Overview

overview

8

Static

static

1

URLScan

urlscan

1

https://drive.google...

windows10-2004-x64

8

Analysis

  • max time kernel
    508s
  • max time network
    507s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-12-2024 16:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://drive.google.com/file/d/1nant0JWgN-23O8zk310TPSZCkKY_f_iV/view?usp=gmail

Score
8/10
discoveryevasionpersistenceprivilege_escalationtrojan

Malware Config

Signatures

  • Downloads MZ/PE file
  • Event Triggered Execution: Image File Execution Options Injection 1 TTPs 2 IoCs
    persistence
  • Checks computer location settings 2 TTPs 7 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Event Triggered Execution: Component Object Model Hijacking 1 TTPs

    Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    persistenceprivilege_escalation
  • Executes dropped EXE 30 IoCs
  • Loads dropped DLL 64 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Checks whether UAC is enabled 1 TTPs 3 IoCs
    evasiontrojan
  • Drops desktop.ini file(s) 1 IoCs
  • Enumerates connected drives 3 TTPs 4 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Network Service Discovery 1 TTPs 2 IoCs

    Attempt to gather information on host's network.

    discovery
  • Network Share Discovery 1 TTPs

    Attempt to gather information on host network.

    discovery
  • Checks system information in the registry 2 TTPs 18 IoCs

    System information is often read in order to detect sandboxing environments.

  • Drops file in Program Files directory 64 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 12 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 3 IoCs

    Adversaries may check for Internet connectivity on compromised systems.

    discovery
  • Checks SCSI registry key(s) 3 TTPs 6 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Checks processor information in registry 2 TTPs 12 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 18 IoCs
  • Modifies Internet Explorer settings 1 TTPs 4 IoCs
    adwarespyware
  • Modifies data under HKEY_USERS 64 IoCs
  • Modifies registry class 64 IoCs
  • NTFS ADS 1 IoCs
  • Suspicious behavior: AddClipboardFormatListener 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 2 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 23 IoCs
  • Suspicious use of AdjustPrivilegeToken 9 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • System policy modification 1 TTPs 1 IoCs
    evasion

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://drive.google.com/file/d/1nant0JWgN-23O8zk310TPSZCkKY_f_iV/view?usp=gmail
    1⤵
    • Enumerates system info in registry
    • NTFS ADS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3420
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc02b446f8,0x7ffc02b44708,0x7ffc02b44718
      2⤵
      • Checks processor information in registry
      • Enumerates system info in registry
      PID:1556
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
      2⤵
        PID:1896
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2376 /prefetch:3
        2⤵
        • Suspicious behavior: EnumeratesProcesses
        PID:1468
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8
        2⤵
          PID:3504
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
          2⤵
            PID:3220
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
            2⤵
              PID:4128
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4120 /prefetch:1
              2⤵
                PID:1660
              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5464 /prefetch:8
                2⤵
                  PID:2292
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5464 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:4780
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:1
                  2⤵
                    PID:3200
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5692 /prefetch:1
                    2⤵
                      PID:2320
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5316 /prefetch:1
                      2⤵
                        PID:3772
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4828 /prefetch:1
                        2⤵
                          PID:3084
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5948 /prefetch:8
                          2⤵
                            PID:916
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5692 /prefetch:1
                            2⤵
                              PID:2060
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5912 /prefetch:1
                              2⤵
                                PID:4812
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6532 /prefetch:1
                                2⤵
                                  PID:2740
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5576 /prefetch:8
                                  2⤵
                                  • Suspicious behavior: EnumeratesProcesses
                                  PID:5264
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=4848 /prefetch:8
                                  2⤵
                                  • Suspicious behavior: EnumeratesProcesses
                                  PID:5616
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6596 /prefetch:8
                                  2⤵
                                    PID:5688
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3564 /prefetch:8
                                    2⤵
                                    • Suspicious behavior: EnumeratesProcesses
                                    PID:5692
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6784 /prefetch:1
                                    2⤵
                                      PID:3872
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:1
                                      2⤵
                                        PID:5364
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6812 /prefetch:1
                                        2⤵
                                          PID:916
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1
                                          2⤵
                                            PID:5440
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
                                            2⤵
                                              PID:4924
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3908 /prefetch:1
                                              2⤵
                                                PID:4640
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5600 /prefetch:1
                                                2⤵
                                                  PID:5184
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6576 /prefetch:1
                                                  2⤵
                                                    PID:808
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7084 /prefetch:1
                                                    2⤵
                                                      PID:4528
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5876 /prefetch:8
                                                      2⤵
                                                        PID:6044
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7248 /prefetch:8
                                                        2⤵
                                                        • Suspicious behavior: EnumeratesProcesses
                                                        PID:5684
                                                      • C:\Users\Admin\Downloads\RobloxStudioInstaller.exe
                                                        "C:\Users\Admin\Downloads\RobloxStudioInstaller.exe"
                                                        2⤵
                                                        • Executes dropped EXE
                                                        • Checks whether UAC is enabled
                                                        • Drops file in Program Files directory
                                                        • System Location Discovery: System Language Discovery
                                                        • Enumerates system info in registry
                                                        • Modifies Internet Explorer settings
                                                        • Modifies registry class
                                                        • Suspicious behavior: EnumeratesProcesses
                                                        PID:5976
                                                        • C:\Program Files (x86)\Roblox\Versions\version-a35d937606da489c\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
                                                          MicrosoftEdgeWebview2Setup.exe /silent /install
                                                          3⤵
                                                          • Executes dropped EXE
                                                          • System Location Discovery: System Language Discovery
                                                          PID:5196
                                                          • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\MicrosoftEdgeUpdate.exe
                                                            "C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
                                                            4⤵
                                                            • Event Triggered Execution: Image File Execution Options Injection
                                                            • Checks computer location settings
                                                            • Executes dropped EXE
                                                            • Loads dropped DLL
                                                            • Checks system information in the registry
                                                            • System Location Discovery: System Language Discovery
                                                            • Suspicious behavior: EnumeratesProcesses
                                                            • Suspicious use of AdjustPrivilegeToken
                                                            PID:5968
                                                            • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                              "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
                                                              5⤵
                                                              • Executes dropped EXE
                                                              • Loads dropped DLL
                                                              • System Location Discovery: System Language Discovery
                                                              • Modifies registry class
                                                              PID:4984
                                                            • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                              "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
                                                              5⤵
                                                              • Executes dropped EXE
                                                              • Loads dropped DLL
                                                              • System Location Discovery: System Language Discovery
                                                              • Modifies registry class
                                                              PID:2328
                                                              • C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
                                                                "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
                                                                6⤵
                                                                • Executes dropped EXE
                                                                • Loads dropped DLL
                                                                • Modifies registry class
                                                                PID:4204
                                                              • C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
                                                                "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
                                                                6⤵
                                                                • Executes dropped EXE
                                                                • Loads dropped DLL
                                                                • Modifies registry class
                                                                PID:1484
                                                              • C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
                                                                "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
                                                                6⤵
                                                                • Executes dropped EXE
                                                                • Loads dropped DLL
                                                                • Modifies registry class
                                                                PID:5444
                                                            • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                              "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7Q0FBNUNENjItMjJEQy00REUzLTlENDItRjVCNjhFQUNDMjg0fSIgdXNlcmlkPSJ7QkZENzU1OEQtQTAzMy00MUQ5LUJCQUEtRDIzOEVEMDczMkE2fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins3RjZFQUFGRS1ERkIwLTQ2NDYtQThDQy04MDIxMzEwRDhCMUR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iIi8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNDcuMzciIG5leHR2ZXJzaW9uPSIxLjMuMTcxLjM5IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2Mjg1NTI3OTYyIiBpbnN0YWxsX3RpbWVfbXM9IjUxMCIvPjwvYXBwPjwvcmVxdWVzdD4
                                                              5⤵
                                                              • Executes dropped EXE
                                                              • Loads dropped DLL
                                                              • Checks system information in the registry
                                                              • System Location Discovery: System Language Discovery
                                                              • System Network Configuration Discovery: Internet Connection Discovery
                                                              PID:1668
                                                            • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                              "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{CAA5CD62-22DC-4DE3-9D42-F5B68EACC284}" /silent
                                                              5⤵
                                                              • Executes dropped EXE
                                                              • Loads dropped DLL
                                                              • System Location Discovery: System Language Discovery
                                                              PID:5548
                                                        • C:\Program Files (x86)\Roblox\Versions\version-a35d937606da489c\RobloxStudioBeta.exe
                                                          "C:\Program Files (x86)\Roblox\Versions\version-a35d937606da489c\RobloxStudioBeta.exe" -startEvent www.roblox.com/robloxQTStudioStartedEvent -firstLaunch
                                                          3⤵
                                                          • Executes dropped EXE
                                                          • Loads dropped DLL
                                                          • Checks whether UAC is enabled
                                                          • Enumerates connected drives
                                                          • Enumerates system info in registry
                                                          • Modifies registry class
                                                          • Suspicious behavior: AddClipboardFormatListener
                                                          • Suspicious behavior: EnumeratesProcesses
                                                          • Suspicious behavior: GetForegroundWindowSpam
                                                          • Suspicious use of SetWindowsHookEx
                                                          PID:6048
                                                          • C:\Program Files (x86)\Roblox\Versions\version-a35d937606da489c\RobloxCrashHandler.exe
                                                            "C:\Program Files (x86)\Roblox\Versions\version-a35d937606da489c\RobloxCrashHandler.exe" --no-rate-limit --crashCounter Win-ROBLOXStudio-Crash --baseUrl https://www.roblox.com --attachment=attachment_0.653.0.6530693_20241206T164548Z_Studio_06C1F_last.log=C:\Users\Admin\AppData\Local\Roblox\logs\0.653.0.6530693_20241206T164548Z_Studio_06C1F_last.log --attachment=attachment_log_0.653.0.6530693_20241206T164548Z_Studio_06C1F_csg3.log=C:\Users\Admin\AppData\Local\Roblox\logs\log_0.653.0.6530693_20241206T164548Z_Studio_06C1F_csg3.log --attachment=attachment_log_0.653.0.6530693_20241206T164548Z_Studio_06C1F_dcd.log=C:\Users\Admin\AppData\Local\Roblox\logs\log_0.653.0.6530693_20241206T164548Z_Studio_06C1F_dcd.log --database=C:\Users\Admin\AppData\Local\Roblox\logs\crashes --metrics-dir=C:\Users\Admin\AppData\Local\Roblox\logs\crashes --url=https://uploads.backtrace.rbx.com/post --annotation=AppVersion=0.653.0.6530693 --annotation=Format=minidump --annotation=HardwareModel= --annotation=HasBootstrapper=true --annotation=InstallFolder=ProgramFilesX86 --annotation=OSPlatform=Windows --annotation=RobloxChannel=production --annotation=RobloxGitHash=4cf7a0e6567fe10cb70ce4159a4ad9d496c6c4d8 --annotation=RobloxProduct=RobloxStudio --annotation=StudioVersion=0.653.0.6530693 --annotation=UniqueId=7526433508846955671 --annotation=UseCrashpad=True --annotation=app_arch=x86_64 --annotation=application.version=0.653.0.6530693 --annotation=host_arch=x86_64 --initial-client-data=0x414,0x418,0x41c,0x3f4,0x420,0x7ff6c046d128,0x7ff6c046d140,0x7ff6c046d158
                                                            4⤵
                                                            • Executes dropped EXE
                                                            • Loads dropped DLL
                                                            PID:5828
                                                          • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe
                                                            "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 653, 0, 6530693" --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --mojo-named-platform-channel-pipe=6048.1776.11474371527976561178
                                                            4⤵
                                                            • Checks computer location settings
                                                            • Executes dropped EXE
                                                            • Loads dropped DLL
                                                            • Checks system information in the registry
                                                            • Enumerates system info in registry
                                                            • Modifies data under HKEY_USERS
                                                            • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                            • System policy modification
                                                            PID:4492
                                                            • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe
                                                              "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=131.0.6778.109 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=131.0.2903.86 --initial-client-data=0x178,0x17c,0x180,0x154,0x188,0x7ffbea746070,0x7ffbea74607c,0x7ffbea746088
                                                              5⤵
                                                              • Checks computer location settings
                                                              • Executes dropped EXE
                                                              • Loads dropped DLL
                                                              • Checks system information in the registry
                                                              • Checks processor information in registry
                                                              • Enumerates system info in registry
                                                              • Suspicious behavior: EnumeratesProcesses
                                                              PID:2376
                                                            • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe
                                                              "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe" --type=gpu-process --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 653, 0, 6530693" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1804,i,16931150369746535839,1583467180902660009,262144 --variations-seed-version --mojo-platform-channel-handle=1764 /prefetch:2
                                                              5⤵
                                                              • Executes dropped EXE
                                                              • Loads dropped DLL
                                                              PID:2696
                                                            • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe
                                                              "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 653, 0, 6530693" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=1840,i,16931150369746535839,1583467180902660009,262144 --variations-seed-version --mojo-platform-channel-handle=2052 /prefetch:3
                                                              5⤵
                                                              • Executes dropped EXE
                                                              • Loads dropped DLL
                                                              PID:3580
                                                            • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe
                                                              "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 653, 0, 6530693" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=2308,i,16931150369746535839,1583467180902660009,262144 --variations-seed-version --mojo-platform-channel-handle=2320 /prefetch:8
                                                              5⤵
                                                              • Executes dropped EXE
                                                              • Loads dropped DLL
                                                              PID:6124
                                                            • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe
                                                              "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe" --type=renderer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 653, 0, 6530693" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3648,i,16931150369746535839,1583467180902660009,262144 --variations-seed-version --mojo-platform-channel-handle=3652 /prefetch:1
                                                              5⤵
                                                              • Checks computer location settings
                                                              • Executes dropped EXE
                                                              • Loads dropped DLL
                                                              PID:1480
                                                            • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe
                                                              "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe" --type=renderer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 653, 0, 6530693" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=4188,i,16931150369746535839,1583467180902660009,262144 --variations-seed-version --mojo-platform-channel-handle=4208 /prefetch:1
                                                              5⤵
                                                              • Checks computer location settings
                                                              • Executes dropped EXE
                                                              • Loads dropped DLL
                                                              PID:764
                                                            • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe
                                                              "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe" --type=renderer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 653, 0, 6530693" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3644,i,16931150369746535839,1583467180902660009,262144 --variations-seed-version --mojo-platform-channel-handle=3824 /prefetch:1
                                                              5⤵
                                                              • Checks computer location settings
                                                              • Executes dropped EXE
                                                              PID:4292
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6588 /prefetch:2
                                                        2⤵
                                                        • Suspicious behavior: EnumeratesProcesses
                                                        PID:1216
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,17142939086145917530,12242123796996887453,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4784 /prefetch:1
                                                        2⤵
                                                          PID:5116
                                                        • C:\Program Files (x86)\Roblox\Versions\version-a35d937606da489c\RobloxStudioBeta.exe
                                                          "C:\Program Files (x86)\Roblox\Versions\version-a35d937606da489c\RobloxStudioBeta.exe" roblox-studio:1+launchtime:1733503654989+avatar+browsertrackerid:1733503320196002+robloxLocale:en-US+gameLocale:en-US+channel:zflag+browser:edge+userId:7660471085+distributorType:Global+launchmode:edit+task:Default
                                                          2⤵
                                                          • Executes dropped EXE
                                                          • Checks whether UAC is enabled
                                                          • Enumerates connected drives
                                                          • Enumerates system info in registry
                                                          • Suspicious behavior: AddClipboardFormatListener
                                                          • Suspicious behavior: GetForegroundWindowSpam
                                                          • Suspicious use of SetWindowsHookEx
                                                          PID:4388
                                                          • C:\Program Files (x86)\Roblox\Versions\version-a35d937606da489c\RobloxCrashHandler.exe
                                                            "C:\Program Files (x86)\Roblox\Versions\version-a35d937606da489c\RobloxCrashHandler.exe" --no-rate-limit --crashCounter Win-ROBLOXStudio-Crash --baseUrl https://www.roblox.com --attachment=attachment_0.653.0.6530693_20241206T164737Z_Studio_27E6C_last.log=C:\Users\Admin\AppData\Local\Roblox\logs\0.653.0.6530693_20241206T164737Z_Studio_27E6C_last.log --attachment=attachment_log_0.653.0.6530693_20241206T164737Z_Studio_27E6C_csg3.log=C:\Users\Admin\AppData\Local\Roblox\logs\log_0.653.0.6530693_20241206T164737Z_Studio_27E6C_csg3.log --attachment=attachment_log_0.653.0.6530693_20241206T164737Z_Studio_27E6C_dcd.log=C:\Users\Admin\AppData\Local\Roblox\logs\log_0.653.0.6530693_20241206T164737Z_Studio_27E6C_dcd.log --database=C:\Users\Admin\AppData\Local\Roblox\logs\crashes --metrics-dir=C:\Users\Admin\AppData\Local\Roblox\logs\crashes --url=https://uploads.backtrace.rbx.com/post --annotation=AppVersion=0.653.0.6530693 --annotation=Format=minidump --annotation=HardwareModel= --annotation=HasBootstrapper=true --annotation=InstallFolder=ProgramFilesX86 --annotation=OSPlatform=Windows --annotation=RobloxChannel=production --annotation=RobloxGitHash=4cf7a0e6567fe10cb70ce4159a4ad9d496c6c4d8 --annotation=RobloxProduct=RobloxStudio --annotation=StudioVersion=0.653.0.6530693 --annotation=UniqueId=1599039549475874512 --annotation=UseCrashpad=True --annotation=app_arch=x86_64 --annotation=application.version=0.653.0.6530693 --annotation=host_arch=x86_64 --initial-client-data=0x3f4,0x3f8,0x3fc,0x3d0,0x40c,0x7ff6c046d128,0x7ff6c046d140,0x7ff6c046d158
                                                            3⤵
                                                            • Executes dropped EXE
                                                            PID:6928
                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                        1⤵
                                                          PID:3200
                                                        • C:\Windows\System32\CompPkgSrv.exe
                                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                          1⤵
                                                            PID:3984
                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                            1⤵
                                                              PID:5656
                                                            • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                              "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
                                                              1⤵
                                                              • Executes dropped EXE
                                                              • Loads dropped DLL
                                                              • Checks system information in the registry
                                                              • System Location Discovery: System Language Discovery
                                                              • Modifies data under HKEY_USERS
                                                              PID:1028
                                                              • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7Q0FBNUNENjItMjJEQy00REUzLTlENDItRjVCNjhFQUNDMjg0fSIgdXNlcmlkPSJ7QkZENzU1OEQtQTAzMy00MUQ5LUJCQUEtRDIzOEVEMDczMkE2fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntGMjJBNDYxOS1FREUxLTQ3N0ItQTk0MS02ODZFN0FGQjhBNUZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTIzLjAuNjMxMi4xMjMiIG5leHR2ZXJzaW9uPSIxMjMuMC42MzEyLjEyMyIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjYyOTEzNTgwNDEiLz48L2FwcD48L3JlcXVlc3Q-
                                                                2⤵
                                                                • Executes dropped EXE
                                                                • Loads dropped DLL
                                                                • Checks system information in the registry
                                                                • System Location Discovery: System Language Discovery
                                                                • System Network Configuration Discovery: Internet Connection Discovery
                                                                PID:5608
                                                              • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A8039A40-21DE-4D6A-9ED0-2B23B66330AC}\MicrosoftEdge_X64_131.0.2903.86.exe
                                                                "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A8039A40-21DE-4D6A-9ED0-2B23B66330AC}\MicrosoftEdge_X64_131.0.2903.86.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
                                                                2⤵
                                                                • Executes dropped EXE
                                                                PID:3148
                                                                • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A8039A40-21DE-4D6A-9ED0-2B23B66330AC}\EDGEMITMP_DABF0.tmp\setup.exe
                                                                  "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A8039A40-21DE-4D6A-9ED0-2B23B66330AC}\EDGEMITMP_DABF0.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A8039A40-21DE-4D6A-9ED0-2B23B66330AC}\MicrosoftEdge_X64_131.0.2903.86.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
                                                                  3⤵
                                                                  • Checks computer location settings
                                                                  • Executes dropped EXE
                                                                  • Drops file in Program Files directory
                                                                  PID:4556
                                                                  • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A8039A40-21DE-4D6A-9ED0-2B23B66330AC}\EDGEMITMP_DABF0.tmp\setup.exe
                                                                    "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A8039A40-21DE-4D6A-9ED0-2B23B66330AC}\EDGEMITMP_DABF0.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=131.0.6778.109 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A8039A40-21DE-4D6A-9ED0-2B23B66330AC}\EDGEMITMP_DABF0.tmp\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=131.0.2903.86 --initial-client-data=0x21c,0x220,0x224,0x1f8,0x228,0x7ff7322c2918,0x7ff7322c2924,0x7ff7322c2930
                                                                    4⤵
                                                                    • Executes dropped EXE
                                                                    PID:1904
                                                              • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7Q0FBNUNENjItMjJEQy00REUzLTlENDItRjVCNjhFQUNDMjg0fSIgdXNlcmlkPSJ7QkZENzU1OEQtQTAzMy00MUQ5LUJCQUEtRDIzOEVEMDczMkE2fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins5NTdEODc3Ri1DRkNELTQ3QTMtOTc2MC1GRjgwNTE1MUQ3RDR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTMxLjAuMjkwMy44NiIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjMwMzA1NzkyMSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjYzMDMxMzc5MzgiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2NTkwOTA4MTg1IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8wOTcwNWViMi0xY2Y0LTQ2YmYtYmQxMi04MTA5YjMwYzMyMjc_UDE9MTczNDEwODI1NiZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1UaVcxS20xRndIa0ExaHZLVVhPYmVTRU42SE9SUVBoNmlacjdYUnpob0hjZWVZZUdDVWxXWnBuWlYxMkx5WWd6aHlaMiUyYmI5WDlVQ3dSYVVGMGZNQXZRJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTc2Njc2NDA4IiB0b3RhbD0iMTc2Njc2NDA4IiBkb3dubG9hZF90aW1lX21zPSIyMjMyMyIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjY1OTA5ODgxNzEiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2NjA1NzQ4Mzk4IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3MjE1OTM4MzQ2IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iNDU4IiBkb3dubG9hZF90aW1lX21zPSIyODc3OCIgZG93bmxvYWRlZD0iMTc2Njc2NDA4IiB0b3RhbD0iMTc2Njc2NDA4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI2MTAwMyIvPjwvYXBwPjwvcmVxdWVzdD4
                                                                2⤵
                                                                • Executes dropped EXE
                                                                • Loads dropped DLL
                                                                • Checks system information in the registry
                                                                • System Location Discovery: System Language Discovery
                                                                • System Network Configuration Discovery: Internet Connection Discovery
                                                                PID:6068
                                                            • C:\Windows\System32\GameBarPresenceWriter.exe
                                                              "C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
                                                              1⤵
                                                              • Network Service Discovery
                                                              PID:1664
                                                            • C:\Windows\system32\OpenWith.exe
                                                              C:\Windows\system32\OpenWith.exe -Embedding
                                                              1⤵
                                                              • Suspicious use of SetWindowsHookEx
                                                              PID:1624
                                                            • C:\Windows\system32\AUDIODG.EXE
                                                              C:\Windows\system32\AUDIODG.EXE 0x3e8 0x470
                                                              1⤵
                                                              • Suspicious use of AdjustPrivilegeToken
                                                              PID:5968
                                                            • C:\Windows\system32\svchost.exe
                                                              C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
                                                              1⤵
                                                              • Drops desktop.ini file(s)
                                                              • Checks processor information in registry
                                                              PID:5408
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultbbabc829hf992h4466h9794hd40df059f036
                                                              1⤵
                                                                PID:5736
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffc02b446f8,0x7ffc02b44708,0x7ffc02b44718
                                                                  2⤵
                                                                    PID:5876
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,16957718765105505174,16034789994427651619,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2240 /prefetch:2
                                                                    2⤵
                                                                      PID:6356
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,16957718765105505174,16034789994427651619,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2288 /prefetch:3
                                                                      2⤵
                                                                      • Suspicious behavior: EnumeratesProcesses
                                                                      PID:6364
                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                    1⤵
                                                                      PID:6536
                                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                      1⤵
                                                                        PID:6580
                                                                      • C:\Windows\system32\svchost.exe
                                                                        C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
                                                                        1⤵
                                                                        • Checks processor information in registry
                                                                        PID:6740
                                                                      • C:\Windows\System32\GameBarPresenceWriter.exe
                                                                        "C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
                                                                        1⤵
                                                                        • Network Service Discovery
                                                                        PID:1688
                                                                      • C:\Windows\System32\svchost.exe
                                                                        C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc
                                                                        1⤵
                                                                        • Checks processor information in registry
                                                                        • Modifies data under HKEY_USERS
                                                                        PID:6596
                                                                      • C:\Windows\system32\werfault.exe
                                                                        werfault.exe /h /shared Global\58c263f060ee4e61a864320255637761 /t 6876 /p 4388
                                                                        1⤵
                                                                          PID:3052
                                                                        • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                          "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
                                                                          1⤵
                                                                          • Executes dropped EXE
                                                                          • Checks system information in the registry
                                                                          • System Location Discovery: System Language Discovery
                                                                          • Suspicious use of AdjustPrivilegeToken
                                                                          PID:5896
                                                                        • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                          "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
                                                                          1⤵
                                                                          • Executes dropped EXE
                                                                          • Checks system information in the registry
                                                                          • System Location Discovery: System Language Discovery
                                                                          PID:4344
                                                                        • C:\Windows\system32\dwm.exe
                                                                          "dwm.exe"
                                                                          1⤵
                                                                          • Checks SCSI registry key(s)
                                                                          • Enumerates system info in registry
                                                                          • Modifies data under HKEY_USERS
                                                                          • Suspicious use of AdjustPrivilegeToken
                                                                          PID:6740

                                                                        Network

                                                                        MITRE ATT&CK Enterprise v15

                                                                        Reconnaissance

                                                                        Resource Development

                                                                        Initial Access

                                                                        Execution

                                                                        Persistence

                                                                        Event Triggered Execution

                                                                        2
                                                                        T1546

                                                                        Component Object Model Hijacking

                                                                        1
                                                                        T1546.015

                                                                        Image File Execution Options Injection

                                                                        1
                                                                        T1546.012

                                                                        Privilege Escalation

                                                                        Event Triggered Execution

                                                                        2
                                                                        T1546

                                                                        Component Object Model Hijacking

                                                                        1
                                                                        T1546.015

                                                                        Image File Execution Options Injection

                                                                        1
                                                                        T1546.012

                                                                        Defense Evasion

                                                                        Modify Registry

                                                                        2
                                                                        T1112

                                                                        Credential Access

                                                                        Discovery

                                                                        Browser Information Discovery

                                                                        1
                                                                        T1217

                                                                        Network Service Discovery

                                                                        1
                                                                        T1046

                                                                        Network Share Discovery

                                                                        1
                                                                        T1135

                                                                        Peripheral Device Discovery

                                                                        2
                                                                        T1120

                                                                        Query Registry

                                                                        7
                                                                        T1012

                                                                        System Information Discovery

                                                                        8
                                                                        T1082

                                                                        System Location Discovery

                                                                        1
                                                                        T1614

                                                                        System Language Discovery

                                                                        1
                                                                        T1614.001

                                                                        System Network Configuration Discovery

                                                                        1
                                                                        T1016

                                                                        Internet Connection Discovery

                                                                        1
                                                                        T1016.001

                                                                        Lateral Movement

                                                                        Collection

                                                                        Command and Control

                                                                        Web Service

                                                                        1
                                                                        T1102

                                                                        Exfiltration

                                                                        Impact

                                                                        Replay Monitor

                                                                        Loading Replay Monitor...

                                                                        Downloads

                                                                        • C:\Program Files (x86)\Microsoft\EdgeCore\131.0.2903.86\Installer\setup.exe
                                                                          Filesize

                                                                          6.6MB

                                                                          MD5

                                                                          69221ee7ef83d7eb340857b5833eea14

                                                                          SHA1

                                                                          d7f27c64b62eefe2c204a323cc812fa56f58ce1e

                                                                          SHA256

                                                                          ad14d7268ee8a9c3c89e7cf62a8a9b713c9f37069fe85b3f8fe525dcda8cdfc9

                                                                          SHA512

                                                                          8df73f03d7438082b9e8793f5346a7385c91139d879703dd8c32acfdacb200c18231a5a9cedd7836c892ebb7a8888857c68653728b9027ca1f483a1751fbe2e3

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\EdgeUpdate.dat
                                                                          Filesize

                                                                          12KB

                                                                          MD5

                                                                          369bbc37cff290adb8963dc5e518b9b8

                                                                          SHA1

                                                                          de0ef569f7ef55032e4b18d3a03542cc2bbac191

                                                                          SHA256

                                                                          3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3

                                                                          SHA512

                                                                          4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\MicrosoftEdgeComRegisterShellARM64.exe
                                                                          Filesize

                                                                          179KB

                                                                          MD5

                                                                          7a160c6016922713345454265807f08d

                                                                          SHA1

                                                                          e36ee184edd449252eb2dfd3016d5b0d2edad3c6

                                                                          SHA256

                                                                          35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9

                                                                          SHA512

                                                                          c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\MicrosoftEdgeUpdate.exe
                                                                          Filesize

                                                                          201KB

                                                                          MD5

                                                                          4dc57ab56e37cd05e81f0d8aaafc5179

                                                                          SHA1

                                                                          494a90728d7680f979b0ad87f09b5b58f16d1cd5

                                                                          SHA256

                                                                          87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718

                                                                          SHA512

                                                                          320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe
                                                                          Filesize

                                                                          212KB

                                                                          MD5

                                                                          60dba9b06b56e58f5aea1a4149c743d2

                                                                          SHA1

                                                                          a7e456acf64dd99ca30259cf45b88cf2515a69b3

                                                                          SHA256

                                                                          4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112

                                                                          SHA512

                                                                          e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\MicrosoftEdgeUpdateCore.exe
                                                                          Filesize

                                                                          257KB

                                                                          MD5

                                                                          c044dcfa4d518df8fc9d4a161d49cece

                                                                          SHA1

                                                                          91bd4e933b22c010454fd6d3e3b042ab6e8b2149

                                                                          SHA256

                                                                          9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2

                                                                          SHA512

                                                                          f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\NOTICE.TXT
                                                                          Filesize

                                                                          4KB

                                                                          MD5

                                                                          6dd5bf0743f2366a0bdd37e302783bcd

                                                                          SHA1

                                                                          e5ff6e044c40c02b1fc78304804fe1f993fed2e6

                                                                          SHA256

                                                                          91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5

                                                                          SHA512

                                                                          f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdate.dll
                                                                          Filesize

                                                                          2.0MB

                                                                          MD5

                                                                          965b3af7886e7bf6584488658c050ca2

                                                                          SHA1

                                                                          72daabdde7cd500c483d0eeecb1bd19708f8e4a5

                                                                          SHA256

                                                                          d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19

                                                                          SHA512

                                                                          1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_af.dll
                                                                          Filesize

                                                                          28KB

                                                                          MD5

                                                                          567aec2d42d02675eb515bbd852be7db

                                                                          SHA1

                                                                          66079ae8ac619ff34e3ddb5fb0823b1790ba7b37

                                                                          SHA256

                                                                          a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c

                                                                          SHA512

                                                                          3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_am.dll
                                                                          Filesize

                                                                          24KB

                                                                          MD5

                                                                          f6c1324070b6c4e2a8f8921652bfbdfa

                                                                          SHA1

                                                                          988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf

                                                                          SHA256

                                                                          986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717

                                                                          SHA512

                                                                          63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_ar.dll
                                                                          Filesize

                                                                          26KB

                                                                          MD5

                                                                          570efe7aa117a1f98c7a682f8112cb6d

                                                                          SHA1

                                                                          536e7c49e24e9aa068a021a8f258e3e4e69fa64f

                                                                          SHA256

                                                                          e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01

                                                                          SHA512

                                                                          5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_as.dll
                                                                          Filesize

                                                                          28KB

                                                                          MD5

                                                                          a8d3210e34bf6f63a35590245c16bc1b

                                                                          SHA1

                                                                          f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693

                                                                          SHA256

                                                                          3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766

                                                                          SHA512

                                                                          6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_az.dll
                                                                          Filesize

                                                                          29KB

                                                                          MD5

                                                                          7937c407ebe21170daf0975779f1aa49

                                                                          SHA1

                                                                          4c2a40e76209abd2492dfaaf65ef24de72291346

                                                                          SHA256

                                                                          5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9

                                                                          SHA512

                                                                          8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_bg.dll
                                                                          Filesize

                                                                          29KB

                                                                          MD5

                                                                          8375b1b756b2a74a12def575351e6bbd

                                                                          SHA1

                                                                          802ec096425dc1cab723d4cf2fd1a868315d3727

                                                                          SHA256

                                                                          a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105

                                                                          SHA512

                                                                          aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_bn-IN.dll
                                                                          Filesize

                                                                          29KB

                                                                          MD5

                                                                          a94cf5e8b1708a43393263a33e739edd

                                                                          SHA1

                                                                          1068868bdc271a52aaae6f749028ed3170b09cce

                                                                          SHA256

                                                                          5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c

                                                                          SHA512

                                                                          920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_bn.dll
                                                                          Filesize

                                                                          29KB

                                                                          MD5

                                                                          7dc58c4e27eaf84ae9984cff2cc16235

                                                                          SHA1

                                                                          3f53499ddc487658932a8c2bcf562ba32afd3bda

                                                                          SHA256

                                                                          e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98

                                                                          SHA512

                                                                          bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_bs.dll
                                                                          Filesize

                                                                          28KB

                                                                          MD5

                                                                          e338dccaa43962697db9f67e0265a3fc

                                                                          SHA1

                                                                          4c6c327efc12d21c4299df7b97bf2c45840e0d83

                                                                          SHA256

                                                                          99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04

                                                                          SHA512

                                                                          e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_ca-Es-VALENCIA.dll
                                                                          Filesize

                                                                          29KB

                                                                          MD5

                                                                          2929e8d496d95739f207b9f59b13f925

                                                                          SHA1

                                                                          7c1c574194d9e31ca91e2a21a5c671e5e95c734c

                                                                          SHA256

                                                                          2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df

                                                                          SHA512

                                                                          ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_ca.dll
                                                                          Filesize

                                                                          30KB

                                                                          MD5

                                                                          39551d8d284c108a17dc5f74a7084bb5

                                                                          SHA1

                                                                          6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884

                                                                          SHA256

                                                                          8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07

                                                                          SHA512

                                                                          6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_cs.dll
                                                                          Filesize

                                                                          28KB

                                                                          MD5

                                                                          16c84ad1222284f40968a851f541d6bb

                                                                          SHA1

                                                                          bc26d50e15ccaed6a5fbe801943117269b3b8e6b

                                                                          SHA256

                                                                          e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b

                                                                          SHA512

                                                                          d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_cy.dll
                                                                          Filesize

                                                                          28KB

                                                                          MD5

                                                                          34d991980016595b803d212dc356d765

                                                                          SHA1

                                                                          e3a35df6488c3463c2a7adf89029e1dd8308f816

                                                                          SHA256

                                                                          252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e

                                                                          SHA512

                                                                          8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_da.dll
                                                                          Filesize

                                                                          28KB

                                                                          MD5

                                                                          d34380d302b16eab40d5b63cfb4ed0fe

                                                                          SHA1

                                                                          1d3047119e353a55dc215666f2b7b69f0ede775b

                                                                          SHA256

                                                                          fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f

                                                                          SHA512

                                                                          45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_de.dll
                                                                          Filesize

                                                                          30KB

                                                                          MD5

                                                                          aab01f0d7bdc51b190f27ce58701c1da

                                                                          SHA1

                                                                          1a21aabab0875651efd974100a81cda52c462997

                                                                          SHA256

                                                                          061a7cdaff9867ddb0bd3de2c0760d6919d8d2ca7c7f889ec2d32265d7e7a75c

                                                                          SHA512

                                                                          5edbda45205b61ac48ea6e874411bb1031989001539650de6e424528f72ec8071bd709c037c956450bb0558ee37d026c26fdb966efceb990ed1219f135b09e6e

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_el.dll
                                                                          Filesize

                                                                          30KB

                                                                          MD5

                                                                          ac275b6e825c3bd87d96b52eac36c0f6

                                                                          SHA1

                                                                          29e537d81f5d997285b62cd2efea088c3284d18f

                                                                          SHA256

                                                                          223d2db0bc2cc82bda04a0a2cd2b7f6cb589e2fa5c0471a2d5eb04d2ffcfcfa0

                                                                          SHA512

                                                                          bba581412c4297c4daf245550a2656cdc2923f77158b171e0eacf6e933c174eac84580864813cf6d75d73d1a58e0caf46170aee3cee9d84dc468379252b16679

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_en-GB.dll
                                                                          Filesize

                                                                          27KB

                                                                          MD5

                                                                          d749e093f263244d276b6ffcf4ef4b42

                                                                          SHA1

                                                                          69f024c769632cdbb019943552bac5281d4cbe05

                                                                          SHA256

                                                                          fd90699e7f29b6028a2e8e6f3ae82d26cdc6942bd39c4f07b221d87c5dbbfe1e

                                                                          SHA512

                                                                          48d51b006ce0cd903154fa03d17e76591db739c4bfb64243725d21d4aa17db57a852077be00b9a51815d09664d18f9e6ad61d9bc41b3d013ed24aaec8f477ad9

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_en.dll
                                                                          Filesize

                                                                          27KB

                                                                          MD5

                                                                          4a1e3cf488e998ef4d22ac25ccc520a5

                                                                          SHA1

                                                                          dc568a6e3c9465474ef0d761581c733b3371b1cd

                                                                          SHA256

                                                                          9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011

                                                                          SHA512

                                                                          ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_es-419.dll
                                                                          Filesize

                                                                          29KB

                                                                          MD5

                                                                          28fefc59008ef0325682a0611f8dba70

                                                                          SHA1

                                                                          f528803c731c11d8d92c5660cb4125c26bb75265

                                                                          SHA256

                                                                          55a69ce2d6fc4109d16172ba6d9edb59dbadbc8af6746cc71dc4045aa549022d

                                                                          SHA512

                                                                          2ec71244303beac7d5ce0905001fe5b0fb996ad1d1c35e63eecd4d9b87751f0633a281554b3f0aa02ee44b8ceaad85a671ef6c34589055797912324e48cc23ed

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_es.dll
                                                                          Filesize

                                                                          28KB

                                                                          MD5

                                                                          9db7f66f9dc417ebba021bc45af5d34b

                                                                          SHA1

                                                                          6815318b05019f521d65f6046cf340ad88e40971

                                                                          SHA256

                                                                          e652159a75cbab76217ecbb4340020f277175838b316b32cf71e18d83da4a819

                                                                          SHA512

                                                                          943d8fc0d308c5ccd5ab068fc10e799b92465a22841ce700c636e7ae1c12995d99c0a93ab85c1ae27fefce869eabadbeafee0f2f5f010ad3b35fa4f748b54952

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_et.dll
                                                                          Filesize

                                                                          28KB

                                                                          MD5

                                                                          b78cba3088ecdc571412955742ea560b

                                                                          SHA1

                                                                          bc04cf9014cec5b9f240235b5ff0f29dbdb22926

                                                                          SHA256

                                                                          f0a4cfd96c85f2d98a3c9ecfadd41c0c139fdb20470c8004f4c112dd3d69e085

                                                                          SHA512

                                                                          04c8ab8e62017df63e411a49fb6218c341672f348cb9950b1f0d2b2a48016036f395b4568da70989f038e8e28efea65ddd284dfd490e93b6731d9e3e0e0813cf

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_eu.dll
                                                                          Filesize

                                                                          28KB

                                                                          MD5

                                                                          a7e1f4f482522a647311735699bec186

                                                                          SHA1

                                                                          3b4b4b6e6a5e0c1981c62b6b33a0ca78f82b7bbd

                                                                          SHA256

                                                                          e5615c838a71b533b26d308509954907bcc0eb4032cdbaa3db621eede5e6bfa4

                                                                          SHA512

                                                                          22131600bbac8d9c2dab358e244ec85315a1aaebfc0fb62aaa1493c418c8832c3a6fbf24a6f8cf4704fdc4bc10a66c88839a719116b4a3d85264b7ad93c54d57

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Microsoft\Temp\EUE6AD.tmp\msedgeupdateres_fa.dll
                                                                          Filesize

                                                                          27KB

                                                                          MD5

                                                                          cbe3454843ce2f36201460e316af1404

                                                                          SHA1

                                                                          0883394c28cb60be8276cb690496318fcabea424

                                                                          SHA256

                                                                          c66c4024847d353e9985eb9b2f060b2d84f12cc77fb6479df5ffc55dbda97e59

                                                                          SHA512

                                                                          f39e660f3bfab288871d3ec40135c16d31c6eb1a84136e065b54ff306f6f8016a788c713d4d8e46ad62e459f9073d2307a6ed650919b2dd00577bbfd04e5bd73

                                                                          Download Submit

                                                                        • C:\Program Files (x86)\Roblox\Versions\version-a35d937606da489c\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
                                                                          Filesize

                                                                          1.5MB

                                                                          MD5

                                                                          610b1b60dc8729bad759c92f82ee2804

                                                                          SHA1

                                                                          9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552

                                                                          SHA256

                                                                          921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08

                                                                          SHA512

                                                                          0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4

                                                                          Download Submit

                                                                        • C:\Program Files\MsEdgeCrashpad\settings.dat
                                                                          Filesize

                                                                          280B

                                                                          MD5

                                                                          c9e826655f1e5d91b41a7ddbfd22a817

                                                                          SHA1

                                                                          3fc1cb2e3a81a2c60036b760ae704f7ea78d0639

                                                                          SHA256

                                                                          ca6f125fe37056f37087688a696291f990a2dd31ce770e42af84c518f0e012f3

                                                                          SHA512

                                                                          07141a1e82c1fa50db4943a09a4fe31a7692d462a30c2d7e858890492939a50a871cdd7acb280ecf9c43cf072a522dc4edd046baa2bda15b2fe05b727c26c442

                                                                          Download Submit

                                                                        • C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
                                                                          Filesize

                                                                          91KB

                                                                          MD5

                                                                          dfa172611181ccdeecc772c1f0bd873e

                                                                          SHA1

                                                                          fd1d6913a772576853a202c23565f1d2f663cdb6

                                                                          SHA256

                                                                          afc0900452035c1b6049ed90c4bdba72505886a30bfe1f012282d8e76b93d79a

                                                                          SHA512

                                                                          76aaf0aabd17a65f3c32c1d5db11da1b749a14d07b53092dc3e706f184215cabea73c530eb2b06d6ab2efd6f9fa184acd7e9d82a10251a1b0e8f09b6f0b96e3e

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\metadata
                                                                          Filesize

                                                                          150B

                                                                          MD5

                                                                          8a2a0a0673bb625c2d4bae827576b08a

                                                                          SHA1

                                                                          1336443a47ec3918a84c02f2996b2dacc7d50d68

                                                                          SHA256

                                                                          22668725e6eeee15dcc0077ce03471b3baeda7d7bea8ebd8c2131cc894d4340a

                                                                          SHA512

                                                                          7f7d96768bc3d7bb6544dccc3cea735d3c6c061ae4ab1d9672ef4d900bf21c2c1ec284d62fa268d7d98130e9867de99c2c0d2debd0c6e645ac7db45450fb2568

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\reports\986361fd-9fba-4928-9253-5db09d46901b.dmp
                                                                          Filesize

                                                                          4.1MB

                                                                          MD5

                                                                          3ae0b85e6baf2439de362ae5573cd143

                                                                          SHA1

                                                                          515536339275844609a3d22baa901c5f569befdf

                                                                          SHA256

                                                                          d30da4c63ec8fbc9c47b5611b78acedd0753f746826c633356138917c8ef4839

                                                                          SHA512

                                                                          7e9d61a87e705d571998762e8400eac91046d77265a33f635aee20d94b2cdfb2530456e1369a0775554b40ce7929dacdaeebcc39d5e93bdb447d1dc763e53a4d

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                          Filesize

                                                                          152B

                                                                          MD5

                                                                          dc058ebc0f8181946a312f0be99ed79c

                                                                          SHA1

                                                                          0c6f376ed8f2d4c275336048c7c9ef9edf18bff0

                                                                          SHA256

                                                                          378701e87dcff90aa092702bc299859d6ae8f7e313f773bf594f81df6f40bf6a

                                                                          SHA512

                                                                          36e0de64a554762b28045baebf9f71930c59d608f8d05c5faf8906d62eaf83f6d856ef1d1b38110e512fbb1a85d3e2310be11a7f679c6b5b3c62313cc7af52aa

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                          Filesize

                                                                          152B

                                                                          MD5

                                                                          2009555c0bb5f9bf2c55e65e80350eef

                                                                          SHA1

                                                                          667993bb8554032c3b3755b7733fd6532b0685c8

                                                                          SHA256

                                                                          65dfb785a61414136f5b61c4e8e9dea11d6e714917704c752bc5f67568f9f4e7

                                                                          SHA512

                                                                          29819a30731703e1e8ea1141314dc1931a6792c99911c60b065653be36d8f9311b2f95014338dbf5924ffdd453e6c1e6d8fca2782c443e874560beba6d777531

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                          Filesize

                                                                          152B

                                                                          MD5

                                                                          a0486d6f8406d852dd805b66ff467692

                                                                          SHA1

                                                                          77ba1f63142e86b21c951b808f4bc5d8ed89b571

                                                                          SHA256

                                                                          c0745fd195f3a51b27e4d35a626378a62935dccebefb94db404166befd68b2be

                                                                          SHA512

                                                                          065a62032eb799fade5fe75f390e7ab3c9442d74cb8b520d846662d144433f39b9186b3ef3db3480cd1d1d655d8f0630855ed5d6e85cf157a40c38a19375ed8a

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004d
                                                                          Filesize

                                                                          51KB

                                                                          MD5

                                                                          588ee33c26fe83cb97ca65e3c66b2e87

                                                                          SHA1

                                                                          842429b803132c3e7827af42fe4dc7a66e736b37

                                                                          SHA256

                                                                          bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760

                                                                          SHA512

                                                                          6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                          Filesize

                                                                          456B

                                                                          MD5

                                                                          a78eea594bc6c5272b86fb63f4ec32db

                                                                          SHA1

                                                                          7f09764f23950253e5bc720a071fba7f07d61068

                                                                          SHA256

                                                                          6b21b1438fe69cd11e8fed706f3552aee88d4d0a8acc66ed95b31ae5ef0388fe

                                                                          SHA512

                                                                          4cb9304f5e2234d5b7d46a59f82f5df7b1e914a56aae83428a0e683d684a554a75f86627e1f2c19f6e758af5ddc9ee8755ed20063c6080f3ab5b3500f8753d51

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                          Filesize

                                                                          2KB

                                                                          MD5

                                                                          275f4ad3f83922c9cd193179f52cf9f5

                                                                          SHA1

                                                                          c5a1ec4118cf00a1d8744590f48ad5af6a0449e0

                                                                          SHA256

                                                                          6662ab2407e237222c8a14eb83555f2bca86d3f423b4bb7291c993db9bd7190e

                                                                          SHA512

                                                                          62848e573827792348c41a750b873159784cd0a01d26d6255773141d06d32aff9a06fce9a3af9f0da4d4d51578f201005fbfa0e30523a9eff7a37ed1c976ae49

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                          Filesize

                                                                          5KB

                                                                          MD5

                                                                          1679f578fde6cd872187ef10c4682af4

                                                                          SHA1

                                                                          de0ac0aa9dabd413c8b48433db0fa469dd84bae4

                                                                          SHA256

                                                                          521c1ed1eadb3891e23d32a12caac9c12930b34b222515d57ee77a1314b02c06

                                                                          SHA512

                                                                          399dd6640b33407d0faeb41fc319a3f1aff46ac66a11496e582f9519d00e2326cec5522b90061f948b0cac88b4cf444b6d9bd57fd97b589a0de85184491c46cf

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\CURRENT
                                                                          Filesize

                                                                          16B

                                                                          MD5

                                                                          46295cac801e5d4857d09837238a6394

                                                                          SHA1

                                                                          44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                          SHA256

                                                                          0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                          SHA512

                                                                          8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
                                                                          Filesize

                                                                          392B

                                                                          MD5

                                                                          daabcbdddd27398ff23e431901cdc3f2

                                                                          SHA1

                                                                          b7e7b320dc873c3836def6abb54f05a88d498b6b

                                                                          SHA256

                                                                          5d9749cfb6b0d049cc10a219592e7c9c55a9d7ec753141d66b4871e95e2fb5c5

                                                                          SHA512

                                                                          fd3bd8063332bd147f3107db9d68aa09c712f8d28c5508e123cb2f1e1b8d058afcb8b1f62e5228eb596f69c41330e6e9b2c7090821345598f49c04f90a1b3253

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old~RFe58c484.TMP
                                                                          Filesize

                                                                          513B

                                                                          MD5

                                                                          2908ebe8b20710bbe1e24be7be899b35

                                                                          SHA1

                                                                          c3d5714f384681720bd36f1895b8f63c4784eb39

                                                                          SHA256

                                                                          60f8c8fdb52d87877a7b76ec9a6f09c9f7a3f932823b66291e0db21f477ec56d

                                                                          SHA512

                                                                          59e5f456f5c57d7d785e16c52e2d7a282b2f3e51f9816ffd155264137f032ea8fbf7e160779fa74db64a785c1fe02df5593778b40cdc4782599293bbb46c04bf

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001
                                                                          Filesize

                                                                          23B

                                                                          MD5

                                                                          3fd11ff447c1ee23538dc4d9724427a3

                                                                          SHA1

                                                                          1335e6f71cc4e3cf7025233523b4760f8893e9c9

                                                                          SHA256

                                                                          720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

                                                                          SHA512

                                                                          10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                          Filesize

                                                                          4KB

                                                                          MD5

                                                                          15cb8d05aa6354cdcfdf09b9e2462ec6

                                                                          SHA1

                                                                          908dd3af68a21c4ef0ad9721ba4855d9e8902728

                                                                          SHA256

                                                                          1297c1a106e9f09101767cbe3b165b0a6b463f36f2a62df572688addbc1625e3

                                                                          SHA512

                                                                          28146c79465642348b91a4502722bef2c35bce12b0aa07ede107a8184f2efb42429076426dda1df68f3c1bea807d7d8c9b77c5dccd7757e28233ed5b54cf6c12

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                          Filesize

                                                                          7KB

                                                                          MD5

                                                                          96122cf7ec01214a4c720337bf08216a

                                                                          SHA1

                                                                          95a93ab15b5f2b19b79078edba2d197afb88700b

                                                                          SHA256

                                                                          3f2265d52364a39f49a73d74f87b202be88809eaa3415a7c4478b901cd73bac0

                                                                          SHA512

                                                                          ec1690987736166fcf068e438c2db5f236ef82b58dc39652eb85aa490cc2031a46b30dc3a86e938abadcd771b1c15503b14d868294a270a960565027b985e7cf

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                          Filesize

                                                                          7KB

                                                                          MD5

                                                                          92bf9962f284f67a92776abcbf3598c0

                                                                          SHA1

                                                                          18cf3825d049489ddce2103d13e8eb4c5b0b8479

                                                                          SHA256

                                                                          8acf2478b5ce6c306735b325c4e5a17bfe02de343148f1ad6751a5ce82b7c5e7

                                                                          SHA512

                                                                          839321091e1350187c318e4451c237f47688e943c3b0635e7be38b2fe1ba0b5afc002792742f9b8d60c02034f652399d1087d393577034fbc328659ab3431feb

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                          Filesize

                                                                          7KB

                                                                          MD5

                                                                          542d6c62191eceb368c45339f3ae76a9

                                                                          SHA1

                                                                          9c12a0308bf64a8fea1db30bfd0778f0c1df6416

                                                                          SHA256

                                                                          db39d2647dd930ac26d7309746d2a13b553b79b4213eef8920146b20347363c3

                                                                          SHA512

                                                                          99b6eb24e5f4bffc7ab61fab57f09bbf02e7a89df207e2dd0e407495caaad520255a4b4a167ee588e0afd9b119f3b441b3c40d7ec1acf555587055ae636f1b67

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                          Filesize

                                                                          7KB

                                                                          MD5

                                                                          1b9250f6e0a7a03968087e5b1cafd434

                                                                          SHA1

                                                                          eddb4345d283dbd20aa984dc48f502949cc8b7d5

                                                                          SHA256

                                                                          b705485ab8e23edf51c48f45fd7db42514f018e0a021fff9ceed5ac4d27549aa

                                                                          SHA512

                                                                          0f8e2f5eb900079c61f5a07e71a6a82c364d7f1bbdc4bb27ecaeb917f9121dfcedd1dadd0ef8779648e384cbf12ec9f5360a1cd259accc0c8f451bbdaa84df0f

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                          Filesize

                                                                          8KB

                                                                          MD5

                                                                          1234bb2fc7a36709e600a5b40b41d0a2

                                                                          SHA1

                                                                          7e8ef664c49a925e1a2cc7281eea65444ea24e8c

                                                                          SHA256

                                                                          feb2603b8fa9b79d45d7476447ed391627f17f9fc50c2d4c516a14a43b5cea9c

                                                                          SHA512

                                                                          45bd9438dc6348c9aa8772326e14c4679fe4eea818d28baa80aff17b48c891d24da70ed582396ce5e14ab95878c1d9837efd82841bfe8861a30091cc7b3c6fcc

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                          Filesize

                                                                          5KB

                                                                          MD5

                                                                          e97ba0417c9a99d7f3871cc511621bc3

                                                                          SHA1

                                                                          41c717c4ba89fa0a9fecf7ba773913523d633ddc

                                                                          SHA256

                                                                          763eb620eeecbd2e5f84464d3ef295164dd397b74b719dbdad9375a637e43204

                                                                          SHA512

                                                                          c08846245c2281419134a390e2be7665f4181895eed09d4eb16b318fcff61d725cbefa10b3727896bbd3268c8f2cd124494733dd010b4dccb7681c2739cf0560

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          097895ae8159e1d5edb459e992fd1fad

                                                                          SHA1

                                                                          f526d203b579f192ecc965c72997eae3599c0a7e

                                                                          SHA256

                                                                          48e44f478bb1cf94637dca6ac34d32f1e43639b814352b07a52fbd99d0fd6d27

                                                                          SHA512

                                                                          3b0a006c5ecbf5c52edb9123d2c5f43350c6b5d685f263d4ade5ae81edb58930dbde8061d99c250d8c6164245f8916c2b41617277c859228eb1df0717126e203

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\32cadb2b6d359d069dd3f3d132c212a43d223701\index.txt
                                                                          Filesize

                                                                          35B

                                                                          MD5

                                                                          343859b4ad03856a60d076c8cd8f22c3

                                                                          SHA1

                                                                          7954a27de3329b4c5eefd4bdcb8450823881aad6

                                                                          SHA256

                                                                          8c79b653c087618aa7395d5e75198da7d3b04c08654c39e56b1027f9ef269c2f

                                                                          SHA512

                                                                          58014a4e7f2b4b0d446fae3570196b8fb95d0d1b70bdab0dd34a74d6c62cd8d7ca494a486f19c1a829988a3af83a08d401f18d1769ce1799a02ee09807234254

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\32cadb2b6d359d069dd3f3d132c212a43d223701\index.txt~RFe58ec11.TMP
                                                                          Filesize

                                                                          99B

                                                                          MD5

                                                                          b75ef9a135d0896d762107375c33417a

                                                                          SHA1

                                                                          9e74b177bc3dacb8a28cd14168cb358a8565e0dd

                                                                          SHA256

                                                                          ccd47745f64c8294cc90906047d9b53050078192b30d0d26ef07aa5ecbf9f53a

                                                                          SHA512

                                                                          11327b6283c2b54b45b1369a3e8bb5b1e5f5e8dc01e72eccab7fda7aa6eda1c19d0d686182d6c878967f784a7ecaa095f5ff2a4581d28d41d5a53c9d34a7db08

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          13ba36c50532c216b196aebad55ad121

                                                                          SHA1

                                                                          363890715587a924ae3ae5f10557f980d742c9ff

                                                                          SHA256

                                                                          ae033c05e71b7ffeb18895f889b92cb31ade7d8e79b0b9d6773ef6028f5e904b

                                                                          SHA512

                                                                          a02ce980521aff00b0d542cb2af90ae0de509c1eea660e4690a3122ef138357fa0c14e1b57967177be2b3790c518eca1a8efcfed405964d0910109fd288d7997

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          85a5bf8e8c54537ef7f0249793b33dc9

                                                                          SHA1

                                                                          3f7335c9ef0f689346e61ff6279b3d26a0ede160

                                                                          SHA256

                                                                          fa9c89d448603ff8f8aa58d18a135aa94fa083c7f8c6aeaf700aca52812a62b3

                                                                          SHA512

                                                                          1ee762e401998fd20eefe6cf3885f1cd0f73a1c56a03a04533587bfca5c37ab59514ecbe1a4e4a200b70578a4206cd80ebbbec0f1e1eff325c040fed48d69b6c

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          b7d722080291685318fc4878a402ee54

                                                                          SHA1

                                                                          0a3276b6b294e86eb54b3e9089cf1bd4f1ee919b

                                                                          SHA256

                                                                          6a60a680643cbf37dde69be3c3d6421082e11e4b5470eed5554c5c795795d5ee

                                                                          SHA512

                                                                          08df70a8e530c7de85d454c60ccefb9d2115de0dc8ff0d29436e8824470c4343f8db8ad1e9204870c873299773bbf6906200d911a937348d7e2be874718762a5

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          af4b46bff3ab3c1803d84fac5acd21c8

                                                                          SHA1

                                                                          1746cb198896fe67ab28e177c3bc130bfb041751

                                                                          SHA256

                                                                          a67e34e8beb2453850f436da36e5ab52f8287cdad6e60312e021adc3ea8de293

                                                                          SHA512

                                                                          4382330479476a7b10fd4cb3bf603f17b11a0e7cebaab5cc9fcb8f8bb4255a8192d4e8785b3fb9567a2f7c2dd1037b838bc795573a2f3ca030ba9bbe44d9c964

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          8c4cff0a675b0265151b950e60fc0348

                                                                          SHA1

                                                                          acaf27aa7f3bd2c712a619a9bb939465643c706f

                                                                          SHA256

                                                                          cc296160094730b9ff3cab58c4d1bb7dd6017fe961c74f82e7eea9d14312c74e

                                                                          SHA512

                                                                          59354eae89ccf455b1f1f9695e8aec570b1edfaba433f03cef46ef126fc8ccc03b39b3819518459d2fa9ed2c04e9a1a7acb32c9279288c8667076c491a39e91b

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          f66f443423e8d0df893368fc6b1b6c1e

                                                                          SHA1

                                                                          b41fba3de4b4000ae14706c16554136babbf5b21

                                                                          SHA256

                                                                          2e90ad0ef4fef89a1dc8802caf2f5a650e9c31babac3b9a5d5ea7410fa05c4c7

                                                                          SHA512

                                                                          2a80e3e7588c343417a387a6279e4968e5d0ef67bae3f8f0e3b38e86ac7f4b56451f3d7f303aa203ad777d0fd272298452361bd2bfc7e558064ce2e7ee7bd5ec

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          46cc5638172623efeeaf28cfc255127d

                                                                          SHA1

                                                                          4a2009b9e2000552f52f1c8027bbf50342f7a5e0

                                                                          SHA256

                                                                          b50b18ab9a600f2e2a890736a9edf4dea19acdfbf318c54c0cc99a8de571d3cc

                                                                          SHA512

                                                                          8307e2f954efbeb0887da4f424931d30a95c7478cbc3bb568633da3f852585fe1ba2080f1394cdf067c30334a568f5ef62a01ba35fc7dba94e67147fea484477

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          d3839f9044657cd93d715d604089f47a

                                                                          SHA1

                                                                          0f8ca142dffc27b580c4ad14547f62b0cb843b99

                                                                          SHA256

                                                                          5e914c510fedc1fcadfed63a0ba56ecf044f0c456eacf0b8c1656e7a91de0744

                                                                          SHA512

                                                                          8e27f783f4fe30fb30ffbec13ac50588f18e39b99af7682f5c01d0967214cc0df87d2e1439f33a381314f25c227e5637ba4ec862c2c13b08f51fe1ac3bb861ba

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          2KB

                                                                          MD5

                                                                          5a63007438063fdeffe555e0a32db02f

                                                                          SHA1

                                                                          d607c384797f1d645a74abace04d4696ea9180f8

                                                                          SHA256

                                                                          be4f3c479951140ba13580125b497f422e0890b7e12bfddbf39667db743f4d7a

                                                                          SHA512

                                                                          e02b3f32004149fbc670f027d3f59d8bbbf99091ee7def847d7bb1377865b00235f1e9f919b5d77c30337886114a44ecf2e914db566add9f30f60b8fed16042e

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          d60e0551f3714872e3a2edbcc406408b

                                                                          SHA1

                                                                          43a2a6f17b0f65446dfb12b1bfa3f08abc2b2055

                                                                          SHA256

                                                                          2e429c4c4c95e3971aa5e73cda15ba518f9ea0b64a0c4dfc9390ac697e1257a1

                                                                          SHA512

                                                                          b271a5d722349dd88b6d2d4bf4e0b204b93af438c09f88f64d2cfaaeaa89cd3626c0eb95ac94cb2c05b5638a00a933bb2cb75dd91fca0a5b72e353a63a67beff

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          5a08dba728a5116138d91bcf1fc81b92

                                                                          SHA1

                                                                          a85de6362b88495924222395f61e054435280870

                                                                          SHA256

                                                                          193bb5c566803a3a17918fd7bea2c3646b4dfb7c1823683d056c9a98021ad401

                                                                          SHA512

                                                                          917b7416fe8a66a5c26095bd0489286b4abfdff3f49df7a958ee3af175ad2b0647e185f8da29ca5da36c52995e15bae35a338a23ec955838f27fbe75c7610017

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          89a5eaf0a6a89782263ba89a5bb2b2a5

                                                                          SHA1

                                                                          6cf9371825795b81ee5eac137c6bf5faf8e6e1a8

                                                                          SHA256

                                                                          d41d272c1e855a1a2723454e2238de96a9cc8be925f537cd91e04f0267abb8a8

                                                                          SHA512

                                                                          95e69b803a6525341fbf6402b322396197d6d827427f1afaf47e51da842ce1a366bfdbc86b910173453489c83a8656f4653c36696f707440c29e3ef1c3b32cb9

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          a60e2e70427c6c641555a650c2c64ec1

                                                                          SHA1

                                                                          ba73b28bb63fde92d46c076ea0e0dfc301dd74b7

                                                                          SHA256

                                                                          cf418e224b32565df8d8efee97924da2f275ee42978248c5b0942e65fd2fcdae

                                                                          SHA512

                                                                          6725b3a2b00c0e166344854fe8a9da2b521d83f4c54e547c72a6282fca72937897d3a85c262a62bb596b45da1f1200c428301eee631575460a911110bb5de10e

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          a7f360b2fd8389d72f1a6bc1eacc0404

                                                                          SHA1

                                                                          73099812fc1d383157abbeb56af21b3e2fc6cf04

                                                                          SHA256

                                                                          7af5c91feace955c144c41613bb0207031a439e7897d07a7827867c09c771aeb

                                                                          SHA512

                                                                          a2fda857291518b692dd89effaf08086145c9ab1f925bead8667486ab43e9f7ca7bb4695d74b7932d59f1ba711192f316b6cfcf76b0f6909b980d746b565a3e1

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          2KB

                                                                          MD5

                                                                          63ef6367ce1ee26041c477eedf7fb4e0

                                                                          SHA1

                                                                          77c5ecfd216adc42aafb40235401335101dfbb0b

                                                                          SHA256

                                                                          aac8360470f5e0d7a752680f23dc8cc314cb89557b1e6397a495363a9f28a425

                                                                          SHA512

                                                                          aee3282acb1f6f567cab6a77ba0925e5d5ee37a85c64654249513af954891ba31f77db4cc38fb77d27fd76a6106b7459899238b5f784480c4404a58baba8b7b9

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          4KB

                                                                          MD5

                                                                          9c8beb35d42824c1052d476f5d4437d1

                                                                          SHA1

                                                                          9c6aca269b7716c799699938f0e485738c4d6cac

                                                                          SHA256

                                                                          6fb250094178851abebf00a5e6727fa3854af0175f85d78e340d7c2dd836ad27

                                                                          SHA512

                                                                          2c6776cf1e5d10f5cf9330b9009598a1c5f2d3f6c9ef64163fd5d4780585df9d32f92a9842a7d3419844c184bd481f56327c0f73fb219f30c7e00b91b5d2fcc6

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          5KB

                                                                          MD5

                                                                          551f1adcafafd3dcd9872fd50b2565e3

                                                                          SHA1

                                                                          e1893fa54d639097cbe65866eacbcc0023f10411

                                                                          SHA256

                                                                          9ff1e4a7d2b58caa484a5f1eeadce236371d46cd94977fdc0175e9e8887f0b4f

                                                                          SHA512

                                                                          0b8bdb5fe58e60487617106b26b090227ce816f531b5e883e779dff6bbd3f7004f042fae9e288548d79186fc5df3e6bf9275057ca7ed136ab48782e8b3d14ef6

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          87ab0d2524e2ad9647657c901b2989a6

                                                                          SHA1

                                                                          ce1669adb2b9354d2766b5b3e53c156eb29b6aec

                                                                          SHA256

                                                                          2bbdb430b8b9202a9f7abf9108bc52c66c3648768a17b8849394df6092dacff0

                                                                          SHA512

                                                                          9b6f495c2514f17d6fa911bad3d2f3821efeb071a99f19cff12b141a7dabf283cc49096e64b9dbb9c344269b5aaa1c8ab8b59355d0b9e9de83fabbad69e46897

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          57233bf7410be41f95bc99b10728547f

                                                                          SHA1

                                                                          400a17ceb594c83cbac7585e8cbb62af50305284

                                                                          SHA256

                                                                          048f8a68ee3036b0d46ad70a7e82685eb0a28c610d5263c562c20ce2ce097529

                                                                          SHA512

                                                                          5f5e7b124c68c77c82469f1045f7dc0c69a6bca38d7a384ec495befe17e5f50b07892377f2cabbf7b8fcad7b488e5538e413c57cb7a837e2e87b159c99726c1b

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          757f5b668975e45a25615744b104844e

                                                                          SHA1

                                                                          37c3017e4c09225dc0d7919850e616d32346b9ce

                                                                          SHA256

                                                                          d288d8712734a1c08a90124a7958ac0ae6ba6db2060b6839cdc7ad93e5e3ead4

                                                                          SHA512

                                                                          64f8f163f3cdca5d688a867d7d35ab7d1bfe5f31944a9e920b7037f393c66ab72540573692e577f7f2a6dc7f106e1e727080cf54d4dcdfa369e66b4b90f342c8

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          2KB

                                                                          MD5

                                                                          2daf421cb0dd62860965e3214a7fd8d3

                                                                          SHA1

                                                                          5dc4010f933472317862e58e26dabcb12e84d4d7

                                                                          SHA256

                                                                          665aa84b6eb7dcf0c1b88352a0c002cdbbe321733309ccc177ec9180e75de394

                                                                          SHA512

                                                                          3828ed293acc9af152c301a16534283e0197bcfbc89ed818ca3d8df1d78318cbc22e259d1bdd4bbeeba164805b125839ea9a19fc7b09a6f0000d5e4fafc1dda2

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          2KB

                                                                          MD5

                                                                          6ae5a698d171f62ceefbfb56c6646fb9

                                                                          SHA1

                                                                          633e6fbacf05738fab64ce54582b3f0b9adebe06

                                                                          SHA256

                                                                          2b9e3e30817ae9ea8faf6f1ed4c2b7d4fbc9779bb917a94e58230bcfbea2d88c

                                                                          SHA512

                                                                          7ba92e2a208925959a8286cc76c964a956f1a42ff092f962a5d1b7ae3f97701d4d47c158fe7c162ca6704e5639ec2d5e4b84d1073c0eb5906f8c00e7691dcc1a

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          44ccfc1fd35ce02731e3ab81a3bea4c8

                                                                          SHA1

                                                                          582db6e030d9debff177f79a8fa21864d9c1c7ab

                                                                          SHA256

                                                                          4c7d0855c4b505d60c451a49a6d18265748ac8d66bcd0a2ed48c215b634cc458

                                                                          SHA512

                                                                          3dd4db4da9fb80c6b6f43fcfcfdac7e588b092523708f93891a3ce110893ad63e3daa83aa2110ed30e66ecdead944319f7c5e04be189d9f90f492fe7f9ec6f55

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          6688f113cb0e6ab1f5dbc8015de32a5d

                                                                          SHA1

                                                                          387fce497160a3fb567090d20dd1baf3816e2e06

                                                                          SHA256

                                                                          3cd992472c284ca7057e5a9b5d1fb60580bc5cb2d7b7730c937d43d038387642

                                                                          SHA512

                                                                          1586e2a40f058233c00123a3a81148d4931e23df47e9a59305e22307e87ae9b0634bf489138c85f3e78428448d674540f0d22d724c614ec89c2fbbc6f4ea31b9

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          809ad45cd04b6aeb0192dfa4ef6f5711

                                                                          SHA1

                                                                          7007163b0afdedcbe245378d5e4679c1ef538f4b

                                                                          SHA256

                                                                          5d98457b9b04c79ba30116156fa6985b421dd1f87cc281ef1e92f991ddc78f58

                                                                          SHA512

                                                                          643f6bca6bb8257f6727390434998a504dc4b8b0ec03f83fc92d953aa99218bf84253d621092ca36137c18442e913b182d9c2b1554e838c987db1fe749830c0d

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          911dcd66470a50e25868976d7e6bbaad

                                                                          SHA1

                                                                          6a4a920b6afc43439e8cdeac7b6fbf01c19730c5

                                                                          SHA256

                                                                          75bb81809ed2264232c13911076374680424f4e938b51708a4bc32582b5d4237

                                                                          SHA512

                                                                          17055ad5741917f1278fbb4ee55019b7e2167939ee2ff712b5457d1f9eadd04583673bf6145f6d27297addd5d238b715eb5da15f314793f0d4804b5453100907

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          b7aa3686a62356f09abde3af9393c551

                                                                          SHA1

                                                                          11c26cc09bd45deaa32d91e6576c8ab0985b1076

                                                                          SHA256

                                                                          998d0ea031794f2a5f1fe84908a2c43e254e8f30c291f3ce034547d6802c67e5

                                                                          SHA512

                                                                          0f8adbd43b117bd40053369bf69889e4b2f6d2e03e27f7e7c7422f17bcdb1cf61ea79f99223afb0c60fd8fb2233656f0cf971d43f1a9f1e14b42d1dbadbe8f5c

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58056a.TMP
                                                                          Filesize

                                                                          874B

                                                                          MD5

                                                                          2b60994dcc573daf6f0b7a807f1dd351

                                                                          SHA1

                                                                          9b9ed19737e8a03079fc59d38df4758ea3b8f986

                                                                          SHA256

                                                                          86441395123eae88eeef91629c0d65db58c6f8f05a7a0fbde8c7eec47aa3c736

                                                                          SHA512

                                                                          20ee120094e19086928bd22c3b8575e251b2ff52e87385bae1ab22d7a8455a8ede7f40cb5606f9a04108c998f0a41244114c22eed4630e03a79a9a84bcc77463

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                          Filesize

                                                                          16B

                                                                          MD5

                                                                          6752a1d65b201c13b62ea44016eb221f

                                                                          SHA1

                                                                          58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                          SHA256

                                                                          0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                          SHA512

                                                                          9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                          Filesize

                                                                          10KB

                                                                          MD5

                                                                          fdb7025e2dca541b5623b68f1ca4db61

                                                                          SHA1

                                                                          ed1e5f9316fea05d1452ae13537444d9130e02b9

                                                                          SHA256

                                                                          f32a003de12654ec33a83c2784ccba4c26f6290784e88dbc944d823614ef98fb

                                                                          SHA512

                                                                          888f0d3b90d1b849210d0b005716eba426879532d5e2c6187654680d814182ca0fb9ea59823a44eadc5ec67ef15bc290f737d5e8102c8ae403a10c729721bbf1

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                          Filesize

                                                                          11KB

                                                                          MD5

                                                                          7d3438dad57dd5f45f994ddc7c679e22

                                                                          SHA1

                                                                          16e8bdeb1924e13fa92640081b82039ea90b7c08

                                                                          SHA256

                                                                          d58142a98eceb20ae7930cfcf51320a63150fa18e0675f2d718de954c0144c59

                                                                          SHA512

                                                                          126b17696312afaba8efccc4bf1598830bbcd7436dee457cad0e538cd0007ff4541c6d70de1260aef029affe5f690b18d57443fd77a24aa21b9d401220b00296

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                          Filesize

                                                                          11KB

                                                                          MD5

                                                                          a817e7c4326cea316f33a8845c9034ac

                                                                          SHA1

                                                                          898e2512817a59da87abc0c974696be6f0df9daf

                                                                          SHA256

                                                                          3dc666bf8c15595edb0c5dd1d35a904cb790a375936893361f435e84a77993ab

                                                                          SHA512

                                                                          817d7f9b56814fb160841b761386c66c5d22d956b680704db0fc8024b2a9c5e34f52c38c2957511e84d58a8a942fe81b002116adc04fff1f2b1e11b6e216e3f3

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                          Filesize

                                                                          11KB

                                                                          MD5

                                                                          8f37a3c279b965f9af3c246d69f4a59a

                                                                          SHA1

                                                                          728e216718d96288313d3e2b81bf55b6c5fc6730

                                                                          SHA256

                                                                          1a8debc81337d966f4f2c94a145c56cb1180cb091863793382622ba3ddaa48fc

                                                                          SHA512

                                                                          8f5225dd42ca3099fb81befd8654fcbbcf9c63bb352b488b518331c17711f5ae0d482000fd1055b94b17a5db38c4ab0c076e6d62187c6214ddb5e6b8dfca1cec

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-studio\b69eb474a8542d9a80ee416b81b90593
                                                                          Filesize

                                                                          7.3MB

                                                                          MD5

                                                                          b69eb474a8542d9a80ee416b81b90593

                                                                          SHA1

                                                                          9d156ab2187e37953bc482e6caad85afdb5b6c49

                                                                          SHA256

                                                                          58b35665b82ef1fbab76b291ec26d83868430083799f402304541ef54755f522

                                                                          SHA512

                                                                          3a50f7567d05e013919e45d8de651b1e32608406b7f8a4e88dd2e147ddb0de55ba6375a40faba241bb8c8a20c02ee31d62e7294bd87d9990129b678560a748b6

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\OTAPlugins\Downloaded\OTAData.json
                                                                          Filesize

                                                                          29B

                                                                          MD5

                                                                          7a39cae24c1d13e38fd10bcef98c80ce

                                                                          SHA1

                                                                          58d8a40b4d16215399749b563ba610c5cd3e4159

                                                                          SHA256

                                                                          72de5cd3124d642aafeb64a4562c31204bb506a5c4fe37de302849aef41f0d40

                                                                          SHA512

                                                                          8f51f5fe9890099039ef275e5148299a87bcbbc1a9aab5c279105b96efd795ef445803b4422060964b3b010c180c9b4526c82f84433669e4e365812f9642c80e

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad\metadata
                                                                          Filesize

                                                                          16B

                                                                          MD5

                                                                          654bd5e4184fe762c1e7ef5509bcee31

                                                                          SHA1

                                                                          9d5421aa395061774ac7048317e4535747d88c26

                                                                          SHA256

                                                                          07a486481337b6b8670db113207cfe2547929490e12951ca9e59f21c549919cd

                                                                          SHA512

                                                                          e350b74488893ef1852171a97ae5811b7a7e37bb9da75ff5ed0c04163bad9592b6147bbed0f59c7b386dad27dd6228e5831066d6d55122c8194796fcc255f7de

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad\reports\af626e91-b64b-404e-bf65-ddece4933c18.dmp
                                                                          Filesize

                                                                          7.6MB

                                                                          MD5

                                                                          70d62b153b10accb3729f520ae2632e1

                                                                          SHA1

                                                                          bed7e3e1981864565114fd9ad95c7cd2ab43105d

                                                                          SHA256

                                                                          ee86d30154b7de5125ebf117f47f1146371230056be5ce2ea931080a4a3877a6

                                                                          SHA512

                                                                          f15ece1f8bf7dc502ca23c5347b363972d3255fb3b2c0021cade0c443db99e8ef7e47d19355ff3717cc7583376547f9698e58ebf4f65ab3e1618956afa45184e

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad\settings.dat
                                                                          Filesize

                                                                          280B

                                                                          MD5

                                                                          2d9e54e05636328f7b958ad4c8e9cb07

                                                                          SHA1

                                                                          c1a9e740c7ae7dd811fbb462c143f802cb3a4e65

                                                                          SHA256

                                                                          8d6c53898ab98472e031a605b10ab8262520249bb091081b5505eb0aa05a0fff

                                                                          SHA512

                                                                          9fd764221709b78d98f8d37a8118e69d5a79f3c5331d93b81a44ad46593d8f35fe39749802abd3f3f4206a767ed822e5efa6844da33fddbaea38f672f675068c

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index
                                                                          Filesize

                                                                          1KB

                                                                          MD5

                                                                          988c51766e1a4d8f1ad2c06c6bac361c

                                                                          SHA1

                                                                          3175dd503b5fae67aaed50c1b32f727929b372c2

                                                                          SHA256

                                                                          d26144dbf02a2a095ab3639a4916f5169cd6976392ff444394621d4c7b2c1c7e

                                                                          SHA512

                                                                          139472b572a9d2a56fafa3ce4bca889b4ebd69bbc41fef51c521a49e5db8e2201eba9906caa53afccb1190984a1c17a2fa27d315beac92d232619e5822d29867

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index~RFe5c5d0c.TMP
                                                                          Filesize

                                                                          48B

                                                                          MD5

                                                                          446240e6a94c8212e30318cf9dafa30d

                                                                          SHA1

                                                                          d6f19bd12339839facce5346bd32a00028f1199e

                                                                          SHA256

                                                                          630a8792dc6f82c4b566e19577496db0e8563933a1cf9de1354834a694cf270f

                                                                          SHA512

                                                                          9e12c7171e93393ed284b60cfa25645a5d2944796efa3dc470a5153dcbbf0016517bf3548d69ce91df4cd30047ff6a392f1cc5dbbedc70f4454af0edf078f819

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Extension Scripts\MANIFEST-000001
                                                                          Filesize

                                                                          41B

                                                                          MD5

                                                                          5af87dfd673ba2115e2fcf5cfdb727ab

                                                                          SHA1

                                                                          d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                          SHA256

                                                                          f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                          SHA512

                                                                          de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State
                                                                          Filesize

                                                                          59B

                                                                          MD5

                                                                          2800881c775077e1c4b6e06bf4676de4

                                                                          SHA1

                                                                          2873631068c8b3b9495638c865915be822442c8b

                                                                          SHA256

                                                                          226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974

                                                                          SHA512

                                                                          e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State~RFe5c166e.TMP
                                                                          Filesize

                                                                          59B

                                                                          MD5

                                                                          78bfcecb05ed1904edce3b60cb5c7e62

                                                                          SHA1

                                                                          bf77a7461de9d41d12aa88fba056ba758793d9ce

                                                                          SHA256

                                                                          c257f929cff0e4380bf08d9f36f310753f7b1ccb5cb2ab811b52760dd8cb9572

                                                                          SHA512

                                                                          2420dff6eb853f5e1856cdab99561a896ea0743fcff3e04b37cb87eddf063770608a30c6ffb0319e5d353b0132c5f8135b7082488e425666b2c22b753a6a4d73

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\SCT Auditing Pending Reports
                                                                          Filesize

                                                                          2B

                                                                          MD5

                                                                          d751713988987e9331980363e24189ce

                                                                          SHA1

                                                                          97d170e1550eee4afc0af065b78cda302a97674c

                                                                          SHA256

                                                                          4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                          SHA512

                                                                          b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity
                                                                          Filesize

                                                                          1KB

                                                                          MD5

                                                                          6c4d7891e2e56c2c1486de739fa5e61b

                                                                          SHA1

                                                                          9df3cbfdadae739b58a436459de651d62fb35e82

                                                                          SHA256

                                                                          1c49fb82ccb97011d72faa0e263072ca48d112681ed1afe307694cd99be9ed32

                                                                          SHA512

                                                                          142cc68d2940b4a82374ca9055bb06e9950467430432881cecfe37a263a59ad2c5e38c58ec8a0048857c928f156322eeb356efd6732fe593e9c8092fc8b88684

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity
                                                                          Filesize

                                                                          1KB

                                                                          MD5

                                                                          520ca21c5380b688200a5f9334040ad7

                                                                          SHA1

                                                                          54294daa07009033c1e4a7381de087ae36c2e8cf

                                                                          SHA256

                                                                          a5f19e1b02917c8647ad1feb9a27fe1daf1e4cb362a63d3cc23fc38e077970c7

                                                                          SHA512

                                                                          cd31c107291ba894ad064c0e30f779fde8d240e97fb6437cd7f1bf669ef79ca6eec2a679d19b7379c6bca2aab53bbf14202ebf78443970f48e1d3582a6e53ec6

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity
                                                                          Filesize

                                                                          1KB

                                                                          MD5

                                                                          d66f24318e79098f81a8029db5e8ba0c

                                                                          SHA1

                                                                          8d5f94322ced433af4fa222aae519f968ce9b931

                                                                          SHA256

                                                                          856cff96c0036b85c27a81ffbc811273b742b80784eda347f698960d468ee4a4

                                                                          SHA512

                                                                          3c55bd908926c5e7d39f82f34c8f4c05810daedeab8071ed2962e0be2be8947e290dbd49593a00ed6c14ca5527543fa9a53e9f23bce9249e412fedaa2c43b5c6

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity
                                                                          Filesize

                                                                          1KB

                                                                          MD5

                                                                          a2bb2d1f4ae64321ca921d188519e9eb

                                                                          SHA1

                                                                          bf85f84bc36698276a0d52b301f9f488173d0c82

                                                                          SHA256

                                                                          e30d4bccc3f7513748bad72e96954200187906cff506b4a1316167274f4257b5

                                                                          SHA512

                                                                          b732d25e5df53f06bda610fe4672d3890531fe3942641a4df3a42c309c5651be52f3476492b59fd824d38018286750a9296462dd584ddb8a522cdc133d2727d2

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity~RFe5c1545.TMP
                                                                          Filesize

                                                                          692B

                                                                          MD5

                                                                          ce5634d3c640d4dcb9476a66b7202117

                                                                          SHA1

                                                                          e6165fa1c0f9dbe59e5ce188da4289c823f88bdb

                                                                          SHA256

                                                                          f10ccdcb74eb73ed8729e56939f3ba2a6f5d0615ef62be754f50adcb90e610ae

                                                                          SHA512

                                                                          0281772d58dd0f7b616df03f7c5fe66aad35b6263c5a5d6df71edb5f3ce79d856cefd9c76131a5a57fd8a31ad7d102a182151407220818cd3ca4647a9adf8116

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          21651e59bd46ff0741c5fc75d1f1e528

                                                                          SHA1

                                                                          1180ae4b48344046cc6c4152c2ff6162dd81f024

                                                                          SHA256

                                                                          dcc2b58dc5c908220540dd36c2c7fb5d2f96e352066cc2e22c3d2e36e5f77a08

                                                                          SHA512

                                                                          98d1c736f1501af65409f5b4b89c2be9793b34c39e93300e52de2955cc0faf6c7e2e1aa638066d4f49ff787367f3d265949c313635382135ef601f1971276f89

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences~RFe5c19aa.TMP
                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          bce6f18c9a1398361adc7c704d332635

                                                                          SHA1

                                                                          ce269c8da6b483b264265adc8110f2eb9d7eb3bb

                                                                          SHA256

                                                                          360bf2fbb1ac78294691a847504f24878a8e19b98737bf3326bbd67501498fa5

                                                                          SHA512

                                                                          82e0170b457f2401e38913dceed92ebd186d2157df3a858422822569b0c93cde8c91ad3af28f42010c39e494d6e62a1be8de4d69efb7d27084ac0b62172fdb16

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_0
                                                                          Filesize

                                                                          8KB

                                                                          MD5

                                                                          cf89d16bb9107c631daabf0c0ee58efb

                                                                          SHA1

                                                                          3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

                                                                          SHA256

                                                                          d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

                                                                          SHA512

                                                                          8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_1
                                                                          Filesize

                                                                          264KB

                                                                          MD5

                                                                          d0d388f3865d0523e451d6ba0be34cc4

                                                                          SHA1

                                                                          8571c6a52aacc2747c048e3419e5657b74612995

                                                                          SHA256

                                                                          902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b

                                                                          SHA512

                                                                          376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_2
                                                                          Filesize

                                                                          8KB

                                                                          MD5

                                                                          0962291d6d367570bee5454721c17e11

                                                                          SHA1

                                                                          59d10a893ef321a706a9255176761366115bedcb

                                                                          SHA256

                                                                          ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

                                                                          SHA512

                                                                          f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_3
                                                                          Filesize

                                                                          8KB

                                                                          MD5

                                                                          41876349cb12d6db992f1309f22df3f0

                                                                          SHA1

                                                                          5cf26b3420fc0302cd0a71e8d029739b8765be27

                                                                          SHA256

                                                                          e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

                                                                          SHA512

                                                                          e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
                                                                          Filesize

                                                                          1KB

                                                                          MD5

                                                                          74fe876d65322cf15702459b7ab63ad8

                                                                          SHA1

                                                                          d57aee9a40642f62b662339d95df472694aa127e

                                                                          SHA256

                                                                          b87ccdbb55bcde0e23d1e5af06e25c4dff8fb01b98c268402fba2fec07ae3366

                                                                          SHA512

                                                                          6387fd4141ec7d8ab6b57a8786466e1673548f3e6150902d8d33363e76d704131eb4007280074a8875880e6c81ae84712ff25756e8e0339faab88d49f7a30624

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
                                                                          Filesize

                                                                          2KB

                                                                          MD5

                                                                          90e7f02c38aea3d81ecf66448e3c2a2c

                                                                          SHA1

                                                                          559dc344e137ca24c197a9b7c4cb005d7b331c11

                                                                          SHA256

                                                                          103c16803f9eeeb5c87faea36f0aefdc8c1f8805cd6dca2cd8c8dd0736044614

                                                                          SHA512

                                                                          b7881c0f6a4fdfad58c08ee062285b3b4fbaf979727e22c1a3c22c279041cceb4e0093c09929db3eb69c36ca431265a2e5178e70de33feddcc45908b90fbf6cb

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
                                                                          Filesize

                                                                          3KB

                                                                          MD5

                                                                          9a401cd1d90271b256c5928d4f1e316e

                                                                          SHA1

                                                                          248817086af603de6c9a4c7b2ac5f705d21b93a4

                                                                          SHA256

                                                                          75b786466c19f5436b5eb6a41b57225d67277443a49680705bafc4ca6b8b5022

                                                                          SHA512

                                                                          c5845d03fd2ec8e2768860f54b657688308df0bd5f8d94e90ce3aea3c7eb033d85ff00f60d4da2c19599c23b4b8478c368dc45b10d1f56187175cd3eb8cc48b9

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
                                                                          Filesize

                                                                          3KB

                                                                          MD5

                                                                          a4d72763a4da37789e5a4123ed5f50bc

                                                                          SHA1

                                                                          3508660ac0d7fa3ddf503a1fa2533319c26ef69e

                                                                          SHA256

                                                                          fb7939116f8a64cae90c3bb4fd2535d75ca1da3b48d27a8525f69ad38aa72c8c

                                                                          SHA512

                                                                          127f832ade58f7041be37cfec64761bcfc5bfe130211b5e345b11e8b1cabe13f8ddc41a967647b7ec3d64d69075ae2f44393f6aac8ed1056731dacd2925f26a5

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
                                                                          Filesize

                                                                          16KB

                                                                          MD5

                                                                          10306d4c39aa470d8c9588f4b5daf6a0

                                                                          SHA1

                                                                          335c556313d5ff070ce90725e0d986b46bd60373

                                                                          SHA256

                                                                          909ea880c7a1cf85c5bdb069f81cea8275a17fc63d6ef38e208efbd092054998

                                                                          SHA512

                                                                          3467a634a265fca3be8584e477a17edceb8d8f0a88d63812f5d0ea77ee547605000d175bb6602b3f7f324e6f847a63e5463a7b592ad95e83d26325a96f196988

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
                                                                          Filesize

                                                                          16KB

                                                                          MD5

                                                                          efd7290b04d44ca4ee3d7df595e1b315

                                                                          SHA1

                                                                          891ec67c210672e0d93ec31c8904a5c819cb8723

                                                                          SHA256

                                                                          a566547135f3e0864306b8cfd927ef53cd3b5d407c99575cd06d9b08a6cdab0b

                                                                          SHA512

                                                                          fbfedbe0d2b37cc9fbd9571eb7283abcea7a5ad57d9a1050accf890c093fe00e45df9e10d797f60fca89e8cab010347fcd1b6abac42dc61f0cb56604ec907735

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State~RFe5bbbab.TMP
                                                                          Filesize

                                                                          1KB

                                                                          MD5

                                                                          869b48107106ce7841b13a60a64a7322

                                                                          SHA1

                                                                          6671839b199c44d96a311a780a741c1550b9eb85

                                                                          SHA256

                                                                          8f6b407831129a96de632d0e46e601737bb9887de21f50d127d43c6cd31402f1

                                                                          SHA512

                                                                          b099876970a223a98fea6cfb26fb4887fceb25f03d3fa359d4db3d6585c36d6e2a70172b53b1194346096a0a3394752131343130898ab42e6397324204c6a2b5

                                                                          Download Submit

                                                                        • C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
                                                                          Filesize

                                                                          2B

                                                                          MD5

                                                                          f3b25701fe362ec84616a93a45ce9998

                                                                          SHA1

                                                                          d62636d8caec13f04e28442a0a6fa1afeb024bbb

                                                                          SHA256

                                                                          b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

                                                                          SHA512

                                                                          98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

                                                                          Download Submit

                                                                        • C:\Users\Admin\Downloads\RobloxStudioInstaller.exe
                                                                          Filesize

                                                                          7.1MB

                                                                          MD5

                                                                          e577d441afe20df31cc18ff84f607ee6

                                                                          SHA1

                                                                          68bce38c9f919f5a5b0e8de87c70cc0e377032bb

                                                                          SHA256

                                                                          adeda7d3636b45f5f4e5012fe8a43cf323de8a3f119961d3367e6a426916b45c

                                                                          SHA512

                                                                          f0debbe13fd22f2131f852f2156425f2b50e052be8b221059bd236fdd91e922fb908939d56c03e538a73b71a94628421827ef53d5bdcc06e71a8959f41222a8d

                                                                          Download Submit

                                                                        • C:\Users\Admin\Videos\Captures\desktop.ini
                                                                          Filesize

                                                                          190B

                                                                          MD5

                                                                          b0d27eaec71f1cd73b015f5ceeb15f9d

                                                                          SHA1

                                                                          62264f8b5c2f5034a1e4143df6e8c787165fbc2f

                                                                          SHA256

                                                                          86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2

                                                                          SHA512

                                                                          7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c

                                                                          Download Submit

                                                                        • memory/1480-2000-0x00007FFC0F810000-0x00007FFC0F811000-memory.dmp

                                                                          Filesize

                                                                          4KB

                                                                          Download

                                                                        • memory/2696-1955-0x00007FFC0F810000-0x00007FFC0F811000-memory.dmp

                                                                          Filesize

                                                                          4KB

                                                                          Download

                                                                        • memory/4388-2742-0x00007FFBEFBD0000-0x00007FFBEFFD2000-memory.dmp

                                                                          Filesize

                                                                          4.0MB

                                                                          Download

                                                                        • memory/4388-2741-0x00007FFBEDAC0000-0x00007FFBEE00C000-memory.dmp

                                                                          Filesize

                                                                          5.3MB

                                                                          Download

                                                                        • memory/5968-1706-0x0000000073570000-0x0000000073780000-memory.dmp

                                                                          Filesize

                                                                          2.1MB

                                                                          Download

                                                                        • memory/5968-1810-0x0000000000A70000-0x0000000000AA5000-memory.dmp

                                                                          Filesize

                                                                          212KB

                                                                          Download

                                                                        • memory/5968-1730-0x0000000073570000-0x0000000073780000-memory.dmp

                                                                          Filesize

                                                                          2.1MB

                                                                          Download

                                                                        • memory/5968-1705-0x0000000000A70000-0x0000000000AA5000-memory.dmp

                                                                          Filesize

                                                                          212KB

                                                                          Download

                                                                        • memory/6048-1815-0x00007FFBEFBD0000-0x00007FFBEFFD2000-memory.dmp

                                                                          Filesize

                                                                          4.0MB

                                                                          Download

                                                                        • memory/6048-1818-0x00007FFBEFBD0000-0x00007FFBEFFD2000-memory.dmp

                                                                          Filesize

                                                                          4.0MB

                                                                          Download

                                                                        • memory/6048-1816-0x00007FFBEDAC0000-0x00007FFBEE00C000-memory.dmp

                                                                          Filesize

                                                                          5.3MB

                                                                          Download

                                                                        • memory/6048-2050-0x0000024CD15E0000-0x0000024CD19E0000-memory.dmp

                                                                          Filesize

                                                                          4.0MB

                                                                          Download

                                                                        • memory/6048-1817-0x00007FF6B6BD0000-0x00007FF6B7BD0000-memory.dmp

                                                                          Filesize

                                                                          16.0MB

                                                                          Download

                                                                        • memory/6124-1957-0x00007FFC0EFB0000-0x00007FFC0EFB1000-memory.dmp

                                                                          Filesize

                                                                          4KB

                                                                          Download

                                                                        • memory/6124-1956-0x00007FFC0FD90000-0x00007FFC0FD91000-memory.dmp

                                                                          Filesize

                                                                          4KB

                                                                          Download