad8b6d14f0022e035140d264e026666978 |
| SHA256 | d1ba048d6e113e1886aaf17f1a412638c689cb4385b3eeea122ed9b235dc2f9d |
| SHA512 | fbce5ddae35045cb9cbd99f7234d7c70ad1ef4c927af5223b42dd185d766f773a98a6cbc2be793f5f0665d69758317146041a8e57ec665829915d9e53f70311a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3
| MD5 | 47a4e19f760f88df395f9605520071f9 |
| SHA1 | 3d70ddbb0ca46be81ea378989b8f45d148d0ee36 |
| SHA256 | 1f168a8ed154031b414ec608b69f96c7b2f75cbb4e8af5455efdfc91a9c7c2ec |
| SHA512 | 772fe5b62c41e2db0f6294658879fc8395e9f84e62068221c92a80e779b7630227f2d60591f075ba67f0f9fc3565adb214bfdf148eaa681aeffb6d08cc6b5b3c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2
| MD5 | 323289dd826081dec30afb86f5dbfe74 |
| SHA1 | 3a6537c4860738e4d7e43d162980870b49b8b238 |
| SHA256 | f23dc7546743320df4722095f8bd65fb5367c0cb7839d2f585e84c9830c04cf7 |
| SHA512 | d1613cf4541edc0d135dc8224588fab9052d7a4df6dc5ee5c2c9e7a6592140df677f88880ff522e5ca540f0fa89bda5c9790dafe979429a468402cb1079fb7a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1
| MD5 | bc2ea47e1759dc2340a9d52e133c49c9 |
| SHA1 | 3628aed7bfeca442e61828ce888c87b71ce35b0b |
| SHA256 | 93be30af877eef0b1f42ac4d307e768b596e60375c6606a98d223ea2cf94bf76 |
| SHA512 | 80e51f513433c6765c10e69ed1e460a554e00ec02c792cc70a1d3477dbf0d5ba98a251d862d2bf27bc12cb2b0149d5a2192a134175a31851769a9bc1b0032f77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0
| MD5 | 60a95f5e7a539326218a7d0af67ce492 |
| SHA1 | da6ce530494ce33b36c016dfe8602a81d26f0294 |
| SHA256 | bcba7766b7046ed08b709fed1c1ed68fafabab6868b3e3f8ba215f3cdfdb41ee |
| SHA512 | e86d234d57f062b66b095f6e6d61309e17f0beff02954292fed5cc32f0f0babe35a640067111de0b341d8ea23eee63823f3b193fd5f721d3a96e8dfd1f05c59f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000001
| MD5 | 7e86d5c1bf2ff36b15bfbd8fcf748b16 |
| SHA1 | 59a1515ddff8caec85c4f27ffb17b69a42ec6226 |
| SHA256 | 82f03e141e82546b261c1a24cd9ae3cfd4b19a7b4f343a296428deeda88cf856 |
| SHA512 | 943fdf966d2ca4bfb35e01431e7bae1611e86d4bbf9c27524ba4502a9a93b8c0bb39e7760a8ee76993c4099da1ff49febe0b48468f134d4121f22a0ffb41bf2f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000002
| MD5 | 2a029687e73114ebcb4fad10c0114e8a |
| SHA1 | f09cbbed46b9f8c731568bdcee13024e89bda397 |
| SHA256 | fe6e92a5b020858bbdd8089533c6f22703bc5927e22f689c384164096705b11b |
| SHA512 | 211dc45e2bb5739bcf863c44ca8132f92e895b3c95d074929aa4338698d53c6ccb3a8e2f23180260d9226073f4f5cd21a200010a7a224de7c8ac2e1cc853730d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3
| MD5 | 4a4e010d7e5c37157f62a788cbb3e766 |
| SHA1 | 05b9d39ab90e8349edee444a17d2c67d05acc1c1 |
| SHA256 | e27afc893addacb3105372779b4c846b3d815a22b30512c9272c320103faeb35 |
| SHA512 | 7280dd524c9b20a09edf2535f9374eb955dec3f2a20b5483c84932b058814a8be5abeafcfe6b559ba3d20394fe1d7eadb8cf0deb79c7fc0302c917f48251b64a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1
| MD5 | 5c717ba21a1d7369b56a4f2f81dfe5ec |
| SHA1 | 030046ba9eb3a38457cf29474a73e1eb9e34ce61 |
| SHA256 | 4e44e8e299e8b119f9bb613cd28a2d71fe48754c55b9f2b4280a5e8e3dad96aa |
| SHA512 | d6cd95f7a46a49fd480f160ec136fe23d5f49b39e296b8a1c655e94e3e476feeb4d4c63e6262e4e7fced29fc6bba7527ab030bb263edfc0860c864b7df2925ea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7b5f69701b74ee2126fdd9581b104daa |
| SHA1 | 1c0dee885db2e2089d343edeacce1b12e7e716c5 |
| SHA256 | 12f4e447fb0f70214e82bceff542134556fe8af4d2bdc0108305a45d76fb5f94 |
| SHA512 | b1457e009bb8ed4fa647dfe54238e0a32ca63055940c37af35826ca447cefb7d87571d3892103c8e4accaebe95fdd02ae125fa09131c70611ed81f05a5bf76a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0
| MD5 | 59d494435cebdc7a040c1a30d622660f |
| SHA1 | 3879a587fc703512e5bef5e8e6ff5035fbe1f4cd |
| SHA256 | f6f14e8825a1eba773908073f25372de29e479c07cf6edf6c8f25e007fe9a748 |
| SHA512 | 87d33d4b39edece838c0e3cf1358e34d5864c740c75a06e3ea28a9d8c04bc6dcf50f3e8db57b8399970fcfdf49273b130e093440b17eb761caa07af0dade640f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Reporting and NEL
| MD5 | be604ef966d6155bb4c284569e5d4ede |
| SHA1 | 37a4322f9ff9455fe9638cf6b7d24fc58bc395c7 |
| SHA256 | 4fda87eb3b16cae5059e52cbdc16adea4fc7faff05b398be0478fb747632cc3b |
| SHA512 | f64fc5a5a16067f4148feb0b1ff4f62ab5471276884a24f0804f1745a831a2e33a8326455f876a275adc0fac81acfd73968e00056f8af95a61292c55727c472a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13376016152466820
| MD5 | 0dbb500dc21ca80496f33ebf7ac4e4a9 |
| SHA1 | fb1ca34f1a05308f565fafa1d779b99f58e6898b |
| SHA256 | 497761a10c515bf881842c78a3cb0b862a82211ea8dc942355ede3b0a10df2ac |
| SHA512 | 27548f9c4ecd19ec2787f2b0bef572fa72c41a1d131e53cf202692b4147263b0ae9dc297f2adeed5b52d3a5293d8f920ec156f09176760a104ec31b9c2f2b892 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
| MD5 | a5c181971ab9d578e7a23893a8a5c5aa |
| SHA1 | 250d3b1a50107c6825240446f17cdfa89b5a33ec |
| SHA256 | b83ef843956d67a43615d2cb3ca17d59b4221065abfe1afa2df26047c9d65e2e |
| SHA512 | 48ff6b41de4451949a6101b812396e9ec663f11e4a537f94e1bef77c0919f1c58a538c68feb37e210ffdaabf01cfeef83d4f2539e6cc2a3e57267f307b90d46d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\edge_shutdown_ms.txt
| MD5 | e238d572e4d06babd694774d36da832e |
| SHA1 | 330f9bd60ec84ad03eb25e3d2216938855eadc26 |
| SHA256 | 804eb62b8dc3069e1010a374aeff70a1e78ac8f8f61d2048d6fba1a818d5dd12 |
| SHA512 | 6b88595b28af8627e1f80eca029c3cadcaf3660db70253017c32440888f98c848e200071614245edd45375d68be3e6e541a4cb6e4043b4370b6df30e5c71ef4f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\heavy_ad_intervention_opt_out.db
| MD5 | 9a8e0fb6cf4941534771c38bb54a76be |
| SHA1 | 92d45ac2cc921f6733e68b454dc171426ec43c1c |
| SHA256 | 9ee9211a57c3f6fa211fe0323fa8cd521e7cbffcd8ff0896645a45795dc472be |
| SHA512 | 12ed22537dcc79d53f6c7d39e92a38f8fea076d793198928f5b7a5dd1234d50a3c0b4815632f3fadf8bc4ef0499773d22bd83f961d2d0ffd8afacf471bd3a5ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\Downloads\Unconfirmed 522580.crdownload
| MD5 | 0e7e5030a8e7d587dc728d9fdb9bfd32 |
| SHA1 | d0719a333715c4b6b93ac7c07c5b9480b25aa6f1 |
| SHA256 | ad64b289f3f95fc78a048d5d5c103a34bbf5d52be2ef49faedd5559fd9c36bca |
| SHA512 | 946411a712a7bd7de23eb545a0865464986b66332b09fe536cbf1c2c3f3d5cafbb12d76db04b5002c49eb99ff84de748581aa756479f7163f1cc11b0ef6a6003 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 24d38da96d1dcf10ad07691bf02ec96a |
| SHA1 | 89ace91051a4c79619bd6748c47dba545613da4a |
| SHA256 | 5dbcdd14a4c4e7142f67911de4ac1c7d37591e949dc8772c20780562c200a438 |
| SHA512 | 9759fb9bd7ed9614069abc73f419fdf14adb14e3c3fa3c5bf3a5d956adff85d4db9b1b1236dc91f7dc6026df6cd4b754918a983a9b50984127a0fb30b6e3c708 |
C:\Users\Admin\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Cache\data_1
| MD5 | c0fdfd154df0ce266a3869bd585b71e1 |
| SHA1 | 4a7e43288f587323e17640b8fb32e6bd31ab0bf9 |
| SHA256 | bd083ffe7d5820acc94d8a0cd1aa4405a185b809eca1c60aa36a326259d89d50 |
| SHA512 | bb343d5c503c3c5d9be3c4d9256653a88036de5aa677b8a5ce1e7e30ce38f5816289a8d6ef8ebe33a211b568e7f1f29989a743e5156a054dfe50e8e4fcb684f2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 771180f2a094c127f46806f1a21df7cc |
| SHA1 | ed275c02d2e4f226da931d2f92d0274ba3528fff |
| SHA256 | bda0b51b89f59649a8f932e31a6e57dc1f9be3160a774b20af4dc9fb69446912 |
| SHA512 | 5eaf24b4eda3ca2aca3b17589c497e9f95f18fce750e6f235ddd0ae903f322fb7f9c167c4e875cd8a0f3f1a8dc632ffc315b2c950f2e39a4d2cf46d5ccca98de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c4cfaa6cf39123064d5489df93b3ca82 |
| SHA1 | 4917713eb642565c53b47ce8b88ad37f5ff8f0b1 |
| SHA256 | 348bfed673e3cbaaa203ed805510ffeb4ddb2b9581cba1c66143ffa16fe121cf |
| SHA512 | feb4c93fb84f5bc89da919e9a30ed779b62d8e4ae68191b70d273e431ad897fb4c40b92c5b00fd332cb9db2a1f40bbf34111295efc5ef31cf698e71102e9dbc9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 009cee0c9500059693ea5927fcab84a2 |
| SHA1 | 19baf8ff9153f4f1c14d83a4e2867332a63343bc |
| SHA256 | aaf192beba233e5ec2a5c00aa4dcfa08314e48c32247c93c6e74c136dfba9db6 |
| SHA512 | ee2c835f330d1248f71a7c398fb24a6b9c94113e9ffe5bd4827023974b7e62390bd3c39fdc3a1977c7911954f8a41f1bf834c67377f1b082ff8a0c19fc4b8e7b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c5f4871b5390197657a037b99ac891ec |
| SHA1 | 5a1cb6bf18f977038a22f1fc9beee7b977b24ba5 |
| SHA256 | 1e8338730e35719e5b5f08fd28e9a9d3ccccb605defdaf8554fa8447174b9f93 |
| SHA512 | 64421043754a7014614e8750e0d4e57f3ba22729b1a178e61c01df51d9025893d02bfda9e9b3b4a480a75fcc209c5bc702a93b4e3fb6f5670625503b3491f0d5 |
memory/112-581-0x0000025550A30000-0x0000025550A3A000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\45128a15-256e-4fef-8c3a-999527477a7f.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | d56a6a38e7a100046f7454dec30681d7 |
| SHA1 | 5b323e82ee3cb9a9e611b3ea728c75db09421510 |
| SHA256 | 7de3f732016ecb21962e62cd8a8a5fac6fffbe8f07ca20dbb7232b0a6ffa594e |
| SHA512 | 6c5207ed2663a3c7aee920886e57b11220dbb660af2804f4e996332b043fb81e35ec3a863a5139456198d88574c5dd1a97dc54aea2cb097aa8ac7929a4e2dbee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 91bace9d0005d4bf12eb20e4a8eecf49 |
| SHA1 | c49956c2777918a728600d5dd0822abfb1d0510a |
| SHA256 | aa73465e974a21fe3becb3bb2ee1e3cbcf93258f27aaf68c0422cf84a6ecb96b |
| SHA512 | 2ed5484322566adab5010e4566b3bbba50cc78972cf9db66a6db5be20392cdf8c952c4326dbaaf7358e5fb8b98d7f369adc7bfbc0141eb030ff5bdb9c76a90d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dddf13e3f81fa247287b67721e022b5c |
| SHA1 | 23c8d177291b53fb6845b434621c4ef46f843ee9 |
| SHA256 | b5a72c7875d3188840ff0198b6cd5988ff96c369d9d03c7d5b7505f666004ba4 |
| SHA512 | 6f75735dc948311e806ff179d560ed5918bfcad1ae9edc815f687511db144ec449983814bd18d267c57e38abe5becd1bb934b444d5c6c6bbf04505935cc85ccf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7d078346c6d32b3e0d53f3d90b89f3e9 |
| SHA1 | 6156d46b2baceea54029a78166486fbb7466a052 |
| SHA256 | 47e65b957f9a299684683634236429b03724556d98e02068a703440e15c3beae |
| SHA512 | 9dca15c0f240035825615e6cc5d4a9d05fc37c5dd893c68cea1ab552a718783ea53f3a1df484d3c211f8eca029d0bcc47d3c6e6f359c2af7c14931f84e3ad910 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 62ced347c8fb6363e17a7ce37c621ef5 |
| SHA1 | ea60a14075d086170b8a06021c95ca5425bce83c |
| SHA256 | 249341848665ba3d0f1c33a0008f1201693a6ec66c517a8b98b9c1182c6c7948 |
| SHA512 | 56282af8b3e2ce09c0032abca8e64bba76dedfd7811e867f7be62373c5183c8f481da7f11b3e0304ae630ff1f898f3945f8a138b1f73e220470820821a00bdf9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0d0f86fbcf2c3b2afbb1ea4070105c19 |
| SHA1 | 5843c80cc70dbed767b09e34314503d02713f295 |
| SHA256 | 3563c9eec2bbface7bf39065f6743c6609587a6cacc068062223a025c3f9f73d |
| SHA512 | 2f37b624050587fe9f9493ac296b52e18d3706bceb4083639519064320acb62e58ac29601a9c48d2b17f76e275f2014bcab184bc2deab77d66de4df7de8614e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2535e9eb36677ad223e114730b5e596f |
| SHA1 | 93ec1bca243598e5a1143a655eff7bdad0084e2d |
| SHA256 | f7d195a6cd98f03ba883ca33fabd7a9e2f305a37f912a321012f7e334963fe93 |
| SHA512 | c1fab1dc10f32e5b7900f67c83509c659a5368b7e0700900e55473e999b74958dee3bdcc3a552165d5f709ecdadd78bc66ce69338a568d7042c9f7e485bfdabc |