Analysis Overview
Threat Level: Likely malicious
The file http://google.com was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Detected potential entity reuse from brand STEAM.
Drops file in Windows directory
Browser Information Discovery
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
Suspicious use of SendNotifyMessage
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Checks processor information in registry
Enumerates system info in registry
Modifies data under HKEY_USERS
NTFS ADS
Suspicious behavior: AddClipboardFormatListener
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-14 15:45
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-14 15:45
Reported
2024-11-14 15:54
Platform
win11-20241007-en
Max time kernel
507s
Max time network
508s
Command Line
Signatures
Downloads MZ/PE file
Detected potential entity reuse from brand STEAM.
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\BIOS | C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily | C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133760727926103650" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 748982.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 554204.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 994899.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 22568.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 736609.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 711475.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 506365.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 855419.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 393790.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 455459.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 551954.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://google.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffcd7553cb8,0x7ffcd7553cc8,0x7ffcd7553cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1908,11076944426356729929,15912698165353873300,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1932 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1908,11076944426356729929,15912698165353873300,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1908,11076944426356729929,15912698165353873300,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2660 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,11076944426356729929,15912698165353873300,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,11076944426356729929,15912698165353873300,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3176 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,11076944426356729929,15912698165353873300,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1908,11076944426356729929,15912698165353873300,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5320 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1908,11076944426356729929,15912698165353873300,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5388 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,11076944426356729929,15912698165353873300,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,11076944426356729929,15912698165353873300,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,11076944426356729929,15912698165353873300,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,11076944426356729929,15912698165353873300,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,11076944426356729929,15912698165353873300,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,11076944426356729929,15912698165353873300,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,11076944426356729929,15912698165353873300,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcd695cc40,0x7ffcd695cc4c,0x7ffcd695cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1804,i,6834513122015930842,1052189844319929569,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1796 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1824,i,6834513122015930842,1052189844319929569,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2028 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2212,i,6834513122015930842,1052189844319929569,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2308 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3104,i,6834513122015930842,1052189844319929569,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3276 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3112,i,6834513122015930842,1052189844319929569,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3320 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3792,i,6834513122015930842,1052189844319929569,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4388 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4744,i,6834513122015930842,1052189844319929569,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4556 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4820,i,6834513122015930842,1052189844319929569,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4840 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5052,i,6834513122015930842,1052189844319929569,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4556 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4888,i,6834513122015930842,1052189844319929569,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4792 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4892,i,6834513122015930842,1052189844319929569,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4960 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4416,i,6834513122015930842,1052189844319929569,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4264 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5268,i,6834513122015930842,1052189844319929569,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5296 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4776,i,6834513122015930842,1052189844319929569,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4296 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3516,i,6834513122015930842,1052189844319929569,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3456 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=3136,i,6834513122015930842,1052189844319929569,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3320 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=3336,i,6834513122015930842,1052189844319929569,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5352 /prefetch:1
C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
"C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffcd7553cb8,0x7ffcd7553cc8,0x7ffcd7553cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1896 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2508 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3208 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1836 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5332 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4940 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4936 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6580 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5808 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6860 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5812 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6360 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6752 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6684 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7488 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6228 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7452 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6316 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6348 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5764 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5704 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1888,5087779009430148094,15457881350914155508,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=4892 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.187.238:80 | google.com | tcp |
| GB | 142.250.187.238:80 | google.com | tcp |
| GB | 172.217.16.228:80 | www.google.com | tcp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 85.49.80.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 88.221.135.41:443 | www.bing.com | tcp |
| GB | 88.221.135.34:443 | r.bing.com | tcp |
| GB | 88.221.135.34:443 | r.bing.com | tcp |
| GB | 88.221.135.56:443 | www.bing.com | tcp |
| GB | 88.221.135.56:443 | www.bing.com | tcp |
| IE | 20.190.159.73:443 | login.microsoftonline.com | tcp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | tcp |
| GB | 216.58.201.97:443 | clients2.googleusercontent.com | tcp |
| GB | 142.250.179.234:443 | content-autofill.googleapis.com | tcp |
| GB | 95.101.143.219:443 | tcp | |
| GB | 95.101.143.219:443 | tcp | |
| GB | 88.221.135.16:443 | www.bing.com | tcp |
| GB | 88.221.135.16:443 | www.bing.com | tcp |
| GB | 88.221.135.16:443 | www.bing.com | tcp |
| GB | 88.221.135.16:443 | www.bing.com | tcp |
| GB | 88.221.135.16:443 | www.bing.com | tcp |
| GB | 88.221.135.16:443 | www.bing.com | tcp |
| GB | 52.109.32.7:443 | roaming.officeapps.live.com | tcp |
| GB | 88.221.135.40:443 | th.bing.com | tcp |
| GB | 88.221.135.16:443 | www.bing.com | tcp |
| GB | 88.221.135.16:443 | www.bing.com | tcp |
| GB | 88.221.135.56:443 | www.bing.com | tcp |
| GB | 88.221.135.56:443 | www.bing.com | tcp |
| IE | 20.190.159.73:443 | login.microsoftonline.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| GB | 95.100.245.51:443 | store.steampowered.com | tcp |
| GB | 95.100.245.51:443 | store.steampowered.com | tcp |
| US | 151.101.131.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | cdn.fastly.steamstatic.com | tcp |
| GB | 95.100.245.51:443 | store.steampowered.com | tcp |
| GB | 95.100.245.51:443 | store.steampowered.com | tcp |
| GB | 23.214.143.155:443 | login.steampowered.com | tcp |
| GB | 23.214.143.155:443 | login.steampowered.com | tcp |
| GB | 23.214.143.155:443 | login.steampowered.com | tcp |
| GB | 23.214.143.155:443 | login.steampowered.com | tcp |
| GB | 23.214.143.155:443 | login.steampowered.com | tcp |
| GB | 23.214.143.155:443 | login.steampowered.com | tcp |
| GB | 23.73.137.233:443 | aefd.nelreports.net | tcp |
| GB | 23.73.137.233:443 | aefd.nelreports.net | tcp |
| GB | 23.73.138.209:443 | aefd.nelreports.net | udp |
| GB | 88.221.134.249:443 | www.bing.com | tcp |
| GB | 23.73.137.233:443 | aefd.nelreports.net | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 1fc959921446fa3ab5813f75ca4d0235 |
| SHA1 | 0aeef3ba7ba2aa1f725fca09432d384b06995e2a |
| SHA256 | 1b1e89d3b2f3da84cc8494d07cf0babc472c426ccb1c4ae13398243360c9d02c |
| SHA512 | 899d1e1b0feece25ac97527daddcaaeb069cb428532477849eba43a627502c590261f2c26fef31e4e20efd3d7eb0815336a784c4d2888e05afcf5477af872b06 |
\??\pipe\LOCAL\crashpad_4304_MNNQPNVVJSXMPYLI
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e9a2c784e6d797d91d4b8612e14d51bd |
| SHA1 | 25e2b07c396ee82e4404af09424f747fc05f04c2 |
| SHA256 | 18ddbb93c981d8006071f9d26924ce3357cad212cbb65f48812d4a474c197ce6 |
| SHA512 | fc35688ae3cd448ed6b2069d39ce1219612c54f5bb0dd7b707c9e6f39450fe9fb1338cf5bd0b82a45207fac2fbab1e0eae77e5c9e6488371390eab45f76a5df1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 60b128588213397b3e74260d0d383983 |
| SHA1 | 84a06abf9d883804db6cb58eeccdd2f73212fc84 |
| SHA256 | 786cde3804e43a4768cc21f5dce72384c474baf6b46b26a6871266937c0b6bae |
| SHA512 | 48a7b337f30637e57990b8775449d8f092e8f01b7b420ad513ac874a93e752db2d6a5416f0d3977a0fafe6c8bfbcc5b75c5f6ff15a55fc776c19d37ffbde43bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | e579aca9a74ae76669750d8879e16bf3 |
| SHA1 | 0b8f462b46ec2b2dbaa728bea79d611411bae752 |
| SHA256 | 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf |
| SHA512 | df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | cc11b9b10512857fb04c43b801654345 |
| SHA1 | f45333bc1bbcafaedae77472c4b52ac7f0a92ab0 |
| SHA256 | a4c180a4cf497f1db736c54dd5e9d82e3ad62a280843acacac58757c4bab306f |
| SHA512 | 86f43ecd74444e750fd729293dd9e6ea35e046a3458e4c5219078ea74024160f0c206c35b9e3dcf9de3ea3849706e796c981b6cdfcaaecbdf6309e3c866c4a1f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8991b6fe9015c4761c470ebb0078eb5e |
| SHA1 | e9e52a17b7838882f04e81d721e141f155357f04 |
| SHA256 | c5236a122f92595349371edd77ef552b69eee73d095a3bd904de581cd2f3c832 |
| SHA512 | 857f83e9ee6599c946cd71af39dcc72da7437a9eced9a986552dff65669d5c4c9c012f02d33170abcc7d6972ad67c0660d993059d7d85a3b5927779d3276c2bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | becaa156ca0fa433e786016836075a4c |
| SHA1 | 10df2ff7f3e093de29c4d46e9d7d1b199ad5fc6c |
| SHA256 | 37f5d13e251167d216996bc585c71f439c3ee5af1e6ec5b176ca958203135846 |
| SHA512 | 970ca1faf5fce362ec825a7513955159ab59d30390c49be364e17822a84945edfad7380132f9e0d003802aee8ba070a2cc86587cbd6e00b2890ab00ff2bee9bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 33edb07101524d11fe5ea8c71deaf5b5 |
| SHA1 | 552a032c2973a91474a9b43f586b9d529358e7aa |
| SHA256 | 3d6bc4ad4fbdb1a611e272fa30a160329b5b28032963995d9d943d76c1893036 |
| SHA512 | ecb06c140497ffbc0c31694f440facd74821afea5f799a95f6956a8f7324a06da5f94c29068da10d1066688f0aa7daf0c0440ec80757a04bdb82785affefa5a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 228321d3849ebaf2da7e2d1d44dc9a1a |
| SHA1 | bea32373eae3d751c22efaede65dcbed743483a4 |
| SHA256 | 26863a23a04c8fab0d70c47d91971df7f13d691e687c78a97ae8dd7d8946e72e |
| SHA512 | 3a590b95adac984c6977a155f0eac6f9eb6f0dbac1fddb29c8bfca087075abc62bcd387af5dde581a22c494d0a2109fd19780292b650b2f962dc48a342319858 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ac7a83ed8ef332ebdbed0936d2d74a36 |
| SHA1 | 82c772c97fe959a5e7025bb40900c6942ca018e7 |
| SHA256 | f4d802e4f5e9573b65ccd55bb81a81c206db09eab174ca05830612ce02e010d1 |
| SHA512 | 20f68beccf082aac1022e3f073282138898d86f1136f93b791646986ac105bdb6c1ea2202a0c0dc7ffea543ec610238141747d679ece0f5527ed9c66478c7a61 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Temp\226f7d85-0602-424a-b95e-a9586cfe98dd.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Temp\d5701b3a-9651-4af1-8ad6-364cc206e37e.tmp
| MD5 | da75bb05d10acc967eecaac040d3d733 |
| SHA1 | 95c08e067df713af8992db113f7e9aec84f17181 |
| SHA256 | 33ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2 |
| SHA512 | 56533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef |
C:\Users\Admin\AppData\Local\Temp\scoped_dir3112_230109778\CRX_INSTALL\_locales\en_CA\messages.json
| MD5 | 558659936250e03cc14b60ebf648aa09 |
| SHA1 | 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825 |
| SHA256 | 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b |
| SHA512 | 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json
| MD5 | 07ffbe5f24ca348723ff8c6c488abfb8 |
| SHA1 | 6dc2851e39b2ee38f88cf5c35a90171dbea5b690 |
| SHA256 | 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c |
| SHA512 | 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json
| MD5 | 4ec1df2da46182103d2ffc3b92d20ca5 |
| SHA1 | fb9d1ba3710cf31a87165317c6edc110e98994ce |
| SHA256 | 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6 |
| SHA512 | 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 23b792b0b1f140e7a1d8eb28e96788a6 |
| SHA1 | effcef022d6a33bd74ec52ee5d3c9110096433c0 |
| SHA256 | c587aaf2b619a9ef56161a1ec250cff00e272b0dd55965e9ad62dd6e874a9fb9 |
| SHA512 | a12d1a34a2d3881d27e1d10f84fc080557cdc942cae9da4031a7b2c8de8ee05f85ccae37e4e7a88af6d00ed5dfba439f06d4e41ffd36b35b70a5625436562df8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b0b09c9aae0bdc8403defc83f1b51655 |
| SHA1 | 0d49991e729eb568d888a1b4621edc6e2fc19602 |
| SHA256 | 06d9b7e68f84e6d37fc4d01ff3534080bde95719bcf16a953c08a8c62a4659c2 |
| SHA512 | bafc5d4591f096a92c797aad34b2d566ea8f68df2a9c7e0b044a62a4cdff71d0b4ecf177b7bc7439bc4425de52db95fa0664e76c1a58184eb6171e1496ba2c69 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 22d16082f4f649485fa0349f61c44555 |
| SHA1 | 89427a208e43f03b80ae3d018411eb3afe1c33ef |
| SHA256 | 73b43c2ce04f0b3002950ed57d8195e1dcc5f0273f296e68884e6b7472def682 |
| SHA512 | a9146463cce9234dbb0c1f89f24ebcc724e28cb7c0c12e850f732422ef4fef604b78db434d159844efae3cc72f7fae1cd1f8d6658c68825c035ea15726186316 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | 503766d5e5838b4fcadf8c3f72e43605 |
| SHA1 | 6c8b2fa17150d77929b7dc183d8363f12ff81f59 |
| SHA256 | c53b8a39416067f4d70c21be02ca9c84724b1c525d34e7910482b64d8e301cf9 |
| SHA512 | 5ead599ae1410a5c0e09ee73d0fdf8e8a75864ab6ce12f0777b2938fd54df62993767249f5121af97aa629d8f7c5eae182214b6f67117476e1e2b9a72f34e0b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 106a1a93d467d3aba2d2d754484ede17 |
| SHA1 | d453c4bb07cf0558b2367db68a8b1f50cbf1a287 |
| SHA256 | ed7478da4d2b101e3263d53932dd685330d5134cb81f389844ab3dabc38ee3ed |
| SHA512 | be0fa2ed0ac459e7ac75e4f50bf3bf73d38c34cd579cc5b4317d747ccc2a131b7081f47f9390b10d3a040e22d3b0b178f7fe4fbea8eb9ec0fbe0b6f5bd60d419 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 7abdb056b11326576a77c3f8d39091fb |
| SHA1 | e0e3270fcb811ac4709bbd3b973ede2ab3f25c48 |
| SHA256 | f14de635ba65d523d07abbe08c47b6f1e425a2ceb8283cce07c300204487bcad |
| SHA512 | d1a988b83c332c8db8f6e9700a4f5cc4452c30eecf8af5305df1defda120048525fd0fef2984190b98b1e0b8d2ad1634315356f4374b30284765508fdd735550 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0002c7fed75937fc46e175b555b6f119 |
| SHA1 | 27daa363bb5494858dbc8e8ec6719447bb61ec52 |
| SHA256 | b1a1f038f391bcdc7b240e42e6daaae24fb16699594c3bef584de52131ec2c93 |
| SHA512 | d833ced04bb2bc15f16dca5c31e9d75ba3d6db670058fdd8d96dafc53b476e43448c47fe3f3a3a213b3556b39ba032b8a20d2c0b65f1e05580405f5489d551fc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 55a2564a76e485a9a9b65abaf88cf026 |
| SHA1 | 0fcd1960c808b24cd6a09059a160ad1fb80f67b5 |
| SHA256 | c664bb6d08167e22c35b14bb6184a5a0149b922124dff1a2afcaf25381d8da09 |
| SHA512 | 1e1f144ef32dfd924d5b2a9eb2a24a85193f44f5e8ac4d72035775541318a11ca4228a43dbc47c9c40614bb8287864fa5e37e32645665bb91566671142300c26 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 538e8def09b77f2e76c0aaeb8ceca247 |
| SHA1 | 6c14945cfcda2c38f65fd9bcab23d03e7e29973d |
| SHA256 | 42fd06af435e8e5a29e77974e00c83d9e7e4fa646518dace23cbd9eba16fdc31 |
| SHA512 | 23a85a6f63ef9b4f8b2286bce239905083a43361f8a7af34c80a9d1e006f0c44b50c9efd4243848f2fb4103f48e4fe7ecb51963944336fa0009ea51459d8e195 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2470ee8793275a22ebe4928d09adbab1 |
| SHA1 | 195d8eea450db1106432c902d0fdd58ea9d88bb4 |
| SHA256 | 5895df8be8c0fa6e4c552aec189aea26d3b15e5e57b5f45cdb579455854768d5 |
| SHA512 | 5f957f50ccacdb0a0d4d58e60083ade453b0ec63c3581db4e0d421413501e6fba81513991e4971ede05d82ca91d5683ec16210bed2705997dc82288bd8ec1224 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d3b4d3531f7f03592b8da1433cfc79f0 |
| SHA1 | 8e041193bbecfc52e80dde73a5b92d213a6c7d77 |
| SHA256 | 1d78fe3c1c3b0a88e7a27d28fa536718bf8609e907bcf86716464e839b8ac1ca |
| SHA512 | 037aec308ddb080ad4db3aa0bd3d5107c1d9543da672352f577432d41fd0e8d4ea30554da922aa69863f2251bc6570d2e93a35b84f10860a345524bad2c1baad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 26162b97114c69de3a65e272bc0ae4e8 |
| SHA1 | 8b315d31c1a514f5aa33223518f221267afa875e |
| SHA256 | 6d5afa7e13505ff0fa102bf1a4cbb1448f87934b082dacd7bc255123950232ec |
| SHA512 | 564888954f9cbc2f1275e77d7f13e15f1beda9abb7fe7c22fded8e481634e20cecae7840747c668360a4a863858460fcbc51e87e57192435aa11ab68ea72dd6b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 546020baebd86f007da4fbbee3ff0590 |
| SHA1 | f03c0c9d96478f86c2beeacdaf12a1e2e6272947 |
| SHA256 | 193513c5584ff329604c8c8f4789cae0160ca8e7580b400c1c06c1e02206e3e0 |
| SHA512 | fd7569dfb78adbf8ceae8a6069a130a068e4203c5afc308de851bb46647fd236ee06ce4f4832b2c198af1b8bd263c96274bdf48b351043be4ae9bf51db477ba0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f63cf02b1b6113e0854834ab2665784e |
| SHA1 | f06f966f78a284dd75a937b16c542fa758839f2b |
| SHA256 | c534b788875a6f81b68e5aca6caac173e24bca6158cd9ceaf9402edb2ee8b5ae |
| SHA512 | 96eb275079aae8dd98e5801feadab29d4c4b9097b60bdbe7620b253345bac4c74101eae619da9dc68794fb0fb2648fcef10e75823cfe7c2aaf212aff5342b517 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ec6bddf77e381d22ef97f71db0216b63 |
| SHA1 | 255403476ca8809891c11d092a21a2bcc3fabf7c |
| SHA256 | 5a7a6eb233948c1afb779cce1a94088dfe68f5901e27eb39f1d37ef2dbb292af |
| SHA512 | 7f6cbe78475dad9237d93313260ab07cbe61a1220f4f687650611c277385eae92fa75ff943052faf9c566245dc89343431a204a5cb82f2353aae0283e709e5c1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 871776eeefa3a91a75f8d95616d718c5 |
| SHA1 | 11c2b393ea672f370c2693f558a6ad37de68dd6b |
| SHA256 | 96d3d5b38abf6656fcf00c8759503ca4743e482a091f532a1b0079c0b82ba145 |
| SHA512 | f47fc0c35ac73ce3c76a3d031d75c1e3e37c3ac95148138ea09cd64913f992bbac3c0f0f02496ef27d44b428ee2f29fe55b91c8c9602781acb489f82ea72aa98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a801d7bad50df1db1e5afa0ebedf5a37 |
| SHA1 | 4c5c185ce0b122f3d604bfd88fb6924f23c165d6 |
| SHA256 | 3f8e275b5c9e25b49882e0d6eec56dcc2f03abd81d3ebc312f0aea695618cd0b |
| SHA512 | e03abfc2fd8ce7fda1063b36ab472f5cf0fcf183bc74512c1a942f512f25c068253adbf728693c5713f81ce4ff63d4af4abce95dfd3a17657c22799dcaf4ca7c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GraphiteDawnCache\data_1
| MD5 | 60dc89b00813889a5a26646d51ecee93 |
| SHA1 | 9cea352f989cfa2fa63fde4e0b357297171cf577 |
| SHA256 | e2d053e776f97101129fce88cf927f51730b7081ca82c63d365cd9ca031d8890 |
| SHA512 | 2155a5e2d9be07702f18827cf8110d5bd02a640d510a341a48ade36136ed4fb0e16775eaafda199b13cbcb794167984cb928c8f64f0b480e76f92bbe834da006 |
memory/4564-953-0x00007FFCA62D0000-0x00007FFCA62E0000-memory.dmp
memory/4564-954-0x00007FFCA62D0000-0x00007FFCA62E0000-memory.dmp
memory/4564-952-0x00007FFCA62D0000-0x00007FFCA62E0000-memory.dmp
memory/4564-950-0x00007FFCA62D0000-0x00007FFCA62E0000-memory.dmp
memory/4564-951-0x00007FFCA62D0000-0x00007FFCA62E0000-memory.dmp
memory/4564-955-0x00007FFCA3ED0000-0x00007FFCA3EE0000-memory.dmp
memory/4564-956-0x00007FFCA3ED0000-0x00007FFCA3EE0000-memory.dmp
memory/4564-985-0x00007FFCA62D0000-0x00007FFCA62E0000-memory.dmp
memory/4564-988-0x00007FFCA62D0000-0x00007FFCA62E0000-memory.dmp
memory/4564-987-0x00007FFCA62D0000-0x00007FFCA62E0000-memory.dmp
memory/4564-986-0x00007FFCA62D0000-0x00007FFCA62E0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 214a65e61b2c17b34b4702192b071661 |
| SHA1 | 1d38f3f0af5cd18e24624fd2e542b808f2619e24 |
| SHA256 | 67c4b2ccc4fba6862c945cada5af01b4c3535f7b17cb128fe1cbe52805a3d0fd |
| SHA512 | 5762b3718f8154c1fd5439c0cc83a3398dcc15226231124ff8a2c9c6f3ea8d85fbbe8f2644a9720119992bd1079416031bc85aa5d7007481b9ea642bb75334db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
| MD5 | 022d49d913dcc061b8e9c4a84e1e0a99 |
| SHA1 | dac4d33a022f232cb085aeebce396b57a6e1b54e |
| SHA256 | c289f96a97714648fea9608380347995fe843b1c65b953808f332f8ff0bafcd1 |
| SHA512 | 385320eb65621d2c11cc4c0267b3b0e87872e24ea0d6e9934894b4ac43086d71a473359e88bd9081d821ca489ac6f16da129e0b32c5ad82e968bd517708efb66 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
| MD5 | 0407b455f23e3655661ba46a574cfca4 |
| SHA1 | 855cb7cc8eac30458b4207614d046cb09ee3a591 |
| SHA256 | ab5c71347d95f319781df230012713c7819ac0d69373e8c9a7302cae3f9a04b7 |
| SHA512 | 3020f7c87dc5201589fa43e03b1591ed8beb64523b37eb3736557f3ab7d654980fb42284115a69d91de44204cefab751b60466c0ef677608467de43d41bfb939 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | aaeb32090ddb09e80ce06ad194413da8 |
| SHA1 | ef074d2843ac3acf47b223f6acdee38532faf4fb |
| SHA256 | 54ac09ed4860983f354e0cb963da3fecc9ef8f78d9f69e51d217badf03d3fe7b |
| SHA512 | 9a05b69df09262040f6373ead0b86b9e89d21bebc466cd7ccd630a9be3ac4b672ba3df0525b51195a009b9b13171e7fe6fee77b7ef470310fe830fc1c5a2f1a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
| MD5 | 23df269cbae6fdfbf8d4847ab85415fd |
| SHA1 | 8bba626d965296ecf872e4bea6827edfdd9e0037 |
| SHA256 | 784980e5a7e35a96fa55a25e64aa693289dbc7797e956d9b2dc94c8ed506ef2e |
| SHA512 | 742589a430e31d76aa8516eecf0bce8b4a5fe5f47426d6e2ae38191606e2362368ae8963dc7b335845c679d49f39f7711890f957f7765e834d2e466afbf17502 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
| MD5 | db56d6c36ea10b5dc2a84d66bee06bca |
| SHA1 | f3fcb45d9ae6565d32a89c2a7271b7aae6c7d443 |
| SHA256 | 3c350f9c079db2ddc70cbca4109eb2842e7e4cbb7fe61adff553af80f38a9c47 |
| SHA512 | 00e60dc8e4c9c59a4cd313a05ddd583acb977ecc730efde869a020c660678000664aaca469ff10be1e07f264b4d9edd63bcc24ae5d452b72b3e3d3e0209ae111 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log
| MD5 | b5faeb4e6b7033a9246180a48db696c5 |
| SHA1 | 9dd6c54b076ced3a9272ff0f05d41a010deeb51f |
| SHA256 | d1643f73905268499e8982a1a51a6220c19236e692d2fa6e80fa9b6a59bb0104 |
| SHA512 | 50e0617f6f3ccab0cc024e1c213a9a4a60b68b29b2cc7b412a407f1e56194be821cc3f6373dc137c53faea510b196659ace099ee0d95ea19f673e7fc520d0a70 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
| MD5 | 1e5ca90e44801c0a8f8b76a84057bf6f |
| SHA1 | c631c3bddbd3ca505090faf1f425e92ade7ae221 |
| SHA256 | 369d4114104f2430d3e88f063982a9e3f89896dd7a545e10e41322f76cd253eb |
| SHA512 | 714f7ec79aed0871819331f264a1d6247218c353a9659daa03d516f7a81e4698028dbf344921ea1348b44abde1d283427d3e003cf8e8ae331cde63493f473b62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
| MD5 | 0942e2f459c00d495fd3338d3252e56e |
| SHA1 | cc56b3ebf13e9e2043157249813ca1be001f7f06 |
| SHA256 | 7ee32cda29e85becd6d42c6b56b65c183bc986e7ae7c2a7b1c2d722af4d22017 |
| SHA512 | 996781c8eb0188a6e939c8935d58d8654bb1f5e7da56ab54920ec66bf1f884f240b61db7d8d9ee1dbf01bb6c84149409a02c70e53a32e7c92fe6bb6cab92234b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
| MD5 | 28670600369d0ab7bbdec34c7bed40e3 |
| SHA1 | 0cb703cb848ed681994d26f875661ecbaaa3c537 |
| SHA256 | f08bc83f085a58486854d6b849f5aa217dbb06b291379393cb763592ff0d228e |
| SHA512 | 164378e590fa96e704b511cf9271a11b77c23147090b0034185837329b2669e5be3f6a0abba83d6fe750c2da161105b8fb2e77741841f89e1df0ce22103417b7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies
| MD5 | 14f09a2c96fff53bf4c75381886aad07 |
| SHA1 | 924e90a79714f54afcf7e771f9fe47aec525d3e2 |
| SHA256 | 3a6b2dc98bc8a20a0f304f4ad4e40638a37dc1bb4ba67e0354c5b4b2944f439f |
| SHA512 | 33a715d7c07b6e4b84132b6ec9f84c807645c0ddb7f585e755273ab6f67304c9354ce5a68ad108a5d8e6305f342bf8fe26774b05d035f52e764d866a6ec467b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
| MD5 | 7e3635077365b52125da4935f4fd01f9 |
| SHA1 | 1089c0c5e132061d02aba64ddbaaa1964771ebd0 |
| SHA256 | 188a7a291eb379d043a1fdcc78fc321a787baf84c3344af3dab7d772e9c84cb3 |
| SHA512 | ea81a3d682c2c1de65f49113b4858dadd6b8bcc5d747e99a25602576f7bbb1ffcb4a6dae749d35fd80a38e8273aed6135118de173080adbb04c163e2a1fa9bbf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
| MD5 | 28886d35deff11b79d9573bf325478d9 |
| SHA1 | 749a9d4a55e807c80df0713fea39fb05379364fa |
| SHA256 | 7bfab1ef3d5ac9076b56f2739fc2ca9e4182c2ece09e423cbde8678aaa82a5db |
| SHA512 | efe2f3b04ea158c7501e9cbe3e2ff4f2f9bc2d05f62f03fa985ad052cbe02c3493722619d2f0eadd1ca45dc1eb729e5d318d2c92cd844e369d3e5345e7cb400d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | cac9b3fa8d9bc24e9a49faee780235fa |
| SHA1 | a6253ef0b8c96f9bc03330bd390eaa2d7d7d657a |
| SHA256 | d1a8af3ee4e683e42d858cd465de28f15886ee6ca8baabf47f07f653ae27d8d8 |
| SHA512 | f3b9c4f08d7387801d1635235c2494a41e1517c218721b2371266c8051f03c9ee4177ed40be22ec8d7a21c9304b96907bcabf7e88e80ab88c8de1719844f2c13 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0
| MD5 | 1c54f5701a0c0c3292163dab4ac97941 |
| SHA1 | fa59511748858c834743ddebfd86efd37edb88ca |
| SHA256 | 37b65368fdf4fe46c27dee6c022abf89867420d3f6088e8d726d66ae13eb5fb8 |
| SHA512 | b4db033607f0df384a4a3968543ab93314d44d6d8dbf86fc5b296babdac279b63b324a84dfd36c4a6187e0e03776e1c519894d9b2b1121ac291daaa122b1df85 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
| MD5 | affd89b9531ef39cfae160cd2313ba73 |
| SHA1 | 8136ae715e3f3d2a5b662675c523c7c3cb7a3797 |
| SHA256 | d122a861ff82b78aa145587d9197d575d8af34179d655b1205550b05b4975f74 |
| SHA512 | d5dc0cccfe7957f6d782892a51e858c3e4c1fe219053f8f174ac837dd3d5562979346ecf4f05a3dcc726c73e37db5b13ba5c52822e5d1f9b424c7d9cc2ae2b0b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13376072751996662
| MD5 | 7683d4d32b97c0207c02ba5511d5cf0e |
| SHA1 | e7eab5003328ee7c415fa07eaefa17e739f369a2 |
| SHA256 | c4f8ea7582a46a33129fbdd7d137af357372a0732e243ca716e142131999236b |
| SHA512 | bad3df399045b0413af6c0d6be8ad23da0b43b9a3bac4c5cf0b8151253e9ddc7dee7c167ae4faac103e3beeeebf36026bab1cfc922e7a944b500b87ba4fe1a62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
| MD5 | ffcd1550ebeac9db4699cdebb9d9facd |
| SHA1 | 60c179a6de1487e3741beebc86a15ab8004fe683 |
| SHA256 | d322401bc80a64ca4fec7ab21ca6e7151d2e35719a0172b8d81404f939662d62 |
| SHA512 | 65319be1d6ddb40a9e2950677fb016cdc8b6448e59cb4860bd48c06fc552cf5dfa064cd944b8321ce6c699d40b97db3135999056c37a5a649707b50e694768e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
| MD5 | f4fc67a6e34502891cfab11228fcbab6 |
| SHA1 | d0162441b794113d0145b95a5f14b99fceedbd7a |
| SHA256 | 731aad40f69267a636ccddbc4e69fccccc26ccbc997626f91559f135cfbf98c6 |
| SHA512 | 4b601c34094659e3ce8240b7744cacabd82c4c44e82a1c1031fc5ac6a29856b1855ad3c5ab0ec0a9336c303e1b07495ed1c887887abae389882057551d7bf95c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | 07e62e1b8037f71b2b59d8ac7d9388cb |
| SHA1 | ba82a8ecdfeebd97881e0b1685831b8c13b9e7e2 |
| SHA256 | 9454683655f9420b8d5e9f4d945de63bf9dc729e7d0bc24d7ff1e487575990a7 |
| SHA512 | 103e0cf857dfa009a80740a70a0c0ce57f06463be63504a6c536776632a24beadbf105851842c5da91c239e4a6007b72937ead034d1d53b9fd85f008826a3200 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
| MD5 | 598c3a5913ba9d5ef415f53b3a7329dc |
| SHA1 | 4b600a6e2c0ffde8c49be777ab2de57999e09585 |
| SHA256 | a2ee78e34bf8a077bf0206599fb738cb25df349f206856b55f3f639a7c8966b6 |
| SHA512 | b2bc816b1791c3140b3b089735499ea765a63f199b85533113b0b54b13f785894ab3318b31a17af1a395842de733cc183cca32abf96f635d5afde7e635203de7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | c782cf839966d46797f10fe31e9004b5 |
| SHA1 | c40de0486797def6bf0f12a4c2d31bf01d26464c |
| SHA256 | 1781d4e77f59248af934195f414e12b06af5d8c70649a62bc6c8e6d1a7ffe452 |
| SHA512 | 67f9062a5415282e51f35d785d5dd3b3f7735023d5a8bc4d692bf156a94bce6f0078b7e60397bb6dc01ad235cca902b33c572c66364e15da884748c0c7fde08a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | c65300be77dc682cfa706521f3b41e7c |
| SHA1 | d9aa48f53d6c3f1921d001941c1b518a3b555189 |
| SHA256 | 0369c4061022635626f701f958cac31f541f586b568bd962e57ee9cd2903b980 |
| SHA512 | 25414d492823cb84a8650fcaee75834cd307cc4e793e9f213a04b50229babe34465d0e92e9042546c983315553f8ab48f02a6655f86fb5b5c8ba800fe9e0ba16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | b29bcf9cd0e55f93000b4bb265a9810b |
| SHA1 | e662b8c98bd5eced29495dbe2a8f1930e3f714b8 |
| SHA256 | f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4 |
| SHA512 | e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2592e45f76611dccb8b625abc64cafad |
| SHA1 | 216f0455815ba6e45c8bc70a664beef9cc9cf12e |
| SHA256 | addc99afe1079ae35eed2a171b0e95f6b76dbe982c8670cbc465f644b86b9766 |
| SHA512 | 37089506e839f5cc8e87ffa9f49739e2f00ccc072e3c732c2f863bc7cc2a34310ac0f3b5fd51a5dfff268590e2329e7211d18d7ce9f5dae8aa64a7cb855d439c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6c7b747bacb1b2a70812c4634e5f5675 |
| SHA1 | 35eeb008d398aace886ed2e6bd38c7195209c9a7 |
| SHA256 | c702dcc50ea4940961125002378fa82f9de40c1327120472174dd8f65cc7c47b |
| SHA512 | 8c67713acbac46bd52c34f5dbcdf6d79317893ef336d948b69857875f346ef35f0d626affb2215edc908a36fb1f0f7ecd80cbef35d4cc4929d61e7ad3d76fcb9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 21cc99db12d31181a684249e4f22e4a2 |
| SHA1 | 6380d3d6e3be0f3ab10144d3e13f9ca91fb98720 |
| SHA256 | f5f6a733ce2e2bd0db164a94d4f5ee17937520bfe34c5463983e7c4a27c546a4 |
| SHA512 | 4fbd75db8ee9abc67f9845d14b3b49a980585ee2510394b190fb7d5193cc5c9d93b272519173cfd21875737bcdf698a97d18043ceadeeb270cbe1fc1593b3884 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030
| MD5 | f222656f7796794674f732c474a033ac |
| SHA1 | cea879731968ace9befe205c55679924f033464e |
| SHA256 | 2d9259afe79e20ac65865133ee69f28563201da61bbd8142cd964fd0097170d5 |
| SHA512 | 9a2b31a325d8030a2aa6b5a932a8c56476a7bf995ac61d419e81477a0c7ecf5e92d5d4884a3d3fd9a67bd33dc619665d5e3bc05c3784c3bc51333abe4332b449 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000050
| MD5 | 4d9ecc70dde56858a3451017cd7fd8d9 |
| SHA1 | 88189cff695c454384884888ea46d9c11060c811 |
| SHA256 | e10acc2425b736f904ca0ec762a77b516ce7cea7391354841199e55750eee287 |
| SHA512 | dccdf161353e3fbd904b63f646ebf616e9eb977d23933575a307336aed6bb044902e11dc5990aa217f7b8cc16e190a968fc9077fe74f335c195c72de46c6f60c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000043
| MD5 | 38aefef2ea44c17d501cbb38cc0c7e54 |
| SHA1 | 55dc9404f34f790e42508ea8d74d6ac87c8d6a94 |
| SHA256 | 29f8a8da900ab06670e7e9c437bd27528ac311b4995d50c702972b29440ab194 |
| SHA512 | 6cd0e45c109d9ef0e0a3419246af71b9dcca214775116bc5c318df53ab906ca33197d831d0b3c05ba004fd31889a5086454eb6e0ef12e594035d3b89f1d1e157 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004f
| MD5 | 487b3b54635e5e78cb40f06019e3d266 |
| SHA1 | 5f27d3247d223035162688d39b8ca8921d662c38 |
| SHA256 | 6ee6a4b5156c04085388db04e54cd35f0b77f68902545cdcbda5367503c0979b |
| SHA512 | 64cdd50b84d9cc6a8b39c70bf7c442e11af54401a02fa745d72f0a12fb9e72a64b9f2772bb8a98c489ab18a8d5fb6ff753e6c6922e2fe86117eff2fa63efea77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 298ae613e9857796f5269de4fef1a9b1 |
| SHA1 | f6367f3985e084525b1009b52e3afcd15338ef5c |
| SHA256 | a47b273dbd43736400afc4309c305a683a7d68e00a7c895a633608f4fee8514f |
| SHA512 | c546ea758ec5a85eb89c98d40995a1f5a16115e38bdcfc728c31a4c5b522295405ac3d81e296a8e223904f3e4438b74e59afb835ef1844931cd18c462e505032 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004d
| MD5 | 757750902210ff3c0d12dee4dc5165c6 |
| SHA1 | a3599ca4bd5da9fb9c83e26813ef62327c541566 |
| SHA256 | 72ff7d67ddc7bd23885cbba07f3889be27b50cb597ba41fd546343416676ba67 |
| SHA512 | ef5cb66e561d5f208a872c65b6732bdaa082d421f9815c8a5a439d5e749890e032c2309c1d7ec66d93d1f897941bb5e2c5f860fd9cf8e13adfbf1ab60aeca27b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 893f3627c31605a2c15b2a4eabc39ef1 |
| SHA1 | f73661eb55d098dfe7be2b702067e8aaacc3258c |
| SHA256 | 325670053da2e40a9dbf3e1e48594e354bf5fa20d2815a91a248ebb511862bb2 |
| SHA512 | 4374e527bb0ea21e2048129b74a9d2c1caf5e9d6f87d4e78ba2ae8ff50376b12ce15a0de344965cea59007396cbf30ed018bfeaf36dafd3c6ef6a3e85b2a1b0b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 65eafb0eee45ccb7fc70172bc9474546 |
| SHA1 | 569179ef955ac011c32956499cfb288a90ed8941 |
| SHA256 | 6c1b1100d7a74b4ac02939175f0c861e4b31dd1a01e55c4b799cfdab095dfadd |
| SHA512 | 0cf5fdfa8f8acab2c6ff4111611bab06ce7fa3e93fcbf0832b5846541770b8cae8b71ba304ef639b5ab2ca76b45e30c2cf2fb3edfe9e372277f83f354012a224 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b2ee78bc12365a4a_0
| MD5 | 1495ca8b224f44551916f1686216f7d8 |
| SHA1 | 315303656348c96bc88a9c28e35044b06024be26 |
| SHA256 | f351562ca85ae11417ce731678396b8f940db4c1841c2c8cc65e7846729bcf84 |
| SHA512 | 770aca54976ce0a083f3b561c98eab6a2e3f99957d0af501e5f8bfcb7cfda91654e8036b894c25c5442a3d3ed8ffc13a5e94522d978370b7326bdfbac0567ff5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3b17e6758293e1fe_0
| MD5 | 5c66d72ba22d7752fe9673fbc4db4711 |
| SHA1 | 102be0310e22c8fe69b78e66e7a536d32af513f6 |
| SHA256 | 5816d43a51d6f0546d6667f6f2b0948946429bb4d0672243a4ed4a0b1ec2ac24 |
| SHA512 | 8be12745cfad5b0cc90e154b1b84d512c57736f2ceed336e25fc2f4c59ec1f2242fadffc4f2e16c41417db979483535638e9fa3a1f04924c1433c99d9b2622e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f066a18939cbec75_0
| MD5 | 55932c59e0ab591e68ed433c985e03f2 |
| SHA1 | f946df483fd33b750dd15798ff2f92a707e3c7ce |
| SHA256 | 775b5307259545960e7cd6502f93b7dd19087958723315deab159b8dfcaf0424 |
| SHA512 | 8a514fde4b53f7f34ddc521860c15f0aede12d3d193ecffc6961df25350846c7fdf036f75465658323fd01ca3f59c673024d4bf6718f7542bd969b68eef8d481 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0ce46baa370e0b1e_0
| MD5 | a88e1872a2b440206de0039d5be9e120 |
| SHA1 | b3bdf2c28557922de1064ee6b19d309e25ee6115 |
| SHA256 | 8498d5b4b4635609d9285f432ff5f644ef27238a8503141e305382ce453f46a7 |
| SHA512 | 096a3a25f97f4677c389436334cbd545f1a963c5334498ad55a330ecd1cdbb75d9fb24aaaee3fac98f0af19643a837a79778c23fe8346e30d9f0a7f1fda1c339 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bf9293ffee07d686_0
| MD5 | 595e1d9b3e7a868827ef517ce450ccaf |
| SHA1 | 643054a6cd6da21a50a044bc969f8849309465c8 |
| SHA256 | 48c86b26066032f6871817e23c64add9406aa37693906c6da12b009175166007 |
| SHA512 | 3aa088abcca8a750534cc3b183a348c6d6127db39cef81ec21e1ebaacc4abb31a25f71eded873155be2699d64c64ce4c45b941924c4294bbb47bc19d79e15b2c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7893d3683cb68f64_0
| MD5 | 45c2ec28e828aec91f6b695fa04933e0 |
| SHA1 | 6ff3c0170cd6739aab4f70020b7e5a248487ff56 |
| SHA256 | 32f0ca723a35ed191a5766df4d69c1bbe52d54fc999ff02612a970b525f9e9cd |
| SHA512 | 99535377096b4c9cc9952f1936b120b59acb548650736fa0f1c22fbca83d39df609cb2eaa6ecfc0e4ceaa64770df024708840cea0ef0a04f35619c3a2a272046 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2f0185b81396b08d_0
| MD5 | f596a98d147aa7f88bf5d5c47ed1cc3e |
| SHA1 | 4ef9b6b8d947cbef815fba9540ac81933b4a32c3 |
| SHA256 | 7a9c7c1f4cc03ad871f499fba758e4854c0b30aabe8a1649a590c3db203b19bb |
| SHA512 | 2fa18cbce2d511518d75f25a77e050607e9a5a8c06d4280a2a0de065400997b80217265ed4040e92869708c4d46c64cf0e78018f95568beb847c8d4b410d3411 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a634ea5d1711d4d4_0
| MD5 | 67ec1f883bd66684d32e1d252e32c482 |
| SHA1 | 8af543e8fbb6f02a09f9c4c011ac5b584fa11b1f |
| SHA256 | ff52f25a51f53b4fef020ef35b29aad6e05398ca04534f751f7a0c9e25bd18e6 |
| SHA512 | be041b269543488495b0a7c6fc902d7bb2bf1cc747ee28af6d8d4a8afa8262b842cae47d226bf6e29292f7777fd214e121e6013e60269a8721043f3710d7a47b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ee25b050a6e8aece704ab1f462510434 |
| SHA1 | 83ae052f7df5a00013d72d559bfc79e6f88eb98f |
| SHA256 | 8198564098b6c4cb481176af38a4ad21890fc4eabd085ff04b4e6742eb7d0457 |
| SHA512 | b8a138fe2f082bc39c5dd4bb82738f1773e099a3df734f86e403161d3805da084cfbd065eac3357155f08acd34e5574832ca37fbf2d6adefda97fe94bc681dfb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 10199a05960389b8a3e7ed73326dd0c5 |
| SHA1 | 646a46ccd6b4d15eccd46221ffa3b63078f8aa85 |
| SHA256 | 63f66340264e69f7fbdc6b36e85616719c5386fca23976e078727a469aa7b9eb |
| SHA512 | 414e5beac0ba8be8ef398af3f120560da941d5a7a9a316f73d03841a022fcf40ea9e1998789b20f62fe884b29b176c1fb34c86e46eefc4360546ca15e986c76e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 09e9c417911cccc99b6b03d17186cc18 |
| SHA1 | dd1ddd7c0e60ce5ff4009c3aab6fcc3bd3482e74 |
| SHA256 | fc3e231b0e02619189b8541284e330c536a1cbf54db5d9884ad6e1ccd8fab514 |
| SHA512 | d0a9f470eb09249a4b7253e77fa02d1aa1563658215dc121eee65f45c019b46fa4208715873e1ff33dd53493ba0cbbc41841868b541d49deca66d33c5119b51c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4a9dc263e276ebeb79b6821c054145aa |
| SHA1 | 40aa16b6cc41cff59b4b2d14747f641020fdc29b |
| SHA256 | 8c31f39431ffeeba4acef86ddea48c366846fa6b74d2eb67091f9113a510623a |
| SHA512 | 8815c0e0614009cee780960dd71595a9bd18c3e98106b3da586fd08b302b3de928dac5cef5c241e75f3845460f2a0d321ae80ccef68e67b1689261e693649a55 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007a
| MD5 | 1b54b70beef8eb240db31718e8f7eb5d |
| SHA1 | da5995070737ec655824c92622333c489eb6bce4 |
| SHA256 | 7d3654531c32d941b8cae81c4137fc542172bfa9635f169cb392f245a0a12bcb |
| SHA512 | fda935694d0652dab3f1017faaf95781a300b420739e0f9d46b53ce07d592a4cfa536524989e2fc9f83602d315259817638a89c4e27da709aada5d1360b717eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f14ff000ff93f539894d05438a7aa281 |
| SHA1 | f665e92b1e48d6e9d862aa4f3ccfc3fd37ed1639 |
| SHA256 | df1ae7fc6b1338efbbaa6728f5acb060d0a458bb778f11c49e3a342e7e3a8c43 |
| SHA512 | 7733eeec17d0be110b315d3a0cad06ac270915a1db1527a6dcf8c86a28094d5f3311085a5b018af298d52f5633dc72d9ce0c1be70ebf29924dbea8cfc0a794c1 |
C:\Users\Admin\Downloads\Unconfirmed 506365.crdownload:SmartScreen
| MD5 | 4047530ecbc0170039e76fe1657bdb01 |
| SHA1 | 32db7d5e662ebccdd1d71de285f907e3a1c68ac5 |
| SHA256 | 82254025d1b98d60044d3aeb7c56eed7c61c07c3e30534d6e05dab9d6c326750 |
| SHA512 | 8f002af3f4ed2b3dfb4ed8273318d160152da50ee4842c9f5d9915f50a3e643952494699c4258e6af993dc6e1695d0dc3db6d23f4d93c26b0bc6a20f4b4f336e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 52a561a11ee3caff1a7f015332495e4e |
| SHA1 | 318bc6120739e4a2ae755aa144af9c0cc93dafa4 |
| SHA256 | 00c6525da8e9a4dbba7e6a804ed6043234cab0ddaa008e29ddb9ab299c862be6 |
| SHA512 | 7fb672687f11537f366601c1bcff0bf3ef23a0901d69d0752b2e86430a52f9844b2583abceb84ab918732bd3db8d15a370136250378feef32a227e178614b273 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 95347834d5057949f10bd9b8caeec662 |
| SHA1 | c2e1cc9734c393be73c00fe03867287295ee9f4a |
| SHA256 | fa9baeeb433ccb143f80984d148f72313c0cc26d96c218292b1e5a7a8b62f90b |
| SHA512 | 1216a6f47d534e3e9d0c487ffd9bc7d743823da55549f513d237689928c41a882bb734a36b6d2709d87be3724c7d9b8b03ede3dd4baf56c788b6c0a03521db2c |