Malware Analysis Report

2025-08-05 18:13

Sample ID 241117-seepns1qes
Target https://cdn.discordapp.com/attachments/1302716374694629517/1307722340003745963/Test.bat?ex=673b56d6&is=673a0556&hm=90648d5a17d036e19636563df4d4ef7095d65fa1e3a0bf6c0fafa6971e337b98&
Tags
discovery evasion execution persistence phishing privilege_escalation
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://cdn.discordapp.com/attachments/1302716374694629517/1307722340003745963/Test.bat?ex=673b56d6&is=673a0556&hm=90648d5a17d036e19636563df4d4ef7095d65fa1e3a0bf6c0fafa6971e337b98& was found to be: Known bad.

Malicious Activity Summary

discovery evasion execution persistence phishing privilege_escalation

Disables service(s)

Stops running service(s)

A potential corporate email address has been identified in the URL: prebid-universal-creative@latest

Command and Scripting Interpreter: PowerShell

Launches sc.exe

Browser Information Discovery

Event Triggered Execution: Netsh Helper DLL

Suspicious use of SendNotifyMessage

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

Uses Volume Shadow Copy service COM API

Suspicious use of AdjustPrivilegeToken

Runs net.exe

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Checks SCSI registry key(s)

Enumerates system info in registry

Gathers network information

NTFS ADS

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-17 15:02

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-17 15:02

Reported

2024-11-17 15:07

Platform

win10v2004-20241007-en

Max time kernel

301s

Max time network

308s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://cdn.discordapp.com/attachments/1302716374694629517/1307722340003745963/Test.bat?ex=673b56d6&is=673a0556&hm=90648d5a17d036e19636563df4d4ef7095d65fa1e3a0bf6c0fafa6971e337b98&

Signatures

Disables service(s)

evasion execution

Stops running service(s)

evasion execution

A potential corporate email address has been identified in the URL: prebid-universal-creative@latest

phishing

Command and Scripting Interpreter: PowerShell

execution
Description Indicator Process Target
N/A N/A C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe N/A

Launches sc.exe

Description Indicator Process Target
N/A N/A C:\Windows\system32\sc.exe N/A
N/A N/A C:\Windows\system32\sc.exe N/A

Browser Information Discovery

discovery

Event Triggered Execution: Netsh Helper DLL

persistence privilege_escalation
Description Indicator Process Target
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\system32\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\system32\netsh.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\system32\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\system32\netsh.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\system32\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\system32\netsh.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\system32\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\system32\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\system32\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\system32\netsh.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\system32\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\system32\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\system32\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\system32\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh C:\Windows\system32\netsh.exe N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters C:\Windows\system32\vssvc.exe N/A
Key queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters C:\Windows\system32\vssvc.exe N/A
Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr C:\Windows\system32\vssvc.exe N/A
Set value (data) \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr\PartitionTableCache = 00000000040000009fc5eef0dbaffe7c0000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000c01200000000ffffffff0000000027010100000800009fc5eef00000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d01200000000000020ed3a000000ffffffff0000000007000100006809009fc5eef0000000000000d012000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0ff3a0000000000000005000000ffffffff000000000700010000f87f1d9fc5eef0000000000000f0ff3a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000009fc5eef000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 C:\Windows\system32\vssvc.exe N/A
Set value (data) \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr\SnapshotDataCache = 534e41505041525401000000700000008ec7416a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 C:\Windows\system32\vssvc.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Gathers network information

Description Indicator Process Target
N/A N/A C:\Windows\system32\ipconfig.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 605556.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Runs net.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 33 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 34 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 35 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 36 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 33 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 34 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 35 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 36 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 33 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 34 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 35 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: 36 N/A C:\Windows\System32\Wbem\WMIC.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\Wbem\WMIC.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1952 wrote to memory of 4064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 4064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3276 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3276 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1952 wrote to memory of 3564 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Uses Volume Shadow Copy service COM API

ransomware

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://cdn.discordapp.com/attachments/1302716374694629517/1307722340003745963/Test.bat?ex=673b56d6&is=673a0556&hm=90648d5a17d036e19636563df4d4ef7095d65fa1e3a0bf6c0fafa6971e337b98&

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa99af46f8,0x7ffa99af4708,0x7ffa99af4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2880 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3400 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5292 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5292 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4960 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4956 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6096 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1

C:\Windows\System32\mousocoreworker.exe

C:\Windows\System32\mousocoreworker.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5960 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4920 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3436 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6452 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3412 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6240 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6724 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6924 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6440 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6580 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6272 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7344 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7460 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7488 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7696 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6276 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5024 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3044 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6808 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6448 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8200 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8136 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\Test.bat" "

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\Test.bat" "

C:\Windows\system32\net.exe

net session

C:\Windows\system32\net.exe

net session

C:\Windows\system32\net1.exe

C:\Windows\system32\net1 session

C:\Windows\system32\net1.exe

C:\Windows\system32\net1 session

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "wmic os get LocalDateTime /value"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "wmic os get LocalDateTime /value"

C:\Windows\System32\Wbem\WMIC.exe

wmic os get LocalDateTime /value

C:\Windows\System32\Wbem\WMIC.exe

wmic os get LocalDateTime /value

C:\Windows\System32\Wbem\WMIC.exe

wmic.exe /Namespace:\\root\default Path SystemRestore Call CreateRestorePoint "RestorePoint_2024-11-17_15-04", 100, 7

C:\Windows\System32\Wbem\WMIC.exe

wmic.exe /Namespace:\\root\default Path SystemRestore Call CreateRestorePoint "RestorePoint_2024-11-17_15-04", 100, 7

C:\Windows\system32\vssvc.exe

C:\Windows\system32\vssvc.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6744 /prefetch:2

C:\Windows\system32\ipconfig.exe

ipconfig /flushdns

C:\Windows\system32\netsh.exe

netsh winsock reset

C:\Windows\system32\netsh.exe

netsh int tcp set global autotuninglevel=highlyrestricted

C:\Windows\system32\netsh.exe

netsh int tcp set global congestionprovider=ctcp

C:\Windows\system32\reg.exe

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces" /v TcpNoDelay /t REG_DWORD /d 1 /f

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

powershell -Command "Get-NetAdapter | Set-NetAdapterAdvancedProperty -RegistryKeyword 'LSO' -RegistryValue 0"

C:\Windows\system32\netsh.exe

netsh interface ipv4 set subinterface "Ethernet" mtu=1500 store=persistent

C:\Windows\system32\sc.exe

sc config Dnscache start= disabled

C:\Windows\system32\sc.exe

sc stop Dnscache

C:\Windows\system32\netsh.exe

netsh interface ipv4 set global autotuninglevel=disabled

C:\Windows\system32\reg.exe

reg add "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters" /v TcpAckFrequency /t REG_DWORD /d 1 /f

C:\Windows\system32\reg.exe

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v MaxUserPort /t REG_DWORD /d 65534 /f

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1232 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5980 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5460 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6060 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6600 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8292 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8452 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6540 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6400 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6792 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5820 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7300 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6328 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5144 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8604 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3472 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6052 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5776 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7384 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7408 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8584 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8344 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5052 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11452005444333173900,15114054823308703882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8312 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 83.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 cdn.discordapp.com udp
US 162.159.129.233:443 cdn.discordapp.com tcp
US 8.8.8.8:53 0.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 233.129.159.162.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
GB 95.101.143.219:443 www.bing.com tcp
US 8.8.8.8:53 219.143.101.95.in-addr.arpa udp
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
GB 95.101.143.219:443 th.bing.com tcp
GB 95.101.143.219:443 th.bing.com tcp
GB 95.101.143.219:443 th.bing.com tcp
GB 95.101.143.219:443 th.bing.com tcp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 40.126.31.69:443 login.microsoftonline.com tcp
US 8.8.8.8:53 www.speedtest.net udp
US 104.17.148.22:443 www.speedtest.net tcp
US 104.17.148.22:443 www.speedtest.net tcp
US 8.8.8.8:53 cdn.ziffstatic.com udp
US 8.8.8.8:53 b.cdnst.net udp
GB 92.123.26.138:443 cdn.ziffstatic.com tcp
US 8.8.8.8:53 22.148.17.104.in-addr.arpa udp
US 8.8.8.8:53 138.26.123.92.in-addr.arpa udp
US 151.101.66.219:443 b.cdnst.net tcp
US 151.101.66.219:443 b.cdnst.net tcp
US 151.101.66.219:443 b.cdnst.net tcp
US 151.101.66.219:443 b.cdnst.net tcp
US 8.8.8.8:53 219.66.101.151.in-addr.arpa udp
US 8.8.8.8:53 133.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 88.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 b-code.liadm.com udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 diffuser-cdn.app-us1.com udp
FR 13.32.145.54:443 b-code.liadm.com tcp
FR 3.162.33.228:443 c.amazon-adsystem.com tcp
US 104.18.128.216:443 diffuser-cdn.app-us1.com tcp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 8.8.8.8:53 crt.rootg2.amazontrust.com udp
US 104.18.86.42:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 prism.app-us1.com udp
FR 3.164.163.87:80 crt.rootg2.amazontrust.com tcp
US 104.18.128.216:443 prism.app-us1.com tcp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 54.145.32.13.in-addr.arpa udp
US 8.8.8.8:53 72.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 228.33.162.3.in-addr.arpa udp
US 8.8.8.8:53 216.128.18.104.in-addr.arpa udp
US 8.8.8.8:53 42.86.18.104.in-addr.arpa udp
US 8.8.8.8:53 50.201.222.52.in-addr.arpa udp
US 8.8.8.8:53 87.163.164.3.in-addr.arpa udp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 172.64.155.119:443 geolocation.onetrust.com tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
GB 142.250.200.2:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 76.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 119.155.64.172.in-addr.arpa udp
US 8.8.8.8:53 trackcmp.net udp
US 172.64.153.42:443 trackcmp.net tcp
US 8.8.8.8:53 cdn.static.zdbb.net udp
US 104.18.86.42:443 cdn.cookielaw.org tcp
GB 92.123.26.82:443 cdn.static.zdbb.net tcp
US 172.64.153.42:443 trackcmp.net tcp
US 8.8.8.8:53 i.liadm.com udp
GB 142.250.200.2:443 securepubads.g.doubleclick.net udp
US 34.196.32.160:443 i.liadm.com tcp
US 8.8.8.8:53 rp.liadm.com udp
US 54.205.199.210:443 rp.liadm.com tcp
US 8.8.8.8:53 2.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 82.26.123.92.in-addr.arpa udp
US 8.8.8.8:53 78.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 42.153.64.172.in-addr.arpa udp
US 8.8.8.8:53 160.32.196.34.in-addr.arpa udp
US 8.8.8.8:53 210.199.205.54.in-addr.arpa udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 live.rezync.com udp
US 8.8.8.8:53 d.turn.com udp
US 8.8.8.8:53 dis.criteo.com udp
US 8.8.8.8:53 mid.rkdms.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 dpm.demdex.net udp
US 3.33.220.150:443 match.adsrvr.org tcp
NL 178.250.1.9:443 dis.criteo.com tcp
FR 52.84.174.78:443 live.rezync.com tcp
NL 46.228.164.13:443 d.turn.com tcp
US 34.225.105.13:443 mid.rkdms.com tcp
IE 54.229.234.237:443 dpm.demdex.net tcp
DE 37.252.171.53:443 ib.adnxs.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
US 34.196.32.160:443 i.liadm.com tcp
US 8.8.8.8:53 speedtest10g.ms-3.co.uk.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedlon.hyperoptic.com udp
US 8.8.8.8:53 speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest.swishfibre.com.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest.emeryholdings.org.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest.london.macarne.com.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest-ld8.mindthespeed.co.za.prod.hosts.ooklaserver.net udp
GB 45.10.101.252:8080 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net tcp
GB 31.22.12.17:8080 speedtest.swishfibre.com.prod.hosts.ooklaserver.net tcp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
GB 45.92.46.45:8080 speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net tcp
US 8.8.8.8:53 p.rfihub.com udp
US 8.8.8.8:53 speedtest-lon.retn.net.prod.hosts.ooklaserver.net udp
GB 57.128.160.133:8080 speedtest.emeryholdings.org.prod.hosts.ooklaserver.net tcp
GB 185.225.24.21:8080 speedtest.london.macarne.com.prod.hosts.ooklaserver.net tcp
GB 154.61.48.138:8080 speedtest10g.ms-3.co.uk.prod.hosts.ooklaserver.net tcp
GB 185.82.8.1:8080 speedtest-lon.retn.net.prod.hosts.ooklaserver.net tcp
NL 193.0.160.131:443 p.rfihub.com tcp
GB 51.148.82.21:8080 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net tcp
GB 197.148.66.54:8080 speedtest-ld8.mindthespeed.co.za.prod.hosts.ooklaserver.net tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 150.220.33.3.in-addr.arpa udp
US 8.8.8.8:53 78.174.84.52.in-addr.arpa udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 13.164.228.46.in-addr.arpa udp
US 8.8.8.8:53 237.234.229.54.in-addr.arpa udp
US 8.8.8.8:53 53.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 13.105.225.34.in-addr.arpa udp
US 8.8.8.8:53 252.101.10.45.in-addr.arpa udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 45.46.92.45.in-addr.arpa udp
US 8.8.8.8:53 21.24.225.185.in-addr.arpa udp
US 8.8.8.8:53 6.112.37.152.in-addr.arpa udp
US 8.8.8.8:53 21.82.148.51.in-addr.arpa udp
US 8.8.8.8:53 1.8.82.185.in-addr.arpa udp
US 8.8.8.8:53 131.160.0.193.in-addr.arpa udp
US 8.8.8.8:53 138.48.61.154.in-addr.arpa udp
US 8.8.8.8:53 54.66.148.197.in-addr.arpa udp
US 8.8.8.8:53 23.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 8.8.8.8:53 btlr.sharethrough.com udp
US 8.8.8.8:53 c2shb.pubgw.yahoo.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 bidder.criteo.com udp
US 8.8.8.8:53 ib.adnxs-simple.com udp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 104.18.27.193:443 htlb.casalemedia.com tcp
IE 108.128.224.230:443 c2shb.pubgw.yahoo.com tcp
IE 108.128.224.230:443 c2shb.pubgw.yahoo.com tcp
IE 108.128.224.230:443 c2shb.pubgw.yahoo.com tcp
IE 108.128.224.230:443 c2shb.pubgw.yahoo.com tcp
IE 108.128.224.230:443 c2shb.pubgw.yahoo.com tcp
NL 178.250.1.56:443 bidder.criteo.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
DE 37.252.171.53:443 ib.adnxs-simple.com tcp
US 35.186.253.211:443 rtb.openx.net tcp
DE 18.199.220.232:443 btlr.sharethrough.com tcp
DE 18.199.220.232:443 btlr.sharethrough.com tcp
DE 18.199.220.232:443 btlr.sharethrough.com tcp
DE 18.199.220.232:443 btlr.sharethrough.com tcp
DE 18.199.220.232:443 btlr.sharethrough.com tcp
DE 18.199.220.232:443 btlr.sharethrough.com tcp
US 104.18.27.193:443 htlb.casalemedia.com tcp
US 8.8.8.8:53 gurgle.speedtest.net udp
US 8.8.8.8:53 zdbb.net udp
US 18.208.21.210:443 gurgle.speedtest.net tcp
IE 54.76.89.131:443 zdbb.net tcp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 139.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 230.224.128.108.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 211.253.186.35.in-addr.arpa udp
US 8.8.8.8:53 56.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 232.220.199.18.in-addr.arpa udp
US 8.8.8.8:53 131.89.76.54.in-addr.arpa udp
US 8.8.8.8:53 193.27.18.104.in-addr.arpa udp
US 8.8.8.8:53 133.160.128.57.in-addr.arpa udp
US 8.8.8.8:53 210.21.208.18.in-addr.arpa udp
US 8.8.8.8:53 460fbc01feb9f728e09ad0f954a4f60d.safeframe.googlesyndication.com udp
GB 142.250.179.225:443 460fbc01feb9f728e09ad0f954a4f60d.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 privacyportal.onetrust.com udp
US 172.64.155.119:443 privacyportal.onetrust.com tcp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 gurgle.zdbb.net udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 3.227.223.47:443 gurgle.zdbb.net tcp
NL 178.250.1.3:443 static.criteo.net tcp
NL 178.250.1.3:443 static.criteo.net tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
BE 64.233.167.156:443 stats.g.doubleclick.net tcp
US 216.239.34.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 secure-us.imrworldwide.com udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 225.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 156.167.233.64.in-addr.arpa udp
US 8.8.8.8:53 47.223.227.3.in-addr.arpa udp
GB 142.250.179.227:443 www.google.co.uk tcp
IE 52.51.188.62:443 secure-us.imrworldwide.com tcp
IE 52.51.188.62:443 secure-us.imrworldwide.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
GB 142.250.187.225:443 tpc.googlesyndication.com tcp
GB 142.250.187.225:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 227.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 62.188.51.52.in-addr.arpa udp
US 8.8.8.8:53 98.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 cdn.ampproject.org udp
GB 216.58.204.65:443 cdn.ampproject.org tcp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 ookla-d.openx.net udp
GB 95.100.245.251:443 eus.rubiconproject.com tcp
GB 2.18.108.192:443 ads.pubmatic.com tcp
US 35.244.159.8:443 ookla-d.openx.net tcp
US 8.8.8.8:53 js-sec.indexww.com udp
US 104.18.24.18:443 js-sec.indexww.com tcp
GB 216.58.204.65:443 cdn.ampproject.org udp
GB 142.250.187.225:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 225.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 65.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 gum.criteo.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 cdn-gl.imrworldwide.com udp
US 8.8.8.8:53 idx.liadm.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
GB 216.58.201.98:443 googleads.g.doubleclick.net udp
US 54.209.213.84:443 idx.liadm.com tcp
FR 99.86.91.60:443 cdn-gl.imrworldwide.com tcp
US 54.209.213.84:443 idx.liadm.com tcp
US 8.8.8.8:53 251.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 192.108.18.2.in-addr.arpa udp
US 8.8.8.8:53 8.159.244.35.in-addr.arpa udp
US 8.8.8.8:53 18.24.18.104.in-addr.arpa udp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
GB 142.250.187.225:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 fw.adsafeprotected.com udp
IE 52.17.76.199:443 fw.adsafeprotected.com tcp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
US 8.8.8.8:53 s0.2mdn.net udp
GB 216.58.204.66:443 googleads4.g.doubleclick.net tcp
GB 172.217.169.70:443 s0.2mdn.net tcp
IE 52.17.76.199:443 fw.adsafeprotected.com tcp
US 8.8.8.8:53 84.213.209.54.in-addr.arpa udp
US 8.8.8.8:53 6.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 60.91.86.99.in-addr.arpa udp
US 8.8.8.8:53 66.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 199.76.17.52.in-addr.arpa udp
US 8.8.8.8:53 70.169.217.172.in-addr.arpa udp
GB 142.250.179.226:443 cm.g.doubleclick.net tcp
GB 216.58.204.66:443 googleads4.g.doubleclick.net udp
GB 172.217.16.228:443 www.google.com tcp
GB 142.250.179.226:443 cm.g.doubleclick.net udp
GB 172.217.16.228:443 www.google.com udp
US 8.8.8.8:53 226.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 227.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 228.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 dnacdn.net udp
FR 178.250.7.13:443 dnacdn.net tcp
FR 18.244.28.65:443 bee.imrworldwide.com tcp
US 8.8.8.8:53 static.adsafeprotected.com udp
FR 18.164.52.3:443 static.adsafeprotected.com tcp
US 8.8.8.8:53 dt.adsafeprotected.com udp
US 8.8.8.8:53 13.7.250.178.in-addr.arpa udp
US 8.8.8.8:53 65.28.244.18.in-addr.arpa udp
US 8.8.8.8:53 3.52.164.18.in-addr.arpa udp
US 35.155.78.178:443 dt.adsafeprotected.com tcp
US 35.155.78.178:443 dt.adsafeprotected.com tcp
US 35.155.78.178:443 dt.adsafeprotected.com tcp
US 35.155.78.178:443 dt.adsafeprotected.com tcp
US 35.155.78.178:443 dt.adsafeprotected.com tcp
US 35.155.78.178:443 dt.adsafeprotected.com tcp
US 8.8.8.8:53 aa.agkn.com udp
US 8.8.8.8:53 stags.bluekai.com udp
US 8.8.8.8:53 178.78.155.35.in-addr.arpa udp
GB 197.148.66.54:8080 speedtest-ld8.mindthespeed.co.za.prod.hosts.ooklaserver.net tcp
DE 35.158.90.35:443 aa.agkn.com tcp
GB 95.100.245.12:443 stags.bluekai.com tcp
US 8.8.8.8:53 cu1sbcyimluvqwf4inkugenqaxp3u1731855819.nuid.imrworldwide.com udp
US 8.8.8.8:53 35.90.158.35.in-addr.arpa udp
FR 52.222.169.97:443 cu1sbcyimluvqwf4inkugenqaxp3u1731855819.nuid.imrworldwide.com tcp
US 8.8.8.8:53 token.rubiconproject.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 jogger.zdbb.net udp
US 8.8.8.8:53 idsync.rlcdn.com udp
US 8.8.8.8:53 tags.bkrtx.com udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
US 23.23.119.8:443 jogger.zdbb.net tcp
GB 23.59.66.82:443 tags.bkrtx.com tcp
US 35.244.174.68:443 idsync.rlcdn.com tcp
GB 216.58.204.66:443 ep1.adtrafficquality.google tcp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
GB 216.58.212.193:443 ep2.adtrafficquality.google tcp
US 8.8.8.8:53 ag.gbc.criteo.com udp
US 8.8.8.8:53 gem.gbc.criteo.com udp
NL 185.235.87.25:443 gem.gbc.criteo.com tcp
NL 185.235.87.57:443 ag.gbc.criteo.com tcp
GB 216.58.212.193:443 ep2.adtrafficquality.google udp
GB 172.217.16.228:443 www.google.com udp
US 8.8.8.8:53 12.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 97.169.222.52.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 8.119.23.23.in-addr.arpa udp
US 8.8.8.8:53 193.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 25.87.235.185.in-addr.arpa udp
US 8.8.8.8:53 57.87.235.185.in-addr.arpa udp
US 8.8.8.8:53 82.66.59.23.in-addr.arpa udp
US 151.101.66.219:443 b.cdnst.net tcp
GB 197.148.66.54:8080 speedtest-ld8.mindthespeed.co.za.prod.hosts.ooklaserver.net tcp
GB 197.148.66.54:8080 speedtest-ld8.mindthespeed.co.za.prod.hosts.ooklaserver.net tcp
GB 45.10.101.252:8080 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net tcp
GB 51.148.82.21:8080 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net tcp
GB 185.225.24.21:8080 speedtest.london.macarne.com.prod.hosts.ooklaserver.net tcp
GB 197.148.66.54:8080 speedtest-ld8.mindthespeed.co.za.prod.hosts.ooklaserver.net tcp
GB 45.10.101.252:8080 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net tcp
GB 51.148.82.21:8080 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net tcp
GB 216.58.204.66:443 ep1.adtrafficquality.google udp
GB 197.148.66.54:8080 speedtest-ld8.mindthespeed.co.za.prod.hosts.ooklaserver.net tcp
GB 197.148.66.54:8080 speedtest-ld8.mindthespeed.co.za.prod.hosts.ooklaserver.net tcp
GB 197.148.66.54:8080 speedtest-ld8.mindthespeed.co.za.prod.hosts.ooklaserver.net tcp
US 216.239.34.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 match.prod.bidr.io udp
NL 178.250.1.56:443 bidder.criteo.com tcp
US 35.186.253.211:443 rtb.openx.net udp
DE 18.199.220.232:443 btlr.sharethrough.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
DE 37.252.171.53:443 ib.adnxs-simple.com tcp
NL 178.250.1.56:443 bidder.criteo.com tcp
DE 18.199.220.232:443 btlr.sharethrough.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
DE 18.199.220.232:443 btlr.sharethrough.com tcp
DE 18.199.220.232:443 btlr.sharethrough.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
IE 52.16.65.27:443 match.prod.bidr.io tcp
IE 52.16.65.27:443 match.prod.bidr.io tcp
US 8.8.8.8:53 27.65.16.52.in-addr.arpa udp
GB 142.250.200.2:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 c.pm-serv.co udp
US 23.192.20.32:443 contextual.media.net tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 142.250.187.225:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 warp.media.net udp
US 8.8.8.8:53 lg3-a.akamaihd.net udp
US 8.8.8.8:53 hblg.media.net udp
US 23.192.20.32:443 contextual.media.net tcp
GB 2.20.12.90:443 lg3-a.akamaihd.net tcp
US 23.192.24.32:443 hblg.media.net tcp
US 23.192.24.32:443 hblg.media.net tcp
GB 2.20.12.90:443 lg3-a.akamaihd.net tcp
US 23.192.24.32:443 hblg.media.net tcp
US 8.8.8.8:53 acdn.adnxs.com udp
US 8.8.8.8:53 32.20.192.23.in-addr.arpa udp
US 8.8.8.8:53 90.12.20.2.in-addr.arpa udp
US 8.8.8.8:53 32.24.192.23.in-addr.arpa udp
GB 2.20.12.69:443 acdn.adnxs.com tcp
US 95.100.195.134:443 c.pm-serv.co tcp
US 95.100.195.134:443 c.pm-serv.co tcp
US 8.8.8.8:53 69.12.20.2.in-addr.arpa udp
US 8.8.8.8:53 134.195.100.95.in-addr.arpa udp
US 8.8.8.8:53 insightfulguide.net udp
US 8.8.8.8:53 related.insightfulguide.net udp
US 8.8.8.8:53 www.media.net udp
US 8.8.8.8:53 l.pm-serv.co udp
US 95.100.195.134:443 l.pm-serv.co tcp
US 8.8.8.8:53 11.227.111.52.in-addr.arpa udp
GB 142.250.179.227:443 www.google.co.uk udp
US 8.8.8.8:53 3.26.192.23.in-addr.arpa udp
US 8.8.8.8:53 www.speedtest.net udp
US 8.8.8.8:53 cdn.ziffstatic.com udp
US 8.8.8.8:53 b.cdnst.net udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 95.100.195.186:443 cdn.ziffstatic.com tcp
US 8.8.8.8:53 static.criteo.net udp
FR 3.164.162.125:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 i.liadm.com udp
NL 178.250.1.3:443 static.criteo.net tcp
US 52.86.51.142:443 i.liadm.com tcp
US 8.8.8.8:53 186.195.100.95.in-addr.arpa udp
US 8.8.8.8:53 142.51.86.52.in-addr.arpa udp
US 8.8.8.8:53 rp.liadm.com udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
FR 52.84.174.75:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 cdn.hadronid.net udp
US 8.8.8.8:53 cdn.id5-sync.com udp
FR 18.155.129.39:443 tags.crwdcntrl.net tcp
US 104.22.53.173:443 cdn.hadronid.net tcp
US 104.22.52.86:443 cdn.id5-sync.com tcp
US 8.8.8.8:53 125.162.164.3.in-addr.arpa udp
US 8.8.8.8:53 75.174.84.52.in-addr.arpa udp
US 8.8.8.8:53 gurgle.speedtest.net udp
US 18.208.21.210:443 gurgle.speedtest.net tcp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 loadus.exelator.com udp
US 8.8.8.8:53 s.thebrighttag.com udp
US 8.8.8.8:53 aa.agkn.com udp
US 18.208.21.210:443 gurgle.speedtest.net tcp
US 8.8.8.8:53 speedtest10g.ms-3.co.uk.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedlon.hyperoptic.com udp
US 8.8.8.8:53 speedtest.swishfibre.com.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest.emeryholdings.org.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest-ld8.mindthespeed.co.za.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest.london.macarne.com.prod.hosts.ooklaserver.net udp
GB 154.61.48.138:8080 speedtest10g.ms-3.co.uk.prod.hosts.ooklaserver.net tcp
GB 45.92.46.45:8080 speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net tcp
GB 45.10.101.252:8080 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net tcp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
GB 31.22.12.17:8080 speedtest.swishfibre.com.prod.hosts.ooklaserver.net tcp
US 8.8.8.8:53 speedtest-lon.retn.net.prod.hosts.ooklaserver.net udp
GB 51.148.82.21:8080 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net tcp
GB 57.128.160.133:8080 speedtest.emeryholdings.org.prod.hosts.ooklaserver.net tcp
GB 185.82.8.1:8080 speedtest-lon.retn.net.prod.hosts.ooklaserver.net tcp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 8.8.8.8:53 secure-us.imrworldwide.com udp
US 8.8.8.8:53 173.53.22.104.in-addr.arpa udp
US 8.8.8.8:53 86.52.22.104.in-addr.arpa udp
US 8.8.8.8:53 39.129.155.18.in-addr.arpa udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 btlr.sharethrough.com udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 bidder.criteo.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 c2shb.pubgw.yahoo.com udp
NL 178.250.1.56:443 bidder.criteo.com tcp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 64.202.112.255:443 b1sync.zemanta.com tcp
US 54.205.199.210:443 rp.liadm.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 52.204.245.185:443 sync.srv.stackadapt.com tcp
IE 52.17.238.95:443 match.prod.bidr.io tcp
NL 178.250.1.56:443 bidder.criteo.com tcp
US 54.205.199.210:443 rp.liadm.com tcp
GB 197.148.66.54:8080 speedtest-ld8.mindthespeed.co.za.prod.hosts.ooklaserver.net tcp
GB 185.225.24.21:8080 speedtest.london.macarne.com.prod.hosts.ooklaserver.net tcp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
DE 141.95.98.64:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 cdn-gl.imrworldwide.com udp
US 172.67.23.234:443 id.hadron.ad.gt tcp
DE 141.95.98.64:443 lb.eu-1-id5-sync.com tcp
US 172.67.23.234:443 id.hadron.ad.gt tcp
US 8.8.8.8:53 255.112.202.64.in-addr.arpa udp
FR 18.155.124.109:443 aax.amazon-adsystem.com tcp
DE 18.156.199.224:443 btlr.sharethrough.com tcp
DE 18.156.199.224:443 btlr.sharethrough.com tcp
DE 18.156.199.224:443 btlr.sharethrough.com tcp
DE 18.156.199.224:443 btlr.sharethrough.com tcp
DE 18.156.199.224:443 btlr.sharethrough.com tcp
IE 54.194.189.64:443 c2shb.pubgw.yahoo.com tcp
IE 54.194.189.64:443 c2shb.pubgw.yahoo.com tcp
IE 54.194.189.64:443 c2shb.pubgw.yahoo.com tcp
IE 54.194.189.64:443 c2shb.pubgw.yahoo.com tcp
IE 54.194.189.64:443 c2shb.pubgw.yahoo.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
FR 18.155.124.109:443 aax.amazon-adsystem.com tcp
DE 18.156.199.224:443 btlr.sharethrough.com tcp
IE 54.194.189.64:443 c2shb.pubgw.yahoo.com tcp
US 8.8.8.8:53 930766acfed89e38e7a85a8d50717abe.safeframe.googlesyndication.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 a.ad.gt udp
IE 54.229.96.74:443 secure-us.imrworldwide.com tcp
US 8.8.8.8:53 wc7jostiyhysiw3h1jw20i8pb8fk01731855963.nuid.imrworldwide.com udp
US 8.8.8.8:53 64.98.95.141.in-addr.arpa udp
US 8.8.8.8:53 234.23.67.172.in-addr.arpa udp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
US 8.8.8.8:53 109.124.155.18.in-addr.arpa udp
US 8.8.8.8:53 224.199.156.18.in-addr.arpa udp
US 8.8.8.8:53 95.238.17.52.in-addr.arpa udp
US 8.8.8.8:53 185.245.204.52.in-addr.arpa udp
IE 52.48.168.123:443 bcp.crwdcntrl.net tcp
US 8.8.8.8:53 74.96.229.54.in-addr.arpa udp
US 8.8.8.8:53 64.189.194.54.in-addr.arpa udp
US 8.8.8.8:53 123.168.48.52.in-addr.arpa udp
US 8.8.8.8:53 zdbb.net udp
US 8.8.8.8:53 region1.google-analytics.com udp
DE 141.95.98.64:443 lb.eu-1-id5-sync.com tcp
DE 141.95.98.64:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 u.openx.net udp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 idx.liadm.com udp
US 52.205.150.212:443 idx.liadm.com tcp
US 8.8.8.8:53 212.150.205.52.in-addr.arpa udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 23.192.25.42:443 ads.pubmatic.com tcp
US 23.192.25.42:443 ads.pubmatic.com tcp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 42.25.192.23.in-addr.arpa udp
US 35.244.159.8:443 u.openx.net tcp
IE 54.229.96.28:443 zdbb.net tcp
IE 54.229.96.28:443 zdbb.net tcp
US 8.8.8.8:53 ps.eyeota.net udp
US 23.192.21.141:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 28.96.229.54.in-addr.arpa udp
US 8.8.8.8:53 token.rubiconproject.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 141.21.192.23.in-addr.arpa udp
DE 3.125.70.222:443 ps.eyeota.net tcp
DE 3.125.70.222:443 ps.eyeota.net tcp
US 172.67.23.234:443 id.hadron.ad.gt tcp
US 8.8.8.8:53 222.70.125.3.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 2.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 www.google.com udp
GB 172.217.16.228:443 www.google.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
GB 142.250.200.2:443 securepubads.g.doubleclick.net udp
GB 142.250.187.225:443 tpc.googlesyndication.com udp
GB 142.250.187.225:443 tpc.googlesyndication.com udp
GB 142.250.179.227:443 www.google.co.uk udp
GB 172.217.16.226:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
US 8.8.8.8:53 fw.adsafeprotected.com udp
GB 216.58.204.66:443 googleads4.g.doubleclick.net udp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
IE 54.72.108.231:443 fw.adsafeprotected.com tcp
IE 54.72.108.231:443 fw.adsafeprotected.com tcp
US 8.8.8.8:53 231.108.72.54.in-addr.arpa udp
US 8.8.8.8:53 dt.adsafeprotected.com udp
US 34.194.36.57:443 dt.adsafeprotected.com tcp
US 34.194.36.57:443 dt.adsafeprotected.com tcp
US 34.194.36.57:443 dt.adsafeprotected.com tcp
US 34.194.36.57:443 dt.adsafeprotected.com tcp
US 34.194.36.57:443 dt.adsafeprotected.com tcp
US 34.194.36.57:443 dt.adsafeprotected.com tcp
US 8.8.8.8:53 57.36.194.34.in-addr.arpa udp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
US 8.8.8.8:53 ag.gbc.criteo.com udp
GB 142.250.187.226:443 ep1.adtrafficquality.google udp
NL 185.235.87.13:443 ag.gbc.criteo.com tcp
NL 185.235.87.16:443 ag.gbc.criteo.com tcp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
US 8.8.8.8:53 226.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 16.87.235.185.in-addr.arpa udp
US 8.8.8.8:53 13.87.235.185.in-addr.arpa udp
GB 216.58.212.193:443 ep2.adtrafficquality.google udp
GB 142.250.187.226:443 ep1.adtrafficquality.google udp
US 8.8.8.8:53 secure.adnxs.com udp
NL 185.89.210.153:443 secure.adnxs.com tcp
NL 185.89.210.153:443 secure.adnxs.com tcp
GB 31.22.12.17:8080 speedtest.swishfibre.com.prod.hosts.ooklaserver.net tcp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
US 95.100.195.169:443 r.bing.com tcp
US 95.100.195.164:443 th.bing.com tcp
US 8.8.8.8:53 169.195.100.95.in-addr.arpa udp
US 8.8.8.8:53 csm.nl3.eu.criteo.net udp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
US 8.8.8.8:53 164.195.100.95.in-addr.arpa udp
US 8.8.8.8:53 153.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 25.1.250.178.in-addr.arpa udp
FR 18.155.124.109:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 20.190.159.73:443 login.microsoftonline.com tcp
US 8.8.8.8:53 73.159.190.20.in-addr.arpa udp
US 52.86.51.142:443 i.liadm.com tcp
US 52.86.51.142:443 i.liadm.com tcp
US 8.8.8.8:53 i6.liadm.com udp
US 8.8.8.8:53 sync.crwdcntrl.net udp
US 44.199.121.21:443 i6.liadm.com tcp
US 8.8.8.8:53 loadus.exelator.com udp
US 8.8.8.8:53 21.121.199.44.in-addr.arpa udp
NL 178.250.1.56:443 bidder.criteo.com tcp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 ib.adnxs.com udp
DE 18.156.199.224:443 btlr.sharethrough.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
GB 154.61.48.138:8080 speedtest10g.ms-3.co.uk.prod.hosts.ooklaserver.net tcp
GB 45.10.101.252:8080 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net tcp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
GB 45.92.46.45:8080 speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net tcp
GB 31.22.12.17:8080 speedtest.swishfibre.com.prod.hosts.ooklaserver.net tcp
GB 51.148.82.21:8080 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net tcp
GB 57.128.160.133:8080 speedtest.emeryholdings.org.prod.hosts.ooklaserver.net tcp
GB 185.225.24.21:8080 speedtest.london.macarne.com.prod.hosts.ooklaserver.net tcp
GB 197.148.66.54:8080 speedtest-ld8.mindthespeed.co.za.prod.hosts.ooklaserver.net tcp
GB 185.82.8.1:8080 speedtest-lon.retn.net.prod.hosts.ooklaserver.net tcp
US 8.8.8.8:53 zbjpmmzrc6eo9mgyzl6asffnxx2ax1731856012.nuid.imrworldwide.com udp
NL 178.250.1.56:443 bidder.criteo.com tcp
DE 18.156.199.224:443 btlr.sharethrough.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
DE 141.95.98.64:443 lb.eu-1-id5-sync.com tcp
DE 18.156.199.224:443 btlr.sharethrough.com tcp
DE 18.156.199.224:443 btlr.sharethrough.com tcp
DE 18.156.199.224:443 btlr.sharethrough.com tcp
DE 18.156.199.224:443 btlr.sharethrough.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 8.8.8.8:53 a.ad.gt udp
US 104.22.5.69:443 a.ad.gt tcp
US 8.8.8.8:53 p.ad.gt udp
US 8.8.8.8:53 ids.ad.gt udp
US 8.8.8.8:53 ids4.ad.gt udp
US 104.22.5.69:443 ids.ad.gt tcp
US 35.244.159.8:443 u.openx.net udp
US 8.8.8.8:53 image2.pubmatic.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 sync.go.sonobi.com udp
US 104.22.5.69:443 ids.ad.gt tcp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 sync.smartadserver.com udp
US 8.8.8.8:53 ad.360yield.com udp
US 44.227.254.234:443 ids4.ad.gt tcp
US 104.22.5.69:443 ids.ad.gt tcp
US 44.227.254.234:443 ids4.ad.gt tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 0444a3159d505b7d68f1e9bb562ae317.safeframe.googlesyndication.com udp
US 104.22.5.69:443 ids.ad.gt tcp
US 8.8.8.8:53 234.254.227.44.in-addr.arpa udp
GB 142.250.187.225:443 tpc.googlesyndication.com udp
NL 185.89.211.116:443 ib.adnxs.com tcp
US 35.227.252.103:443 rtb.openx.net udp
GB 172.217.16.228:443 www.google.com udp
US 8.8.8.8:53 103.252.227.35.in-addr.arpa udp
US 8.8.8.8:53 116.211.89.185.in-addr.arpa udp
US 23.192.25.42:443 ads.pubmatic.com tcp
US 8.8.8.8:53 bttrack.com udp
US 8.8.8.8:53 sync-tm.everesttech.net udp
US 8.8.8.8:53 dis.criteo.com udp
US 8.8.8.8:53 sync.1rx.io udp
US 192.132.33.69:443 bttrack.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
US 151.101.66.49:443 sync-tm.everesttech.net tcp
NL 46.228.174.117:443 sync.1rx.io tcp
NL 46.228.174.117:443 sync.1rx.io tcp
IE 52.49.182.253:443 ad.360yield.com tcp
GB 172.217.169.2:443 cm.g.doubleclick.net udp
NL 198.47.127.205:443 image2.pubmatic.com tcp
US 104.22.4.69:443 ids.ad.gt tcp
US 69.166.1.35:443 sync.go.sonobi.com tcp
US 15.197.193.217:443 match.adsrvr.org tcp
NL 81.17.55.117:443 sync.smartadserver.com tcp
US 104.22.4.69:443 ids.ad.gt tcp
US 8.8.8.8:53 match.sharethrough.com udp
NL 198.47.127.205:443 image2.pubmatic.com tcp
DE 18.197.30.174:443 match.sharethrough.com tcp
US 15.197.193.217:443 match.adsrvr.org tcp
US 69.166.1.35:443 sync.go.sonobi.com tcp
NL 81.17.55.117:443 sync.smartadserver.com tcp
US 8.8.8.8:53 49.66.101.151.in-addr.arpa udp
US 8.8.8.8:53 69.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 2.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 253.182.49.52.in-addr.arpa udp
US 104.22.4.69:443 ids.ad.gt tcp
US 8.8.8.8:53 pixels.ad.gt udp
US 104.22.4.69:443 pixels.ad.gt tcp
US 8.8.8.8:53 69.4.22.104.in-addr.arpa udp
US 8.8.8.8:53 174.30.197.18.in-addr.arpa udp
US 8.8.8.8:53 117.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 35.1.166.69.in-addr.arpa udp
US 172.67.23.234:443 pixels.ad.gt tcp
US 172.67.23.234:443 pixels.ad.gt tcp
US 8.8.8.8:53 20.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 205.127.47.198.in-addr.arpa udp
US 204.79.197.237:443 www2.bing.com tcp
US 8.8.8.8:53 pixel.rubiconproject.com udp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
GB 51.148.82.21:8080 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net tcp
NL 185.235.87.13:443 ag.gbc.criteo.com tcp
NL 185.235.87.16:443 ag.gbc.criteo.com tcp
NL 185.235.87.13:443 ag.gbc.criteo.com tcp
NL 185.235.87.16:443 ag.gbc.criteo.com tcp
GB 51.148.82.21:8080 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net tcp
GB 197.148.66.54:8080 speedtest-ld8.mindthespeed.co.za.prod.hosts.ooklaserver.net tcp
GB 45.10.101.252:8080 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net tcp
GB 31.22.12.17:8080 speedtest.swishfibre.com.prod.hosts.ooklaserver.net tcp
GB 51.148.82.21:8080 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net tcp
US 104.22.4.69:443 pixels.ad.gt tcp
GB 51.148.82.21:8080 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net tcp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 51.148.82.21:8080 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net tcp
US 216.239.34.36:443 region1.analytics.google.com udp
GB 142.250.179.227:443 www.google.co.uk udp
NL 185.89.211.116:443 ib.adnxs.com tcp
NL 178.250.1.56:443 bidder.criteo.com tcp
US 8.8.8.8:53 btlr.sharethrough.com udp
US 35.227.252.103:443 rtb.openx.net udp
NL 185.89.211.116:443 ib.adnxs.com tcp
NL 185.89.211.116:443 ib.adnxs.com tcp
GB 142.250.200.2:443 securepubads.g.doubleclick.net udp
DE 3.72.78.234:443 btlr.sharethrough.com tcp
DE 3.72.78.234:443 btlr.sharethrough.com tcp
DE 3.72.78.234:443 btlr.sharethrough.com tcp
US 8.8.8.8:53 234.78.72.3.in-addr.arpa udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
GB 142.250.187.225:443 tpc.googlesyndication.com udp
GB 142.250.187.225:443 tpc.googlesyndication.com udp
GB 172.217.16.228:443 www.google.com udp
GB 172.217.16.226:443 googleads.g.doubleclick.net udp
US 151.101.193.229:443 cdn.jsdelivr.net tcp
US 8.8.8.8:53 pn.ybp.yahoo.com udp
US 8.8.8.8:53 229.193.101.151.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 ba6ef346187b40694d493da98d5da979
SHA1 643c15bec043f8673943885199bb06cd1652ee37
SHA256 d86eec91f295dfda8ed1c5fa99de426f2fe359282c7ebf67e3a40be739475d73
SHA512 2e6cc97330be8868d4b9c53be7e12c558f6eb1ac2c4080a611ba6c43561d0c5bb4791b8a11a8c2371599f0ba73ed1d9a7a2ea6dee2ae6a080f1912e0cb1f656c

\??\pipe\LOCAL\crashpad_1952_PHIODVSVMNQPADLR

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 b8880802fc2bb880a7a869faa01315b0
SHA1 51d1a3fa2c272f094515675d82150bfce08ee8d3
SHA256 467b8cd4aacac66557712f9843023dcedefcc26efc746f3e44157bc8dac73812
SHA512 e1c6dba2579357ba70de58968b167d2c529534d24bff70568144270c48ac18a48ee2af2d58d78ae741e5a36958fa78a57955bd2456f1df00b781fc1002e123d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 137e195a5f42d165e39ec606c39e0b05
SHA1 a303ded6657440915ec65b5970555f18ecb4c769
SHA256 dda79c581a92291e65daa5580c6216ef3926ffd922158a4456bba3fc0d4247b5
SHA512 3b1a816e653a7d983d224de44bb1b3c019ef8397d620569d8ce2ac2f3db72f92f35129e930674dd833f2b71c931047c0e7e964fc3768e599a5538185cb81c2f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\Downloads\Unconfirmed 605556.crdownload

MD5 9734a6461a69cff1a0e2ed6b03af5566
SHA1 2cd1938171ae5b0f4fd410ca2f50e165612069c9
SHA256 325dc8f2e170a14ac6b560e4fa703b4c2ea3924d34b3fcdec955830e7c8ab26d
SHA512 5e88ad8285973423994250ebe2334f88a070bf4af6821f518ad05493a31fa802dc654cd204d944adcb3dd29474b4f5ef55dede171d435989c094fb82a4e471d8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 628e4cb7a11f00d191182eae5d5281ef
SHA1 9106ff1302bf1ad8575a753dd4457343b2ca1ef8
SHA256 48b633508feaf1ff77fa05f6ff84ff5796a149da7724cca632cce33c855cc320
SHA512 9fdee2d104e8adaadd6c98e2b18542f4be7385b17b6db176e3b6bbc6fae54321e80b97cd515e81e9a3e90cf06bf83b2f23571d999b4ab4e961ec94eb9ab6bfce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3cdb90739af2bf90ba0830273bde1183
SHA1 1971bb533accfe9c3ccc95ab95b6094ef9afa99e
SHA256 b35dec95b78e80153b57502ec26529f5cfe11c5a291497deb1d2e681e7ee8d2a
SHA512 ad7ca2c36e29e797be594d6ddb67b8942f3874a5be146a68c650952808fd944b2e975a85e5893d1851b992a6e68b62fae853f3e2c8dfd28608b626fb05134bfa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ca2ba4fb79672cef1b231dcaf1f30bc5
SHA1 58cc7d4d7f752f13bd0b5a71940eeaf8289b3de6
SHA256 b3c111bb72e789afa8da2dc0563fcaf7b92b745cb463a64772c35df771c79480
SHA512 f642001b27184d39d188d33f478b35694db2bab3dc6f8873c18aa0845b305062629dffbf61ae7df71122bb307805a4343636f8443e870c3f5f072a79e4bbf565

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 cdd0fa460970b911d6942766e716051a
SHA1 fccd7bbdf60ff377f2005141ee45d61e36ecb1ae
SHA256 3ea0892a601b675793c3df384bfed10c1e6baf74879eb80359a7810be874bff9
SHA512 af110057ee966d8f20533e3ffefcafe47cf7aa5b358803a63daa8b05aa6dd5cdb96d6ea8871fee069fa7913cf06cc559567491cd5f165edd84e9345dbe1e0cfd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58465b.TMP

MD5 aee4d0d4ba0b43ac23a3aeaf29c1dbf5
SHA1 eb548c325854344378829b2ef9ea83f219c93ed0
SHA256 f828c42bf14d17f8dd139692b3cfaa033d8aefcc07b5e518f29872a0d3c2c1cf
SHA512 6eae7e7d7b4837c8dd445341e98bdd2b005d5fa45178a4ac4b151aeb114a0715db1d6668dcccc2c84ea95a944097715d5475004526f0b5ea57be62d169445cf9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 351859f5f0ff6fc2fc98ad7b19af8ea3
SHA1 55be8cb3be0f762fbf524e042394a523e31fd45d
SHA256 a3c669587ba0debcfa64829833b220dd6dcf07b521d8e49cf059efbd688e993b
SHA512 c7be6c601251df154ed2aea23dee3630bed9fd7088ee3244039c82228697148de26a62954284556f0c0d475f25f85c3b89530fc9537b609a82d46d8e1ba5ff41

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7906ed01b3f34324754e152f41d67959
SHA1 92b12b7d85e03630982440a2f1cc366ff9679db3
SHA256 38e547cdc420d95357d6847150a5c4358e6887e414a7060230be9d5231fd3c48
SHA512 ba816eaa7f088a6b3614f3cedf9e21a669ef95078731c8abb612cb4ed95bee3b78d14bbd8ec22afd43ab80b625c56bbc9161613979d61d388c9882925a34eb8f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ce0d8412f376907345d31f26976dc6c0
SHA1 7d996313bb2a95d9ec26c7861c0cd78fed8db009
SHA256 7590d1cd2d2d66474530b989b6cc3014928ff9c5addc6ca9d60321c2413985ba
SHA512 e138fd47ab6455d8a9dbeb9632869156203447d81adc869a30e4e2143b5cd39830c54a3601f3e4024b1d066cc69569f0749e3434f7aab22164dc7c2b8d542899

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 38e72cd3e26b6662d40103e3fe82bcbd
SHA1 f66d184d1494563a8edf4fbcd39a695f8f44e335
SHA256 7cc579ac3a6af4165c2bb5f594e83246614f854bb2ad073ed466d7a383aa0997
SHA512 7f86d6a8f6e3ac0d61e3e76a9a7897f974931d7e1046925b0c12b8ac4a655a8db8a88d4e43bfaee43d69a4f338744a3cd289aadbe475a4ea0bc46465f4577a78

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 418f8f1c95a4d8509d4f6c2c2ff3b364
SHA1 7385f422d0119700bb7875f518be81448fd18b5c
SHA256 2385d536b16d2e53fe562a9aa113038f370876e4c6558d85fc4a7181d50697c8
SHA512 39bb9b61c0c5f25d49e0ade1fd7fe3eca97f6e2cab4873a8c8a0508038e521d5d7ee4c2e272e69b6a329e6ea3eb0537c38bca522de496f48d4a11de64d11739d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

MD5 05cb4b9f101e025994f9686f3999fd43
SHA1 7450f129ea39792645b56de215eaab1d91182fbe
SHA256 07fba84e209fffc2a8eea1a88ec8c77cc92644c9050b7669b212bf1db30663b3
SHA512 9fbf0e99a1f19b362d9e7e31dc0b6f0d49177cea922d9d6acbc1b5a84d1bfce40c3a07e123b5b47ed9a531befc9a2372be3393502b5f00221d74ae23fe80efeb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 11c8a1d1385ac44b42b056fe8128170b
SHA1 801c2edab7a5422b654244ba65c9c34cdfab0ec9
SHA256 8393f2d71c2883a50ff6a562e44d1f33a55cbe6394e6a71c71b7cf09a4983d31
SHA512 172c893c31af0d8140d885afc8857fcff13a88035082e7d2939c135eccb2000f3c05fcaea3ff9d4ba9a2a3614dbd35236e43431202bd1cb69ed9cc52cf301238

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c2da36dc7c52be5a9e1e16369080f05e
SHA1 c1b0dbf87c155dfdd9320f07d9b889d49e3c12dc
SHA256 a3f88f7b37139eedb7c32f044018e36370db2895a5dfb44ed22d9e69be24ccf7
SHA512 6c2bb2363a2077c56df28f03c37be5b25bec26485f40d56fb7b5903a0e63b2154380ba6f43cfc4e2df7e98ac59fa330284a19644a4603140443d9d49be8862b5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 839b241105c3b436c5bebf0dc6be4bd8
SHA1 19b27cb14648a5fa26041ae9f4e0944991dfbd5d
SHA256 fd08c8e6f64cbef16c4ad3191e02a0862f0d6596f919e38966d95e29d6b0d70d
SHA512 d00d37886a53fa303e32535cec51d592fd11a40c4b5e5c013159ff45467c04cb17983f7e48500b5663d75310bf22a3ebde728b2e7fac38b792a62ae20eb8b1fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5a2ceceba9e1a6b50435f1cc1bef0d5c
SHA1 7ff6af6bc10686e2bdb7ed743e1d8921f7da4ff2
SHA256 3d78c3259ed4e0b147a1cf3808d3b86452a243391d85e351f9c870cb8c0fe8ca
SHA512 ac600b3d0d32273850dbf4eaad0d4455d95e91c3585eb200154482dd89826f6608103284e61dd062f8478b7e2b4487a5bc87ef807ac54e7e14ae29e6dd7e635a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0e914485ee8cd7810ea80a9194ff1c44
SHA1 2865015c5f8e27aa4a77013beb8b1228838526b8
SHA256 95ef50c59ed6312201c01ae5ce93434904d85d290a4caf50bbc38d8d88194a69
SHA512 04b5f6423b69cd4dd8f2fba3025eea9f35ff97f91a4592e8c9e8897386e372498fe330d68178ea5d8dc37fa0fbf97f9295ddcb9b52acfac7a3344918eed2b4af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 36d55e88f58dd1451fb81cea74c282a7
SHA1 3b9af1433f9a935d5d50245d60d01ed1955ea004
SHA256 c6a6094abcba66c49fe4ac5da8ef6b781d24dd46f8cedce4d9c5e966c847576b
SHA512 3806ec85225b58eb4325810e103aaafe959fccf7c30dfa2debe67e472a42e13b79cf795581663431de98ad9292080ddbc5797b70a26c49c02e4465c49d1f240c

memory/5872-659-0x000002C222C20000-0x000002C222C42000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_npukfpkt.2cl.ps1

MD5 d17fe0a3f47be24a6453e9ef58c94641
SHA1 6ab83620379fc69f80c0242105ddffd7d98d5d9d
SHA256 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7
SHA512 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

MD5 6fb26b39d8dcf2f09ef8aebb8a5ffe23
SHA1 578cac24c947a6d24bc05a6aa305756dd70e9ac3
SHA256 774379647c0a6db04a0c2662be757a730c20f13b4c03fe0b12d43c0f09e7a059
SHA512 c40f4771c10add1b20efb81ee3b61fc5ede4701587f29a1c2cdde8b6faabd1c76d769bf8b99aa19082012f95d99ba448a472463fb9056acd2e43542e14e605cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ca964d7c1ab60e55dff0a8fa0bef483d
SHA1 139577627e37d6facef35398bb4c51edd3cfc367
SHA256 d1c9cf7cd55be9fb39ddd13608f20c491291955b2b1424bb89c8197115a85aa8
SHA512 aa98fcec7c2549ff309aa03c83b557c15cd17690c0c31fdb2a0abdfc4285c4476a89b6ca891bf6a1f49b68947ac760603a42fc4c5dae9949b70f2b5f5f0a8304

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 97799eb310fd8cae365a8a4abe271381
SHA1 99225653e937cf5cfb724e35ae10cbd702678544
SHA256 1f6ef948cbbfe2c9e917b544637562d602df54351282d47252a2757e157dd3f9
SHA512 9e24e3cff2f699363d405edde1edf3576f8a2d6c908ef57eed27ea26b5499b2ab1262d74e29191556e60b24bc6c58418631e007dc327eed48fc8e4039876e500

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 1e37b7c55feedc7749d899e30b22ebc3
SHA1 1b136fcd8235129bd137f982586a7ec0a380671d
SHA256 05cd8d86528118a1e1a241e2540670e25a3c5818bc11605522514981423442e3
SHA512 6a0d0f33d3eb7d3b3c97ae740353608921aa55da435d8bd8b5ebe1cb4f1496f8769ad5db8a0da565f994da1c8035490b42a4b2b3f1629f92fc575397cc45af1f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\17c02bd3a0874f32_0

MD5 bb4f0434651bd9fc0ad8d141ae61b80f
SHA1 7f39a13ed8068a50d0c4502b499319e5b3c474f4
SHA256 69d2e523c63be62182b1ba1812ca3065cceac4ff3d301c5cff7f9caff7c24c02
SHA512 233d63469a0e439e176220c4975a57853e80015b85e9e4f7ea9b8d782184e09859245665e16ccb0e5c93bb8b00dbb3e73ccbbe689ebcb9f986f7d253effc743d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

MD5 6b04ab52540bdc8a646d6e42255a6c4b
SHA1 4cdfc59b5b62dafa3b20d23a165716b5218aa646
SHA256 33353d2328ea91f6abf5fb5c5f3899853dcc724a993b9086cab92d880da99f4d
SHA512 4f3b417c77c65936486388b618a7c047c84fb2e2dd8a470f7fe4ffec1ad6699d02fa9c1bbd551414eef0f2e6747a9ee59ca87198b20f9f4a9a01394ae69fa730

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 7c702451150c376ff54a34249bceb819
SHA1 3ab4dc2f57c0fd141456c1cbe24f112adf3710e2
SHA256 77d21084014dcb10980c296e583371786b3886f5814d8357127f36f8c6045583
SHA512 9f1a79e93775dc5bd4aa9749387d5fa8ef55037ccda425039fe68a5634bb682656a9ed4b6940e15226f370e0111878ecd6ec357d55c4720f97a97e58ece78d59

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

MD5 77c9219c334673bdbb31747b3b91abb0
SHA1 134808196d1c513ff9906ab7c4a5a7b542d5f4cd
SHA256 c183e6c5f1743d3dfa520ba7f532392313c94a08c2766d8004301c6977f243ff
SHA512 9bed20fc307eb57ab62159305a7447bf69f7c0520287b208efd4ea0fb4223cd7614bceb722c4ddb6a4493085ba7d672823786c2f81919c74f087b6ccc5a3af82

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

MD5 e688553c6fbe0a656a84407dd3cf282b
SHA1 18853957b35a70d61285d19d6495cb1c06e68c6f
SHA256 d66c3d59dedd75e0c6407b736716303e2a19c717c912ceb4506ef580c925bf83
SHA512 dce4ad3e23a9bfab17b844ad45a5a49a1ad1ad5bccbf79444b59dbbc54a608bfda82b35fd36a166fefa032d9cf4782fa9307e1189e30933b320acc83b45a5c5f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 9d1f75028dcbacf155f62c6a1b3927c3
SHA1 7e0a51f7073ecf66308fbd90345285391bfbdd67
SHA256 f49dda8dd9e7f3faf95228dbf350a0d7fe7dbc2ceac00f8de82b842ec5ea3858
SHA512 1cf4a672149be9159285ba6d565f4e513f56ba7b85195ead4698c11cb4db9733582aa17946ada0b5cb5f2420842816ad76b36af0ef2ec286d4a0d3f1a0fa866f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 b275fa8d2d2d768231289d114f48e35f
SHA1 bb96003ff86bd9dedbd2976b1916d87ac6402073
SHA256 1b36ed5c122ad5b79b8cc8455e434ce481e2c0faab6a82726910e60807f178a1
SHA512 d28918346e3fda06cd1e1c5c43d81805b66188a83e8ffcab7c8b19fe695c9ca5e05c7b9808599966df3c4cd81e73728189a131789c94df93c5b2500ce8ec8811

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

MD5 c813a1b87f1651d642cdcad5fca7a7d8
SHA1 0e6628997674a7dfbeb321b59a6e829d0c2f4478
SHA256 df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3
SHA512 af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 2e86a72f4e82614cd4842950d2e0a716
SHA1 d7b4ee0c9af735d098bff474632fc2c0113e0b9c
SHA256 c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f
SHA512 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

MD5 226541550a51911c375216f718493f65
SHA1 f6e608468401f9384cabdef45ca19e2afacc84bd
SHA256 caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5
SHA512 2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bb47bf8bf099dcfc65743eb98b94507b
SHA1 0848f4c13a450cb07a1c112baf41d49c97cb2bb6
SHA256 0514882a433ab2b17801c1ee56145f5b0eb35550b06c85b9cecd3d214b0e79a4
SHA512 4f3494e1c2a322cb0c7f81eeac2b1b975d8bdcf1450885a39f51df01bf1d6d2916d02d31a9fd8871d45510ba2352db5f43e25a3f71657ecfdf55ab71777a308a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 0b125fe8c684800974336b66186d9e84
SHA1 52f4d55c3b2d3cd06ee4625db5d9e92eb36a6a5f
SHA256 c7c01f9cde1b74927c61f83adecb2f79e307aa81a4817017fdd503d8cbaf87b2
SHA512 66830fc6f9bbbbf41c6399808e813bd61bcbd2fe3fe9f192e35f6da7c86f0a772851498b56628267c77f25cac9678f70075fd1fbb8e4cf93c23bd5947bcb7d8a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

MD5 e6500211683946695a759b3432417c7d
SHA1 89f7b9b271acc686ed8c40b11a3db86fce5764c2
SHA256 9dd3e74102924f4d88b5a1bd16b5f898d9763702b8bf778953664fec642fb6d2
SHA512 2970329f555e91c206c4008dcb98ba4f4f7648e12adf2f5f58869a5f47d1462ad9e6f41594c6bf575ef14dae5819b15a253f53b21b32fa87e1e2ec3df8f2d62d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

MD5 299debca1bc4649c3b9b89d89ca25052
SHA1 1ec92e9ba9a91ae5ccb664cdf07aaaf7b86fe9e1
SHA256 3d4c70e9754049d841d5a34720811a5d12a671818b7440c7d586fe93f7d9270f
SHA512 946b7822f9114922d351351fade4bcaf7f0e544199df40334bf8a44254eddb9f1cca3be481b36310d4139affba15b837f6fe49154fcb64c0859cc72d7369591d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

MD5 abcbcd48b6d813f6a580d9f59b2bfcb9
SHA1 0b00c96fb940309cdbf59bb4866d2423e77c035e
SHA256 f40d718d090a7d9fa4db0b9c2570cb05f7729e6c998c32c1c688f421ca7ac8c0
SHA512 b961f4d2e02c1470ae42cbcdff8c90f3b950f73c7f1182c205d0c5c0f187115283ba581d1dc9259d48004bf71e0b3e2d9d4bee8440a1e7baa553e92fb26d36d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044

MD5 c82a452aaff61bb13bb0ecc3d3056cd2
SHA1 007b0f77f1395abc9ede32d5f492b8c0b0b9f755
SHA256 243a011024abd30ed599d1f855ba6f622e92777add812ca8ae033d80faaea9a9
SHA512 954748440257623738c46b9deb9f3dba1d6e3452845cd7340fdf8cf28c3348d444408c3e0dcfc890311153c3cc94fb18c883566fd50428f6201398ca9f32107c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

MD5 59a602b181bbab46b52c06f3b1ffc243
SHA1 95225cf2f2f38ac64948e5081681295de25d01a4
SHA256 beadeaff74e625290016a5225c45e7577d0a180f43ffa37b6ff2f3738ed6f303
SHA512 e27c4369072cfd87e3fd1977eb65267fb52ad90cd08c7a105e525da1a1a002e554be4b2b514a1ca09ef8a49cfaae5288e212c5b3341c19241f784a563257f2ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

MD5 9c5cff803fb1edcf640ea9e4a02b8891
SHA1 43ba340a8b6d6d028b42e9674b66f667a50eaca9
SHA256 4196d95ab415218fc8dce5037601f39e1824f2e57c6ebebf5557ddb3f11b537c
SHA512 287f10790474658acbe31faee48b75fa9d4ff720f17854e91fa56652c673bc97f038263c4261060e0592e41715cbbe48d12f242dde97f8626a93d4332b89d021

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

MD5 4b43b2a9299a9073e4e8d762abb312c2
SHA1 72c16eb2daeb35d9b106c04a16cb9060b1f7e7d9
SHA256 e0788b68faaa37fa81a75d5ddf576cb2a18506366134a26d21702dc49f8b493c
SHA512 d8413a99832ff852ec592ac1239bb70d52ccf76fe3c6f49e0920775ac47cccf80bd927d1810725bced5ff2263a92198c0413ea48036ad11b07cebc47435ee17b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

MD5 aa76b443a36a6fc789d2b94a84aa62d0
SHA1 835b86365521c6c34f5b7a96e8c99c697c2bdd6a
SHA256 52e3a225c3be10a887ee17f8bc1ebe350a4f420a783d14264f61703351466199
SHA512 7825831fb60bf995a043ebc1f1a46a9474a90bf3742502afe7637dd4bb68d21e9f3d137f966a6b1ae0f39eb619fba59f5e847a6d1cbf7a48e1c49104d7c83736

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

MD5 9d99f6d1f87a25f29f49dbccc5d4ce19
SHA1 98fd16de91f37eb9e379fc6d4a0610feb6771b98
SHA256 0c0fd45955882f7600d87953344bfcdc8cf2bc402680347244a244e81fb551a6
SHA512 57d1a81fe6b25802cf6ae7716efa49bccf973c5d2fae97086ab8bbbb5a05bb91b0739b5a892bf6b8c6f1df4957a6cb04b4e30296b5c16ab5bd099560bca19b29

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

MD5 fa6a20033699b6c04426ca38e9ebb8d5
SHA1 9c41d19bfea44f9954cf44e6d9435e62b828135f
SHA256 88f8f50b9e4ef78671954129ee6259e0593e1982290d2fc58eb89798a7bf7e7f
SHA512 e20caff3d16b573dd9e5ff1ec8c7042bdc69d6a41001380de280f523854a553c54aafb3d698e7f74d5f6d4c03b56b772c6d396ead94bbd542e871d27866301df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

MD5 6951e5d893510bb9fa2deac91c302fbb
SHA1 0219c435f4644647b1b110ad21b0ae1527d40713
SHA256 d96130135758f64aeeaa5b00a0045efc3c29b9f6ee5942054a0017cce409ae64
SHA512 cc63a68bbc173506ce1b99fefa23a6beb75c8eeafc52c5479832b9968180be100ad70458ef0590c1427c40f48f252b9016afe93c64aef4ac2e35c44ab60a5456

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

MD5 5771d7c6b2fe5f7bee6f5866050d0fcb
SHA1 0917d447df823b96f30ad3b3c524c8a2d46ca04d
SHA256 d5c054f8a109724c9499b23352e413aa91679b53e4080336d243fb2fe9b4c15e
SHA512 106a6b53948c66e22e5a50d571b6b54e4e3caf70ec722a2b11265b56b7fd7a69113d55db4b34a28dc5763b78128cf37132beebd37814b91ab96633fcc6e69fe5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 2c06c2d0ae47103308cc5c30111b98d3
SHA1 268f557df46d9215920eff24a9e0b3b68bdb1f6e
SHA256 dc79d9827bf61c936bd4bd0c76e6840ddddf9c53a2424d940b09ba78093295d4
SHA512 e42218708f558db07a656273e78f70c321c9d8489228e5cd9d3699466a3930cc657ca8d5d28bdc43fab4928353769f73e13b54676f901f3ba286f3b1c34bb7a5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

MD5 6f305590c66497362b81a1bcec4f1d3e
SHA1 8290d5f9094ec1796f7d93cf9dafc6533955667d
SHA256 e95451609dc09498f83f6ffa3359dc29530105d465e740f1c7bbb0dcc58653f8
SHA512 49a710b5b86f439520755cf9d0224b2a90355d4351a9cb78015897688b72f88998a30056adb66412d4304e5009eb3800a2acec3f770e2af59cfc00bde0a5a2e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 ad47211cbf2b5037a632b255bac497f8
SHA1 f7b8efcd83e1ee5b936239c34fccdbccc50cd6f1
SHA256 3ff66387417489de93fa393db6d511581ea6c3b5c75d35190309be9cd916a9a7
SHA512 642166e7a45e073fa05a249d94f4591f30d303011bc8b79efcc04e8475ae07f2817a11fe04b8265a2e6f7bebd8fca4b06a15ea11814c2e8b0a83c38efaac4d1e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

MD5 786b4a4fc88558331a47d0d047fae80f
SHA1 7dd4c01c90cfbc9156c32c7300279ea478c34a63
SHA256 89b10ef00dc3c7e4a095ad5e0299b23f4ff2055b28b1d432d671aeb2f8d624ad
SHA512 822550115ebbb3b522321c50db9ea6e0c4790a3b76a9a42b8f32dbe1f88a696f6d68a1b01e8c48f42dc3d25f838616cbfaae4c42d9604423bc97c6459b280470

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

MD5 e09168b2063f8e6e4f671d6d854785ca
SHA1 aa113d9ae1f72a12e071f1eaef741ec6e80c4fc2
SHA256 725ac41d2bc819090b7efee3700c28e6cae97a734bbf9bade0f769519bff317e
SHA512 92ec9d13868da19347a62fa885a62388ab926dd3b69b05f12d177f1a179351ef709dfae9cb8393a5dd04e0c2157d4ffa9ab7ae1192d580c42312cff9c7d74889

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 617f927ff5693553f31ed9f74627bc1c
SHA1 6cd11711163f299a146614cddefea185de42c8c8
SHA256 53ef39c91fa4b4f2d68d15483dcd7a2bc4b089c954e7b5a6808c6560740c887f
SHA512 71cb874971b2654c28181eff7b7e66b7fb3a5cdc269b79a37521e75c99a29b8a9783f44b3b2cfd20571fb97778a086f15accfcdef44483985e6663cfcc3e11a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 d1dc88ef5824cb2b83db61a7b40265d7
SHA1 cad3a25dbf0c2a750df576f001ca16f780e89fea
SHA256 d3c3db2b5256d7c5fa7f2502e752ced784853fe0fdd01d8a219bd9e041a579c7
SHA512 a128eee17a885e3c1ba2901fa9fc12278ef202cbe245ea82a8cd60573a5afb8701d63374570113e158c30338005b5234a1963db924e11f866b1eb92ee1c8acc3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

MD5 6751b2a4d9a7fb3ee0796273b9f3e37b
SHA1 344d00d650da41f3ed0c454f93c3e07fb45475dd
SHA256 0d23c759f4302ff762012a6ff00cbd124858dd9b387ea06eafa727c5e726fd77
SHA512 01511d72e32a751faef57ebb04a8794f725b21950aedc23d75b7235d570ba82a1e99fe2c4add7304499592c494cfaabdfaadf291cfa8a4fd2ff4cd2c184270ab

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 8890e079e9f34641ac2e83e72fddb3e0
SHA1 3bc76a8ea40f63494a0fdcbc5f31dedc501eb6cb
SHA256 32b79f49ad238f7718e7ba9aa4cbb32e74a8a11a8a32dbcfdbfa926228c783f5
SHA512 f81300eb1ba690cbf4023d96e00f9d1266c74f3f96827206a7ea1065be65dd81cd4054cb76c13e872656b0b4640f34546ace2fcd47f0f8c620ae0796854f321e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

MD5 de762fa35c6cf36ae4b87941da944d72
SHA1 fdbb06459da428b816f7cb2bad53c8e08497d280
SHA256 7b2669736565cf357ad02fb29b5a1577dde4f0f6c8cb1044695bd70f1a5ce43d
SHA512 65ea7747faa60e85b8590eea9cde834779053307b1e3cd9581ff5abe422edbb3ff1e1df9391b1a30bddf1511e78e8980a0c4867ff078cd67ac979beb1b9b1016

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

MD5 44bf5cf60fd51fd6ce427c437dbaec1e
SHA1 e8df0a36b329782dfb0d545a6999ba11fa57fc60
SHA256 a6c8e1cca7c40bafe817f9ef2f6883391b17ee8b23d313b891d91723566820bb
SHA512 11af472dd16ce906b31b929c4d1276de15185f305816e8f30ad68a39d011b33f6225f1c5703eb0bd494cef1b180c681b1cbd03e502df414add52f057e53bfba5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

MD5 93e664232794f9ceeae83114273d0bf0
SHA1 94e0aa545fc529b91a81c8f8e730724bfb2d467a
SHA256 1f055dba58b58a91fdd8cee039f22bcb77b8edbeaa9f8331bed6bf45979477ed
SHA512 6a9fb74401a516a129a3e17c59a8444e727d5296cb74f67bf5f67ef12e8e298c3191c372d871b0f07aa14eae7ef3c267151d28cb7fdd28dab4a7ef5231b4594b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

MD5 0f31134987b19699ee4cd0aeb9071eb8
SHA1 fb922e4f7acacaaf82d18ff67f3edbb91f6bc32d
SHA256 06e28481014b8fd1a14aca11b356d3001bad5d467161793b3a13440717313a89
SHA512 02f8aaf584055393c15c291f2dea85f7a9f334df3d468e2b3ead674f3e12c754396b4694dc12e8a6c5ab51f89e47df1319b6682d87eccfadc76676e954a4e1e4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 fadc9160361b7f1c15122d79aa446933
SHA1 618e6ed56af54b8028bc50c4f9ae6e2a9cdecd48
SHA256 5c6b72cc80bb5688f2290be161e00c7b3a46596881078c73dbee4d95c6a92729
SHA512 5b00dec53b03fc85ed26d20344bf28dea210022408f6380b5e4532def55161ac3948b0f6d7724971a27411d5d5d11e9e96dad61b36af06dda5a11b550a33c16f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\17c02bd3a0874f32_0

MD5 d95b06647b2a7b9ea8649c3cfa0e0c1a
SHA1 9269640c5bf4655c70b7ad91c70c259b91ef4338
SHA256 4eb08badd55b1791038c614f466dbbe058d8866f7e448d002bbc41061005ba8c
SHA512 25ef8ebdca6be47f0e32649002d69bf3da7f825a272af748556a77175da8ea98b849b8bdc87ce3515792ec72ec68aaacd062a1c55af429f75cd2cad5a94c91dd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5bfb71187a666021_0

MD5 8bb01fcf0982544e0772b179f15629dc
SHA1 683834c0860f11fdcce5a7d87b7875757248d971
SHA256 3a35e1b150bd94f680f972b819fdc706020b0fb8577cf32690116a606c1bbe1f
SHA512 c7115adfb2a6824d3119266123589d88f878820a10c2a9c3f0b546b168e81dcf6f76ce59765ffba37a2c14a583fb356590fd0674ac226bdb676f7b113c0215fe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\703cda748edb630a_0

MD5 15ee949c56e7869f6ed71b877c0606ba
SHA1 0f301a45564334871cd1a9e3b3f293a7fc602df1
SHA256 4b1e42b94e4dbe13a8531fccebdbf6844a03dd0ea82ae5cd48b58aa2ec2be684
SHA512 b80078d804b4c2ba190cb96bb7851de7a651d2b6f5cc3f0157b13008b043e32e124d886597d52ee1672235d2577496d47c02a4112e220235e80ed3f17a0b7f7e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b08fe6d816fcca4c_0

MD5 6d4aeec9cdded3693a090e82bf07de2f
SHA1 939e5f6b52c8bbe990179545706b9807f2cf3fa1
SHA256 5d984f6b56b3977a997d9771608d16298cd24f9113ef23d4829fd20f325ca644
SHA512 e8829740e286f41c156188c786c808c7ec6d29662ec95ec9ca6c5fd937f7a770cabb8ab803e49cce3761471f0d47ac12edd571c642d6cf4febb4b3eb1571e0db

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c05ec4fc5992a0fc_0

MD5 44eff8fdd8b720b4f7fd322cb918875d
SHA1 436b9c4158cb80d82ef0367eaa53885217f99fb9
SHA256 a979c05bb1bee2fccf925f9bd22b230fecaf763e1ec0bb607e2595a3d2e93a50
SHA512 bc5adf57d36795ae9b75286a43a8023b78eea737eba90be8f1907d4c0c770a3e9243b3f226d918213a18c16ab509f2610007faccc09b4f29f37dfa9d45c8270e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3d21b0c4d78fc235_0

MD5 6e8b453ade179853e2cc78f1664f984f
SHA1 3142cdb71448c4832c6e42895143a2d3a92a9e79
SHA256 8bf4aa5b8c33f98eea3e931891a94d953e5ca1a46d68b24f9fc7e8e17dab7b5c
SHA512 bdda519c9f816e592bd8f9d330b636af57589cd5fe06bb52c447de7e26b76b312321fbf79327d361d85859bb6e047e7631ff6094f5fcb5ae6b3114615ca724e6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 6d08ff4f36771456b447137905151406
SHA1 8eee103d7f57667fcb71afc516d291cc6bca9661
SHA256 d93fb092d54627b08e5374c7215c392ab8cd5502c4f5e8666a5f63ecbf731292
SHA512 14c4aed7452ce89efe8063092f72d16355998bcdad4c09fcc69ebdc579688f88500b4c6d4f04c3f43be0a2972db1c02c8dbc70bf04f01b642f58102beeec6a7e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0b689c1b9fc16d19_0

MD5 a4479d11fe29888ce25850ce8b034d84
SHA1 e26cac766de8e8dfb1585f8ce9e87642b31a2e48
SHA256 4747b6e03bfd99dd5fb4a4505655a14e7cdb721dbab2e893b19aa23dd2dfc77e
SHA512 20c18d0eaf4b3319117fba3b21dd58600eac17bd29509e633475b008c868c3e9200fdbff01f7010ab5c7a0541790c22aba0f49caf105e12749680da951273696

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d5d931f9d8c3f2f1_0

MD5 cf0348325068d95a9642192454a09ae1
SHA1 77f62cc3fe8d37095ab735231939cdd4352008cb
SHA256 ce05ae2efcbe6c5d017b4fa188aeeb7a06dd98c0a22a985f1dd31768fef39244
SHA512 d7d4cbb7848ab21a9736759f84190cf7de9439b0e8e411bb3f157a4c7b3f175c6836b9fc342a483977af944bb8d547f0d433ec1daacd75b479c80989a70a6ce3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\336a68eaaf209f48_0

MD5 47553c4ec8d251cfb31d20fae6ae104e
SHA1 2837a4009c1084aaf8bfe8229d8a0976f75c0e79
SHA256 8a51700bec02a5d5eb61bed6042156ca63ac33991e6c462c943532509ad3a82a
SHA512 0feba7f348326b2cc86d1630b7315712ad0f5feb9b0f1f0cda2f34bfab46b95467cb1f36019c6a37998c1c0f7adaa44a03703c76ee14d50d04c034d5cc1226de

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a7b3125ba794af53_0

MD5 9a6ff2c6019b52e97ad707a6c8874748
SHA1 0cab747e95bf9d9a90b4b4139293ad15ebb5ae8e
SHA256 3cfefe6abf4dac1875a0b214ebacafd191217fb20e2581e4c1b986c8d40a140c
SHA512 cfb6c8c9bc6c9f36b8b50f7be8a0ac30ee6caac4138e59e2b298de30fa3713d6ac7922053be03dbb939e7733d3e98971e565e14bc464add70bddaccd9b7dc68e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

MD5 c03ff64e7985603de96e7f84ec7dd438
SHA1 dfc067c6cb07b81281561fdfe995aca09c18d0e9
SHA256 0db8e9f0a185bd5dd2ec4259db0a0e89363afa953069f5238a0537671de6f526
SHA512 bb0fd94c5a8944a99f792f336bb8a840f23f6f0f1cb9661b156511a9984f0bb6c96baf05b7c1cf0efb83f43a224ecea52740432e3cfc85e0799428765eefb692

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037

MD5 9c6b5ce6b3452e98573e6409c34dd73c
SHA1 de607fadef62e36945a409a838eb8fc36d819b42
SHA256 cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
SHA512 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 901ba1fcf616bf0f197bfe3f0f87f002
SHA1 ff7a35199c4e16039ea5beb91d41c50d15cd2440
SHA256 ef0732413493664a08e10cb2392712f6e7224c968b3ead64f315dd309eca9df6
SHA512 a1104ae16365cb532cf21c4f022e3376207653f6fa1011738176f7d4dc084f4bb87a4daec288185f090ecab4ee0b165371ad5263dc248bcb755be6612ee36806

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 c48c79c34010e6c2d3c3cd65fa048ee8
SHA1 64ada7ef4cd34f51268f07b47d3b3bcc3fb2948c
SHA256 64641bacc659e67c46d5e5f432f57169a53f74bbf97435212981c9d61750f70e
SHA512 6b07520f455f111e93ae0ce6e2c6e2e7e6dca41fffba97ede44611f17ef4c69c6add9cf37b49b9ac7aa221b0da54157a33fa5fdd0ddb3b4fa6873d27f8b2fc56

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0c3a7a9194366faa008cdbf619eeb899
SHA1 c597763d21e21eb0f670a8ed89b611545dec0135
SHA256 bda61bc9341f13a1e3c0a5cafb942fb75be7970044bb4856fbdda188c1c27e5d
SHA512 0f1ce1588d9a090059f5f6f8d3de9d76d544dd19eddcaa67716dac5c19b88c2a7a9ee8d5f4badcea6eba7dbdd67a258a6561bd3b594d5c629319136dfa2bc5a6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d19b0e7acf778fda84817234625a4e26
SHA1 92de253b18eec9ae5eca1415ee109aee9f27affb
SHA256 f2955e1b99d63399c502daad213710787b20a417e1498ad22d094096a5f3455e
SHA512 bf55f560542fca197ceb41fd3c6823cce934f605f403ecee6e094ae4bb63bb55d283487be6bf691934e6a5480e2f2df10cedf28d6cb31e0d3d648aeb13c55ea0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53d3aac34fdde1d7_0

MD5 dc423be9d63a2f5438bd423a691d025f
SHA1 1810599915c834428fe351f8663d4560d6acb1c7
SHA256 dcbaa86eea7e28764af7452709a174dc49a1abf10121799722087f99a3537efd
SHA512 7624f46086d15b618e774fa7df8957740311e13ab459622488574540a76b61a95009a77df2cb7f355408bfa96fd0bcb9ecab43ee292d3ff78d855df072786801