Analysis Overview
Threat Level: Known bad
The file https://is.gd/2xaVRQ was found to be: Known bad.
Malicious Activity Summary
Legitimate hosting services abused for malware hosting/C2
Browser Information Discovery
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious behavior: EnumeratesProcesses
Modifies registry class
Enumerates system info in registry
Modifies data under HKEY_USERS
Opens file in notepad (likely ransom note)
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-12-14 21:32
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-12-14 21:32
Reported
2024-12-14 21:42
Platform
win10v2004-20241007-en
Max time kernel
582s
Max time network
583s
Command Line
Signatures
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133786857890088672" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 = 14001f50e04fd020ea3a6910a2d808002b30309d0000 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\SniffedFolderType = "Documents" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\SniffedFolderType = "Downloads" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\MRUListEx = ffffffff | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 = 14002e8005398e082303024b98265d99428e115f0000 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\KnownFolderDerivedFolderType = "{885A186E-A440-4ADA-812B-DB871B942259}" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\NodeSlot = "1" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2878641211-696417878-3864914810-1000\{3D3D5AFF-0627-475D-BA05-DFA93CD302C2} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 00000000ffffffff | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://is.gd/2xaVRQ
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xd8,0x100,0x104,0xe4,0x108,0x7ffe06a046f8,0x7ffe06a04708,0x7ffe06a04718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5668 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5668 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5852 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5076 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5244 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6140 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1872 /prefetch:1
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\txt.txt
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffdf5b1cc40,0x7ffdf5b1cc4c,0x7ffdf5b1cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2320,i,836445390243172865,4601510369864753262,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2316 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1924,i,836445390243172865,4601510369864753262,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2548 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2028,i,836445390243172865,4601510369864753262,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2652 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3184,i,836445390243172865,4601510369864753262,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3196 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3432,i,836445390243172865,4601510369864753262,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3436 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4588,i,836445390243172865,4601510369864753262,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4600 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4468,i,836445390243172865,4601510369864753262,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4740 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4784,i,836445390243172865,4601510369864753262,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4916 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4632,i,836445390243172865,4601510369864753262,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4652 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3900,i,836445390243172865,4601510369864753262,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4648 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1460 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3584,i,836445390243172865,4601510369864753262,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4640 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5416 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6596 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,3717176118458483749,6195570518512861229,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6856 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4b0 0x3c4
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | is.gd | udp |
| US | 104.25.233.53:443 | is.gd | tcp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.r.oblox.cc | udp |
| DE | 5.252.33.158:443 | www.r.oblox.cc | tcp |
| DE | 5.252.33.158:443 | www.r.oblox.cc | tcp |
| US | 8.8.8.8:53 | 53.233.25.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | inju.cc | udp |
| DE | 108.138.7.124:443 | static.rbxcdn.com | tcp |
| DE | 108.138.7.124:443 | static.rbxcdn.com | tcp |
| GB | 2.22.144.104:443 | css.rbxcdn.com | tcp |
| GB | 2.22.144.104:443 | css.rbxcdn.com | tcp |
| GB | 2.22.144.104:443 | css.rbxcdn.com | tcp |
| GB | 2.22.144.104:443 | css.rbxcdn.com | tcp |
| GB | 2.22.144.104:443 | css.rbxcdn.com | tcp |
| GB | 2.22.144.104:443 | css.rbxcdn.com | tcp |
| DE | 5.252.33.158:443 | inju.cc | tcp |
| US | 205.234.175.102:443 | js.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | js.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | js.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | js.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | js.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | js.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| DE | 18.66.147.56:80 | crt.rootg2.amazontrust.com | tcp |
| DE | 18.66.147.56:80 | crt.rootg2.amazontrust.com | tcp |
| US | 8.8.8.8:53 | 158.33.252.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.175.234.205.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.7.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.66.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.147.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| NL | 128.116.21.3:443 | roblox.com | tcp |
| GB | 2.22.144.104:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| US | 8.8.8.8:53 | t5.rbxcdn.com | udp |
| DE | 52.222.214.64:443 | t5.rbxcdn.com | tcp |
| DE | 18.66.112.47:443 | images.rbxcdn.com | tcp |
| DE | 18.66.112.47:443 | images.rbxcdn.com | tcp |
| DE | 18.66.112.47:443 | images.rbxcdn.com | tcp |
| DE | 18.66.112.47:443 | images.rbxcdn.com | tcp |
| US | 2.21.72.78:443 | tr.rbxcdn.com | tcp |
| US | 2.21.72.78:443 | tr.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| DE | 5.252.33.158:443 | inju.cc | tcp |
| GB | 128.116.119.4:443 | metrics.roblox.com | tcp |
| US | 8.8.8.8:53 | ncs.roblox.com | udp |
| GB | 128.116.119.4:443 | ncs.roblox.com | tcp |
| US | 8.8.8.8:53 | 3.21.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.214.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.72.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.112.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | privatemessages.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | accountsettings.roblox.com | udp |
| US | 8.8.8.8:53 | trades.roblox.com | udp |
| US | 8.8.8.8:53 | lms.roblox.com | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.72.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.49.80.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assetgame.r.oblox.cc | udp |
| US | 8.8.8.8:53 | assetgame.r.oblox.cc | udp |
| US | 8.8.8.8:53 | assetgame.r.oblox.cc | udp |
| US | 8.8.8.8:53 | assetgame.r.oblox.cc | udp |
| US | 8.8.8.8:53 | assetgame.r.oblox.cc | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | devtools.azureedge.net | udp |
| US | 13.107.246.64:443 | devtools.azureedge.net | tcp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | assetgame.r.oblox.cc | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | www.google.com | udp |
| FR | 172.217.20.164:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 67.179.250.142.in-addr.arpa | udp |
| FR | 172.217.20.164:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 202.18.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gofile.io | udp |
| FR | 45.112.123.126:443 | gofile.io | tcp |
| FR | 45.112.123.126:443 | gofile.io | tcp |
| US | 8.8.8.8:53 | 126.123.112.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s.gofile.io | udp |
| US | 8.8.8.8:53 | api.gofile.io | udp |
| FR | 51.75.242.210:443 | s.gofile.io | tcp |
| FR | 45.112.123.126:443 | api.gofile.io | tcp |
| FR | 51.75.242.210:443 | s.gofile.io | tcp |
| US | 8.8.8.8:53 | 210.242.75.51.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| FR | 172.217.20.206:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 206.20.217.172.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | store10.gofile.io | udp |
| FR | 31.14.70.252:443 | store10.gofile.io | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 252.70.14.31.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | assetgame.r.oblox.cc | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | inju.cc | udp |
| US | 8.8.8.8:53 | 169.253.116.51.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | assetgame.r.oblox.cc | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.195:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 2.22.251.63:443 | www.bing.com | tcp |
| US | 2.22.251.63:443 | www.bing.com | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | 63.251.22.2.in-addr.arpa | udp |
| DE | 5.252.33.158:80 | inju.cc | tcp |
| DE | 5.252.33.158:80 | inju.cc | tcp |
| US | 8.8.8.8:53 | discord.gg | udp |
| US | 162.159.133.234:443 | discord.gg | tcp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.138.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | 234.133.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.138.159.162.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.135.233:443 | cdn.discordapp.com | tcp |
| US | 8.8.8.8:53 | 233.135.159.162.in-addr.arpa | udp |
| N/A | 127.0.0.1:6463 | tcp | |
| N/A | 127.0.0.1:6464 | tcp | |
| N/A | 127.0.0.1:6465 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:6466 | tcp | |
| N/A | 127.0.0.1:6467 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:6468 | tcp | |
| N/A | 127.0.0.1:6469 | tcp | |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js.hcaptcha.com | udp |
| US | 104.19.230.21:443 | js.hcaptcha.com | tcp |
| US | 8.8.8.8:53 | newassets.hcaptcha.com | udp |
| US | 8.8.8.8:53 | api.hcaptcha.com | udp |
| US | 8.8.8.8:53 | 21.230.19.104.in-addr.arpa | udp |
| N/A | 127.0.0.1:6470 | tcp | |
| US | 104.19.229.21:443 | api.hcaptcha.com | tcp |
| N/A | 127.0.0.1:6471 | tcp | |
| US | 8.8.8.8:53 | imgs3.hcaptcha.com | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | 21.229.19.104.in-addr.arpa | udp |
| N/A | 127.0.0.1:6472 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | api2.hcaptcha.com | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | gateway.discord.gg | udp |
| US | 162.159.133.234:443 | gateway.discord.gg | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | status.discord.com | udp |
| US | 162.159.137.232:443 | status.discord.com | tcp |
| US | 8.8.8.8:53 | media.discordapp.net | udp |
| US | 8.8.8.8:53 | 232.137.159.162.in-addr.arpa | udp |
| US | 162.159.133.232:443 | media.discordapp.net | tcp |
| US | 8.8.8.8:53 | 232.133.159.162.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 162.159.135.233:443 | cdn.discordapp.com | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| GB | 142.250.187.195:443 | beacons.gcp.gvt2.com | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 34d2c4f40f47672ecdf6f66fea242f4a |
| SHA1 | 4bcad62542aeb44cae38a907d8b5a8604115ada2 |
| SHA256 | b214e3affb02a2ea4469a8bbdfa8a179e7cc57cababd83b4bafae9cdbe23fa33 |
| SHA512 | 50fba54ec95d694211a005d0e3e6cf5b5677efa16989cbf854207a1a67e3a139f32b757c6f2ce824a48f621440b93fde60ad1dc790fcec4b76edddd0d92a75d6 |
\??\pipe\LOCAL\crashpad_1560_PFLVBDFQNWCUSPZQ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 8749e21d9d0a17dac32d5aa2027f7a75 |
| SHA1 | a5d555f8b035c7938a4a864e89218c0402ab7cde |
| SHA256 | 915193bd331ee9ea7c750398a37fbb552b8c5a1d90edec6293688296bda6f304 |
| SHA512 | c645a41180ed01e854f197868283f9b40620dbbc813a1c122f6870db574ebc1c4917da4d320bdfd1cc67f23303a2c6d74e4f36dd9d3ffcfa92d3dfca3b7ca31a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 39c9a76f74dc81e8e909bc49815a5705 |
| SHA1 | ece8f39dd81c18f17c726a4fc2e49eeb3c1df07b |
| SHA256 | a5aab0d770bfc36a61bd4d146a83ec8da5be226d3d12249d5d009f291fa0f2ad |
| SHA512 | a7b18c562325e282384de9248542e571f6a43a501ac010e8111a8ac1e376d860b0193fd0cfd5dc8facc597f9532763e3302710ee146d597cba33dd015b638c87 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ff4d0a2bdd48197c4b87b64e6686f873 |
| SHA1 | f5692976013031494fdfa2564053a138fecafa48 |
| SHA256 | f726b43fbbc57a7796edb6b98570f65f68f9233ce0740b1efe116d7359837767 |
| SHA512 | af7ff916ed44166a45b8390ef693bc4ea7eeaac195a48e424974d6f39e761359fdbd06e94325adb5436152193a817d39ff806cd11c9cdac32d3f411ccab4e89d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c0abad86208253a38915dbe080d5aef5 |
| SHA1 | 404b21ae86477fe05afea1d9c94d295d634d64c9 |
| SHA256 | c2bf6f35bb4caafe1ee379a2a8e679b5c183eeef16ae0c0334d191095f393cc0 |
| SHA512 | c957a58ad93404be55cb6f5494510c5b6e91a2c854367dfe0fe12e98a1cd795bc40765e6504e8557837188bb2c2b81857b6c21034ca6d4c64fd1ecba55e32939 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5835d0.TMP
| MD5 | 9c9b9800b086c7caf504236e3ba8e8ca |
| SHA1 | a035cdae1caaec911c6d874d7041c112520efede |
| SHA256 | 3b220a821f85e7c808f57407d078771ec11abd8bf3423871e894481df8af00c6 |
| SHA512 | 6ab5f2a12395842825f0eaaf8ca370be55681e47c0d612ecd2266b61cf6fd1a3d5e9d7f6c3471f85d105cd13dc8667645453628edeab0c9a253d8121f811aa7f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\a36981ac-86e1-4cc2-beb6-fc6ecd2d146b.tmp
| MD5 | f8624b7724c93fcd7fac44ccc44fc4dd |
| SHA1 | f35a0a7e0323aa47e0e5fb52c6e328cd74a7187d |
| SHA256 | f37a3e442d66f6571e656c580ccd932225644e63a21dd96ce8efec699b55a094 |
| SHA512 | 1038a364ea0f24f9133eabdacc5f48fcf240316076744c49ec97a2272f157bdb6670caded8e15d68eb72bd437ff44d877642aeff2edbcff41f88bffa024aeeb9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ffa520763af8a40afbdf6228a34a7c22 |
| SHA1 | 231a1cd6529c07dcd926294c69bea051997913f6 |
| SHA256 | 5d613fd230dec03b158284aca375501bf2c3c3e900c4850e21486a9a8e00a8a0 |
| SHA512 | 6f9bb4357e221dac75aac15afee90dc8777e4790e76db81259d87d887f7a941b41c5c3ddd9e5a50fc51df503d44c3f215e476cce8cea20dbdbbaa7c4b4eb7954 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 43919582d24d49dad9d19b791e0560a7 |
| SHA1 | afc095a5193fd4889293f3cb52031793ddb37022 |
| SHA256 | 7b093c0739e458b678273beb8bd06fa2d72a967fd658874b8694e1bbaca5d4b5 |
| SHA512 | 029c519b60680eb2fd86af4bd6615c820444e9725d6113b931bfe49677d6a8bd83b612f70f068d671308172e5d5e8be4ed206e6beefff4e459cfb74a67b11519 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5940e8f9322ebb539fef354fff5e8b18 |
| SHA1 | 9e55fe36f5db8241db0fb15e0d7bf34cef527108 |
| SHA256 | 9ea0c20e51b9a0c5e7316a86c3536fb95896b0dad6a9fc5c3cdad1b9b68f5c29 |
| SHA512 | 7284fdc9bac7a9136ad4b18df59f7611a3068b39c41074005dc9bacf3fd8664628d4908457a244493a1da0c3f1327a15a8e7b7a69df4b4535483fe4f75d4e2a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8bc6b51e4b0325dcc8eebb9f819e6cde |
| SHA1 | 68428f8d7d2692c27b85070a899164ff5a2057a6 |
| SHA256 | 6619dddc27a4e2f22bab9aa30591f34dcd7a6591cdd638540f0175263ab43395 |
| SHA512 | b2deeea1cfdee840a6ad1e8461b8d7e05614de5879116462d9ccd285adb53a8484585eb0f1d4e41695862583b3d5d7513173512b253bd4cf0e9610f00f957d2b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | d4fe31e6a2aebc06b8d6e558c9141119 |
| SHA1 | bcdc4f0b431d4c8065a83bb736c56ff6494d0091 |
| SHA256 | c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec |
| SHA512 | 1cbe7641b8930163ed3ea348f573cad438b646ed64d60c1923e5b8664c3de9c2c21ba97994ec8d886f489e4d090772b010de72a1167547fb4f6a2d242d46aec1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | befd9c0fdfa3d8a645d5f95717ed6420 |
| SHA1 | c8b43436ab1659f32cc05625389f63e8047f90a8 |
| SHA256 | 94e5c823e72e71cc20f4bfa29b0434f2260040965d9d066c0e7cb5dc99ffd6c3 |
| SHA512 | 4d0b790db4323558a9eccadd1df116883b7044e0f7e4dfe120c2c98814e55ceb1bf4cde14e0f6af38541ef723571db0cdf35a2b3ee398af2d3031a9928df1d1f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 99e284dc7ae882b83530a26f823ea802 |
| SHA1 | 32dc890fe4b5bf65370d95c209747b811c1d1ed3 |
| SHA256 | 47bc08b431f4db4ccf814263d958f4b5ff943a766f8acd4efa7b6222f3d40fdb |
| SHA512 | addf069a10ce7164493dc3dde7008469d65d13d5ed0cdb1b4c9e171ccad1589f9a6b00c070cfc0fb0b2ccfbf72402e04ee18e2ed94628b58993113205aa7be48 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | 8dff9fa1c024d95a15d60ab639395548 |
| SHA1 | 9a2eb2a8704f481004cfc0e16885a70036d846d0 |
| SHA256 | bf97efc6d7605f65d682f61770fbce0a8bd66b68dac2fb084ec5ce28907fbbdb |
| SHA512 | 23dd9110887b1a9bbdbcc3ae58a9fe0b97b899ad55d9f517ff2386ea7aac481a718be54e6350f8ba29b391cc7b69808c7a7f18931758acce9fbf13b59cee3811 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2ec0a3b0ed49ad6aa075722729b213ac |
| SHA1 | 43a565721f88a22275ca8c66319cec49758d5b21 |
| SHA256 | 0336028982f16459d39864c3878eb30df7035f22ee221c57b711c62a28fcbddd |
| SHA512 | 38858e9a869b3ea6767f19487fbb0fb2703c8a6fb769cd71b74bc6e83d4f73572eee2063db06590adb4733fcc471f0420841edb6c106610ed1f8536856f2db8c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4dc02f002fc6f0dfd9a422ebbcc02659 |
| SHA1 | 1fd099f665b264b948dbecb62e6fd5186e5cc12e |
| SHA256 | 8cbec4b2b8a078b728376727d454ff3cde7fc88edb8193a2503030517ce38b05 |
| SHA512 | 154852f420b32076072ef213baa6db01681d7015a286dc8bfb81ee223f4727ba685ee99ff38e1ab36bcc4dbe9a1f662eeba87c347639179eb19295a3e75a86b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f09e359d0f65b33931038f94c1cc9110 |
| SHA1 | a553f7d25b958acf9c91090cc34a377a3c63d96c |
| SHA256 | 45a7c21af4da8287c9fd82f7e648774e6bcb22f354d3cd3bbc82e7e6b2a3051b |
| SHA512 | 35d03df50be0fc74659ab48e238478903ec14724c499a87936258187fabea9f13b5c76fbeb67c56bf176e385f27ebb1413c1331e7b9ba6e40dbd378802980c7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b3f5a3c32adba091cce07bfb04e91392 |
| SHA1 | 9f4df0dade0916aab56a4799083829c9f1d82cd0 |
| SHA256 | 88c652175686e0ef72351672d5373749632639404c51ab35dc5e955947c84603 |
| SHA512 | cf7e0101cc1463918cff250f8f5be5aa676d6d7f5e9b3292684cfe348cc26f9604ac498058b27398e7e6ce192adfc4464211b579815e6aa739d800fd3122cc9d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8874178f99596ab9c3216de875a81c3f |
| SHA1 | 13e2e708f94efa991e3053129c10fa1c3f55e502 |
| SHA256 | 53b1852dbd2471a3d6ae2733e5f8fc5a10079a01e12aee45d4834aaac3c52f7a |
| SHA512 | f39b5b3bd182c38dfbc214df7a4a4618975ec33e4d5acb6ce3021a3b7617de4eb923c52bc00b3dd233729ef305a47f50972183df995e5c66ecc94da89e94e4e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 614472a7e0fd310cf5a1dceb88d6b185 |
| SHA1 | 53e41e3fbc25fdc97615dc094484f7a798694cdd |
| SHA256 | 6360bc7ba8729178b4ea148169ff898ff257c4948c1ee18adb51ba7551c2587e |
| SHA512 | 855931e29857fb020710c5594b70315deb3c4260ce0cdc9b535f65db1aa901c386e2b0b9f6291fb9859ffca4ad0fb6bc12a9de8c08aee9b4ce847eced627b2d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c87873742b389bf072bdb8272cec4b22 |
| SHA1 | 2d2966cccaacff0c3baefa2e2434c398f4716a51 |
| SHA256 | 5877472148e984fb1caf8ac12b436393a9e585944b3226de4d35c393fc234dcb |
| SHA512 | 3b382d8b8e731564a48599eddf5e514ea9cea1be07b142e1ac23f7a76dd4008123981345488eb40c31c3aa04ffcec959c45f7d903f41e6f1e492215ce7bdd63d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ab0725dc9a3d0abfb968a6e8c63b84a6 |
| SHA1 | f70758a0af4b7aaf794b265c11b0586733ec55d2 |
| SHA256 | 9e19b4412db32abcb898bff501920b79412a230b783e4d94fdb6f84abc8a9b34 |
| SHA512 | 6d7eae3fab182c210f8a192bef515f42488cd867c7ac461d6e00a59042625709c904490da2e2a67f20e2d637a0dc4b2a8a8f5a063b23aa6324ffbdfdd907baa2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a
| MD5 | 110c1a39244f599a0d084355740faf4b |
| SHA1 | 887e0919401a33bae18836180fac8ee83212088c |
| SHA256 | c93980fd066753a9978e314a64d3d955cacaa14c9326b43cdf0e84c189a25d84 |
| SHA512 | 41c258914422460fb1b11ec6a580eb2a6934f38146e2d1ea75824642b36886f2a4e47e273670e3b875629aa86d91285b2220f9381b4707c4c792ae9d0b822e44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 03325fb4ceb13002b6a5c542a074893c |
| SHA1 | 5f84deb43c16b1067dbc5ab1f888cd32212a6922 |
| SHA256 | f416af919e92542c15d8bdcaadfc49feb0783e2f343162b7e0b8c73c58382bcd |
| SHA512 | 35416bb66e738ba1ff423d6a52a29f80cd1464cfd5d755df90219a2583e367a7bb13e088657f2e476a30fcc2d8fb434854b9233af139815af31dbebe743923c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7ec6ccde50d27f1504e1394762495575 |
| SHA1 | 163f0010f8c07e4ce341a91016a58234f9f774ca |
| SHA256 | cb08a5c326f6b837e3263b5764386d9c2a4731ceeeacf7167d3145cf6fd22360 |
| SHA512 | b0d5e9f3e1613e24629dff3961d2258dd534fd79f9ece7e2fd303f553a15052cb92614603ab7885647a5f5eaf7ce35d40bc0200346a7f5c8fdf5e1da3e54c2e4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.r.oblox.cc_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.r.oblox.cc_0.indexeddb.leveldb\LOG.old
| MD5 | 2a091e392097a2757de02f069373db12 |
| SHA1 | 59a7002007905a56483e56f44f6e44559b1ae8c4 |
| SHA256 | 1881ef322fb352e419f22416b0db5022d268dff8a9bac51cc7894cb1f41a1d32 |
| SHA512 | 736a71d193b19558a3f3819ae7473ca19fac6aa785cb13afd08a2e5fa71e9bd6d23d3e4f46807c9aaf17190b41888eea4cfd6c60838d32b4cb1696a40d2d1359 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.r.oblox.cc_0.indexeddb.leveldb\LOG.old~RFe5a5c79.TMP
| MD5 | 092477467d0bc6ea0d49aca824484117 |
| SHA1 | 4027388ca32f01a8e90b0d4b6ef220cb5d707338 |
| SHA256 | ca375f12ae313b4e5e97e128f5aef4220fda57b185df4ffbc6d11f22e879ee08 |
| SHA512 | 23064687a1f2989cc0240d12366e79bb207710e5b7dad8b290395ce1726ed1caaf604ee99d8492635e6dca308cf38db26e3e3373068706e437cac22f3e8e5f3a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.r.oblox.cc_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 74f752ced0b902d52b72134b3450cbcb |
| SHA1 | 860ac667267a263c07a98b84de2627eba371ebef |
| SHA256 | 05478ce604907f1243fae143c11ee499ba8fd6e643f88b15b5f1f9d240ad08eb |
| SHA512 | b16041aa044b32ac0b5658c8b740e0ca030f2b7041562473cc4770bb342399d8b6c2d64342d1b72aa78f6ca76a9586840a8274e98abed75a52bab4ab802e7661 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c65631fb56ad3f9cb29a586e1eca1421 |
| SHA1 | 2174ab096c5d22d539830480d0f110456e1af550 |
| SHA256 | c020e27e7156901cfa56ba8cd2aaca7ab27d3135ce714e2a28b3c1d6cb777cbe |
| SHA512 | 7a4b2dfc078579942b465a60bab6203c543ee028849f1a62f341bec02be0a0ccaa4a21410eaadfb3f365c0400750c94fb998d9324b41101be8367825eda02f55 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4238c7c7c264c30c136798d7bf3ab591 |
| SHA1 | 85e173ab785930f31c30873b9ee834f733857f9b |
| SHA256 | 5ecad45dece03bd74eba14d49e76f7df9aca0016df61054ca08380dbec31dd74 |
| SHA512 | a3d6a035c4ce1de41e27ebceba842594bac6d30da488c55dc86df68c97624ecd42050e8fb9bd8d69ebb1ec769e9dc1ece866aac96a4d8ba5157ee3abf6cb9283 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4f410be1594597e3db095270ef3b7e28 |
| SHA1 | 08ac4e3a8fe90c2a9c7d6839d0bf35efd5e81c85 |
| SHA256 | 60103129c17c2142906facaee9845b91dcabaf32ae4625ed526cc1328f1cc370 |
| SHA512 | b8839b2ce787532327950317de9d893025e42dc722b87cb3c6b80ea7e79f1a0cecda1ce26b6d9d818af5f450bdff0146f702eaf2a97f040f1ff83d17d3d91d58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6528a78715d3901cc6d5c92b3d2d595f |
| SHA1 | 7a3e218ab18918fc9992afdc95905b475eecfdb8 |
| SHA256 | 3b6242e250d33cfade2c22aa23ea29c90fee9efbd76829720d12b9d3ea631f3f |
| SHA512 | 3ab6e2ead1ab5180449a2bd6078337c72a1992f90dc61a4d41ed54e0e6208573c14bddb9e5bb1c534bde606e187dcfeac1de0798f448a181496412ab3e4fd959 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 575aaa13f74a9b082d9e61fcb9bd0299 |
| SHA1 | af04179eec4410a2dcda0906da1d2e2eea7be707 |
| SHA256 | f6d1d04770c030a80fa4770dec056d97b501152f4c97c5eeaa49f606b0588619 |
| SHA512 | a4ac101e76b30af5fc40739140310b897da96e550b5a4e4d39be8d13b20160d549d67f3e5f83cb526800e1d6e9672b6a3315e484d46f7146d0f1dfb7f603cbb1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | dab3cfa2c79276efadb61f6817793473 |
| SHA1 | fae6b53f72d765e1fcd0f83fd55eea60dd6676e8 |
| SHA256 | 43ea55bbbfdd6537392b842374473994b0d9a80bf5005afe4e7c774faaacf03f |
| SHA512 | c7bb85461298f56eb196b40c7fdec918d4cd4c4f42974d509eab1db30b05335ebc50fec46b4ab708dd47d559266a17eeb6aac90154a6021e8a86edaa4d6d9fed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 48f66acaf4809513e058e3b7a1d0e4e7 |
| SHA1 | 4cc2718121bec6da2488ca3547562d1b72b9e1ae |
| SHA256 | 66f6e5281223bcc2acae4855454a00dc340f5b0204da48b0e3c2822d5bfd1514 |
| SHA512 | 5d2740b45e3b39cd3637fa73080eb06ecdd6cb100e2dd66f0f3c679b8c20e479a35aedd270f07ab448b6f223e34f357d89f24579589bae4c735f6f8ec49741bd |
C:\Users\Admin\Desktop\txt.txt
| MD5 | c80ad4a93a2098cc0476dde230ec3159 |
| SHA1 | 84f63307d7786664b5d0a8c9aa49d45e6ea22a5f |
| SHA256 | 5592f7d2878d7c24d18fc9ae6857aadbed3c1e070ef47488644566fde343766b |
| SHA512 | 2b3e8ac46bef62fa863a54b96f0a1f40f2941e2918616f2b9f3d21b5fe7e92d2d1e6bdb9fdc8272a0392b1b00f43404b2380e7d64c2591df6164fc0fe32d6d18 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 696193ecf1cd8436461c2d49ed7cd284 |
| SHA1 | d88e0a7c2a19366fb5222d3b81cf0696adbca9df |
| SHA256 | 7c7a35183cc59f5f3644fa8231cfded03662977dfca47eb233042477bc86dccb |
| SHA512 | 91603b152738c2ce0568bc25efb902ee2ac180e045fc126b919725bf3c5abb549385523b6dc311e2f381b0b3f342d6c7df792b13f0a31ff59cae21a106580267 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c005d6ffd955a8b45cf02fefa74cad04 |
| SHA1 | 57ec0529c757eb0b73bf011db24e78b50248bc3a |
| SHA256 | 9decee97af5346856f9800f7ba39f0da694ec4ea088b32aa72c589d33ba563a6 |
| SHA512 | 52c342f1bb74420fc7abbd5b26150bc3ec3a364b5ca1646ca4bd345586f4d09beb663121204b2d474fe58c4e1c915d82937cd404be65409557e3b5d4d0e6d2ac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e27d6c4df97663e84fa65df1349cfe7b |
| SHA1 | 86f187137a3b057064d15cf0e540012dea1d0a19 |
| SHA256 | a0d3dc3738e0aa71582beac6ec63ab846616c2fc128465300bedba4d97b537ff |
| SHA512 | e5d27db6e246e9853bfb335faf43b8d9bb15b0ade7ec02806af7f49f9f146187dd93b4a69e111b30aaf54ab18822415b1ef820c5e5f9cdd1b9623af3323951b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 3516bf345a4d9c06c10c26c545167fb9 |
| SHA1 | f92d60b034cbd998427bca6cbabd3e18692a8e22 |
| SHA256 | 67e21a311d46500d2eb9c3593630377590c4c0374f4a1ae20554e4989e07d9cd |
| SHA512 | 751d1c71efabc1b2eca9b9d011d6b4b800925a18c1e98f58e34f9c930acc329092d62585502ccfea1ff9ec0246b7213bc75ffb809c6918ae103b8ae08f7ce265 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | a484c220548c9c038b1c332a2374305d |
| SHA1 | 72d1293ca9a5e62ef2ee02d00b400562edc299ac |
| SHA256 | 742292d83ac3de7ec4f7da64b211981c263aaf52cd06d2325a4d75aa17e2f3fa |
| SHA512 | 973a2d8b50f8314f2574a603a6c63e24f00c887480738a960aee006a39d3070a45c6cd6bd69d3ca349f4f186fd588bb00dcb4c5ba2ed0e7b69191b24a4f86fb5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b5f9e7d8e151c9bab61cdaaf5dcf2f2c |
| SHA1 | d106fdca1580f86b5e5c1292f4dbb304ca91974c |
| SHA256 | 5f8a8ca0efc97288c00c7aff8ed3142d73c18685c84d335ef19430d3fe7a2969 |
| SHA512 | ae7134b28150d35bfda29048dc3773b8ba08c1c3149aa3d42c1235444d95310937194e4c55c066666ebcb749e4355241076d76c5b3eb35637a9ff598e2d521c0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5dcea5ed5305b31b63d65b29d20ba66e |
| SHA1 | bfc9f56dee65627e31a477a4e3bc1594c71f1105 |
| SHA256 | 1ebca0305842166d535f0dad550823bd2f482eee29dbf35db894c2da0db7c79f |
| SHA512 | a988a33faa0e1d9f727cc2d5f5afd81b19db30f09505cdf3982eba31e0d1c3f44afe143613b52b52f91a37280f5bfaa572eba18f154439cd6c4703dd99002fc6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 78bf69c7e9f3755488a10f7b44797588 |
| SHA1 | 6eeb660005c963fc59cbc0498d3de563f90ae5f2 |
| SHA256 | 9c7a9cd79bb4aa46c4bef24765e4009151a665f6fee4bf47b326076f2dd10a2a |
| SHA512 | 3d7ba96a43dadd07b8d7c94d58825fe3b282c2ec696c93658c9549673f51b923f124a364f9fbecd4d63a38f0b2023b632bb535ba644af9223c2eaa343142b31b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 049c48fbc1d93e4b642994343ba47458 |
| SHA1 | 2b2b7d1ecef8bffb339eeaddfb11a0f00b19d901 |
| SHA256 | 5f1509094176e30669d3a23819e40dd45698f39dac07b79afe5f2169ee1ded44 |
| SHA512 | bc31bc1b3138d5205b4d8951885b890ea052a267b12e4202ff86798a64f9ca7cba75d5df7b55c1cd3a0c931048911ac668d89d4aa87b86081892200803d77cc5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 55a79ded1dde880f23479ee158138ec4 |
| SHA1 | 22ed2011cd35a42a1b63bf091df531c368f36f53 |
| SHA256 | c90ca7e706fb24af7721a3996e11c12bf1b114fab05540bb37cf2fff83300b57 |
| SHA512 | 40c2d39b19e6e14d37a2fa0027b089b1d216c3336898e6fcbea95e5b970f3a0c7492e7e462b7e678460ad1b5b3dc486b60e9c34f8f895296d68f6b5f63b2d11e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cfcba4f63532206487cc09b30a9e73ff |
| SHA1 | fbbdef5479269e2ff092a030fb5973c10d36604f |
| SHA256 | 3c95b0308e5a22e686153936e299a2e8b792ba45edd875f97c5ac89fbae48f7c |
| SHA512 | 0cd5f0b523403004e0319b87ce34b317b1ee4d16ad015a344921f6c796d73e80f09db02dddbc7bf514348532a9a7a0cae08d44c28d231c84b8c1325384a19e01 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 5aa22dd47bf7ec284d3f985946b6427b |
| SHA1 | 30a4be40d04a7c2837ed52a0f122e10d8a9f5fa4 |
| SHA256 | 3a229b062fa8aa4b9b92dcdbb3f4b27a0e1c1572f7dbf3af65507f59f9499b2c |
| SHA512 | ef54b9cfefdb02012a8edf6138b8060c55e01777fae46035cb72e74582e186eca420c4d0fbf44e858b75db6d75941c026732aae0edca96fad4b1cdceeefeed8c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ef5bf64dac484c652e43f171da0c68c4 |
| SHA1 | decdd1d17142726dd63df3e4f6b910c3ad3b2f2d |
| SHA256 | f9be743cf1bb03cdd1fe6bcd1c671f3a461b7d32af4957b3c3cce76529f5104e |
| SHA512 | a36bdb52eedf91d3d6250b1c50cb753b36b14977b7e47ed8e0eaae38f4f2ec3973af5db9dad0eb77fbbe808435ebd82cbdd87a55469cb41113672dbf66803f0b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.r.oblox.cc_0.indexeddb.leveldb\LOG.old
| MD5 | 53452dcf511530aca497eaf242d648fb |
| SHA1 | a817a392ae870cd779ae2e202b9ece32a8f23b9e |
| SHA256 | 4841b0d5f0be93050116d1f34ca527e24e65efdca9ae0c13e057a23c857db41a |
| SHA512 | 271b1ca2d933ca7b2a680d34bb7d9ec75b8516f56ae21157308a34015f0c088b859f00eb1506874d233dd888ad6074233dd9e927b37f66802148e7e5d1631672 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.r.oblox.cc_0.indexeddb.leveldb\000005.ldb
| MD5 | e22f6160885dbbb714c333569a916771 |
| SHA1 | 2381496dbde71f32cf3bc04dce3c3fbeb186b5b7 |
| SHA256 | 6cff5a2dfba90beab9ebea509416cd326646cb50cfe7edc7de4d9d7e4a32dbb2 |
| SHA512 | 7828bec944b6156f4154a8ab5b2b04d61dfc0f9bdc70f786b50c09990c25ecd1277f6ade4d039aca833634570001ee4cfc0b1707d2cddc5bfeae6fd4f34e22fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.r.oblox.cc_0.indexeddb.leveldb\LOG.old
| MD5 | f50b353ace59693d61ba0754c7fa429c |
| SHA1 | 6401a7bd6036e4dd6a5b0a3230293513573e05c1 |
| SHA256 | 30255ed06395b67d6c0e263c7dffc4cd73656cffda86a76eb47a5132c25ffcef |
| SHA512 | dedad7017b6fb4775a6988c9c6b907b4a7a1dd8c0736de5c6c27e1b13a59780c823100b9cb40e764ca6c4029b60f49225a730e534ab5a00f0db4e32b38fe60cb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1170ff6d45857aacd3d02aefe8c6becb |
| SHA1 | df2c38d24f31d303839bd7e1ffd6dfc683b59474 |
| SHA256 | 0f3a08154c7edd6fe89a6aee3a3e46af60c6f4f1ab4ec6e3fd751d795ac0c040 |
| SHA512 | c1df8ec03b5edacdd4d63892792a7dbea8d38ea62cac246644288655c767fe53a6278c83b8715d5ab5e5d7338aa086887ecd52b32bac0e65baad4de5a45bb6fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 781ad8f4d34e0016ddd855d074024ef1 |
| SHA1 | fd2baab7ddf8767b22d16bf399745d437aaf34f3 |
| SHA256 | b1447568d862a883c2070eaf4a7f2cd15ed397a4ab3afd5df285bcf0f50853fa |
| SHA512 | fdda62ff413044885819a36369ab844e6e270c4b1e7de421814c51ae9bb3f0a83d78180f3488b7a50490499788c53ba07402375295d7120743351cd052a1eeb2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1775321ec2d8266071e0a42bb23de540 |
| SHA1 | ae1a76b29c398f2cd7c57e7252e260d336a1597a |
| SHA256 | 9add9b63e822303b039c41600be6afce22d3d341397a4f8c75a7340eae5c0355 |
| SHA512 | 00485bc574486e6196b2101fa9a4a8629c2658eb2a426245f0d175c07099366085f4f888f8e2a48079dce2181ca31f5c330256c81509c8dd50c14842749c5c3c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d567b0af8235549a9f05fca2f8db1ea2 |
| SHA1 | 74b1d8b1e903a4d981d7ae1a59cc13bb948306cc |
| SHA256 | 52a340560fa50be301ee2abe510d461faccdaf9d83c282a5098c475ff632826a |
| SHA512 | 2679e76430d97ce2d370793e47bab64910cb4580048dcaae7dad7b40afc9f5b1d96b1fb4d74d83a32070851b2a3d17f3db8a771f3dcc978d6e9ff90bfa226984 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cd8790059ef757dc199eb5c3c6f46dd5 |
| SHA1 | f795d0c31fd3f07b1ac10e74b2054c2f8278c59d |
| SHA256 | 1aa5b0ddb1d080eeec8856ff34ba3274a4e40cdcba25b38051e8920837d38075 |
| SHA512 | 3746d9401fe1efcdbb70bdf7cb8c0ebacbcaf79c69b2321c62c0f9cebbe6def9d9cfb46548a61fdf93717bd3619d9b856f1202159ae233a6c37da7407d63ff62 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a5ec0f6301c4ca649ca179c40226ced3 |
| SHA1 | 35997707eba4b24ccecf3cdeb0810ea6f8fe5f22 |
| SHA256 | e0702be8ccdf704e6b79b726b2f9445143c9eddf1598800a592d3829f32fdcca |
| SHA512 | a5a415bbb709ffd3b84925b5819b0d483de40a1c5a14928041b54f496883c06cb75c529e7e6657012720020f1e740277e3071c8ab1a1f67fc54b759eb114d78f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6a1a1d0a8582933690126b49f6143832 |
| SHA1 | 73162c588afe29679701b83cecd7ee84e64655bc |
| SHA256 | 892803a18f5edbb7fb63ea9fb844c0654ff3d411ef9b4aa728a8401543936007 |
| SHA512 | ff4f38c799afcea0f5a5dcd7326eec1ac03af609bfd8f59c56b4daeab8ecb241bccafa3a9e50fb585347bf8ccf731ac93cd32ffbe389365c1b9a266caab5283f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 416e7253940b19faefe0031b37fac4a1 |
| SHA1 | 2e2475a0351e6087e76a7f19eead0126970fbf83 |
| SHA256 | 145c77e4320ffcdd7fde2b682921e448829e9a65c5e8fde7e6448493ff781d17 |
| SHA512 | 7a538d5e02da2cc53884feafb079bfb74919168843e308e995f1d986e29afe9fdd0a66922a0653c9bf68726b2a5237dea3162c294d5ad13c0f4b8934a220c3e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fbde5a875cd0b99b47e289c513eedf7b |
| SHA1 | eca961e85d096d0558e63731f45ba4d76c4a9d9f |
| SHA256 | 3a6f889a252214af9e53ad7d322f2bbbb5c113f5d5835ec15f4334d20e3ab0f6 |
| SHA512 | 37def02357e47bac5fc86d942c85592c9aba80e865bce4b8acefc7610497bc22d41a7ef5c6a844de179827742e09933d7aa61cbdef788f5813a54ace36685400 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5683fa11c3bb16fe72c1ac18d270a22a |
| SHA1 | 87fe3a75ec3bc0ae46b0382a2e11bff6245f307a |
| SHA256 | 2d88e112f9f82130bce84d8fe13c20753649079ffc19b74a3b828710c9c93db3 |
| SHA512 | 606a137aebcfc7fa7e70e3a1c32a81eb7a85b2c08ba4575c4324b409f93f2521cd0e09f08a0693312ba87dbee0105ec15120316cb134b49a922d5dad8891f35b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 98989d82f719c44e3758104c826a47db |
| SHA1 | 66b11c0264c47ef893b269f39dde689a6467af81 |
| SHA256 | c46abe3cc95d10048c02f78f33610a225cf5c17a73b2960e60a1665898bf110e |
| SHA512 | 8a2682a1a995814ad433d581ddd0d2167567b3b35a4164adedee773796f948eaeaa28ec0e042898bae43ae7a952027c64d75aff6bdb5445d244543fbc4108564 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9890dfb0ec1a5b9871f3031ee0c171fc |
| SHA1 | bab9269293d16cdf43b5ad699d2673566eb878f8 |
| SHA256 | 9ef021ab70ac67642b7f5ceac4b46d1ab037a23b6a485301d154bc91fc0f6222 |
| SHA512 | b538b1ab9d0ec6192c01076cf0b03d8512a8a1eb93a29109e4ad696997afc09149abdb8ebbe78154b75f11a1ee6f3e734314f7e96093e9d0e6413a3c6e90226e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 83f8f1561418e5397fb1f5b758c126a6 |
| SHA1 | 326315ca3a2fce2e370513a148cfae80e74d911f |
| SHA256 | ff7ee14d38273b431f33eaaa710e7009258d105850413946734ab98383841eb9 |
| SHA512 | fe6ef8ffce45f6fff1c00d3eb168671880bd86618d369ef91ef441d3edb9694964d9f3f829ad4aace18eaac646cf294ccbcf46101bb0c618e818b0080f5d5875 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 106758999e981bac9eef2c311a5ec502 |
| SHA1 | b83d331c4e868006fa5260c565ccabd0a6fe335f |
| SHA256 | c337b4f48866c7c562866f2cb3632f3df955dcb28f9b808b0d190c609e9f9bdf |
| SHA512 | f70e03b8b81a767780129c9a8738f599b5fd7e26d3e94fa36f2959f7ee2533b6fc4167b49240052c518f5e4810310b22e2ba165e62cc52c39dcf4c1e13b3a597 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0ad8e58c8ecf6ccbf1a204350394c7cd |
| SHA1 | 4f9e5fd5c5d09d123b6ae2cd2248be2e6153d6ba |
| SHA256 | 789e1e397c5ae428626b3f78d15f2adb9dfc5df166dfce7847cf095ce6c91151 |
| SHA512 | eb634eaec90212ad24054e98619fd409dca62a821f396a3b1419d68aa20474d0f8ad5e2c195ea40f9a4c00dd1bc1f2c485cdfc8b8f29a5cc4a8af5c13acbca42 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d1b69e7b06765ed58705cc4d224cd8f8 |
| SHA1 | 804e3dca96d24059d9bedefd4602182b437b54e5 |
| SHA256 | f9c79bd982e3b26d5d85f05bbe8c2c5b947b235a131ef423a160dd699da35f0b |
| SHA512 | a0a1841d8e6a1f68966027d8898b65c64340ad15e19f1c88a9f237396cd437179b37ad9b1c687bf0833c594ae3033ecc8f7cb1a6c7d347aed24e3dfc6721d8cc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ee8b0235672afa3f5515e1b4b69ec367 |
| SHA1 | 2afe083121218739b91858df1ab286f2d5d90657 |
| SHA256 | 3891e76dbe8f05ac8103de2d0492e1db6916bd8595e79a90cc9aeba7efa37ff6 |
| SHA512 | 658bfcba5fb83ee70b246ac599b50b041f10f3d18ac44ebf7b06c7fbe4c2d0de8122e1626005dd08e24fbf77c50aa8bce1a88fc0e7135acdf4a8bf0f43d179ad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4795dd289e72a91eb433e10fcc5afab5 |
| SHA1 | ec7a720231d2d9fc41cd3bb788de651e1ea71ba6 |
| SHA256 | fc639c37cf56032b5360830e98bdc4bc7ededb53d5cf0271db6c7c9aed6997aa |
| SHA512 | f661a22af27a3422f6af15d79ddff462e74cfa5ebcf8e09fbd2b14bcd39aaffc69cd8b2b1c9856243e1779e29e17aa2029445840c5319e02e86432fc3ce8dfc4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f3bd9d617163cac6aeb6d777d26e799d |
| SHA1 | 80de54e1c01c8f057f50bcd1ec68b490040b703d |
| SHA256 | 488dd43a39c4dd53623634de9275ab6da12e4f60b29c160881cf12fcfe1abbc4 |
| SHA512 | a7b7004fd279d4f5392a4b8ee3dc4be71fdde0660efe64ee4bce9437a1324926001ba1ba85f730a38d008385495545bde49401c266b08cfc8e2c7355994079e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 67c51f8e936482e6907d576383419592 |
| SHA1 | 2f80ae77c5723b8edcefb8e1aa07fd0d6410f48c |
| SHA256 | f7a9da0eafe2e25f6b4e4e9c772d98951339bf6dab8d95f8ceaa2b3af1fcc5f7 |
| SHA512 | ef2060e39e55463c2965ad20e99eca574711ed1ed9a830d9fd6522b2e468bdd7ea6360729e9eac4ea34c2a81d189f28b228f5c1f837b114a3a7842702e36c301 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 425f0b1d9bcdad4ecc1cb387cece44e0 |
| SHA1 | b2c36cd2cb489300daec525016a448cc6e232e15 |
| SHA256 | ac6112aa5894365c9035f7986e5f5047f03bc78cd2f2963fed65a900b64d3d5f |
| SHA512 | 99fe9daee857f00c3b87b7e46e113d43c77f7b6cdfd3e6edfb8841a857eb2043c58aa364656fbf2ec6ce6df0e61c0b48976256ae1fca0c8fcbf53ab6b18c2371 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5cd223697e488ab360b9d3586b886dfc |
| SHA1 | 71e5aaa616a69cc64ce10e4ab5e2b9f45b9b4203 |
| SHA256 | 7b29231cf2cc3716a7e473d8296316fba4a75746d7f0c17dfab92f4732c2918a |
| SHA512 | d84383cea10712ca1edd1320e2dd8476565f54dfc527a0d61feff57a6352ed42aff1305375bc1cfe1ef7d162ee05dab3efc244af18a86b6755b4f63a8b2d9e49 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6c109bc036444da6adec2216bc7eae58 |
| SHA1 | 5d71b8918b473b5977b306d939cd5fd5e8f399e7 |
| SHA256 | 0b172c678e67b97f0fcec83272f1b0a5d6d219a189847d7f6b860113a7f51b81 |
| SHA512 | c5a0f9ec69fb30f7bba3e500fc1a3249988845aabf98c604c4093a6eb81fcc64c1a42f21b470b7240ac0068da0b5e0e93a228d5d8e27f3c238c1dac42b5a1e02 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b1bd6e6caedad245e3b2dcc295b16b34 |
| SHA1 | 49abecdef8ebc635553854a4c9da2530b711c5b1 |
| SHA256 | ab88c5c327cdec71303c1f8c17bca5a87277e9728e98401eb7dbaeceb73b04db |
| SHA512 | 44c59c903e2aae521dcab1eabab39dcc167045c6f8aed7cfb6a2dcb4ac1c4cea8b708c05a323285232a9db0636d9a2724db59ae0464172f5093b05405e884593 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9e35162490eabf42888469b614654aed |
| SHA1 | 50e156d7a600078df21e9f7120b2e44d978e8208 |
| SHA256 | 04e23b55c8cc2a15e4a03bc8ea104f4cbb8ba6f34e5d5afda6328945496e8d5c |
| SHA512 | c4c0834439ce9775592b227306af3335157c50ba447726167c3c4b2d749429d1e94ffbb5b8349a5c4dad6a992a519dbc12b662b7446cd59bb94ce6b9f8609d5e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | faa3c63b3c8820792320921f8de9c613 |
| SHA1 | 4bf435ec20775f496880a7f01edc18bb09199144 |
| SHA256 | b4afd2c6f0600d530afa6943581131b9494af1fef8724ef2283b6559c7b1353a |
| SHA512 | 0c928d385004335135a59439bb019f2f58ed36d494151aad302b96c68e86b58bfcca022e7693b5d3995f9c2f74da1f3a5647977e6e6a2efe8fa1b599d45630c0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 80f14b618d7a4296e6f602dad94507c4 |
| SHA1 | 3c44246ec375c88ae87eb871a5d2ebd883f544d6 |
| SHA256 | 09d0379a54e399c6008bc2f8241363d2d526d8b74799fd99bcb5101a8c565ff3 |
| SHA512 | e5135a3dd3d95facf49b82d4f04319d2c6240594003ada7b5c779b1b1e789ed4d374f90eeca1df6fc8c2b1bbd907d4365fbeb869b76a2350afb6dc5f45334319 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3bc179d9eac093c54d08f8aaf2894a8f |
| SHA1 | 3b14794a6cb73fa827744ac4a566c704f2f485c2 |
| SHA256 | 32bcea188e9063c3046818e92082e15cdd5b7ba215202a439505267fb81b14e2 |
| SHA512 | 8a832a7560b5d70e3b29a8625fc53c3a30552f3961a04e147e884f30c5acc063e7f9fa2b38f73127f6a687048fa112eb40e13aa5c2c8da013c069afa2be2b709 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 4764e079590d535db4fde455f3e90c9c |
| SHA1 | dfd95b10c270d085bc3deee32159f50685c7c603 |
| SHA256 | ab8e2db03be0af9c15acda30e2463408b17de3fe6b4f3a2b43364457dabd35be |
| SHA512 | bc540fdcd76c5ee5af137c40a88c53f9ada3bbd109ec4e30512c7b16bea8c7032f9e8409b48ee6b8850e06802a15fd97bef1c5c2ab1771e3380c96f6f5459954 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8a6893edec5236d30e1247bdf6feddc4 |
| SHA1 | 1c8615f04142607da825c28341542ea69533d59b |
| SHA256 | 7d7f894e1357317d3fbd104e6004b5b9db50e0b23405deee7ead9c18a0f0dbd3 |
| SHA512 | e843baf0ef1d6f58876ba2002e95e6b2f20bc42788354e75c02a96ec15ccb344207af1fdb82f4e2a795db8ec4fa30261ad2b75cae3fda3cd3be561b63e60c028 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cbedfb431734e07bf0204a40ff2bb1a4 |
| SHA1 | d89f956408c8546464002fd7e33a9d62682c62c6 |
| SHA256 | 4a9c267c96fd7c0db0a847470982919c0ad040a10b8b6155c81c03162641e05b |
| SHA512 | 0e5844b71197458c62a40df6d86ad229f1dad93f66e6abdfdbe3fbf8220e6d67dd34c4a141d402c2bbbf95fa248a3de5f850b5d11a932556de804087c70af4b7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 164a1a7873c5eb02ccbcbc60b9e80584 |
| SHA1 | 909a1c1372ad21da468679c2104b4e9a4039bb31 |
| SHA256 | 512be128064bb9d0b39476ad5b26b9e97776ec90192ee7e93d4998668cf47774 |
| SHA512 | f69afe476e4d6929dad94ad179e688772731de4b9751e16a56fa3bcd4ea3fe016d10cfc521a1bfbb0ae62793e82314c39929d90caf677e0c2e19d7c5e0ccc3ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2f131c326cd927d49769c0e1acecd798 |
| SHA1 | 4b96ad3dd76ffb2cbd276fbdc9036787e210f734 |
| SHA256 | b68702e2a99a475d1b031bd70b518497782685abcca686df22e5c26c68a04beb |
| SHA512 | f655fefe8726853a35d5737148653b253379da76a7638a11297f63eb77e3c1c630676d5fcb01016d04af9d3ca37cdfb91a96eabafa5aae777caa1957725a9267 |