Analysis Overview
Threat Level: Known bad
The file http://sakpot.com was found to be: Known bad.
Malicious Activity Summary
Danabot family
Danabot
Downloads MZ/PE file
Blocklisted process makes network request
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: detect-gpu@latest
Loads dropped DLL
Executes dropped EXE
A potential corporate email address has been identified in the URL: lottie-player@latest
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
Adds Run key to start application
Legitimate hosting services abused for malware hosting/C2
Enumerates connected drives
Subvert Trust Controls: Mark-of-the-Web Bypass
Drops file in Program Files directory
Drops file in Windows directory
System Location Discovery: System Language Discovery
Program crash
Browser Information Discovery
Suspicious use of WriteProcessMemory
Suspicious use of SetWindowsHookEx
NTFS ADS
Checks processor information in registry
Suspicious use of FindShellTrayWindow
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Enumerates system info in registry
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Uses Volume Shadow Copy service COM API
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies data under HKEY_USERS
Modifies registry class
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-16 14:14
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-16 14:14
Reported
2024-11-16 14:22
Platform
win10ltsc2021-20241023-en
Max time kernel
445s
Max time network
448s
Command Line
Signatures
Danabot
Danabot family
Blocklisted process makes network request
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
Downloads MZ/PE file
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: detect-gpu@latest
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: lottie-player@latest
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\DanaBot.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Amus.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Amus.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Amus.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Amus.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\DanaBot.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\Microzoft_Ofiz = "C:\\Windows\\KdzEregli.exe" | C:\Users\Admin\Downloads\Amus.exe | N/A |
Enumerates connected drives
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\98d0926d-3f41-4f76-bd28-e313899789aa.tmp | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\20241116141451.pma | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\Meydanbasi.exe | C:\Users\Admin\Downloads\Amus.exe | N/A |
| File created | C:\Windows\Pide.exe | C:\Users\Admin\Downloads\Amus.exe | N/A |
| File created | C:\Windows\KdzEregli.exe | C:\Users\Admin\Downloads\Amus.exe | N/A |
| File opened for modification | C:\Windows\KdzEregli.exe | C:\Users\Admin\Downloads\Amus.exe | N/A |
| File opened for modification | C:\Windows\Cekirge.exe | C:\Users\Admin\Downloads\Amus.exe | N/A |
| File created | C:\Windows\Adapazari.exe | C:\Users\Admin\Downloads\Amus.exe | N/A |
| File opened for modification | C:\Windows\Messenger.exe | C:\Users\Admin\Downloads\Amus.exe | N/A |
| File opened for modification | C:\Windows\Pire.exe | C:\Users\Admin\Downloads\Amus.exe | N/A |
| File created | C:\Windows\Cekirge.exe | C:\Users\Admin\Downloads\Amus.exe | N/A |
| File created | C:\Windows\Ankara.exe | C:\Users\Admin\Downloads\Amus.exe | N/A |
| File created | C:\Windows\Anti_Virus.exe | C:\Users\Admin\Downloads\Amus.exe | N/A |
| File opened for modification | C:\Windows\Anti_Virus.exe | C:\Users\Admin\Downloads\Amus.exe | N/A |
| File created | C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\UPnP Device Host\upnphost\udhisapi.dll | C:\Windows\system32\svchost.exe | N/A |
| File created | C:\Windows\Messenger.exe | C:\Users\Admin\Downloads\Amus.exe | N/A |
| File opened for modification | C:\Windows\Pide.exe | C:\Users\Admin\Downloads\Amus.exe | N/A |
| File opened for modification | C:\Windows\Meydanbasi.exe | C:\Users\Admin\Downloads\Amus.exe | N/A |
| File created | C:\Windows\Pire.exe | C:\Users\Admin\Downloads\Amus.exe | N/A |
| File opened for modification | C:\Windows\Ankara.exe | C:\Users\Admin\Downloads\Amus.exe | N/A |
| File opened for modification | C:\Windows\Adapazari.exe | C:\Users\Admin\Downloads\Amus.exe | N/A |
| File created | C:\Windows\My_Pictures.exe | C:\Users\Admin\Downloads\Amus.exe | N/A |
| File opened for modification | C:\Windows\My_Pictures.exe | C:\Users\Admin\Downloads\Amus.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\DanaBot.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\Amus.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Browser Information Discovery
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\Downloads\DanaBot.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Program Files (x86)\Windows Media Player\wmplayer.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\Downloads\DanaBot.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\rundll32.exe |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\DanaBot.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Amus.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Amus.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Windows Media Player\wmplayer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\unregmp2.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\DanaBot.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Amus.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Amus.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365271" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365271" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292311040" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292311040" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4288567808" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "191" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = a6d8ff0076b9ed00429ce3000078d700005a9e000042750000264200f7630c00 | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0" | C:\Windows\system32\LogonUI.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-87863914-780023816-688321450-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-87863914-780023816-688321450-1000\{E75141A5-0EA3-454A-AE22-2F1F9D5A7BE3} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\DanaBot.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\Amus.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe | N/A |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files (x86)\Windows Media Player\wmplayer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files (x86)\Windows Media Player\wmplayer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\system32\unregmp2.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\system32\unregmp2.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Amus.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Amus.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Amus.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Amus.exe | N/A |
| N/A | N/A | C:\Windows\system32\LogonUI.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://sakpot.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffdc6c346f8,0x7ffdc6c34708,0x7ffdc6c34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2348 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2892 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6172 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7124 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7124 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x254,0x258,0x25c,0x230,0x260,0x7ff7430b5460,0x7ff7430b5470,0x7ff7430b5480
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6168 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5840 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5856 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7636 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x50c 0x4f8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7832 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5852 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6428 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6900 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5772 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe
"C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://execkey.nezur.io/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x148,0x14c,0x150,0x120,0x154,0x7ffdc6c346f8,0x7ffdc6c34708,0x7ffdc6c34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://discord.gg/nezur
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x140,0x144,0x148,0x124,0x14c,0x7ffdc6c346f8,0x7ffdc6c34708,0x7ffdc6c34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://1cheats.com/store/category/69-nezur-executor/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x14c,0x150,0x154,0x128,0x158,0x7ffdc6c346f8,0x7ffdc6c34708,0x7ffdc6c34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=8608 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2716 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8796 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://execkey.nezur.io/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x148,0x14c,0x150,0x120,0x154,0x7ffdc6c346f8,0x7ffdc6c34708,0x7ffdc6c34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1248 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9136 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,15169222428652887719,9578877931029494875,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8892 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1984 -parentBuildID 20240401114208 -prefsHandle 1900 -prefMapHandle 1892 -prefsLen 23681 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {494f284f-272f-47a5-8fe9-7234b66319ba} 6784 "\\.\pipe\gecko-crash-server-pipe.6784" gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2380 -parentBuildID 20240401114208 -prefsHandle 2364 -prefMapHandle 2360 -prefsLen 23717 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4ce7b9a7-b508-4199-a769-4b8de64b5c5f} 6784 "\\.\pipe\gecko-crash-server-pipe.6784" socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2716 -childID 1 -isForBrowser -prefsHandle 3136 -prefMapHandle 3052 -prefsLen 23858 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b5222b9f-ec56-4a62-9b5b-2fe62ee237e4} 6784 "\\.\pipe\gecko-crash-server-pipe.6784" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4320 -childID 2 -isForBrowser -prefsHandle 4312 -prefMapHandle 4308 -prefsLen 29091 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bc31243d-e862-4de1-a475-5b5e23bddee8} 6784 "\\.\pipe\gecko-crash-server-pipe.6784" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4804 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4840 -prefMapHandle 4780 -prefsLen 29091 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5dd75638-2234-411e-ac3b-ca3a9399631a} 6784 "\\.\pipe\gecko-crash-server-pipe.6784" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5308 -childID 3 -isForBrowser -prefsHandle 5328 -prefMapHandle 5320 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5db9d5c3-815d-4870-8a05-f12e7bd94daa} 6784 "\\.\pipe\gecko-crash-server-pipe.6784" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5228 -childID 4 -isForBrowser -prefsHandle 5468 -prefMapHandle 5472 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {525135d8-6903-4bb4-8f55-ce76d0c06ab8} 6784 "\\.\pipe\gecko-crash-server-pipe.6784" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5668 -childID 5 -isForBrowser -prefsHandle 5744 -prefMapHandle 5740 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {87b1d333-e566-403e-8c5c-866b6a6bf346} 6784 "\\.\pipe\gecko-crash-server-pipe.6784" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3200 -childID 6 -isForBrowser -prefsHandle 5540 -prefMapHandle 5904 -prefsLen 27211 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8e4e1ff2-98cd-4c8b-b6ca-356cc678d2d4} 6784 "\\.\pipe\gecko-crash-server-pipe.6784" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6224 -childID 7 -isForBrowser -prefsHandle 6244 -prefMapHandle 6192 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 1264 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {df712707-caf3-482d-babd-07932a40200e} 6784 "\\.\pipe\gecko-crash-server-pipe.6784" tab
C:\Users\Admin\Downloads\DanaBot.exe
"C:\Users\Admin\Downloads\DanaBot.exe"
C:\Windows\SysWOW64\regsvr32.exe
C:\Windows\system32\regsvr32.exe -s C:\Users\Admin\DOWNLO~1\DanaBot.dll f1 C:\Users\Admin\DOWNLO~1\DanaBot.exe@6888
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 440 -p 6888 -ip 6888
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 6888 -s 468
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe C:\Users\Admin\DOWNLO~1\DanaBot.dll,f0
C:\Users\Admin\Downloads\Amus.exe
"C:\Users\Admin\Downloads\Amus.exe"
C:\Users\Admin\Downloads\Amus.exe
"C:\Users\Admin\Downloads\Amus.exe"
C:\Users\Admin\Downloads\Amus.exe
"C:\Users\Admin\Downloads\Amus.exe"
C:\Users\Admin\Downloads\Amus.exe
"C:\Users\Admin\Downloads\Amus.exe"
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play -Embedding
C:\Windows\SysWOW64\unregmp2.exe
"C:\Windows\System32\unregmp2.exe" /AsyncFirstLogon
C:\Windows\system32\unregmp2.exe
"C:\Windows\SysNative\unregmp2.exe" /AsyncFirstLogon /REENTRANT
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s upnphost
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 4768 -ip 4768
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4768 -s 2284
C:\Users\Admin\Downloads\DanaBot.exe
"C:\Users\Admin\Downloads\DanaBot.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 372 -p 6364 -ip 6364
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 6364 -s 152
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa39ae055 /state1:0x41c64e6d
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 5888 -ip 5888
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5888 -s 912
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sakpot.com | udp |
| US | 172.67.75.230:80 | sakpot.com | tcp |
| US | 172.67.75.230:80 | sakpot.com | tcp |
| US | 8.8.8.8:53 | 181.129.81.91.in-addr.arpa | udp |
| US | 172.67.75.230:443 | sakpot.com | tcp |
| US | 8.8.8.8:53 | 20.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.75.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 51.140.244.186:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 51.140.244.186:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 51.140.244.186:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | data-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.61.93:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.61.93:443 | data-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 186.244.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.61.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | talesapricot.com | udp |
| US | 8.8.8.8:53 | jsc.mgid.com | udp |
| NL | 23.109.170.154:443 | talesapricot.com | tcp |
| US | 104.19.129.76:443 | jsc.mgid.com | tcp |
| GB | 142.250.200.2:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.2:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | servicer.mgid.com | udp |
| US | 8.8.8.8:53 | passirdrowns.com | udp |
| US | 104.19.130.76:443 | servicer.mgid.com | tcp |
| NL | 23.109.170.134:443 | passirdrowns.com | tcp |
| US | 8.8.8.8:53 | d3t3z4teexdk2r.cloudfront.net | udp |
| US | 8.8.8.8:53 | d8bsqfpnw46ux.cloudfront.net | udp |
| FR | 52.222.161.38:443 | d8bsqfpnw46ux.cloudfront.net | tcp |
| FR | 3.165.112.191:443 | d3t3z4teexdk2r.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.129.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.170.109.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.130.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.170.109.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | ukankingwithea.com | udp |
| US | 104.21.68.94:443 | ukankingwithea.com | tcp |
| US | 104.21.68.94:443 | ukankingwithea.com | tcp |
| US | 8.8.8.8:53 | rytransionsco.org | udp |
| US | 8.8.8.8:53 | 72.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.112.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.161.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.201.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 104.21.81.106:443 | rytransionsco.org | tcp |
| US | 8.8.8.8:53 | ditingdecording.info | udp |
| US | 8.8.8.8:53 | ghabovethec.info | udp |
| US | 8.8.8.8:53 | alsdebaticalfelixsto.org | udp |
| GB | 18.244.140.100:443 | ghabovethec.info | tcp |
| GB | 108.138.217.71:443 | ditingdecording.info | tcp |
| GB | 143.204.176.77:443 | alsdebaticalfelixsto.org | tcp |
| GB | 143.204.176.77:443 | alsdebaticalfelixsto.org | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| DE | 185.60.217.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| GB | 64.233.167.84:443 | accounts.google.com | tcp |
| GB | 64.233.167.84:443 | accounts.google.com | tcp |
| FR | 3.164.163.59:80 | crt.rootg2.amazontrust.com | tcp |
| GB | 64.233.167.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 94.68.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.140.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.81.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.176.204.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.217.60.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.167.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.163.164.3.in-addr.arpa | udp |
| GB | 108.138.217.71:443 | ditingdecording.info | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 216.58.201.98:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | primenetworkchain.com | udp |
| DE | 168.119.149.123:443 | primenetworkchain.com | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 216.58.212.193:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | url.giveaff.com | udp |
| US | 54.196.173.211:443 | url.giveaff.com | tcp |
| GB | 216.58.212.193:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.149.119.168.in-addr.arpa | udp |
| US | 8.8.8.8:53 | phoenixmedia.scaletrk.com | udp |
| DE | 18.197.237.56:443 | phoenixmedia.scaletrk.com | tcp |
| US | 8.8.8.8:53 | psegeevalrat.net | udp |
| US | 104.18.22.222:443 | psegeevalrat.net | tcp |
| US | 8.8.8.8:53 | my.rtmark.net | udp |
| US | 8.8.8.8:53 | yonmewon.com | udp |
| NL | 139.45.197.236:443 | yonmewon.com | tcp |
| US | 172.67.169.157:443 | my.rtmark.net | tcp |
| US | 8.8.8.8:53 | 211.173.196.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.237.197.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 222.22.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.169.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 236.197.45.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s.click.aliexpress.com | udp |
| GB | 23.214.144.96:443 | s.click.aliexpress.com | tcp |
| US | 8.8.8.8:53 | www.aliexpress.com | udp |
| US | 8.8.8.8:53 | assets.alicdn.com | udp |
| US | 8.8.8.8:53 | ae01.alicdn.com | udp |
| GB | 216.58.201.98:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 96.144.214.23.in-addr.arpa | udp |
| GB | 95.100.244.36:443 | ae01.alicdn.com | tcp |
| US | 8.8.8.8:53 | acs.aliexpress.com | udp |
| GB | 23.214.144.96:443 | assets.alicdn.com | tcp |
| GB | 23.214.144.96:443 | assets.alicdn.com | tcp |
| US | 8.8.8.8:53 | acs.aliexpress.ru | udp |
| US | 8.8.8.8:53 | ae.mmstat.com | udp |
| GB | 23.214.144.96:443 | assets.alicdn.com | tcp |
| US | 8.8.8.8:53 | s.go-mpulse.net | udp |
| GB | 95.100.244.132:443 | s.go-mpulse.net | tcp |
| US | 8.8.8.8:53 | bottom.campaign.aliexpress.com | udp |
| US | 8.8.8.8:53 | dmtracking2.alibaba.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | fcmatch.google.com | udp |
| US | 8.8.8.8:53 | fcmatch.youtube.com | udp |
| US | 8.8.8.8:53 | fourier.taobao.com | udp |
| US | 8.8.8.8:53 | gj.mmstat.com | udp |
| US | 8.8.8.8:53 | hd.mmstat.com | udp |
| US | 8.8.8.8:53 | pcookie.aliexpress.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 36.244.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.244.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | time-ae.akamaized.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 88.221.134.194:443 | time-ae.akamaized.net | tcp |
| SG | 47.246.110.44:443 | ae.mmstat.com | tcp |
| GB | 163.181.154.240:443 | bottom.campaign.aliexpress.com | tcp |
| DE | 47.246.146.97:443 | acs.aliexpress.com | tcp |
| US | 8.8.8.8:53 | 194.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.154.181.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.146.246.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | birthjeans.icu | udp |
| US | 104.21.42.119:443 | birthjeans.icu | tcp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| GB | 142.250.200.42:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | nostop.go2cloud.org | udp |
| IE | 52.210.174.128:443 | nostop.go2cloud.org | tcp |
| US | 8.8.8.8:53 | 44.110.246.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.42.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.174.210.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | trk.sparkrainstorm.host | udp |
| IE | 54.216.148.153:443 | trk.sparkrainstorm.host | tcp |
| IE | 54.216.148.153:443 | trk.sparkrainstorm.host | tcp |
| US | 8.8.8.8:53 | try.opera.com | udp |
| US | 54.85.27.31:443 | try.opera.com | tcp |
| US | 8.8.8.8:53 | www.opera.com | udp |
| DE | 3.66.252.218:443 | www.opera.com | tcp |
| DE | 3.66.252.218:443 | www.opera.com | tcp |
| US | 8.8.8.8:53 | cdn-production-opera-website.operacdn.com | udp |
| US | 8.8.8.8:53 | www.googleoptimize.com | udp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 172.217.169.46:443 | www.googleoptimize.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| US | 8.8.8.8:53 | 153.148.216.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.27.85.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.252.66.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.143.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| DE | 3.66.252.218:443 | www.opera.com | tcp |
| US | 8.8.8.8:53 | 78.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.20.149.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.mgid.com | udp |
| US | 8.8.8.8:53 | cdn.mgid.com | udp |
| GB | 216.58.201.98:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | secure.gravatar.com | udp |
| US | 8.8.8.8:53 | alepinezaptieh.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 192.0.73.2:443 | secure.gravatar.com | tcp |
| US | 192.0.73.2:443 | secure.gravatar.com | tcp |
| US | 192.0.73.2:443 | secure.gravatar.com | tcp |
| US | 192.0.73.2:443 | secure.gravatar.com | tcp |
| US | 192.0.73.2:443 | secure.gravatar.com | tcp |
| US | 192.0.73.2:443 | secure.gravatar.com | tcp |
| NL | 23.109.170.83:443 | alepinezaptieh.com | tcp |
| GB | 216.58.212.206:443 | www.youtube.com | tcp |
| GB | 216.58.212.206:443 | www.youtube.com | tcp |
| GB | 216.58.212.206:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 2.73.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.170.109.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.178.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.200.33:443 | yt3.ggpht.com | tcp |
| GB | 142.250.200.42:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.200.42:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.200.42:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | 6.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s-img.mgid.com | udp |
| US | 104.19.132.76:443 | s-img.mgid.com | tcp |
| US | 104.19.132.76:443 | s-img.mgid.com | tcp |
| US | 104.19.132.76:443 | s-img.mgid.com | tcp |
| US | 8.8.8.8:53 | cm.mgid.com | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| US | 8.8.8.8:53 | 76.132.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | a.adskeeper.co.uk | udp |
| US | 8.8.8.8:53 | a.mgid.com | udp |
| US | 172.64.152.191:443 | a.adskeeper.co.uk | tcp |
| US | 8.8.8.8:53 | 120.33.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.152.64.172.in-addr.arpa | udp |
| IE | 52.210.174.128:443 | nostop.go2cloud.org | tcp |
| IE | 54.216.148.153:443 | trk.sparkrainstorm.host | tcp |
| IE | 54.216.148.153:443 | trk.sparkrainstorm.host | tcp |
| GB | 172.217.169.46:443 | www.youtube.com | udp |
| DE | 3.66.252.218:443 | www.opera.com | tcp |
| US | 54.196.173.211:443 | url.giveaff.com | tcp |
| GB | 88.221.134.194:443 | time-ae.akamaized.net | tcp |
| US | 8.8.8.8:53 | dmtracking2.alibaba.com | udp |
| GB | 163.181.154.240:443 | bottom.campaign.aliexpress.com | tcp |
| US | 8.8.8.8:53 | c.go-mpulse.net | udp |
| GB | 2.18.108.132:443 | c.go-mpulse.net | tcp |
| US | 8.8.8.8:53 | 182.129.81.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.108.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nezur.io | udp |
| US | 172.67.74.136:443 | nezur.io | tcp |
| US | 172.67.74.136:443 | nezur.io | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 136.74.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.95.18.104.in-addr.arpa | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | checkappexec.microsoft.com | udp |
| GB | 172.165.69.228:443 | checkappexec.microsoft.com | tcp |
| US | 8.8.8.8:53 | 228.69.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | execkey.nezur.io | udp |
| US | 8.8.8.8:53 | discord.gg | udp |
| US | 162.159.136.234:443 | discord.gg | tcp |
| US | 162.159.136.234:443 | discord.gg | tcp |
| US | 8.8.8.8:53 | 1cheats.com | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 8.8.8.8:53 | keyauth.win | udp |
| US | 162.159.138.232:443 | discord.com | tcp |
| US | 104.26.5.38:443 | 1cheats.com | tcp |
| US | 104.26.5.38:443 | 1cheats.com | tcp |
| US | 172.67.72.57:443 | keyauth.win | tcp |
| US | 8.8.8.8:53 | assets-global.website-files.com | udp |
| GB | 142.250.200.42:443 | jnn-pa.googleapis.com | udp |
| US | 104.18.34.201:443 | assets-global.website-files.com | tcp |
| US | 8.8.8.8:53 | d2w9cdu84xc4eq.cloudfront.net | udp |
| FR | 18.244.38.49:443 | d2w9cdu84xc4eq.cloudfront.net | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | d3e54v103j8qbb.cloudfront.net | udp |
| US | 8.8.8.8:53 | 234.136.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.138.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.5.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.72.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.34.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.38.244.18.in-addr.arpa | udp |
| FR | 52.222.153.27:443 | d3e54v103j8qbb.cloudfront.net | tcp |
| US | 8.8.8.8:53 | getrunkhomuto.info | udp |
| US | 8.8.8.8:53 | ghabovethec.info | udp |
| US | 172.67.72.57:443 | keyauth.win | tcp |
| US | 8.8.8.8:53 | kit-pro.fontawesome.com | udp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 8.8.8.8:53 | use.fontawesome.com | udp |
| GB | 143.204.176.42:443 | getrunkhomuto.info | tcp |
| US | 104.18.40.68:443 | kit-pro.fontawesome.com | tcp |
| US | 151.101.128.176:443 | js.stripe.com | tcp |
| GB | 18.244.140.102:443 | ghabovethec.info | tcp |
| US | 104.21.27.152:443 | use.fontawesome.com | tcp |
| US | 104.21.27.152:443 | use.fontawesome.com | tcp |
| US | 8.8.8.8:53 | 27.153.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.176.204.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.40.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.128.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.27.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | alsdebaticalfelixsto.org | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| DE | 185.60.217.35:443 | www.facebook.com | tcp |
| GB | 64.233.167.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 102.140.244.18.in-addr.arpa | udp |
| US | 104.18.40.68:443 | kit-pro.fontawesome.com | tcp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.21.27.152:443 | use.fontawesome.com | tcp |
| US | 8.8.8.8:53 | www.skycheats.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 172.66.40.148:443 | www.skycheats.com | tcp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.40.66.172.in-addr.arpa | udp |
| US | 104.26.5.38:443 | 1cheats.com | tcp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 8.8.8.8:53 | 233.129.159.162.in-addr.arpa | udp |
| N/A | 127.0.0.1:6463 | tcp | |
| US | 151.101.128.176:443 | js.stripe.com | udp |
| US | 8.8.8.8:53 | m.stripe.network | udp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 52.24.185.87:443 | m.stripe.com | tcp |
| N/A | 127.0.0.1:6464 | tcp | |
| US | 8.8.8.8:53 | 87.185.24.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:6465 | tcp | |
| N/A | 127.0.0.1:6466 | tcp | |
| N/A | 127.0.0.1:6467 | tcp | |
| GB | 216.58.212.206:443 | www.youtube.com | udp |
| N/A | 127.0.0.1:6468 | tcp | |
| GB | 143.204.176.42:443 | alsdebaticalfelixsto.org | tcp |
| US | 8.8.8.8:53 | nostop.go2cloud.org | udp |
| IE | 18.202.12.61:443 | nostop.go2cloud.org | tcp |
| US | 8.8.8.8:53 | 61.12.202.18.in-addr.arpa | udp |
| N/A | 127.0.0.1:6469 | tcp | |
| US | 8.8.8.8:53 | lootdest.org | udp |
| US | 104.21.7.82:443 | lootdest.org | tcp |
| US | 104.21.7.82:443 | lootdest.org | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | unpkg.com | udp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.17.249.203:443 | unpkg.com | tcp |
| US | 8.8.8.8:53 | d1gpi088t70qaf.cloudfront.net | udp |
| FR | 52.222.196.29:443 | d1gpi088t70qaf.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 203.249.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.7.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.taboola.com | udp |
| US | 151.101.1.44:443 | api.taboola.com | tcp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | udp |
| US | 104.17.249.203:443 | unpkg.com | tcp |
| US | 8.8.8.8:53 | nerventualken.com | udp |
| N/A | 127.0.0.1:6470 | tcp | |
| US | 172.67.197.84:443 | nerventualken.com | tcp |
| US | 172.67.197.84:443 | nerventualken.com | tcp |
| US | 8.8.8.8:53 | 29.196.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.197.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | d1wzdj81h1hubn.cloudfront.net | udp |
| FR | 3.162.40.195:443 | d1wzdj81h1hubn.cloudfront.net | tcp |
| FR | 3.162.40.195:443 | d1wzdj81h1hubn.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 195.40.162.3.in-addr.arpa | udp |
| N/A | 127.0.0.1:6471 | tcp | |
| US | 54.196.173.211:443 | url.giveaff.com | tcp |
| US | 8.8.8.8:53 | phoenixmedia.scaletrk.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | yonmewon.com | udp |
| NL | 139.45.197.236:443 | yonmewon.com | tcp |
| US | 8.8.8.8:53 | s.click.aliexpress.com | udp |
| US | 8.8.8.8:53 | www.aliexpress.com | udp |
| US | 8.8.8.8:53 | assets.alicdn.com | udp |
| US | 8.8.8.8:53 | ae01.alicdn.com | udp |
| US | 8.8.8.8:53 | bottom.campaign.aliexpress.com | udp |
| US | 8.8.8.8:53 | dmtracking2.alibaba.com | udp |
| US | 8.8.8.8:53 | time-ae.akamaized.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 88.221.134.169:443 | time-ae.akamaized.net | tcp |
| N/A | 127.0.0.1:6472 | tcp | |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | 169.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.onsultingco.com | udp |
| GB | 216.58.212.206:443 | www.youtube.com | udp |
| US | 104.21.41.244:443 | 1.onsultingco.com | tcp |
| US | 104.21.41.244:443 | 1.onsultingco.com | tcp |
| US | 8.8.8.8:53 | curyrentattrib.info | udp |
| DE | 13.33.187.79:443 | curyrentattrib.info | tcp |
| US | 8.8.8.8:53 | 244.41.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.187.33.13.in-addr.arpa | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | rr3---sn-aigzrnsr.googlevideo.com | udp |
| GB | 74.125.175.40:443 | rr3---sn-aigzrnsr.googlevideo.com | tcp |
| GB | 74.125.175.40:443 | rr3---sn-aigzrnsr.googlevideo.com | tcp |
| US | 8.8.8.8:53 | x.urs.microsoft.com | udp |
| GB | 51.140.244.186:443 | x.urs.microsoft.com | tcp |
| US | 8.8.8.8:53 | 40.175.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr3---sn-q4flrnss.googlevideo.com | udp |
| US | 173.194.57.104:443 | rr3---sn-q4flrnss.googlevideo.com | udp |
| GB | 142.250.200.42:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 104.57.194.173.in-addr.arpa | udp |
| GB | 142.250.200.33:443 | yt3.ggpht.com | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.179.238:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| GB | 74.125.175.40:443 | rr3---sn-aigzrnsr.googlevideo.com | udp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | rr4---sn-q4fl6nsd.googlevideo.com | udp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | tcp |
| US | 74.125.3.169:443 | rr4---sn-q4fl6nsd.googlevideo.com | udp |
| GB | 142.250.178.6:443 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | 169.3.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lh6.googleusercontent.com | udp |
| GB | 216.58.201.97:443 | lh6.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 97.201.58.216.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | youtube.com | udp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | d2w9cdu84xc4eq.cloudfront.net | udp |
| GB | 142.250.200.42:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | d3e54v103j8qbb.cloudfront.net | udp |
| FR | 52.222.153.158:443 | d3e54v103j8qbb.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 158.153.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | workink.net | udp |
| US | 104.21.7.40:443 | workink.net | tcp |
| US | 104.21.7.40:443 | workink.net | tcp |
| US | 104.21.7.40:443 | workink.net | tcp |
| US | 8.8.8.8:53 | work.ink | udp |
| US | 8.8.8.8:53 | 40.7.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | workink.net | udp |
| GB | 216.58.212.206:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| N/A | 127.0.0.1:60228 | tcp | |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 115.230.163.35.in-addr.arpa | udp |
| N/A | 127.0.0.1:60236 | tcp | |
| US | 8.8.8.8:53 | support.mozilla.org | udp |
| US | 34.149.128.2:443 | support.mozilla.org | tcp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 2.128.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ac.duckduckgo.com | udp |
| IE | 52.142.124.215:443 | ac.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| US | 8.8.8.8:53 | 215.124.142.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| US | 8.8.8.8:53 | duckduckgo.com | udp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | links.duckduckgo.com | udp |
| US | 8.8.8.8:53 | 233.54.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | external-content.duckduckgo.com | udp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | 222.125.142.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | improving.duckduckgo.com | udp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 88.221.134.155:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| GB | 172.217.169.46:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 172.217.169.46:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r4---sn-aigzrnsz.gvt1.com | udp |
| GB | 74.125.175.169:443 | r4---sn-aigzrnsz.gvt1.com | tcp |
| US | 8.8.8.8:53 | r4.sn-aigzrnsz.gvt1.com | udp |
| US | 8.8.8.8:53 | r4.sn-aigzrnsz.gvt1.com | udp |
| GB | 74.125.175.169:443 | r4.sn-aigzrnsz.gvt1.com | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.72.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.175.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| IE | 52.142.124.215:443 | improving.duckduckgo.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.110.133:443 | avatars.githubusercontent.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.110.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | glb-db52c2cf8be544.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | glb-db52c2cf8be544.github.com | udp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | 22.114.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 8.8.8.8:53 | 133.109.199.185.in-addr.arpa | udp |
| FR | 51.77.7.204:443 | tcp | |
| US | 8.8.8.8:53 | 91.16.208.104.in-addr.arpa | udp |
| FR | 51.77.7.204:443 | tcp | |
| US | 8.8.8.8:53 | glb-db52c2cf8be544.github.com | udp |
| US | 8.8.8.8:53 | glb-db52c2cf8be544.github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| CA | 51.222.39.81:443 | tcp | |
| FR | 51.178.195.151:443 | tcp | |
| FR | 51.77.7.204:443 | tcp | |
| FR | 51.77.7.204:443 | tcp | |
| FR | 51.77.7.204:443 | tcp | |
| FR | 51.77.7.204:443 | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | f6126b3cef466f7479c4f176528a9348 |
| SHA1 | 87855913d0bfe2c4559dd3acb243d05c6d7e4908 |
| SHA256 | 588138bf57e937e1dec203a5073c3edb1e921c066779e893342e79e3d160e0b4 |
| SHA512 | ef622b26c8cee1f767def355b2d7bffb2b28e7a653c09b7e2d33f6468a453fff39fd120cacbffd79ce35722592af0f3fb7d5054e2dca06310e44dc460533f3d8 |
\??\pipe\LOCAL\crashpad_416_NDQYJZLJSILGRCUN
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico
| MD5 | e5e3377341056643b0494b6842c0b544 |
| SHA1 | d53fd8e256ec9d5cef8ef5387872e544a2df9108 |
| SHA256 | e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25 |
| SHA512 | 83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dda6e078b56bc17505e368f3e845302 |
| SHA1 | 45fbd981fbbd4f961bf72f0ac76308fc18306cba |
| SHA256 | 591bf3493eb620a3851c0cd65bff79758a09c61e9a22ea113fa0480404a38b15 |
| SHA512 | 9e460013fd043cee9bdbcdaf96ac2f7e21a08e88ddb754dddbd8378ee2288d50271e66b42092d84a12e726469465185be11a6fafab6ed4236a244524bd60f502 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3532242d260e10b558debf2ac26187b4 |
| SHA1 | f66b6b33761e2b7f800e8f93931e3e24372da52f |
| SHA256 | b82388c26b0affeeb0c58a3621c0c3f4f4975442d88aee3092001c2967be430b |
| SHA512 | a37e308dc54a0f3e6864ecb6cae799bca4dbc2016ef09a9163be3eb9a13a0a2bf54ec4b16ed9e08716e79ad5021ede7c0f3ac0f3c17f162a97f99b1e302cbdc1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 90cc75707c7f427e9bbc8e0553500b46 |
| SHA1 | 9034bdd7e7259406811ec8b5b7ce77317b6a2b7e |
| SHA256 | f5d76f8630779de1fe82f8802d6d144861e3487171e4b32e3f8fffd2a57725fb |
| SHA512 | 7ad692bce11aee08bf65bb7c578b89a4a3024211ee1deaf671c925d65cc016943f2caad3d57b365e16d1764c78c36cae35c3c45cef0928dd611a565b0313e511 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 85bcde0444e74e5ed81e7bc7ee3a94f0 |
| SHA1 | 8ac2e850c9a42fcf24bcd05c55e2723a27f22357 |
| SHA256 | 6d9d35ddabe06f02219f8cc7b0ef11bbee953f672d011f2b530f067338d03108 |
| SHA512 | c1292989d8c9a0576b8aab3ab83dc0ec4cb5a34c9f090d29320327f483359c0e4184f6fb063930b6d6560f67e5d9cd6b17744ca6ab3b025a93daa81818c93f09 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 07fd86c8714ef65fc71523fb0db7ef6b |
| SHA1 | 68e7d98cd62d0790d9dfee5ab85747744ca6a6da |
| SHA256 | e449c5ae57abc2f7b7a44387b65e53946b2e52d63b211fa44dda4db4973df099 |
| SHA512 | d87724e3e6b14c7534bbe32e6b556281c7de6002858c4f89ef5288253749a821fb0a4357d4e575113adc6704e5e84ba2a03cdb4e02ed939a389754f20187e672 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 0d8c8c98295f59eade1d8c5b0527a5c2 |
| SHA1 | 038269c6a2c432c6ecb5b236d08804502e29cde0 |
| SHA256 | 9148e2a2ba2a3b765c088dc8a1bdcc9b07b129e5e48729a61ebc321cb7b8b721 |
| SHA512 | 885a734a97a6f8c4a8fb5f0efa9fe55742f0685210472ed376466e67f928e82ddf91ba1211389d9c55dd1e03dc064aa7a81d1fca3cf429fbaf8f60db8b1348c6 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 975ca4fb12020601e0b2a5bf219ed03f |
| SHA1 | 5f78d43ac4fbbeb91f067bfc3d3301edb1e1ab6c |
| SHA256 | ad02fa8449dd0eb4a7a09b6cedb3612d56594333721e904db7721be5a712680f |
| SHA512 | 7a5e24c09291810d9b495a9487b71fe531866506d78cbddb55337e30bddd1fdc253baf8df445cfaa8814e88af3fbdf462bf69cd7cdb301437b0581ca590ff695 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 4a9120de7552002fc56af804867c1ff9 |
| SHA1 | c02fd071638620e02665f31bb9af64881291179b |
| SHA256 | 495fece3a372ee6ca510e94755b946064988f6eb619a866a58f958a4e9f6130f |
| SHA512 | 343db0c58147a6567ef564afb8f40e6647528bbd84fe7a554e3700fe4c89044a2ed4c7eca58e047f5306952a6926e0ed4eaa8271934118a2c6c0d3c19c03fcd3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | aedfe63935894b1af559a1687144e242 |
| SHA1 | 68f0d76d6ac582bd83e1ea51b58c00e796dcf630 |
| SHA256 | 50a9c17dabc23e372883260e41e60d6b8f9a87a1372a4ddd3a03c796a513ebf5 |
| SHA512 | 94f4399a4f4eb26f2588997e877a9145a43875916e7779639b3cd7e02ecb3828e98840eed03c6ee054277ab18cf49ba5cf800e992ad640e7af978d3627ba0f34 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e8f46e0ecc0847bb6ceacc00a0ac87e0 |
| SHA1 | 96df046cb962584723c6687e86552dba618958f0 |
| SHA256 | 56bd6eadbc0a36c3dd15e5480d2322f42f1074f647dbd57de05eb7a1d732b147 |
| SHA512 | e281f427103ab0bf9104ae470c7b5c7258f300b63500080ede7fe6d4d166d4dc83262a89a4a16a6bf750e211ab36c1e07c9588470617827a294608c2b5c9c6b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e01f.TMP
| MD5 | bf781a0b74cf55caf348ae78269054ef |
| SHA1 | 755c31a9e0f7a7a89e18074e097c803b62117d27 |
| SHA256 | 3762de878157b4130c97f38503ea27ecd464a108dca2eae1c4ae6eedb21f044e |
| SHA512 | 5b561ff3b270b6aa4a6a71fed4871425b84c6de8ee0dc9a1bf8d49942f7f08b02931fc6b6689f570104a2f4be61be34fb91099a207e84fa6a2baa1d2f9f20cfd |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | efa0707b2b37b81b7917ebe02dcfb98b |
| SHA1 | 1c4e20dfb421e11bceb335760edfcd4a9cc2db27 |
| SHA256 | dc29eaa2101765d025e36d6f07b2df7c7ce287af2066cb23b2e6a430f762de96 |
| SHA512 | 691cb15fb1f0a4ceb6236a6e8008c0fdb71f41bf3c5a7fc6fba2a0572e3db44cd4d937998384f4a79674d6cbe7ab5f3d88036d45f6738e7eed1e3d5439c1b5d8 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 3bed9f701f0863b29ab49823691bb390 |
| SHA1 | 53a2917804983750f486741638696e635a5ab71d |
| SHA256 | 6fec0599bb51b84bfd6cea36bc0d58df3a2187522107e3b36dc63da7eb7326d2 |
| SHA512 | 55e13c37f27cc8a0dbf4a05225a56a6b1d5d542249f53132ae07b017aacbfaac8791208b82385d3ada14fe385b76ad022b7d4b0a1d4d4ceb98d375f5830edb00 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe581fc8.TMP
| MD5 | f6db693688d626f37bc6a980fbfa0dfe |
| SHA1 | bec05f6d6ec4c0e2461c2b5f346998a30e84d2bd |
| SHA256 | bd98793a56bf63203ecb01e9b4f94df4120f1112798126f43b5fd6859c0f491e |
| SHA512 | ce17c68792d4e95c793786f6a8b010581c3af70e1629a5a5dae25cebf1b5e285f7ae516f2200a83caac9a3425ad01a1ab87d53cc5854a06bf2cb0bfde79f5f20 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | c7ffd0e600c0c45188d6e73f09263617 |
| SHA1 | 0733a66445392b90cd8413c00f7d8d45297e454f |
| SHA256 | a3a31216cbf33fca3103e0a485e9c958f9330d4c2ae9704fd3378472be84c671 |
| SHA512 | 72ee3373cac8da6306836e051d41563462d0277a0fe7a8150e40415056ac07c1af39a0dbd3a87b69284bcf851308ec2900339d882d311e7447a4c739dddc84f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | d1811b567e915d3da37564caa7aff971 |
| SHA1 | 9cee91abb4e67bcf6b5df28b38a3f784ba190d91 |
| SHA256 | 7654ba161ffc92ff2a33cc5dd321fe5151f5cde4995c517f51fc8325a28af70e |
| SHA512 | 94d6d8878a016b6260896873548f707ea7d6533785e847cccb78b779aa3f520d9a5e670752884654f4be815bd29ff3bf2fc37291d5cbaa7a9421c77edb2aa452 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 295eed0b58b4165e8440b87cac50985f |
| SHA1 | 20611a3756255eaf96482346507d7d25d3ba3b6d |
| SHA256 | 9ec04231ce850e859c7d3a433b5b878979ad2c925f170c10826a55ea4dca9fe3 |
| SHA512 | 6c3017c7aee55f83a6ce6dc34d2ea783f2d70835d8383d553a455fc0f0ec562549b548d4c6557fe184bb1ee56fa5ddf7e5b21580e55a276f89376fd57d1b28a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | 4ea59ed719e4ab9a0122c8ead482af8c |
| SHA1 | d03b928d1e50497f40170a89a105f89a53433397 |
| SHA256 | faeccaac526a8ec55dfce028eca801ff8d8d2a4d447d230a9744a53c7f7c2096 |
| SHA512 | 84e0d3bd27673f905f4d7418732684995b55fa710af58893743cd662601e22f5d734877a796614e408b0d2c69995e3eb25012fcb56f3fcbbc284157252657402 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | b33a9dcaa9abb7bfc366c09cc3e49323 |
| SHA1 | c570712b4bcf616962c06125484f6c9d66ab204b |
| SHA256 | 8f09b49d4c783017dd4b6a22748c49c5528cb0cc855a17c2d76f430c4ceeb4d5 |
| SHA512 | 4e9b8a5920bd04165fc206751bda1326601c2a63ab805d14c7530b018a8c09c334e8e10dcef392365d9bec890a695cca1d2d243df165e00ba848611a15a63aa4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
| MD5 | 32413102350a741bb0f16742f5bca786 |
| SHA1 | 3ab9aa52729f7e5e60994de8271ecff6ebbd716d |
| SHA256 | 540076c5e8b2f5da95de399bd9e805fb0de149ba13c63fa639deacb711060604 |
| SHA512 | 8629a6e241459069df1c8011782cf42f809beb779f2159c5661d7c20610dde30a0f8735f250d98bb8c4a8acf4217301b6ffa71d264632ad39250f0bb1a93a927 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | 7962ae876fa959f37a73d69d7f89b04b |
| SHA1 | c0b6f386f958d1119fd43e4aaeee9b0dfe287ba6 |
| SHA256 | b07b025fcf17a62e098417d63d019757c1a9cefcc764e6ea7752d990e7a9f211 |
| SHA512 | f0da2b680055295164e8fb7539fd9658298f8f66ea268169b913a3b17881acdf914e0bd35b2ef71ae8e03a7d69d4d947e0e58e46308f3439ff6fe5037e1a6508 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017
| MD5 | 7e4defbc06530f1b66922fc4f9919d8d |
| SHA1 | fc917a3bc99c6c55776705b0bc88b8d573a83b81 |
| SHA256 | 645666b59ab2f3d2a7a33729c79aaf95c228489726df07b28dc834619ebb60c6 |
| SHA512 | b39380e1838aeac7192404522eae0785fcc75d23c023e8f3006036209f8f558bbcdb8c7c3e1fcaf89666dfe6033654905f4f6f2d537707750a009c05050240a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c
| MD5 | 30bc76a3af3a2d0f66905cb29ff68ba9 |
| SHA1 | 5614a6eff61f56e369f4ec0b0ea075f7b83e6ca6 |
| SHA256 | 306601ea148d836272761159ff1e42cec21857c3632e5e1f091afd299428db64 |
| SHA512 | df955f2658c73eb2fbcbd9ba3ad4f45319e1199d7928982ca35d1c394730bc9c308e47f427dee89977402b35ac7aef302a6f597c5d10d6820370c06ee87bbdc3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d
| MD5 | 927ab6b27f57821d851c0787f05e7baf |
| SHA1 | 21060456d5ad456e4cc4a17cc80683bbfc738a1f |
| SHA256 | dae675a9c73a31162375bc829d2e05b084578e6c97aa92a280216226fe1fb252 |
| SHA512 | 3d5886bf689e93bd0f088473d75dbce14b678f533799d592b966de40898ffd07d4dffd4c7f629b6e74954872cd30d7868e1b6b515139afb5aa1fba373e4dd4e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e48ca95d1df7c0c912f0e19f6b39a74f |
| SHA1 | 5e88a6b21982ec995d8fec1784d6c1d34f025fbd |
| SHA256 | 147507bafcb408ca4d54c865ff53061c630be200d7c2a34453f7cbbedaa11f8f |
| SHA512 | 2c43ebc6e0a19193a8cc4e64634d0ef0e626709decfcfc5fb27874b6372b66000508f8c957aa8c9c11d326bc5301cb8c3bbf34c43bef17d316a00c1b4ef07ee7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b7c6ea1f3bd390f4aa61e32d39990e5a |
| SHA1 | 96e7b5f3d3961cc2fa4767f31f5a9f24140ecb54 |
| SHA256 | e37832d356f75faf749947bffda87e015332d07ebec295277a679e7561d7c6d3 |
| SHA512 | 00a454c774426e11f37e248daa7b80bc6dcc346e1a430869fe09c0f089a8fd78a85f5f0b9ec2c8673667f93611702c8a4505270b61a5e8ffd30a061e0f051b6a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020
| MD5 | e688553c6fbe0a656a84407dd3cf282b |
| SHA1 | 18853957b35a70d61285d19d6495cb1c06e68c6f |
| SHA256 | d66c3d59dedd75e0c6407b736716303e2a19c717c912ceb4506ef580c925bf83 |
| SHA512 | dce4ad3e23a9bfab17b844ad45a5a49a1ad1ad5bccbf79444b59dbbc54a608bfda82b35fd36a166fefa032d9cf4782fa9307e1189e30933b320acc83b45a5c5f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | be66fb859edf5c7bf8c6be1f09816635 |
| SHA1 | 6415269b2f8315206dba933ef3619ca0a6b7c873 |
| SHA256 | d43e785bf9a939e47869429f94eafc99ab4a87ec1735767212f0237127d2daf4 |
| SHA512 | a890e3d49e59cf4e1d36dac4898e15e51b64c0bc19eb6711bdb65adbe0e788ed40d2dff880034bfe55e60850ccefc86d46aa9fbc46f942ed77a0e3bec6e0137f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | eb5b263915b95e1f3ebcc23a39175c09 |
| SHA1 | e8459cf063c25f4e9dad06ec5086c1266b599d0d |
| SHA256 | a1fc0c05ae602d267c7bb22f795ab7ca673fedafb4e9a636144b8c0f40c1822f |
| SHA512 | 6db1bb1962f40e00ef8f9db118ddee92c604b56df21b6f298c88176b4f57aaddf59b131636e4047f1d4f6c1567642f545e53fc420de4e8ccc88cbb2686995d44 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 9bc5e7394a25776664a3e91dac5c5a5c |
| SHA1 | 47009ee755dbb6056d1d4b1986b71d3f6b5448f2 |
| SHA256 | f93d9760911b0781edfb984d772da360a8480c650238c42a07e1aedcbb199896 |
| SHA512 | d8e0a1958d020a6c205bb789b1e87a51d9ae565780ba5b9bb823976e4cd02b242d2b7738afdf36a9331d132839dcedddefae8c59395c2e270d9222359aa777c4 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | d8de7b6d010c9708a3b9b5cf395b65e9 |
| SHA1 | 63b10f547479e8dba5bfb16728299e1d0588c9f9 |
| SHA256 | fc50537ba852096075e0da4b327dfd85a5892536534d624a4407c07ed4775a2e |
| SHA512 | 193346c9276638c87f27bf1337644d0997f115c2ae1d785a8b7d753a7475f04489667a885bb0c9d13c8a6495e3a2eed1e83486f0073d2176e2e72c797bf94028 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ad225314f9f3a068a44e91b32cd08084 |
| SHA1 | 5984ca1c2c8f352a38cc23c1fd7813d80bcfc5aa |
| SHA256 | 956835ce31d13f7c26984d2f078a55469acc7bf6296fc7cb500c48fd053d34dc |
| SHA512 | eddb7ddc805386823bfb77de81bb335d22a138f94994a6ad3b3b0450a79e46d153a570aa0b08e08e1ba7447523495636322b76e9d39b7211f70c6ea365a39fb2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 85b0b0201fffccd4c5c419643817e235 |
| SHA1 | e34bb09afe817a943ea80db7a8b76f567fd3d840 |
| SHA256 | c54a11126b8e0cbe886f2f23636e51eb1fd51aa032b2f801e418e59fa0804ce0 |
| SHA512 | 908a7dc68be9e59ca27366f79eca5bd87c2445d872660c00a04a97a064c029ab1744b7905c6777d1cd241bc9ee300046e5ae6e626f66022553326633f76e7f87 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State~RFe589517.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ae7cafd2ad1945bf8a28ad35f985c189 |
| SHA1 | 41d23fd0a2c13dc7117f67c422df5a8acd5727c3 |
| SHA256 | 00602d1d53d95a39ca6c39ae7f664ed8cb6a5792e24bf9d9df2db3e56216cbbd |
| SHA512 | 0f8cb280a1f8630671b4e55c37237af2542b96c7ce1068b845a796ac2980f97ed4ce78679abf49e9e43b0b70d6a760bf1a42952518fdf307262c48d8c0bad604 |
C:\Users\Admin\Downloads\Unconfirmed 761916.crdownload
| MD5 | b464744ab9c9ebd75169f1c8639e432a |
| SHA1 | ce83cff14a367c1fc88fdf1b9aa3df2e64549d85 |
| SHA256 | 08975e2665243e02ad55dd53892d907554b297bc19ba2e4d11334eb67b45f3a6 |
| SHA512 | 37f4cd8560b480126ca38135cdac10d28e56f36ba42583b8cfbdaf6555bc656a2448c67fc715b2337e1db07d4d87ec9336e7f7ab5418bf2bb4f9a0206817beaf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | fb6535c56dcbcdb25ae7e4f3702491e2 |
| SHA1 | 645031e2c11442520adaef90395b2571b26f8730 |
| SHA256 | 59b44b302f2f45bcbf0c59d509cc9c64ddcccf00ce457484ae62dbf1c1b49473 |
| SHA512 | 93a70ad5df7a2125ff8bab09a459eca70551ac93278a4619ec32396ca0c9c6fcf8ac85ab346ef25622e57bcc13aa23d428f39c92f25a7ad97218236f32b0c095 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 185e802261c0c50275f200d09ba49e03 |
| SHA1 | e5fff1fbda8e4f5d0ad342ee3efa43c94d07f8ba |
| SHA256 | f2fb01ee8eec401d20f1422b4849eeaa869c2b8713fe34ff1b9e899f765cf7ab |
| SHA512 | 195225b3ff7e2d8dcd4b1385a028c8f09520eacc727cde430710c8f59fd69ed8e23b1bc9123c159f703845eea442c07db670a987044f53d8dd9d22a88c3c3769 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 07b38127b2bc659eca72838f0e297553 |
| SHA1 | 6081639786b5f6b4112edfc822cea2ac90a6f172 |
| SHA256 | dbc1e308b0be54cde41435c97de7ac5988aab4909dc58ee71f3600f5b560a78a |
| SHA512 | 9c074af0be9e762d75c709d170b41ed053a9c86035d8311628f6f12e5063c0c988055d21542aee1201edc22b296efe9f8d2698e3e13284c79f605b61bc938cdd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 606e86441f575598551bf7869f389bb1 |
| SHA1 | 49f8cac832c2f15612cee1bd490515516faebff6 |
| SHA256 | 4434579a3489a83f67f6de3feeda0419b460b24bff47c9fb201d5135756d0876 |
| SHA512 | 5d075990a220ac08d72e4b8f6ec2c920f2cf93e96ddef54461ecee58337be426a65988e8dc63d16a3b0a5ddf0be34e564271ba175e9cc296268942e08be69b40 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 58960c4568ef706d07acb81f072ec73d |
| SHA1 | 0d2f6a150ae9f0611086ed3f04943bc7005ca926 |
| SHA256 | 9ae8ad2f18925558eaafee959349005a05f0280e35e5e1f5b183ba6616808473 |
| SHA512 | cf77f1879a1df8c926b97c1369973f5329b1b7219439ee1a80572628662995b6cb24f20d4b24a166dfdb697ddc8dfda2372ebda364f11baec4cdd9ca94e29e84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a1b15ff46d2dda82f2d62fa28c24e7ea |
| SHA1 | 705bb03438de1f48afade92d629e975325917b62 |
| SHA256 | 67e79fdc1245a33d9d0bb93025fa10d1a9e44832ae35c79bc906e3ee5050747f |
| SHA512 | e4551251acee6c7f80c46ddf5f3c6d16d158d43a74be3aad3adc20e989e8801255434f8113894a23bd8eb7cf1f9b3e735316a10ed5a7c5ed61aa1440bd4bb642 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2d841547198246e63d95424b086ca5f5 |
| SHA1 | 6094bb391963d5f822523e5fd2ab5e86f8d203fb |
| SHA256 | 993870cf3bf0de03000bc942cd5fa2e291e20a21a6b0c0ac026b7cf54fc88678 |
| SHA512 | 00316910ff9afef8d06bd351f81f348d5b3d144f4da81ecf6b380b732b50a5465b8f49bc0d50575363adbefedb51d06de2cd795d980da4ad839b797583c40650 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 71af98300f399e90ca91dec41b6375cf |
| SHA1 | 7028cbba4bab491c5dfe37b1dcce1bf8b42cab63 |
| SHA256 | 523477e248ab1e451f05703790a50d3ebae06ed0bdb16b942b45342a4524a32b |
| SHA512 | c60d5e24804d7d7f8e33f59f51ed711b722c0cde14575e457b39a26cba4243b53d2c967064f5c17c2f1b697d40c7dcd552dcf9298a7c0db03e18afc2d73a184d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022
| MD5 | 622921477473e93dd9223d6a6047dae2 |
| SHA1 | c6a5bc5a590fa0c75b3725ceb8b2628671ec54a3 |
| SHA256 | b1ee18ec4b74bd98f27151f10efdf21e03ae7b5c8398309de570318eedd29b0f |
| SHA512 | df56309937468d93ac2478141e5111568b5e18c3e16d20f62e437e60f5e5a3b8212fbc17feb1cb089490f5f627dd62899ea5506535b3f5e99ee3783cca4eb6e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023
| MD5 | 68eae8ae528b3cf4965c780505e8274b |
| SHA1 | 23eea22c5ced491f0933dbdc428503548ae48636 |
| SHA256 | 5c677af2d6e78de58c66b09577213d4b1c23cf0409822378053f1c457ff465aa |
| SHA512 | 7fb225df90deaeff597ea4513985545b5ca6d3b4478dbe5969554f15ff4b2c1652c6220b970304884adfc2860be045599130534f1c45586a7adcfb29a8e72ac7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021
| MD5 | 57632c3e3288b2d52d3a6ac63d989c5a |
| SHA1 | 8bd0a80782c89a5da2e8d950205dcd93aab5387e |
| SHA256 | f63506da8221e2480de12f403a9a18c91470ca131cf67b83dd7e003dcedaa611 |
| SHA512 | e63931370f5449e16030189ea1e5da61bb654f61e34b713fc46e0e20071c1b1f5d52fdb8ac6495fe4d2de1929b0eb2ca6a1214b2dd99133b6f2cdbfdf6f36554 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024
| MD5 | 13d1b429e99059f97e58fa10dd69f8b5 |
| SHA1 | 174c7f299158103127d50de82f1086c3b66e8258 |
| SHA256 | 1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40 |
| SHA512 | 30dbd99f1abe8d2a9ddf73a93ed199ffb2b55903b5bc2618935a64ad54706f054fc9b46a80ccd1cab4eff3f5a607b5b599f5e02a2e89c990e10b210e4f16ed9d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025
| MD5 | e0edc621e4ffaa368d2e0677d3f137e6 |
| SHA1 | e374bb44d1834cf6eb688eabe1820aa5f7c827d3 |
| SHA256 | 13da46f8e9749704bfff6b6f51a202c87facf593280dfde4127e5858c28aaeaf |
| SHA512 | d60643fe87788d76dcf1cd941002ceef18390cac5eaa683bce2e2dbeaba684b6fd656a94187379b71105333590412d65b3466cc9c37cdaada7e009c1c9f8435e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 53ad940779eb89aa286d17fd17cfa486 |
| SHA1 | 7dd58533c4563944b20e6d6b4d6e7e391fc3d835 |
| SHA256 | b791c98b6c2b2c6ba81d38ade2b9f928035454339cc5b4cd44cfc8b43090c68c |
| SHA512 | 43fbdec9807397d9c90feb1cf917363d06bf0cec567bb42161a551013b9da7fb85db3c8911867ce8ffb8aa39c17fe59a3479ac7ad13097dc07416b3d20ff4401 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3e67aa623b981501513a31896187d5c2 |
| SHA1 | f80eab93c39df6db780324449dd054f939871db3 |
| SHA256 | bd5709742fcabf2310b1135371dace289dc4760a1b9d94d0746328fbed301218 |
| SHA512 | ffde2ec538317b7e9f56b0e47b8f197bb30930dac07835f21fa436858a4e9f454ff807530d8c0898df0021102fbf29234454dccc95f6fb7f2f4741d289108188 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 49e89edc4619d5fa106cd2104c495814 |
| SHA1 | 9ceb2b69e07beac3ca9fce00600b5bd773e48267 |
| SHA256 | ce5698ab9471f7ad7ac6c3ed491ff01c4a7d0cdfd5c9dcedc1dd7d4846e55b91 |
| SHA512 | afb389d2f717cd89c3f640e7059d8d11fb15f7c14de1fdff8aa2b7baaf7eef9db057961c7dfe347239edf5203f463a37cb5b38a07894bfc966e2c6644763afd9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 0d934832f8c40a50acf7911455e6fd1f |
| SHA1 | ce18b0af7e55ffecb1702122cf71da6dbb955a07 |
| SHA256 | f9574110112c97e18b623c8a3f66509113e0b97bf82037d90419a28e2a267234 |
| SHA512 | fc0500e8a3f1430bb75becffb187e4950f16018375ae1f8a11423d78beb78d8661d5d9e00e59da4a8288a105421f634eeb721ca29653082c4edf15544ae75f6f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\de63ff4275d236d5c1b83225b76d1c14d40b38a6\ff2645c0-3d15-4429-b6af-1d051001faa0\index-dir\the-real-index
| MD5 | d52787f8cc17b8b5e78e9a62d052189c |
| SHA1 | 6d8e381c6e7dc3db1746b179d312ac1ad55bfdfe |
| SHA256 | 702dec066fb35f80eabe3492811f19e4393b1285a900a5f93be99e8b4f034787 |
| SHA512 | 327e544a83218e65a63ccadb4098470773c3acafb03f76f9ed02b83277723d574dc0b1efa22599f3a21f82c2e7fc7ee8044c3054482b679cbd218ca93556b33b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\de63ff4275d236d5c1b83225b76d1c14d40b38a6\ff2645c0-3d15-4429-b6af-1d051001faa0\index-dir\the-real-index~RFe597f0a.TMP
| MD5 | a3a6e9be0ba9e1e5d779f1f67b6c287d |
| SHA1 | ea6afcb30aac75cd35d088fc57031dbd758b0d13 |
| SHA256 | b96cf3a6e84416bcebcfba7761f168ce78e32bad4263c166fb6d1cb113315798 |
| SHA512 | c29e2444c68a4bb0acc062385034b139f90fc78355ab8aeddc88ec261c010cecf9d75e965cb4ee0c968bda0c6ba04eac640cd425495850b9a4135eb6f105ca18 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\de63ff4275d236d5c1b83225b76d1c14d40b38a6\index.txt
| MD5 | 334dc2b67c9eca9906c8816886d63306 |
| SHA1 | cd131608e7dfda4820dbcc701813d27f2d25f958 |
| SHA256 | 25a2988c072fe8f77546f37794925b9ba8e8c639385dbf53643281407fe7a944 |
| SHA512 | f4a4bb5efb6671e6a12aeff28ef5e020ad5dfd759b625a3c10d251fd02e38f3826711502574f63f4458829fdb76f79d7880a37c08e3dc044e83504aa33f18727 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\de63ff4275d236d5c1b83225b76d1c14d40b38a6\index.txt
| MD5 | 6d7644bf5ff5c331b9d5c2b6cca99705 |
| SHA1 | 7ed5433eab9bc6e799bde27f5b6380913f6f8ed5 |
| SHA256 | ede2181e221d54905fa2d093bb17c8c5efba77b9b35400132931e3091b34ffe5 |
| SHA512 | e2b38188883780748341f1b666e54ee3ba782806ad57e73fc539874caf164379a84129a713273809d9372091157eaa4bd4de751fff4a530adf9f4aa904b7d1bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a68a3c5b12416cadca0004e1de467613 |
| SHA1 | 560d581e6a263d8e3ddf10c3935dbe28160b1bd5 |
| SHA256 | 1545683b7f02f562af2d436c8d070e688d95df24ec810ad45e20ae5a61c8d2ce |
| SHA512 | 2dd7c91ec62f715717439cd127908cda1fccb669512585ab08e1721147ac5ce59f336bf6668d8c850c09c5d00e30e55bc080071b19c6a0ca6bcb7d3297b15465 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 8af84972b5afb7d1262350e509cffc34 |
| SHA1 | 01e4a6c59498f83c753e2d8d40548356a2fd0d2a |
| SHA256 | f1099e514fe96c4bcb138aeb299808bf9dddf3ab0c18a28c6f60ffadbb566d83 |
| SHA512 | 7eb8cec45a12fa654275d4e69cddbcc9b00fed8f87622ce80b9fc70fad6424d405583581e6f718b4b0bdd49e27693be64e60a97e9f9102e04fb4e4db347c2cc2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fa6ca494aceeaffca5b60642218208a9 |
| SHA1 | bb4487642c8cad37731e073f20b71a59ae0c8087 |
| SHA256 | 807f03b0ea494dffd9538337ef1625a207983a23d1d839c8fb5ce09960a3e3e5 |
| SHA512 | 56244d601417cf4fd9afd94df2e0bab443732c94f489222b8708b41ff7068720c4657d9ad411d1fdf03f2bf1a5488cc36c16d3b8530e8ca76a4285fd509b9240 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a9
| MD5 | b2229d4466ee263a188530ba16cd7af1 |
| SHA1 | 9059266f5a47c5ddc2a792131b9b60908dba12db |
| SHA256 | 17b766b8e77333366da8c1331052ce026b1555b24c7f8404333420e97fd6224d |
| SHA512 | 1038d1c865f0aaca95381491f54eb83e4e61ccda9534de9e9de4081df3761ed6257d88f72a1054d2f2f4c2d570e3e2f14a73925b2867679749fe47d8762feb2e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 8f9d28305d40602d2e90383589af4c78 |
| SHA1 | 782228f5da0ac6c22fcee43e4fd4ed417b9fba2b |
| SHA256 | e6a00972c17482d386174365aca078ed1cd0117729123214d117b63266ffaa5f |
| SHA512 | c5ccaf7fcaba5ee86a6010d4ff1b5fafea758487d1cc5b9e20473e8d0b58044ddb4290b18db11f43ef793b3fbad6cbc91fc37b8d7b8b3992a8d7bffae4ed35a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe599e4a.TMP
| MD5 | cb4572f87d58648931bc34e3dd30670f |
| SHA1 | 97c49b9103ea2bbcf97ef845b1a602f049e79543 |
| SHA256 | 261a4b299c61ed63538da0654a370e08b61b921ccb92ca4a24bce301ec5b70e9 |
| SHA512 | 3cad852cd26394f4c0aa08c6fc9e3099d247e58c1da71e331f2fa5270c09ac278ceb3254fccb7a9dd388c0a81834d8985c1d903d1cdd77bd75ea41d9554ff4da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000aa
| MD5 | 8eff0b8045fd1959e117f85654ae7770 |
| SHA1 | 227fee13ceb7c410b5c0bb8000258b6643cb6255 |
| SHA256 | 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571 |
| SHA512 | 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | d20f5194996dce1af036ab489ffc50d1 |
| SHA1 | 37a7a7c81a8c066981ab5a0a48017bb9ff3eef96 |
| SHA256 | ef87aec4f5368dce2663db5b635fae11a457e321f22d078eac9764e4a73f3c15 |
| SHA512 | 147160f44a4c556682ea988d65caf1ce3f58584f8d5fa6a0fbdb308517aad2701b2a0747967eca4d9e01b8a08dec0079249c7da03eb59ec469c32b126cbd9e4b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ac
| MD5 | 115c2d84727b41da5e9b4394887a8c40 |
| SHA1 | 44f495a7f32620e51acca2e78f7e0615cb305781 |
| SHA256 | ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6 |
| SHA512 | 00402945111722b041f317b082b7103bcc470c2112d86847eac44674053fc0642c5df72015dcb57c65c4ffabb7b03ece7e5f889190f09a45cef1f3e35f830f45 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ad
| MD5 | c83e4437a53d7f849f9d32df3d6b68f3 |
| SHA1 | fabea5ad92ed3e2431659b02e7624df30d0c6bbc |
| SHA256 | d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb |
| SHA512 | c2ca1630f7229dd2dec37e0722f769dd94fd115eefa8eeba40f9bb09e4fdab7cc7d15f3deea23f50911feae22bae96341a5baca20b59c7982caf7a91a51e152f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | deae32f7532a6a719faa3ee835970862 |
| SHA1 | 5a3fde34b5a39357d0c0aa43ff4ef2131f7ecd0d |
| SHA256 | 66e01a20860517989a418f77d82682094354da3f10b4c666425c0e7a77d81c1e |
| SHA512 | 07d44a9ef3117fc0d718af4c5e78ce406a1fe391c3bf2efa8daae15200c409f41cead4eebca9de8b9225f3867ea26175220bb49c25b3d72ab8a51a428455223f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3931d2a1676fe356e3cc538077b3f6ea |
| SHA1 | cff4007125bd1af830cdf643d64a0d587977528e |
| SHA256 | 768fbba4cbf894121f6aabafbd67f53c7775e7ca046caa11c9dc7a91bb0a7ec1 |
| SHA512 | 897ea86dbe6ea28d395ac210d0385a4aa321e388a7994da7b31edad3ece464790db5f8089386f605b93f85c81841ed4df79b4d22c888a75e1a68bfaded734ef0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\2ae1cd2a-719e-4b65-beed-319875f992e0\index-dir\the-real-index
| MD5 | 276e7fc5ac5dc798f5f9c9e21b4a1594 |
| SHA1 | 93fd97e08fbe50658d732aad54389e9c146426f3 |
| SHA256 | ebbd0173bf18f7b63ec988673f729e19a6448f9e9efa80c9d0d3a7865a6b2337 |
| SHA512 | 3fe2a75c905d28e7ec44e6f9248783d2050727780d1deb1d80a9dc78bcb84d049dfdf02123c451c86e8ffbdd25146275fb12af0c5b9d8a723fda03ae2d83a9a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\2ae1cd2a-719e-4b65-beed-319875f992e0\index-dir\the-real-index~RFe59c1df.TMP
| MD5 | d1dc70c6172f2fdecad6c0864812b286 |
| SHA1 | 7b511f656245ad1b77f2cfc3a33f4724dd788476 |
| SHA256 | 5084f49cc990352b7383b74e57c91961d7e601dd215433af469aaa56c27818b9 |
| SHA512 | 191bbec0028133b81ec047b2800c3bc0198273a16c92e7709a1ba0950d69e71d0427ffb6e8159dfb9b461a4d3bb7f30b13f3fa9a29f36ce34568bcc75f1b018e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\2ae1cd2a-719e-4b65-beed-319875f992e0\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 9aebc171e801551487873b5885d878d8 |
| SHA1 | 80c9caf09c98381c0e65e63f4bb9b91d9395786f |
| SHA256 | 181b941fcd6b1a84f592231d83352d6d84659c93ea60d228a5a1e316c74ec5ba |
| SHA512 | c0e68bba715cb299d94868c7e961435bf2d64ab0618d74d25f34b0f246ed0529d4ad231b4a1930b0980c23578848146078a581f06fa106f4a5e9fa573d4d11a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 0ea5e658225869b347b835faea02e636 |
| SHA1 | f475784781879181b7a9e854a9a365a5a3573034 |
| SHA256 | e34e66c0b769b2ae5491eb4a389badba2ab36c495d481aa3277c3ab7b223a0a0 |
| SHA512 | 25951b58857ce9e579622bc7dd8391f3787e0e3696fe29b8a43a438bea89dcf9cc49fe421249c180faae478e9b0ef03337f15d15302d06026c37ba2eb7a0c174 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000af
| MD5 | 14e8dc91d8c602054be80c75cadf6239 |
| SHA1 | de3d6be0577179a55cdeb03aa8bf0c2417bb7dfb |
| SHA256 | 94e5e2cd39a92988e80ef26c474c6d128db812d4eb8b673f28f14a6f537159a8 |
| SHA512 | 62e33e3630fa64d526820ec359d014a0f516f6da2e6df38b3e1610bcf462a0a511ef0154e817016648cb872197ce30aff379bd6675bed54076e79ca4c141af6a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cc04aa7c580e22a6a150750aa316d8f1 |
| SHA1 | 50e8f1c718f0c4a8dafd10f7e537965d242107dd |
| SHA256 | 9ec6fc5a88fd8e1814f5f03ab9a2be30e72662f01ed79929205b49932e17f45f |
| SHA512 | b20ad5df6b9e9472b43517bee2f89498cb40830fe5ad45357b9db3726e521f0156d6806b5fdaf6e0be02b2a394bea2ca90f57585196354713eb93c7fe4a02d12 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | b6cab0e15f5b0b77a5a7744d4138181f |
| SHA1 | c85375bb5b204bade92d8d3128b3f74850372c0b |
| SHA256 | ccc5da5185fa15b46f0433345e8d8fd309df12aa7e96cd1d5fea742dc8cac3d6 |
| SHA512 | 07bd69b7f94d4ba27493ae589d5ed9971d275b2b69e372c2569e8c798462196ca43230c6fd032beac2269d2d932f201c87d90932e6c69225b0fe8ed789c0cbab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\2ae1cd2a-719e-4b65-beed-319875f992e0\index-dir\the-real-index
| MD5 | 952cf969e226d649472274d1c86cfaf9 |
| SHA1 | d98587ee008dee3ab6f72e6fc639612c1077a59c |
| SHA256 | cca8268861cd9c8aa3dea258ff25fae790184edb551f1b6a1ae09dcfa8bbd6d4 |
| SHA512 | e11caa3825a71ce0315aaba2dcd17df530bc626c06d827fc0585dcd3b7affac6c3b19212c38a434f9c319070336f69daa9ac7f7b446e07c624b8fdecb6eb2074 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 95d5f6befa44f9bbba6d8c8779d4e52e |
| SHA1 | 2d4ab32d4d35040d79e035ad474b78ae901796af |
| SHA256 | 5fe87cfead644e64b04e7a1b0af635aaa517d6fb58492c41e3a97c08ace9cf2c |
| SHA512 | ab30622906b5abb31990e18ba6cb4f190914b4ffd37db12d5c110388c263a50ca630cf45a1b0da43c9ef9bccf344c3444c85a83a69de1d140478ce60558003e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 340f9585196666a68d6a989d6883d11b |
| SHA1 | 3d779654e31c41c577e710a4b58d6b555e4cf11d |
| SHA256 | 724a15776939195b5944f40e133a166eb4d6f492b8fd764a6a1d5569ba2d7135 |
| SHA512 | ba1481786e22f98c5f7e2f0dd551795b05a1717327edb889a18bb9f2270e3ef640dc28d0fe329a34b2e60254b6a2982ecb89739780773c093112448f5d7d5726 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 96cf151ce60a01015937f3747211440a |
| SHA1 | d28a5657810d475dc1d0e2622123fe25c8e72be5 |
| SHA256 | 8745fcd0ca33c8203515527f86b697803f8e660284b2e1ca8cb2845574a1844f |
| SHA512 | ae46162d3d4e71ccf7828cea0ccd37abde43b1c6d22a5bc5a99d2fd76f02879527cd8c8eb08b7f102d08d087119dd213f71f38711cbc706742f7e37331cae61b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000069
| MD5 | 2f740bb391d6c630032fe78a6f3b53aa |
| SHA1 | dc4f38e104823f3054aca9b01f6906fad04f81b1 |
| SHA256 | 32172c7c2af488cc611c0d797f0ebffed289fd8d8f0e0c77fbc77f0190b95622 |
| SHA512 | eab1e99f74ffc8ef44cd85c871375fdce0ea88ee5bc1a262ee00f13827808a5944ba84d0ee92ec51aa7f433f6e737ef4318330d7e7922a34035aa51ebb2232ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000068
| MD5 | 1682bfa731083c2173526cd01dfa659e |
| SHA1 | 457d65329d9866ac1dc3d3ca441ecbd2ce6019e6 |
| SHA256 | 607dc601ecf72dd0f619449e8c07c3ed9cbd51feda031c5618ff44ca1cc69e02 |
| SHA512 | 6e4701bc05b868957c11371ffd1938b6a897d4b80b39db8c1ccf3a54bc67842aa12a997e03b2b1d9a4c44ec1e2e5208bb88bfcef62c6f7382d17c58bad08a2e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000077
| MD5 | 2c8770159b5e28590f900c9d0d0a197b |
| SHA1 | cc2b62a6e17dcb8b96b70f70ecdc6a0cc4657b06 |
| SHA256 | 20f45db47d8f5bb4b5db3bf98dc9db7839757c7285504c78f7b8692f46f054df |
| SHA512 | 2a7bf2882d725fd057f514ce92e572a86e14c928ae2d9f241ea2ea396fd5d43b777523dbdc9efd5bce369a254ab8c33e0ca1321e4204ff1c27290ae268b6c4a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000072
| MD5 | aff17b0e3769effaf0119f7863913a95 |
| SHA1 | 7f4f608b4c3bfc0118168fc995a22582a2ab165b |
| SHA256 | 9313d9010db5b54168fb41ab11fa0c147bd8b0cf60bc5b61b7cfdd4bc28e12ed |
| SHA512 | f09a5362cd3732162dec76286910b36efe451fa8602cd23bc0cf90ee970c19a419ddbeb0b472e48cafdc61cd3a762616416a19453a1958fa9a51c7cd124d6a73 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007a
| MD5 | 8e433c0592f77beb6dc527d7b90be120 |
| SHA1 | d7402416753ae1bb4cbd4b10d33a0c10517838bd |
| SHA256 | f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af |
| SHA512 | 5e90f48b923bb95aeb49691d03dade8825c119b2fa28977ea170c41548900f4e0165e2869f97c7a9380d7ff8ff331a1da855500e5f7b0dfd2b9abd77a386bbf3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 780f9b8697146687e10543b1134314fd |
| SHA1 | a16dee3b41c0228a355b21b942f3d01106c6c838 |
| SHA256 | f432ba5a64b8f2f9258f2d8288d0e4c4910b39d20852bd6c3e31e81b3e536444 |
| SHA512 | 8520cb9e6c2c763650bbdcd7c11973b4f010e92c72d83634a9643b670fe8632a09e033c72d605a0b2c63f2955e252a6c37ce341035c24743e8d46b8f025e961c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 6d12087e9751268723a6a4b4cf7e89e6 |
| SHA1 | 17d15f61c690c0dd29b843da79d4533c48905af2 |
| SHA256 | dee750a025a8bd85b8d5e623284939f9455888c8b52f16c1e2a2258f06f4044e |
| SHA512 | 5fc3a49b06e4075a8d78d5a0db04726917b2d106d1643bda5c03b3ab9ba4109e6be51ca952c8973048f03b641ad26371f491f588a974b7f72ae8940f7fc8676b |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | c2969f14dd43b86a5750aa0f033ed4d4 |
| SHA1 | 0c7c61fae17af5fec142721b60c9cdae1b222e7d |
| SHA256 | b59480e3aab90de67daa135c1b1cc7d96fd4da61ceb18ffca91f4b5b496535ae |
| SHA512 | b10c6bc728ee2c016b0f383bab7aba0615dcd01a452f15f4c8b7d7c56da14f63db6943635c2e3a516763da4d7958b9dc4d7250ab7ae653deaca8053210f501ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2700ccb7e76ff983adae54bc127fd3f0 |
| SHA1 | 7c7af58eec7ef8d2d643e8a041b2f42c62876473 |
| SHA256 | 5771c0b8fbd780eaadc28ccf8448ff949557ac49cf6a01adb44149e3b7ebb5c5 |
| SHA512 | ea6532e24a871d539b6b416bf23f460c99991225f15bfc5fc67b96e654cf7363754d8f6e6496593ef5b938bc42605aeb56eda5809b4c91d8b6edb5628c77e147 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\c8f2b9d0-0069-4d10-982b-f0d5080dc38b.tmp
| MD5 | 8953eaa269b82db6c50f4957936f984a |
| SHA1 | 818f449ee840e94f9287aad2e936c9296a9b24f1 |
| SHA256 | 165e3ac47b786b37a13bc49acb37d03fd297dba264b990f206587ef29ec0e626 |
| SHA512 | d93e0c7cda589cb88ac0a78615d11f67955b31a19c6f02ea05a157a7bd9b5cad4a16f20d2e5f6473453234daed184e996e0d8d84703734581b5a07363ad31dca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 406aee14f1ff61c84f3d9e63ea9dcfef |
| SHA1 | 9de185a36f4a3c2cc745c93c3695e1040fbd2bb4 |
| SHA256 | 694e2aa2675aa7ed9a5ed919f6cbb163f3dc39c862559995363f972a734fbb20 |
| SHA512 | 1a374eefcabebc2a707c9f05c8de6e71cba28d418385bfb67c89217053ec280a3a88392064f2b35dabbfe492e2a162f3b4ab26dd1d854e7298232e22efe54cd8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 9f3160d2efd7023a2de396e1813ef9a4 |
| SHA1 | 7fd0451950cd28f16a95d0a7bf1b18fe1fa1bbb5 |
| SHA256 | 57df4bbf9fb2d6a4ff74fb946cd1741a81838ebc7ced96e4f43d18af414484ba |
| SHA512 | 8618d92dd148a8109f290968ec45003d2ad310463ac842ef3b60cf6940ef27b237c46224c67be7070be2f79a1837183cfe281e2a897f94c6e10051215437695d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
| MD5 | dddd09d2cece96009d004ca2f8c7fc84 |
| SHA1 | d0e0cdd284b5e77086253cc4694a4e67baf6ebd9 |
| SHA256 | c7e7283786d7950be5f62c9df20b13b5ac42e69c54447b1c2e9f52ff031965aa |
| SHA512 | 93665ee00ccd2aa6f3b17eb7ed614da2aa5bea1fd1be8724758aebc61982ee2ad13e2f85c9ea73959c927002a49f72c0c853f0abead78d77a2ec6797a2937e5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | c084a2d91bac3ac94f9fc31239ddd14e |
| SHA1 | 16e86e5515b9878a9b843a0328b2f8e865b8bd1f |
| SHA256 | 1a10c509d5e831d941924b2a00a0a3839affaa033cdd8ad257d7f03b2fc46c9d |
| SHA512 | c94a590a7f4bd8af3ead298d604499b207d83f8c331b021436ccdaf50951736d19f29ed53eb85bd1e66c626cd5cc8d409a3f7a4f6624febf2eb8a00725db49fc |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\pending_pings\406cca4c-91b5-4d14-b7f1-78dffd4d4884
| MD5 | c6684513ff7110b1b8cd6f6811bb75fb |
| SHA1 | e3128cc205c5c2d78d076aa3c8463b0a7924cba0 |
| SHA256 | c4dc36a6c626a1305513a08347b4b7c815ac0c2896c5775052eccc91183c17f7 |
| SHA512 | 95525251799a44ea4c84ec959cb029af3d14a7e7e50003b462a8ed8d6d5f23ce2aa76c80f3443f1706766e99c0eda061583472be728d9aa2a3e97cf453ad09e4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\pending_pings\3df0246c-61d1-4417-bf15-44a23004d130
| MD5 | 8995f82f800db4c90787adcf4f10d287 |
| SHA1 | 510b5015ffd5d206c2068d5269a2c1fe4794c667 |
| SHA256 | 0a738c2b1f7583a152ce84251916904398e185f84785ce4117bf48c1056b5f9c |
| SHA512 | 98d5a31197536b0f5b9eb28cf16c6ca4a3fbd3ab39fb06782536a6f0c8e32a8d228c9eabee95dea08962228b38a8beee1fca842c8f8d2cf741539f8376482c75 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\pending_pings\c88e60b6-73fa-463c-8ce0-00ee08e641cb
| MD5 | e7f8876da34920426cc779ace4abfe08 |
| SHA1 | 4718213df03ef022cddae75d6578be3e6bc58e71 |
| SHA256 | 662f86f333e0d0826e9a10162e96ec8e84a64ce7db0394435b793a35ad64856b |
| SHA512 | 210f2134f5e22b4416fc731990e989d6d28004f4a912588214b0e264519e85ebf0fac58301283e8185dc1d870c00077a856b2e259972f6af984f5406acc98475 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | e8141118cbecdcdb7cf8cca6f8b02fff |
| SHA1 | b2cdd01b864da6b45e77c45fb78d2c0e445635b2 |
| SHA256 | 9f18727c1013c3f35afca53315e87d2d05ee3f346fa1de990e423041b3f631ac |
| SHA512 | 261fd93c9ae032f984c4ac2f01499826d1b62f11cb86456c369bc4b155b3aa5a27f74a27e809e9a8563d9880233352dba958210d6808becc192a75f06e15e272 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sd844ipy.default-release\activity-stream.discovery_stream.json
| MD5 | f97b6fd19176e464bce3b61b4b871635 |
| SHA1 | a40e3135692777171d64af7017faad8b6c628b05 |
| SHA256 | fe230bdeafbf1bd9c16e144688ff9a189172b397a7075604a78f1845b50dc053 |
| SHA512 | 0c9405b73b23464d0db4aa253a04b33a8c90ae02c5c697ae29d3ce00d9e263539527c2c47e582f4fa37669da84a97205eac47371e1441f5a85f8ff91691b80b0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\prefs.js
| MD5 | 693085c79b7a70f4efc2506556226a1c |
| SHA1 | 4bedc2e9d4186fc3cbe6df8724e2ab8ebe094338 |
| SHA256 | d71c48cf52ee0f26ed32f7ab866b5db1fd56fd5c93ab86750a1ce3a32c7c0fe1 |
| SHA512 | 6f21c3f34c25196b9a7098cc07cf592b97c7eedf7536959d59059873ee1da4dae12762614e59f5020a51773ef1c2e1983cb397aabaa9bbab66415f0a51469018 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\prefs.js
| MD5 | 1673a1ad853223f6fb0aaa0963b6283e |
| SHA1 | 15b6b98555e78f02dffbdf096cf9d81534325e1c |
| SHA256 | 30209f39e2af45f4f5c7f172790f340d0bd47dd17477813fa258b29d3173415c |
| SHA512 | d067f6671d277f536811edd5761e8e03a5a40af34054b4ae33d8e9b14629a03ef3ebfb5781838b891b175deedce3da3b4331d0aaa57ccf09b7e273c2a7ae1b96 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 09372174e83dbbf696ee732fd2e875bb |
| SHA1 | ba360186ba650a769f9303f48b7200fb5eaccee1 |
| SHA256 | c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f |
| SHA512 | b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info
| MD5 | 2a461e9eb87fd1955cea740a3444ee7a |
| SHA1 | b10755914c713f5a4677494dbe8a686ed458c3c5 |
| SHA256 | 4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc |
| SHA512 | 34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll
| MD5 | 842039753bf41fa5e11b3a1383061a87 |
| SHA1 | 3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153 |
| SHA256 | d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c |
| SHA512 | d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 63af4c5424d1463b04416cd20626fe3a |
| SHA1 | f43ba59fd7cfbdcc715397ac09bf87db08ec92f0 |
| SHA256 | 4d2354ab51b4546098d61ccbbe91e16cb16a15b2e488e963751df3f0493fc028 |
| SHA512 | 05d93bd57125475c6039a5f4e34629a4169e225c12cd22820f0728b584763895c6ecdaecc1dce1f912142941a240675584cff32a313772f2fd0d8f12af049aa9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\AlternateServices.bin
| MD5 | 87f6e29c3b3e96b77a46bf6d16555d29 |
| SHA1 | a2568a9fd899751c1593908c2eb4f9ca9eb7f747 |
| SHA256 | fb759db1514abd8ae5502994fb5f2a2e5f88073bef7241b3b6d3452723791949 |
| SHA512 | 6297038064028e3d7328235699483b93336ab1badb59e5ebef46cd1efb9b7d9b1b679de8e96fd1d957bbd3ec1911d7bbc3995dc1bdc29af18637449ada775319 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\prefs-1.js
| MD5 | e3505e0fbb7b9c316af83f3e2e5070a8 |
| SHA1 | 3eba8ed8ff8d435347eb7a2f0a92519d2056a3b6 |
| SHA256 | 7cb9b400fdd433ba1b3f3b33ad43dcef4086b8176d0b6e7f2dfc9a6416fec963 |
| SHA512 | b6ebb2be79066a16a73d9f451fd67dfde9989ff13fd1dcb4838bb3b2380d2bd942a6be0c9f12209aa8dca4197d2adc730c80884ffdfb7e8c55bf21f380be1716 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | 0a8747a2ac9ac08ae9508f36c6d75692 |
| SHA1 | b287a96fd6cc12433adb42193dfe06111c38eaf0 |
| SHA256 | 32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03 |
| SHA512 | 59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json
| MD5 | bf957ad58b55f64219ab3f793e374316 |
| SHA1 | a11adc9d7f2c28e04d9b35e23b7616d0527118a1 |
| SHA256 | bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda |
| SHA512 | 79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll
| MD5 | daf7ef3acccab478aaa7d6dc1c60f865 |
| SHA1 | f8246162b97ce4a945feced27b6ea114366ff2ad |
| SHA256 | bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e |
| SHA512 | 5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sd844ipy.default-release\cache2\entries\8ADF0B8FE76015F32F4AD7D4AC02D58AE5922581
| MD5 | ecd12bd593b123a6e886c1dfaab457f0 |
| SHA1 | 177c54b4c6e296b8152bb697ba45500bea98d954 |
| SHA256 | 1d4c1992d9b983819a6a1036bba871902f5a0b572f96e511c2c81f5043a95644 |
| SHA512 | 177cb390ff8fed1d8a6e667bc45ce9e9e2b44b7bae45d31dab85768f9198e39f1985c0f428b858825e1e753a86bfe185760825a5f381c69d83499bb6b9c07e1d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionstore-backups\recovery.baklz4
| MD5 | f17bc5883dc25040f47619e179567109 |
| SHA1 | 6004adfed3e24139b775829583e691118bafbf73 |
| SHA256 | daad59f1f376cc41b6e2c22d6855820a477fd7ee64fa8249945703fa86f1cf6f |
| SHA512 | 499661ea8cf90111af7e8dd1f1df325a48169b52155e28169a6420318c9f58fe112b1d8c9a5b4d46138522e780ef30a64068d03d2cb650fd1e99fd90dc8fa584 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sd844ipy.default-release\cache2\entries\549C94847E35BE89DCE95DF86EA39378F22E5078
| MD5 | eff00426d6b0aff6b47bb97ab831f89f |
| SHA1 | 83e16cf56f9b18da2be645326584fe7c2febeb51 |
| SHA256 | 4bff23009145c88f426e2f88bbb1f6ca0cec1215313e9552524a3b3ae849fe46 |
| SHA512 | 0a2e5e6f19cde1c3b8bc34cb063ff9b0e08529d16bdc33f45159aab96b219784baef16c246ab64f4de9e09859c9bd53f36a24a70883c0fc72eba8a2bbd2d3eaa |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sd844ipy.default-release\cache2\entries\2492994A253B970917AF5CDF605580B1C2DC16A0
| MD5 | e9f8c099d6872ec0a544540dda78509e |
| SHA1 | 49f154bcd6c86e943e4668b97f78e68dc4b726f1 |
| SHA256 | a96f8f5be21ca915dacab7cc25c3d9d6c8023c72e14bca4480b6d73d816c065a |
| SHA512 | 4048b1d6b741a253d02a4515a185fdd00f68f0f1163a09115cb4e97bd4ed9bb27af96d1b38683d73ffbc09f9f68023a015a697b99700abb708d471f15d27be87 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 24d9c32912535b5300aa8fc4ed829f74 |
| SHA1 | 9c2e85e41da233e5c7374bf7ccfde24863041a7c |
| SHA256 | f9ba7ccdfaf235580852ca8dc22d99d240e88ad9d55c35c190391637caf248a2 |
| SHA512 | 7e89af723bfe03d267e63a66f130988cc59a72dbccd4e64412ed7f4bae74ffd3aee3875a42df00faba757b22a8b4b5a40c3d6d2683e1cd6ca86663570fe3a5ad |
C:\Users\Admin\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-41
| MD5 | 48d8f7bbb500af66baa765279ce58045 |
| SHA1 | 2cdb5fdeee4e9c7bd2e5f744150521963487eb71 |
| SHA256 | db0d72bc7d10209f7fa354ec100d57abbb9fe2e57ce72789f5f88257c5d3ebd1 |
| SHA512 | aef8aa8e0d16aab35b5cc19487e53583691e4471064bc556a2ee13e94a0546b54a33995739f0fa3c4de6ff4c6abf02014aef3efb0d93ca6847bad2220c3302bd |
memory/7016-3113-0x0000000002350000-0x00000000025BB000-memory.dmp
memory/6888-3114-0x0000000000400000-0x0000000000AAD000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 6d059d5b2631fe287b75875b6c5e92f6 |
| SHA1 | 55e3a5d018eaf45fd45d76123c6430368ddd8f37 |
| SHA256 | aa9c9d58f7f23f60dc3418dda5def08cd2cfb24e0f1cad41935185e97a2346be |
| SHA512 | 0257ec1878577066916d7061a199af7e8e0493db6d04b17063d35354329b7b4119461d977a35a9e89d336784b3539dd855200c81c96908357a4a8eda684a2586 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sd844ipy.default-release\cache2\entries\33809CDBDD69269236BB05F66DFF2693F384205C
| MD5 | f92c9d7cdf7443551d331e580d01a647 |
| SHA1 | c13b2a599a008f53130bdab3d4465a8c00bed2c7 |
| SHA256 | 9b969350175291b83394f8755fe0108263a52515b12cc8c21b08adf0a55b0635 |
| SHA512 | 414e03f7c0f987dbdf953fc02f04a0e558cc2745ab707c1fccb899f22b42f2ec391355318a346245726418e6f20afbee858d355862866ae5ce84ec4c76ad5857 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sd844ipy.default-release\cache2\entries\C63D2277AFB9D33AF6C3CFCCB684D58B42F37D12
| MD5 | aad8535d879c6ff9a0b48a9578fe3a18 |
| SHA1 | 93dfc406c4e07940619abfb64e9dca9b2d9241f9 |
| SHA256 | e838623f5a4f8b7da3683714ef13b409c60344c832d14295a528e01469f9b299 |
| SHA512 | 7c6327d3f53c259cf904569651bee9c87c67a071e1c3e96e67fc97afc1444a5ac3f151a07d0d3b8ee052abc568ab74f7347457757479a274c5d38bfe09022a6c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sd844ipy.default-release\cache2\entries\C93F59131F26430B8E189FEBC8E637317721CE6B
| MD5 | 787dec87151cc3175dbd024b775fa427 |
| SHA1 | 37594fb92e64f5fca35e90803711b3fc408874fc |
| SHA256 | 35e29797f4fb9803a4110933e04f9a83abe1970c6063cfc2f2105e000849d110 |
| SHA512 | c3c05c18a935a1533f7dd142b7e7162d69932036aacb723a73aef91e9cfb90158d0afe0d4d9f89f0e88b0b9775a910b309804e113fe57c799c9f657bdb704da3 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sd844ipy.default-release\cache2\entries\BEA4DD767DBD7BEF2D1146F1A7C7B6DBEC858F1D
| MD5 | 15511b3e5b70dd3dbd027b2a0bcf6022 |
| SHA1 | 66cd16b6ccc81985a1bec32f145812cb187b2e92 |
| SHA256 | 6304ddd8458f80e94ff9bdc2e62a9be22927536e65228ff0c4d9f796565ee96b |
| SHA512 | a6b153fc7b8b1494d2e2faf91593cae39bc2be8a350cf7f0331eb6d941283e66315a20d8750ed07d7c19694d9ac60e5a743e894424241ae3f0201a8a563c5e30 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sd844ipy.default-release\cache2\entries\7FB78C9D4678D3E57F04D54F36A2847939730A90
| MD5 | cf08239833d47b513aad96db07fab757 |
| SHA1 | dceb3640ba7236bf27db3cbb4ba87fc4106a85f8 |
| SHA256 | 6fb7cb68992682b8d9b0476ff2ef418c068af2c496695efb93c321e4f765fd4e |
| SHA512 | a0caa373b9f1aecafc0e25bbfcc2779b5d825aaa6f8a98ef064ca95a4267dc87da9b4f481535202fd0e637d84c2fae0aea3a6e1a6f09752d0df859fb444dcc21 |
memory/5888-3194-0x0000000000400000-0x000000000066B000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 6aae807ca9a41345ba1ff1832a0d2c52 |
| SHA1 | 522899a6d75c8918da9cb52d800a91209dc02109 |
| SHA256 | 982f8f3fdc1f8fcb8316042b2f2b711eded66a57622a73e15332f53ed333c6ad |
| SHA512 | b6e56b309a9222a085a6a5006ac46f8d7d01fee97152e1d2f4c4180f3167c2daf74ff6db6b56ef7385479a50fba15a256a7149f475660a78b45c097200c7e3ce |
C:\Users\Admin\Downloads\Amus.exe
| MD5 | 47abd68080eee0ea1b95ae31968a3069 |
| SHA1 | ffbdf4b2224b92bd78779a7c5ac366ccb007c14d |
| SHA256 | b5fc4fd50e4ba69f0c8c8e5c402813c107c605cab659960ac31b3c8356c4e0ec |
| SHA512 | c9dfabffe582b29e810db8866f8997af1bd3339fa30e79575377bde970fcad3e3b6e9036b3a88d0c5f4fa3545eea8904d9faabf00142d5775ea5508adcd4dc0a |
C:\Users\Admin\Downloads\Amus.exe:Zone.Identifier
| MD5 | dce5191790621b5e424478ca69c47f55 |
| SHA1 | ae356a67d337afa5933e3e679e84854deeace048 |
| SHA256 | 86a3e68762720abe870d1396794850220935115d3ccc8bb134ffa521244e3ef8 |
| SHA512 | a669e10b173fce667d5b369d230d5b1e89e366b05ba4e65919a7e67545dd0b1eca8bcb927f67b12fe47cbe22b0c54c54f1e03beed06379240b05b7b990c5a641 |
memory/2148-3234-0x0000000000400000-0x000000000040E000-memory.dmp
memory/5888-3260-0x0000000000400000-0x000000000066B000-memory.dmp
memory/1168-3268-0x0000000000400000-0x000000000040E000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 7a4689a5f7237cd33530466ff8845846 |
| SHA1 | df55364cd23dc2330bf0a53b40e262d499bbe35b |
| SHA256 | 045250121a79ae047579b7e54456be2c9032e05b9482256edd397da0d23367a3 |
| SHA512 | 98a4de8168f76aabfd2614d1d547d4a5a883a0d23eb38fc3ba1e1c628d20dfabde47e6f12e896c99caf4b2d28ea696d6f8c0039f7da235f6fe9b0e4b5a6310a0 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\sd844ipy.default-release\jumpListCache\rsC0IwZXNWMY3JWIAVeJrs66EWZbCk_wv_Wsi0dOIQ0=.ico
| MD5 | 6b120367fa9e50d6f91f30601ee58bb3 |
| SHA1 | 9a32726e2496f78ef54f91954836b31b9a0faa50 |
| SHA256 | 92c62d192e956e966fd01a0c1f721d241b9b6f256b308a2be06187a7b925f9e0 |
| SHA512 | c8d55a2c10a2ef484dedded911b8f3c2f5ecb996be6f6f425c5bd4b4f53eb620a2baccd48bac1915a81da9a792971d95ff36c3f216075d93e5fd7a462ecd784f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 644c072fb2ba59e1d8b64d3dfa041d92 |
| SHA1 | 5ed985b2340804619081090cb896ce8d90f72d3f |
| SHA256 | 86568d5aaf7f2bb9aa85e89621056e23420a27f6a85697ea91713bb6e102335a |
| SHA512 | 6cc0dd90b05d728ea3dea136b978ff688b074e0279f0cded7e74a0233b0b74097513e1a626726a30ece5a90c9c3f4636ff86d94b5f1f4354ca477c0bf4badf68 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 982ecc854c8faf4b7452cb6f67af5b81 |
| SHA1 | 8e4212e6be2e8d188ada9bc02e1e6a9dddb4e672 |
| SHA256 | acd24228dff49b87a20280ec7d0202289553ccf5ee8b70665ba43be932c89048 |
| SHA512 | 3ac965e1d8b25742663a6c4df86d448ecc96670d8a2d396ca9913556b40a740014e041f13d6422834e6fbd3f5021ee1c94216486a658a2004116926d1cc5bbc3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\datareporting\glean\pending_pings\cffd9bc4-e110-4ab7-b80c-0a0721e35e80
| MD5 | ac99ee7c283cef5e86cb5aa026c39a48 |
| SHA1 | 4e8671ec2b4f499f86fb78191f84c1fe394ca7ca |
| SHA256 | d3868252cbff4182349e20098730a26fdd5b59b1aabdb4896f1fed4cbd7f062d |
| SHA512 | bf1dcd4e54d23f9aadc2eea74171a3b65613dbe68bb55b935b4f855facec6d524f49b6eff49706c47ef5e88498f3a9e83acbbe0f1b33ad19be4a7e9ba1fb38ea |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sd844ipy.default-release\prefs-1.js
| MD5 | 3222e5ad9468d7a75849a03f52453cda |
| SHA1 | 47dd02d5519a72c4b7c6df8765e53441345cc738 |
| SHA256 | 75475e534dbce3be9661e0b1d46296a09f17b0477feefd6c9fdb9ab0cce65c2c |
| SHA512 | d6f9a9bd032fb2c2bfcaf56d0a4e519f6e8c76cdbdd08679ca19839288763365ccde1a86cf5874f26425ae1ec6e41526eb90edb4283e18a74c9068284ff345a3 |
memory/5564-3398-0x0000000000400000-0x000000000040E000-memory.dmp
memory/6112-3400-0x0000000000400000-0x000000000040E000-memory.dmp
memory/6112-3403-0x0000000000400000-0x000000000040E000-memory.dmp
memory/2148-3405-0x0000000000400000-0x000000000040E000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb
| MD5 | 3d4ef502d2912a70c362072959cc0554 |
| SHA1 | c63b4efc83c73822429859fb51014cd291f48ab7 |
| SHA256 | bd965be46432eb5aadcdbd12643e16c6649ed3466de3820d41b4531bcff0cf20 |
| SHA512 | 57ac2aa7c2198f7dab453bd30777240f5ab710ff0e960c83527e1e3e6ff05d716c83454026e52a5d30e94423ef18dd375b1ab57d641ce1cc8cf06b02cdf57340 |
memory/4768-3434-0x00000000087A0000-0x00000000087B0000-memory.dmp
memory/4768-3435-0x000000000B1B0000-0x000000000B1C0000-memory.dmp
memory/4768-3440-0x000000000B1B0000-0x000000000B1C0000-memory.dmp
memory/4768-3441-0x000000000B1B0000-0x000000000B1C0000-memory.dmp
memory/4768-3439-0x000000000B1B0000-0x000000000B1C0000-memory.dmp
memory/4768-3438-0x000000000B1B0000-0x000000000B1C0000-memory.dmp
memory/4768-3436-0x000000000B1B0000-0x000000000B1C0000-memory.dmp
memory/4768-3437-0x000000000B1B0000-0x000000000B1C0000-memory.dmp
memory/4768-3442-0x000000000B1B0000-0x000000000B1C0000-memory.dmp
memory/4768-3443-0x000000000B1B0000-0x000000000B1C0000-memory.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\74d7f43c1561fc1e.customDestinations-ms
| MD5 | dcc7f7210bf408db6707aa9743cb8554 |
| SHA1 | 3a0dbb3a5882bd434962bc8391ab738802a9bf7b |
| SHA256 | 26db5d90f4f41734fd98c4f909bb40da2420f273ad4fd729ed8a9f5a1215ac40 |
| SHA512 | 38e1b5cae546a4cd622e96c916216ea681a2fb336f4122ed5cd9d1d275aff4ad3755eecc1f0c36e6ca065952c521b06974fbb6c57ad7c8fef7e845190c6fda9c |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\74d7f43c1561fc1e.customDestinations-ms
| MD5 | d8917a5cf44a9918390e179b47109333 |
| SHA1 | 07f2a5e29eb7df806298bedc850d68c3b17f1fe4 |
| SHA256 | f3cd143801b8985ec6c5a0e30dd1c857bc0d3c22e218cba561c1381dcaa0a18f |
| SHA512 | 0fac82861ebaa21768d2d6df6c3a9988398d0b9c43fe34ea4c8f1d6337a20c415ba9f4b6fdde6b8719f34b22cf3e5859fbebf9e2ce9a2c05b8ad1ede855ef214 |
C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML.bak
| MD5 | 7050d5ae8acfbe560fa11073fef8185d |
| SHA1 | 5bc38e77ff06785fe0aec5a345c4ccd15752560e |
| SHA256 | cb87767c4a384c24e4a0f88455f59101b1ae7b4fb8de8a5adb4136c5f7ee545b |
| SHA512 | a7a295ac8921bb3dde58d4bcde9372ed59def61d4b7699057274960fa8c1d1a1daff834a93f7a0698e9e5c16db43af05e9fd2d6d7c9232f7d26ffcff5fc5900b |
memory/6364-3467-0x0000000000400000-0x0000000000AAD000-memory.dmp
memory/5888-3469-0x0000000000400000-0x000000000066B000-memory.dmp