Malware Analysis Report

2025-03-14 21:43

Sample ID 250113-3dy22asqbl
Target FiveM.exe
SHA256 2ed4cfb162f0e3294823b18e6198465181c56e2d362b37f439c35f57fb92617a
Tags
google discovery phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

2ed4cfb162f0e3294823b18e6198465181c56e2d362b37f439c35f57fb92617a

Threat Level: Known bad

The file FiveM.exe was found to be: Known bad.

Malicious Activity Summary

google discovery phishing

Detected google phishing page

A potential corporate email address has been identified in the URL: [email protected]

A potential corporate email address has been identified in the URL: [email protected]

A potential corporate email address has been identified in the URL: [email protected]

A potential corporate email address has been identified in the URL: [email protected]

Drops desktop.ini file(s)

Looks up external IP address via web service

Network Service Discovery

Drops file in System32 directory

Checks installed software on the system

Executes dropped EXE

Enumerates physical storage devices

Browser Information Discovery

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

Modifies Control Panel

Modifies data under HKEY_USERS

Enumerates system info in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SetWindowsHookEx

Uses Task Scheduler COM API

Suspicious use of WriteProcessMemory

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Checks processor information in registry

Modifies registry class

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2025-01-13 23:24

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2025-01-13 23:24

Reported

2025-01-13 23:39

Platform

win11-20241007-en

Max time kernel

900s

Max time network

900s

Command Line

"C:\Users\Admin\AppData\Local\Temp\FiveM.exe"

Signatures

Detected google phishing page

phishing google

A potential corporate email address has been identified in the URL: [email protected]

phishing

A potential corporate email address has been identified in the URL: [email protected]

phishing

A potential corporate email address has been identified in the URL: [email protected]

phishing

Drops desktop.ini file(s)

Description Indicator Process Target
File opened for modification C:\Users\Admin\Videos\Captures\desktop.ini C:\Windows\system32\svchost.exe N/A
File opened for modification C:\Users\Admin\AppData\Local\FiveM\FiveM.app\desktop.ini C:\Users\Admin\AppData\Local\FiveM\FiveM.exe N/A

Network Service Discovery

discovery
Description Indicator Process Target
N/A N/A C:\Windows\System32\GameBarPresenceWriter.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_a3f9d7c24b3377b3\basicdisplay.PNF C:\Users\Admin\AppData\Local\FiveM\FiveM.exe N/A

Checks installed software on the system

discovery

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\FiveM\FiveM.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\System32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\System32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies Control Panel

evasion
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3587106988-279496464-3440778474-1000\Control Panel\Colors C:\Users\Admin\AppData\Local\FiveM\FiveM.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Direct3D C:\Windows\System32\svchost.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "1" C:\Windows\System32\svchost.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3587106988-279496464-3440778474-1000\{D0EF5B92-D45B-4DDB-ACD4-C97AF58F7AB2} C:\Windows\system32\svchost.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\FiveM\FiveM.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\FiveM\FiveM.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2752 wrote to memory of 4184 N/A C:\Users\Admin\AppData\Local\Temp\FiveM.exe C:\Users\Admin\AppData\Local\FiveM\FiveM.exe
PID 2752 wrote to memory of 4184 N/A C:\Users\Admin\AppData\Local\Temp\FiveM.exe C:\Users\Admin\AppData\Local\FiveM\FiveM.exe
PID 3180 wrote to memory of 2340 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 2340 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 4904 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 1692 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 1692 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 2812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 2812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 2812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 2812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 2812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 2812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 2812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 2812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 2812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 2812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 2812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 2812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 2812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 2812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 2812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 2812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 2812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3180 wrote to memory of 2812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Users\Admin\AppData\Local\Temp\FiveM.exe

"C:\Users\Admin\AppData\Local\Temp\FiveM.exe"

C:\Users\Admin\AppData\Local\FiveM\FiveM.exe

"C:\Users\Admin\AppData\Local\FiveM\FiveM.exe"

C:\Windows\System32\GameBarPresenceWriter.exe

"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc1d4c3cb8,0x7ffc1d4c3cc8,0x7ffc1d4c3cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1868 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2556 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4632 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4956 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4932 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4632 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5588 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5960 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4840 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4744 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5996 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1020 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6216 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6452 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2064 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5304 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5184 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4856 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4660 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7080 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2064 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7092 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4748 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4776 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5064 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3436 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7088 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4668 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,7865288836897055208,17001041555166279152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6656 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 content.cfx.re udp
US 172.64.153.85:443 content.cfx.re tcp
US 172.64.153.85:443 content.cfx.re tcp
N/A 127.0.0.1:49730 tcp
N/A 127.0.0.1:49740 tcp
N/A 127.0.0.1:49757 tcp
US 172.64.153.85:443 content.cfx.re tcp
N/A 127.0.0.1:49760 tcp
US 172.64.153.85:443 content.cfx.re tcp
US 172.64.153.85:443 content.cfx.re tcp
US 172.64.153.85:443 content.cfx.re tcp
US 172.64.153.85:443 content.cfx.re tcp
US 172.64.153.85:443 content.cfx.re tcp
US 172.64.153.85:443 content.cfx.re tcp
US 172.64.153.85:443 content.cfx.re tcp
N/A 127.0.0.1:49763 tcp
US 8.8.8.8:53 167.173.78.104.in-addr.arpa udp
GB 2.18.27.82:443 r.bing.com tcp
N/A 224.0.0.251:5353 udp
GB 2.18.27.76:443 r.bing.com tcp
GB 2.18.27.76:443 r.bing.com tcp
GB 2.18.27.76:443 r.bing.com tcp
GB 2.18.27.76:443 r.bing.com tcp
GB 142.250.180.5:80 mail.google.com tcp
GB 142.250.180.5:80 mail.google.com tcp
GB 142.250.180.5:443 mail.google.com tcp
BE 142.251.173.84:443 accounts.google.com tcp
BE 142.251.173.84:443 accounts.google.com udp
US 8.8.8.8:53 72.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
GB 142.250.179.238:443 play.google.com tcp
GB 142.250.179.238:443 play.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 2.18.27.82:443 www.bing.com tcp
DE 157.240.210.16:443 en-gb.facebook.com tcp
DE 157.240.210.16:443 en-gb.facebook.com tcp
DE 157.240.210.14:443 static.xx.fbcdn.net tcp
DE 157.240.210.14:443 static.xx.fbcdn.net tcp
DE 157.240.210.14:443 static.xx.fbcdn.net tcp
DE 157.240.210.14:443 static.xx.fbcdn.net tcp
DE 157.240.210.14:443 static.xx.fbcdn.net tcp
DE 157.240.210.14:443 static.xx.fbcdn.net tcp
DE 157.240.210.35:443 fbcdn.net tcp
DE 157.240.210.35:443 fbcdn.net tcp
GB 157.240.214.35:443 www.facebook.com tcp
GB 2.19.252.146:443 t.ssl.ak.dynamic.tiles.virtualearth.net tcp
GB 2.19.252.146:443 t.ssl.ak.dynamic.tiles.virtualearth.net tcp
GB 2.19.252.146:443 t.ssl.ak.dynamic.tiles.virtualearth.net tcp
GB 2.19.252.146:443 t.ssl.ak.dynamic.tiles.virtualearth.net tcp
GB 2.19.252.146:443 t.ssl.ak.dynamic.tiles.virtualearth.net tcp
GB 2.19.252.146:443 t.ssl.ak.dynamic.tiles.virtualearth.net tcp
GB 2.19.252.146:443 t.ssl.ak.dynamic.tiles.virtualearth.net tcp
GB 2.19.252.146:443 t.ssl.ak.dynamic.tiles.virtualearth.net udp
US 172.67.28.32:443 www.pcgarage.ro tcp
US 172.67.28.32:443 www.pcgarage.ro tcp
US 13.107.246.64:443 landmark3dweb.azureedge.net tcp
US 13.107.246.64:443 landmark3dweb.azureedge.net tcp
US 104.18.94.41:443 challenges.cloudflare.com tcp
US 104.18.94.41:443 challenges.cloudflare.com tcp
US 50.17.7.59:80 fortnite.com tcp
US 50.17.7.59:80 fortnite.com tcp
US 50.17.7.59:443 fortnite.com tcp
FR 3.164.163.127:80 crt.rootg2.amazontrust.com tcp
US 104.18.25.192:443 www.fortnite.com tcp
US 8.8.8.8:53 192.25.18.104.in-addr.arpa udp
US 8.8.8.8:53 50.201.222.52.in-addr.arpa udp
US 8.8.8.8:53 tracking.fortnite.com udp
US 8.8.8.8:53 cdn2.unrealengine.com udp
US 34.230.163.73:443 tracking.fortnite.com tcp
FR 52.222.149.94:443 components.unrealengine.com tcp
FR 52.222.149.94:443 components.unrealengine.com tcp
FR 52.222.149.94:443 components.unrealengine.com tcp
FR 52.222.149.94:443 components.unrealengine.com tcp
FR 52.222.149.94:443 components.unrealengine.com tcp
FR 52.222.149.94:443 components.unrealengine.com tcp
GB 184.26.189.96:443 cdn2.unrealengine.com tcp
GB 184.26.189.96:443 cdn2.unrealengine.com tcp
US 8.8.8.8:53 96.189.26.184.in-addr.arpa udp
US 8.8.8.8:53 73.163.230.34.in-addr.arpa udp
US 104.18.14.62:443 static-assets-prod.epicgames.com tcp
US 8.8.8.8:53 62.14.18.104.in-addr.arpa udp
US 34.120.195.249:443 o10593.ingest.sentry.io tcp
FR 18.244.28.77:443 cms-assets.unrealengine.com tcp
FR 18.244.28.77:443 cms-assets.unrealengine.com tcp
FR 18.244.28.77:443 cms-assets.unrealengine.com tcp
US 8.8.8.8:53 249.195.120.34.in-addr.arpa udp
US 8.8.8.8:53 77.28.244.18.in-addr.arpa udp
US 8.8.8.8:53 th.bing.com udp
GB 2.19.252.146:443 aefd.nelreports.net tcp
GB 142.250.180.5:80 mail.google.com tcp
GB 142.250.180.5:80 mail.google.com tcp
BE 142.251.173.84:443 accounts.google.com udp
GB 142.250.179.238:443 play.google.com udp
GB 172.217.169.14:443 support.google.com tcp
GB 172.217.169.14:443 support.google.com tcp
GB 172.217.169.14:443 support.google.com udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
GB 142.250.200.33:443 lh3.googleusercontent.com tcp
US 8.8.8.8:53 72.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 33.200.250.142.in-addr.arpa udp
GB 142.250.178.14:443 apis.google.com tcp
GB 142.250.179.238:443 play.google.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.179.238:443 play.google.com tcp
US 216.239.34.36:443 region1.google-analytics.com udp
GB 2.19.252.146:443 aefd.nelreports.net udp
GB 2.19.252.148:443 aefd.nelreports.net udp

Files

C:\Users\Admin\AppData\Local\FiveM\FiveM.exe

MD5 357b5269f142658d15f2ee3f0ff949f4
SHA1 cfd0b2e11701095ed8e38c54c9a275125f989e9c
SHA256 2ed4cfb162f0e3294823b18e6198465181c56e2d362b37f439c35f57fb92617a
SHA512 3305293964364a9b72f30434834e8313883df8c125a40a4730b3795b27cdfe8deae5ebcfaa72f060b5e609764bb46c5a9872738fb691badee9106d78d1468498

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM.lnk

MD5 ba08474054ec64f1108871662eac1eb6
SHA1 50632df8e67a9ae3db1679026db5cdfea2e7ff7a
SHA256 e2d079a7f612a721bc2704274778cd3c918a312b5383e46dc4c6c88d60e2221b
SHA512 d8c241df8c38785e1dbe4a97b718feb7097e77d94420c2844f6c1a6fc7651f7597066e8778bb02caf288e60f1defad3a7519ed12be21a76cadebed2c0e9e30b0

C:\Users\Admin\AppData\Local\FiveM\FiveM.app\desktop.ini

MD5 eeb7d52c2a25022ea8e6fdd84b490968
SHA1 ac615808df874379439510643f1b68958951dcfa
SHA256 8dbad4b058e6e6e2d8b119f55e84b8eabfc074c80995e1c1b6b1a5731fd1f3c8
SHA512 1ccd684842f249bb3acae4cf1057cbea27852a34c39123cc7a3b6d64604984cee6a0edea164b6284e843c52e39e1da3129102fc4ba1104658cddf3999af6d197

C:\Users\Admin\Videos\Captures\desktop.ini

MD5 b0d27eaec71f1cd73b015f5ceeb15f9d
SHA1 62264f8b5c2f5034a1e4143df6e8c787165fbc2f
SHA256 86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2
SHA512 7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 46e6ad711a84b5dc7b30b75297d64875
SHA1 8ca343bfab1e2c04e67b9b16b8e06ba463b4f485
SHA256 77b51492a40a511e57e7a7ecf76715a2fd46533c0f0d0d5a758f0224e201c77f
SHA512 8472710b638b0aeee4678f41ed2dff72b39b929b2802716c0c9f96db24c63096b94c9969575e4698f16e412f82668b5c9b5cb747e8a2219429dbb476a31d297e

\??\pipe\LOCAL\crashpad_3180_HVZNMKZIOKXFYEMB

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 fdee96b970080ef7f5bfa5964075575e
SHA1 2c821998dc2674d291bfa83a4df46814f0c29ab4
SHA256 a241023f360b300e56b2b0e1205b651e1244b222e1f55245ca2d06d3162a62f0
SHA512 20875c3002323f5a9b1b71917d6bd4e4c718c9ca325c90335bd475ddcb25eac94cb3f29795fa6476d6d6e757622b8b0577f008eec2c739c2eec71d2e8b372cff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 db904dc4bbe168b3e72bbc103fb6e540
SHA1 cf730280bc9d518024baa200f44c1254db3e8b5c
SHA256 1b62e6c90ad5d1f0a9a1c6a4dc09ea2c7262e5c48eb6b5d8b8160324b13ccd4d
SHA512 c85df156aceffd0a9e5b483e77fca7bcdea2ce6dc2c77304e7b15f33188dcbce3083cde233320152bb98bc31c36337a85fd313a5486e3f279947d222a531b3af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0deb85334dba83d1a65c16079a960892
SHA1 228a7291c82bc4de0dce79a743daf3106a8085a2
SHA256 37b74022b8a2dab6afdb7437fbfc8d410838af2cfb8a1c5b17480a8d7b396668
SHA512 82b4b5e91f0ffc08486f55025e52b338b66bf0ae88c13679127172fd3c286f3de34dc6f810a191211d1693096c643346505c209c9922642f95278b09f6fd73c6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b1ae636e841a2e8d105cb39f521983d9
SHA1 59fdfc0f909219a3fbedc8d91b73429eb2e25f5d
SHA256 3546755fa43047b07d9688f4a2e183486da60f56705dff4fd1edcf7e0af06202
SHA512 66b05bb49da5f526ff193bb0dfd06a8fdcd64d25418ce3e66dd01c7f1fdb36fa9792402bf214b397af33014229c4efc7d23e0eef3dc010934427abe7e6a8b638

C:\Users\Admin\Desktop\FiveM.lnk

MD5 80cbf848bc94f169c24363a7becb5ee6
SHA1 2f1e583622f51677410d0095da630260f9c3a70d
SHA256 1486cf80ced5e295f0a135eeb93667e2c7a4403f0341b6f7f608decaa36cd1d1
SHA512 d9e549c41f4531e340dc336e8cfd5e4b7f8cdc41dadb33ac9a5eab373a2bdd6dbe8b8158ec76545303f2895a7fb51eb7c51b12b800047ee55de1ebb4c346d475

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

MD5 d79b35ccf8e6af6714eb612714349097
SHA1 eb3ccc9ed29830df42f3fd129951cb8b791aaf98
SHA256 c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365
SHA512 f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

MD5 ca9e4686e278b752e1dec522d6830b1f
SHA1 1129a37b84ee4708492f51323c90804bb0dfed64
SHA256 b36086821f07e11041fc44b05d2cafe3fb756633e72b07da453c28bd4735ed26
SHA512 600e5d6e1df68423976b1dcfa99e56cb8b8f5cd008d52482fefb086546256a9822025d75f5b286996b19ee1c7cd254f476abf4de0cf8c6205d9f7d5e49b80671

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 07590041a3019203c39071856e28cc43
SHA1 7638478741054f140ce1a73f3795217b980bf5cb
SHA256 c8111ca26f200307e5ce86a0c9f7482742c92ff9c16126ce49764141314a9fa3
SHA512 e8673887fc40d5aa2c161247d2f8e20a198f277712ccaf6f1214910ed1fc8a92ac76cd1b33ec4c3aa1ef6ba0e11530058e8268c8b8300c75c1a54e300ae6b98b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5fe894.TMP

MD5 f7ca32b919ae6d6f40bbbaaf668f170a
SHA1 aca8c83c1d8d6e4cb4fcba9f84af85b5763f9afd
SHA256 f8d582609329b50cd3aad5b08c2a4efde7ca7cbe1b7a8d1f8b388b5937692869
SHA512 8c9aacc2e15dd778cff4fc39a28c9846f5ecf87b9398e73ada87741d43c90cd12957103768a905bcea8c998f922e857176812bcec3092a21d5d639bc5f3e5ea6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 41b82ea34a08b21b605c654bb2083438
SHA1 64e65657246a4661cdb7a04a26659450aa42fc55
SHA256 73e677c9a97690ec12bd22f1a6d5610da604c76d068d693a7eda3211ac373c50
SHA512 51d2123158cc6071cbd6480be73d4fc5a4b1595ea15fa3d6276ff089e7b1d067dba156ace0c9c237d370d5cbad8ff6097855d4311bb690e547d76d4242689bd4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c024f72be2a0a0dcc9d80c9f825d413f
SHA1 5342493b2357720207b9996b43ab0f57753b88fc
SHA256 af935310e6264a0148e2388ca5418d74cee3e680deb8ca12012fc65f72f78be3
SHA512 08fc20f71a09193d725c6fc226b1ddf3f67cb08757ee645fe5b5c16db0f0dff469db03cb46a01983b8a284b8cb5b0c4baea728cbdb89eb5f479535c7fd174b96

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 81d0f3106085bf8e635e1010d73c7923
SHA1 640e9e4988fd1aa15054d5a0cc001435ceaff7f5
SHA256 a568cf0cbad27682cfa2ab13b7784dc3f5f107827cd603e6fc9f255da9382c09
SHA512 9206ca6ae8fcf3ea6d98cf86216cd88ab66301743f05f31156e66e05913b45f7766b5db445c235ebc95eaf1f5d4c6d8482f7b5fd83d3202b2643a53b1acfa12f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 d40a49c904b818ff5e245b021752ff3b
SHA1 871c749b81e5c9a35a7f169a4b36a0a4de3daeda
SHA256 89c481f2135a7daa8bd031931ba9c994337f696316553ef0ede8e21e2c4461a4
SHA512 1b1d8e71d16a2ea15dacb9addaad7d1db946ec23b5aabef09fc0e6193755ef57a90af6cf630949743fa45b3058669454dd5166e4b7e9db6f87a65ec938a33abf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 69df804d05f8b29a88278b7d582dd279
SHA1 d9560905612cf656d5dd0e741172fb4cd9c60688
SHA256 b885987a52236f56ce7a5ca18b18533e64f62ab64eb14050ede93c93b5bd5608
SHA512 0ef49eeeeb463da832f7d5b11f6418baa65963de62c00e71d847183e0035be03e63c097103d30329582fe806d246e3c0e3ecab8b2498799abbb21d8b7febdc0e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 1bd4ae71ef8e69ad4b5ffd8dc7d2dcb5
SHA1 6dd8803e59949c985d6a9df2f26c833041a5178c
SHA256 af18b3681e8e2a1e8dc34c2aa60530dc8d8a9258c4d562cbe20c898d5de98725
SHA512 b3ff083b669aca75549396250e05344ba2f1c021468589f2bd6f1b977b7f11df00f958bbbd22f07708b5d30d0260f39d8de57e75382b3ab8e78a2c41ef428863

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

MD5 c813a1b87f1651d642cdcad5fca7a7d8
SHA1 0e6628997674a7dfbeb321b59a6e829d0c2f4478
SHA256 df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3
SHA512 af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

MD5 226541550a51911c375216f718493f65
SHA1 f6e608468401f9384cabdef45ca19e2afacc84bd
SHA256 caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5
SHA512 2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f5e7a105386a646c63e81c0d8f6478e5
SHA1 82f887db49439cacc6479e984fff1fbc62d8f1bc
SHA256 c9a41c5f8e77cfb5c25a3377f2499b4006523a7d02fb69101113af4c25be2479
SHA512 518b6f76029fb2e0a24bdaa51a1bfd66fa0c91f5fa15b546d55911e51205f7bf57779ee159f771670855887c0f78358e2c258ce1c494e2803abdd4620283d217

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2e2d1dcf9e4d9aae5387b1e8ce8bee80
SHA1 7e364f2419c57dd6601197e5f8866600d6391b31
SHA256 44bbc252d4aa527c922f588d31404f120a590d943e1a4ca06d6bb6d698aa5b6a
SHA512 46fdb7e79d03636cdd47328fca0847f5e9777d04755188d6e18f84274807a531aac966f301729897227040141ff49746d288139ff25cae14b3e110255d6b0673

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5c7549ef7f0953a12e1e8c3ec8004738
SHA1 661e4f286f3578990aefbc40aaa720a4855f6f38
SHA256 5c171ae0f9ade488d504eacb5fc4e8ecc3fb47ef21f5bde755a71284ae9e3508
SHA512 5ee0d27f01873be6896dd9a331ecadeda97a29895c6c21ba9833ad572a6fe915a4e43adc0e69c505dbb955f6db7dc3b408f757a6433cd1006e6c94cddb71c4d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 84a53003c9ad4c67004c18f8d6711b9a
SHA1 6c08a9aab00b555c2e2d2a8d89122d4f551e51b3
SHA256 af28ba57ce307703607f9ec7b8b6a7c380042f0f2ec5b8fff3b446257da3c115
SHA512 75e11df3e17f602025e7deb28cb4b19ab57683d2463eb5577d439118953e1b43383985ca6cb3f1df5b619c9c5cfc0db25365b7f1d36da8e8cb7a2b392dbcbc2a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 fe26a5be1bc0ed8007ef863ce35324dd
SHA1 db4e253d3836ac839d6b12e6f968838a9ab4aeec
SHA256 ade7c372c532f4cb1cd93a47ad52d10065102806100f4666f57d5882f7f985a1
SHA512 c7e9d4b433e6474bc07256ae7054f18fdeff1916e2e1f24c57705c9dfa23d342d4ba6dba5b174180c1ce1a0fe888a23571401a4258c03132d015fd42f02abddd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

MD5 9af93a704f551ac70c6eb4069246c842
SHA1 23cdca5db42999b39bfedd8cd0cbc618d89fb87c
SHA256 f2e2d35f81fe5af4334a569550d7fe1acedab3ca9edd038772e60f0aebe6200e
SHA512 8ec0f734fd85c69d535a011b16a9660c810a537f0fd4c99e6b50f1b1f34d2817d2bb3ee0cb63e5be53c8da6bd4555206fa7321b8d4e33739a2c7d1999352239b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e6eb26359c0228dc5beaa14d63770027
SHA1 70b5bcda8d77a54b8d29ef19d031b182040a91e0
SHA256 a64f5498960b2b94727d57148dfb79914ba2f866ce0be61b5a697dec41eaa096
SHA512 d2607cd4265278f26ec15a6a67714429611f948e7f229f968822131c0a37940d165fb2e2cb34114bf850e8e4cc482e3aa1a566a338d10c0714016e272b2474ab

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 dd0fa63d7a6164ee38a2d8c56734dae5
SHA1 e64d22f6fd29c7a77466659eae1478e0fa65ce91
SHA256 10ae3cbea6525955edc9ac5d8b90ec4f50990edc15cf52d132b67a23fe0eb8a6
SHA512 262d6846bbdb5286cb80a78b2dbac31bc10bff30fdc5ff7c2bd2bcc7748a4fca98b20dc30ba5960f31307163b82857544021ccb9233257885289d17707f8b9ec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 004b4d71a7975e835c8bf58cf1465a29
SHA1 56c99109d84e749825a11d4eeb6bb9626257aa79
SHA256 a8f6e06d953722d677cce887b1aa917e7f62621c114f879b7379dc27c31f3008
SHA512 12d785c46aa12e5bbd628be7843c589f4d4574498cc17ab64e3aae82d91bda1b3ab490045a38d3df189e95f6e8077e380c79079ce1e2b859f4d915fb0eb5d669

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 5dea626a3a08cc0f2676427e427eb467
SHA1 ad21ac31d0bbdee76eb909484277421630ea2dbd
SHA256 b19581c0e86b74b904a2b3a418040957a12e9b5ae6a8de07787d8bb0e4324ed6
SHA512 118016178abe2c714636232edc1e289a37442cc12914b5e067396803aa321ceaec3bcfd4684def47a95274bb0efd72ca6b2d7bc27bb93467984b84bc57931fcc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1b7e3cdcd2286afd06874e6dd21ed7b1
SHA1 28321a09c733c78a6b3f0eee57db00ca19ad4faf
SHA256 c05977e0a8c055730cc4f4cdd15272a85f4564d7280a3deb5e7c8bc85cb24955
SHA512 b6d9038708f5ce5639b3c6e70cd4b136719eace7ccfa3504cb3d750f59c657defbfc750b72b53b7374d649c5a270a9fc354bc7b9b67e2a749080c8d21698ff84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 478f1875fa797d5bd0bb5764aed6f1a4
SHA1 42ee5181a4c08d7651be3d95eb775bddfa8460a6
SHA256 38e0a70df280eda0bbe16b88979c16c4234cfae50fc566c6b860fc2500d3dc8f
SHA512 3f93100e8ef8efd63e6c0d2e606e4aacab257e262b4a18ce37a620035a17121108eb08207d8889eb73f25b82834e2b30fb19915a5b05da5e5ebba04aab870473

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 437b1ac88e14e7db0a39ae61a2f7010e
SHA1 e96196de525914d49c17c1141143a64c1e068b7f
SHA256 e5296e8fa46b6bb891172da4d5e87f1d2031ae851ace7db86af7ab4620a79f25
SHA512 b0c77c5c311fdeec34df19472a98b8acac5ba483b5c25e175196e388b15a13fdbfb80932c4672503b1de7a53cf5ea3a4ef745954325f78b22fc82d89399e797d

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 de2c7eb0683cfc7323abab877e852f76
SHA1 dd1b09e7ee38800f795d21b482def4fd5bf63a5e
SHA256 5159334ac83d48f8c7491884fbee159c7d037b5351156fa3317fa92c4e84d485
SHA512 10adb59bf4e234f0f66d70dbc0fd8b37dd79977d1238d94e4d3f10e8a209ef70c435b0368b6d695c35522979bb09b5dbfb9f94eb6c5ba3a7bcdd494fe3178572

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 84005c594c8341e2a3b009d93003e982
SHA1 5ae95483cb609954b872735480ba090ccc7606e9
SHA256 772fa2baf4cd6c15d448bd4fab9eb5609eff6c7c8b60f46ac0a75b7531aaaee5
SHA512 632b504c03ca2b7cda6ae9e95fe2198d3445f1c44efa7e74d142daa93a13b282bd51fd5a28990601fd7773c5e75d13db4b6a891f36e65fa2f146d6048caea2af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 90812229b9e4e0717265310ef65a00a8
SHA1 495da20aa0ebc2a6fa7ed8336e0ab8c93fca24c8
SHA256 5c47e164a1bc2a93bf13517302dbe05122bf939a3a54cef7f5d78edd0ed98c62
SHA512 e2599b325cc30064fa49eb94a85945a0b7b59f19f1379d84a0103b32ec2158e632e9eb7be4cb1ce0d28f8d569c16e21721ea55eec3973dab157cf6f0d41d614a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 72fdddfdb86ca454fcc4d5db76f5371a
SHA1 635c0c7813d0175d54586cd05b87749d41e15a83
SHA256 02558b7459d1eba7f227618416f5ca0a8c3f4b9e4cadced85d252f9fefa6a287
SHA512 f6e26a6c8f6c45cf2ba3b0e5a3df85fac145f7c7170c9ffdb3b0b852caf6f7c5409d2c04c1a7fbe0e7278870999dc995d68762258affa4a5962759a1a49e4b80

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 1499e8286f6bcbcf05ccf5d6a5088192
SHA1 4d086446961d4d8896b7d7599504e4f06eb83e64
SHA256 fc2d36985cd2137a75df3244f0b69467e8bbc8738b9d2c6f75c4ba89c370eea7
SHA512 f12aa4be56d000b2dfb8aa9b04e3a89d2b66d2e99296778e629f59476375fe325d339a12acbb968db7c647c95881de100a2881ce1eb79c4a8933d8f175379218

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 319e4ba819b4bbbac88d6b39aa508c3d
SHA1 df148cfe28563fcf9b15c1512860b1a5d11861d7
SHA256 76064d09e3f294ca727f277857d5d93d7a497f638c8b7081d6fe279989e44e04
SHA512 9445a6a77f71fe57f297e4ec6a97f94ae54b563fc2117c4fd2c291d07cb7747b071ec5b524a6ff453e725436cf34a829d31b164e30393ddba76d4eb0163eba4a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 764adadd47486ea1884ff55c7185ed20
SHA1 270bcf41326cab77c3529cc60beb76a472f9cc7f
SHA256 1fe7dd2ffda3cf21eecd17283dbd000e042a9e63ed8ccd0ec5ff46ea91d3a3a0
SHA512 635806df55f4e57ecd5fdba827218085c3ea7eed4400c16cd528779c76ffd9c7f87be8b29a15dbe28d102497c88c8c5c53b93eb9eeff6ffb60748ff7a85e27fa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\33138663-bf7a-49e1-91a3-5ebd30a7742c.tmp

MD5 893ec9fd36b5f5b497e7c7c154264ab6
SHA1 2ddd314dd1267c2cfb0422279ac500d88a8ece6a
SHA256 1d631a61b4a4fa2069793f2a46208cf1984efc8d9a72891a0e9e0bb20008ecc3
SHA512 3fe5a106d1bed8705458dbbc01d4ab2fe4ef59c898a64afad43d75be43b903a4f655f6b18745e238428d7a384406932323124c82e810e7a2dc13c75dceeb759d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 462c18d6714136fb0f8cd916f18fa8fc
SHA1 ed20d9446822d40298a60b6f0ee65ac5482fc42c
SHA256 f53b795f282c5bd01b51f6823b024e610c78b5c217b651b33207dfad19d85714
SHA512 06acf79dee6ad215ad5851d1c18cda37819a119d5cfa29b3c78559364d365fee6106419d0a680bd05e88ec30edd3ee4dcdd8ec17d94f5f151dc24b11a6fdeabb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 3051c1e179d84292d3f84a1a0a112c80
SHA1 c11a63236373abfe574f2935a0e7024688b71ccb
SHA256 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3
SHA512 df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

MD5 68f0a51fa86985999964ee43de12cdd5
SHA1 bbfc7666be00c560b7394fa0b82b864237a99d8c
SHA256 f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f
SHA512 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 43a4a687946116f6ec3ada474be38d3f
SHA1 85da54cad4983c27eb966bef2d2db4dac87f2295
SHA256 d3b6b0cb3fe7c70987e798d65cf5094e5e4fa8604c79c890df550acced0aa9ee
SHA512 bf31f2505861c979f83dfa0287d836e0f7e77b6a8aec4030b45c03af7c84d3c127b2b1b08b49412c6f9822ec8e43afc929fdfca1543b31e40308e9463585fab2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 afeeb6b33f6860784d31171ef4b34ef8
SHA1 cafc64b9396fa3e924f09b1af23aef79fd162cc2
SHA256 0e38885df1cdb0e59f10184246f9fd1fba46a7c110b407e69303d7f92e577030
SHA512 37bb8fe993f30df711eeb7703ae4c52997efce612dd01edf58ca230fb08572be7e3577e1071732b9e75e4973991e42bf2dafd7c34b4e731f04a70fa11d4ac331

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a72617a0a72de71c18b8540314f7b272
SHA1 c569595e9794425b6761a5be817b2e2b806094ef
SHA256 40e4d07c714b2e165ec98aa56a74bab6021a45ab42fbb755db3744e343c5eb17
SHA512 f8bf70fffcac3258f287983c72257ee50c5470dccfa2c18faecdd3eca3fe1207fe8c1143d0ec291283994f5bd188f144feba8a6e6329017eecbc65fdcb4c76be

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6d72cdbad84dd29b26c1d20338e2ce29
SHA1 96a2ced60c40c705be41ac96e175388a6b79040b
SHA256 9df3d570ae86acf782b0ab6f569ece5ce00869112c9135b53c72d500d200fe7a
SHA512 7279fdf1463a1b749f62c63305162d331bc334392c2c8eefa81818e1dce87c768d91960afa22912c97993b08ea4f478b74968d03be49d3872bfa0c8bdaf503c0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b6ca7b13a4923796bd70a528dcb3e159
SHA1 f8d83c55589d80089be36123c49fe66370af6f4a
SHA256 2a51efb5de92c8b5730ac9f3ccb6d81bdd7316cee2b8c7822beef45d56749648
SHA512 60ab506528e453ba18af84ddfcb90664e013efaafe48e1430c377588a59f3b97423986399452ebced2dc21f08524ff0cb5e78cebb47bdce7d0ebdda92e52368b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a58ede8ba1aac5a28dfee8b04340adc8
SHA1 1eb4d3d62f199a02a2a309ea9518064d1f55d825
SHA256 31aec520a99a7bec46ce076b704f9a3ce92ae507d49265be07f462d239dc8bec
SHA512 e764eafc2aff9781eddb89356f5dd0a7f80d800e41a2bfb2b8439086a7026c6772e4156e6197d4e852cc77f248cba70d45d8869ba3f286f165bc87cfae773aba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 67768b8c5a8c98469ccfb927f8433300
SHA1 bcf4633604838f37874888b997f3e7657a8f29bf
SHA256 817f4db7d885e1bbf3d48edd600abe07ee3d702b02d58ae6abdcabb7e9f76d81
SHA512 419ed300340a159411a1f291162e6b876efcfb055543e6ad0a5e6d2f4aac29669bb2663e61a754b1825b500b615cd6d79e4c1f031418ee0f63d2c42c72898c79

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 5f7b7f08e0f547bb4ab26831a6e77573
SHA1 c245166e9b35d32685ea1ab409f7222c68e65fc1
SHA256 7eab90fa43bb455f9fc685f607b4484f7167cde82f0de0da96ec5f45fc9f1a3b
SHA512 ba50680b1cb2f9fd632c462be6ec2757aed6eeff39351fc0ee02341b20b9365a60e57d2e36d4ba414b286526391c7020add4ab534b17e5c6e4f11317774e983d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f36806528c75bf7a2a21f0af045ceb82
SHA1 3cada508cc9c7f6cff12af47add2a015e25ec2cd
SHA256 19f785670ffc7e3e486ee9b858ea40f3b17e512f8841e23c6c6bc42e3f611358
SHA512 60de7821a38e92ce767ced6751c22279273e7cdf4d19a8542ebca834b0b416202cfd7f77891b8dbb3bd1f0aec692203091a05d092b0805f5e152f457df946454

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bc30388770ae0a4d5a6ccb063067f0d6
SHA1 c15f31595de6c1055b7b79d4a6f0bb2e57247b78
SHA256 d4935d15fc37a633c192395ec13864a8c9e61684aa4d0d9bf2b3506f42ede4aa
SHA512 2dd5d98f762c8555701ccbb083939b672554a2bbbaa89f787acfdbf741f7bebee2b9d35e28afae632052f5811c3714dfa90feca6b31cece622bad232b41c5a75

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 619016fa5f6c2f2f6c67dbe5ba6e1403
SHA1 0797b5783b97a915c9a59b9ef3beed2a370098f9
SHA256 cf17456bf963e6d21cf10f11dfb77b1af7d5bfde9ce1c2270505d10a44d75cb0
SHA512 f73f7543fd646992f8342b40fa313da6d654c080c52da7328daa1a3e734005fa357949472ec3cd4e1e16e9e8f24941b4d6dcd3505c562c5b6cfd02c241812a83

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 76635614a0025ca230f2c1cf37f95b8d
SHA1 4e779aab230a16a7d34938fb7bf611b49b917cd0
SHA256 83f472e83832ee8b626333be5963f8654b53394b5d2dd894191db8a1c51c46fe
SHA512 be9652588a8cb4c8d19dbb7274d8cdce34ae06574d0c8bc4e719f49289236c64a31ac973cd444a120606b541b0e04afdc3897992524aad27e60e32a62d03e6d6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ed5ddba6073fcb538be7030f1d0f491c
SHA1 81972d00b64c56cef69c140b78ff07b3e51f01af
SHA256 068c79e55367290618286f3f78e2974e8abd99add9243aa9d46283a1c1ee993d
SHA512 f8e355b2558bb716788a2c9bea65d031bbb1a8e7120847e7a00b1705c8b1d206a7fcbf14f38fae189f0e0dfb97dedf05803e2b989ef87706dfa31d8f0fcb4d6d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fb8cf2920cc6f0d65982c7e95422c914
SHA1 f15270484491ece6e4c280562fe81d9298ac52d0
SHA256 9ca4ab7796f79c280e72384b281c03fe35bfd55a1db82b4e18829060cd5c8465
SHA512 1a98de46d656e0973c9dd6c121ea04876c94b6b9c7dcadc502e1817f1ad7546d77a19e454fc94de18790316f8709593567f6931671d7d9a464428f2784133b7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d45a8534dbd1220b352162b848e7f64a
SHA1 1d9dd14cb52ea21f558fef265f685289afe3db6d
SHA256 2f34d3143ef8be79b9adf84f3fbf1d7b463a47d6f5b6fdb56ca2aa0799245581
SHA512 6bdf168d5d8573cf2250587e2b6b723a7f6f5bc1cc48db3db18f2986b2f9a076cd90c64ae5faa97d5ef259ec05ad24ccfc733c72dc83c99dd07e1c3caefb9058

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 67fb513a759b3bed0bb1c6b32483d42d
SHA1 622c61dbc785e7bcf4feff135f80305b204a5d96
SHA256 9915494699a3a11477b6a7d5181873cd18d121a648fe77e5c35cb5ee29d159e9
SHA512 89bd2ed23a676994c9f218f24af18b3758a81892016d8c4677dcbf9e2ebb1f67dee8a209d5c78eef0937c9b70964e75364007b8d7f90be88e56baa17762369a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 0f7d1f976208bd4332ddd5d7df151d4d
SHA1 5e8d0a418993d3ddb71549e5e835fff3cc2b7808
SHA256 953b7e52d4817bb4ff883492833e6042977ed6e4d84b54dd3dd79a9534839266
SHA512 1eb745e7955a493baa36f71526fe884f1d461da72626e1ed45802c6d35e909cd3f1b93bee3952b4defdf337b10f399bf3e73fefcc41ad8a30624ac9ad97d2626

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 906f075db40edcadd118a14b2d058f4d
SHA1 47676fcaa20ca5cc9e739cf55031c7e38434175a
SHA256 921e5a2ba5a12ce14b99a436180f76ea4b17559f5665c4c7564810962b95cc70
SHA512 b3ea3d3b9f9d5b66528d6f916e2f74cc32261125390bf8b6c8e95cd5f3d53916407b443dd365300e9d4cec4d92d66cba68344b3225538fe0173e911896c51516

Analysis: behavioral2

Detonation Overview

Submitted

2025-01-13 23:24

Reported

2025-01-13 23:39

Platform

win11-20241007-en

Max time kernel

627s

Max time network

625s

Command Line

"C:\Users\Admin\AppData\Local\Temp\FiveM.exe"

Signatures

Detected google phishing page

phishing google

A potential corporate email address has been identified in the URL: [email protected]

phishing

A potential corporate email address has been identified in the URL: [email protected]

phishing

Drops desktop.ini file(s)

Description Indicator Process Target
File opened for modification C:\Users\Admin\AppData\Local\FiveM\FiveM.app\desktop.ini C:\Users\Admin\AppData\Local\FiveM\FiveM.exe N/A
File opened for modification C:\Users\Admin\Videos\Captures\desktop.ini C:\Windows\system32\svchost.exe N/A

Looks up external IP address via web service

Description Indicator Process Target
N/A whatismyipaddress.com N/A N/A
N/A whatismyipaddress.com N/A N/A
N/A whatismyipaddress.com N/A N/A

Network Service Discovery

discovery
Description Indicator Process Target
N/A N/A C:\Windows\System32\GameBarPresenceWriter.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_a3f9d7c24b3377b3\basicdisplay.PNF C:\Users\Admin\AppData\Local\FiveM\FiveM.exe N/A

Checks installed software on the system

discovery

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\FiveM\FiveM.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\System32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\System32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies Control Panel

evasion
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2253712635-4068079004-3870069674-1000\Control Panel\Colors C:\Users\Admin\AppData\Local\FiveM\FiveM.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "1" C:\Windows\System32\svchost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Direct3D C:\Windows\System32\svchost.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2253712635-4068079004-3870069674-1000\{811E8CBB-9D1D-4836-8BD1-D508C86380C0} C:\Windows\system32\svchost.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2253712635-4068079004-3870069674-1000\{FF7CDF70-599F-4ED5-8767-146F0F6B6215} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2253712635-4068079004-3870069674-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2253712635-4068079004-3870069674-1000\{5A1E3E2B-4E81-4799-874F-D386DF2BBF65} C:\Windows\system32\svchost.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\FiveM\FiveM.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\FiveM\FiveM.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4216 wrote to memory of 536 N/A C:\Users\Admin\AppData\Local\Temp\FiveM.exe C:\Users\Admin\AppData\Local\FiveM\FiveM.exe
PID 4216 wrote to memory of 536 N/A C:\Users\Admin\AppData\Local\Temp\FiveM.exe C:\Users\Admin\AppData\Local\FiveM\FiveM.exe
PID 2956 wrote to memory of 892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4928 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4928 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4928 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4928 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4928 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4928 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4928 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4928 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4928 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4928 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4928 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4928 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4928 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4928 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4928 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4928 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4928 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2956 wrote to memory of 4928 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Users\Admin\AppData\Local\Temp\FiveM.exe

"C:\Users\Admin\AppData\Local\Temp\FiveM.exe"

C:\Users\Admin\AppData\Local\FiveM\FiveM.exe

"C:\Users\Admin\AppData\Local\FiveM\FiveM.exe"

C:\Windows\System32\GameBarPresenceWriter.exe

"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff8ea733cb8,0x7ff8ea733cc8,0x7ff8ea733cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1924 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2348 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2608 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4580 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4596 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5376 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3388 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2748 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4752 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3808 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6440 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6388 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6052 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4836 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6468 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4656 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6408 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6432 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6396 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7504 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7636 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7644 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7908 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8208 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8668 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8796 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8932 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7660 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9800 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9804 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9960 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10412 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10524 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10668 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10804 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10944 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11076 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11228 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11240 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10280 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8584 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6776 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9880 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9464 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4792 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10172 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9908 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11780 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10212 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6736 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3000 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=10016 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8064 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10584 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8436 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10608 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=8668 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11740 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5388 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8660 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9820 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5568 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=10052 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4588 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7996 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6388 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7068 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7108 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6812 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10620 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6484 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10600 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11504 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7864 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9052 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12981077905924422801,18075657894264863863,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1848 -parentBuildID 20240401114208 -prefsHandle 1864 -prefMapHandle 1856 -prefsLen 23678 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5fa89823-a991-4706-a22b-30a768d247f6} 2476 "\\.\pipe\gecko-crash-server-pipe.2476" gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2344 -parentBuildID 20240401114208 -prefsHandle 2336 -prefMapHandle 2332 -prefsLen 23714 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e5dc7ccd-f097-41cd-bd4e-fddc4aef832c} 2476 "\\.\pipe\gecko-crash-server-pipe.2476" socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3188 -childID 1 -isForBrowser -prefsHandle 3100 -prefMapHandle 3096 -prefsLen 23855 -prefMapSize 244658 -jsInitHandle 948 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0aafcef4-eab5-462d-8948-f11b91376740} 2476 "\\.\pipe\gecko-crash-server-pipe.2476" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3404 -childID 2 -isForBrowser -prefsHandle 3544 -prefMapHandle 2752 -prefsLen 29088 -prefMapSize 244658 -jsInitHandle 948 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {35c70138-7c50-4c34-868d-7c96afb56672} 2476 "\\.\pipe\gecko-crash-server-pipe.2476" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4244 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4256 -prefMapHandle 4252 -prefsLen 29088 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c58cad7f-70b6-45a7-b135-3f0c2bd70eef} 2476 "\\.\pipe\gecko-crash-server-pipe.2476" utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5448 -childID 3 -isForBrowser -prefsHandle 5452 -prefMapHandle 2788 -prefsLen 27097 -prefMapSize 244658 -jsInitHandle 948 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3339e232-be10-4a13-abce-dd2430de5040} 2476 "\\.\pipe\gecko-crash-server-pipe.2476" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5608 -childID 4 -isForBrowser -prefsHandle 5684 -prefMapHandle 5680 -prefsLen 27097 -prefMapSize 244658 -jsInitHandle 948 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c68b9fbf-5a55-415a-91e1-a3ec5b26e2b3} 2476 "\\.\pipe\gecko-crash-server-pipe.2476" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5820 -childID 5 -isForBrowser -prefsHandle 5828 -prefMapHandle 5836 -prefsLen 27097 -prefMapSize 244658 -jsInitHandle 948 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {922f146c-480d-49f2-b88f-a461554beec4} 2476 "\\.\pipe\gecko-crash-server-pipe.2476" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5864 -childID 6 -isForBrowser -prefsHandle 5000 -prefMapHandle 5628 -prefsLen 27178 -prefMapSize 244658 -jsInitHandle 948 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3c19b8d4-1833-4638-b8ca-6a16bfeb595d} 2476 "\\.\pipe\gecko-crash-server-pipe.2476" tab

Network

Country Destination Domain Proto
US 8.8.8.8:53 content.cfx.re udp
US 104.18.34.171:443 content.cfx.re tcp
US 8.8.8.8:53 171.34.18.104.in-addr.arpa udp
US 104.18.34.171:443 content.cfx.re tcp
N/A 127.0.0.1:49728 tcp
N/A 127.0.0.1:49739 tcp
N/A 127.0.0.1:49755 tcp
US 104.18.34.171:443 content.cfx.re tcp
N/A 127.0.0.1:49758 tcp
US 104.18.34.171:443 content.cfx.re tcp
US 104.18.34.171:443 content.cfx.re tcp
US 104.18.34.171:443 content.cfx.re tcp
US 104.18.34.171:443 content.cfx.re tcp
US 104.18.34.171:443 content.cfx.re tcp
US 104.18.34.171:443 content.cfx.re tcp
US 104.18.34.171:443 content.cfx.re tcp
N/A 127.0.0.1:49761 tcp
N/A 127.0.0.1:49763 tcp
N/A 127.0.0.1:49765 tcp
N/A 127.0.0.1:49767 tcp
GB 88.221.135.19:443 tcp
US 20.189.173.26:443 browser.pipe.aria.microsoft.com tcp
GB 2.18.27.76:443 th.bing.com tcp
GB 2.18.27.76:443 th.bing.com tcp
GB 2.18.27.76:443 th.bing.com tcp
GB 2.18.27.76:443 th.bing.com tcp
GB 2.18.27.76:443 th.bing.com tcp
GB 2.18.27.76:443 th.bing.com tcp
US 8.8.8.8:53 167.173.78.104.in-addr.arpa udp
GB 2.18.27.82:443 www.bing.com tcp
N/A 224.0.0.251:5353 udp
GB 2.18.27.82:443 www.bing.com tcp
GB 2.18.27.82:443 www.bing.com tcp
GB 2.18.27.82:443 www.bing.com tcp
GB 2.18.27.82:443 www.bing.com tcp
NL 40.126.32.133:443 login.microsoftonline.com tcp
US 104.19.222.79:443 whatismyipaddress.com tcp
US 104.19.222.79:443 whatismyipaddress.com tcp
US 8.8.8.8:53 a.omappapi.com udp
US 104.26.12.133:443 app.fusebox.fm tcp
GB 79.127.237.132:443 a.omappapi.com tcp
FR 18.245.175.21:443 cmp.inmobi.com tcp
US 104.18.20.206:443 a.pub.network tcp
US 104.18.24.111:443 zipthelake.com tcp
US 104.26.4.215:443 maps.whatismyipaddress.info tcp
US 34.160.128.112:443 api.floors.dev tcp
US 34.111.152.239:443 optimise.net tcp
US 34.160.152.31:443 d.pub.network tcp
US 8.8.8.8:53 132.237.127.79.in-addr.arpa udp
US 8.8.8.8:53 145.160.16.104.in-addr.arpa udp
US 8.8.8.8:53 206.20.18.104.in-addr.arpa udp
US 8.8.8.8:53 72.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 21.175.245.18.in-addr.arpa udp
US 8.8.8.8:53 111.24.18.104.in-addr.arpa udp
US 8.8.8.8:53 215.4.26.104.in-addr.arpa udp
US 8.8.8.8:53 239.152.111.34.in-addr.arpa udp
US 8.8.8.8:53 112.128.160.34.in-addr.arpa udp
US 8.8.8.8:53 31.152.160.34.in-addr.arpa udp
US 104.26.12.133:443 app.fusebox.fm tcp
US 8.8.8.8:53 api.omappapi.com udp
US 104.18.2.9:443 api.omappapi.com tcp
FR 18.164.52.40:443 static.adsafeprotected.com tcp
FR 18.164.52.40:443 static.adsafeprotected.com tcp
GB 172.217.16.226:443 securepubads.g.doubleclick.net tcp
FR 18.245.175.106:443 static.libsyn.com tcp
FR 3.164.163.87:80 crt.rootg2.amazontrust.com tcp
GB 172.217.16.226:443 securepubads.g.doubleclick.net udp
US 216.239.34.36:443 region1.analytics.google.com tcp
GB 172.217.169.3:443 www.google.co.uk tcp
BE 64.233.184.156:443 stats.g.doubleclick.net tcp
US 104.18.24.111:443 zipthelake.com tcp
DE 3.67.53.50:443 api.cmp.inmobi.com tcp
US 34.111.152.239:443 optimise.net tcp
US 34.111.152.239:443 optimise.net udp
US 172.64.144.166:443 cdn.confiant-integrations.net tcp
US 104.26.8.50:443 freestar-io.videoplayerhub.com tcp
DE 162.19.138.82:443 id5-sync.com tcp
DE 162.19.138.82:443 id5-sync.com tcp
US 172.67.23.234:443 a.ad.gt tcp
FR 18.245.202.34:443 c.amazon-adsystem.com tcp
US 104.22.53.173:443 cdn.hadronid.net tcp
US 34.120.133.55:443 api.rlcdn.com tcp
US 35.71.131.137:443 match.adsrvr.org tcp
US 52.10.195.244:443 pb-rtd.ccgateway.net tcp
US 52.33.146.196:443 pb-rtd.ccgateway.net tcp
FR 52.222.201.10:443 live.primis.tech tcp
GB 172.217.169.1:443 1e4625907572a1da7c6782055f4d521f.safeframe.googlesyndication.com tcp
DE 91.228.74.159:443 secure.quantserve.com tcp
GB 142.250.187.194:443 ep1.adtrafficquality.google tcp
US 172.67.41.60:443 btloader.com tcp
DE 162.19.138.118:443 id5-sync.com tcp
FR 52.84.174.40:443 config.aps.amazon-adsystem.com tcp
GB 23.208.240.151:443 secure.cdn.fastclick.net tcp
FR 18.155.129.56:443 tags.crwdcntrl.net tcp
US 34.160.152.31:443 c.pub.network tcp
US 104.22.52.86:443 cdn.id5-sync.com tcp
FR 18.155.131.151:443 aax.amazon-adsystem.com tcp
FR 18.155.131.151:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 1.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 194.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 60.41.67.172.in-addr.arpa udp
US 8.8.8.8:53 10.201.222.52.in-addr.arpa udp
US 8.8.8.8:53 159.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 118.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 40.174.84.52.in-addr.arpa udp
US 8.8.8.8:53 151.240.208.23.in-addr.arpa udp
US 8.8.8.8:53 86.52.22.104.in-addr.arpa udp
US 34.160.152.31:443 c.pub.network udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 34.107.140.113:443 s2s.t13.io tcp
US 34.107.140.113:443 s2s.t13.io tcp
US 34.107.140.113:443 s2s.t13.io tcp
US 34.120.63.153:443 prebid.media.net tcp
US 34.120.63.153:443 prebid.media.net tcp
IE 52.209.146.137:443 g2.gumgum.com tcp
US 104.18.27.216:443 ex.ingage.tech tcp
US 104.18.27.216:443 ex.ingage.tech tcp
FR 52.222.169.58:443 hb.yellowblue.io tcp
FR 52.222.169.58:443 hb.yellowblue.io tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 178.250.1.4:443 grid-bidder.criteo.com tcp
NL 178.250.1.4:443 grid-bidder.criteo.com tcp
NL 185.89.210.141:443 ib.adnxs.com tcp
NL 185.89.210.141:443 ib.adnxs.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
IE 52.209.146.137:443 g2.gumgum.com tcp
IE 52.209.146.137:443 g2.gumgum.com tcp
IE 52.209.146.137:443 g2.gumgum.com tcp
IE 52.209.146.137:443 g2.gumgum.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 104.18.27.193:443 htlb.casalemedia.com tcp
US 104.18.27.193:443 htlb.casalemedia.com tcp
GB 184.25.193.115:443 a.teads.tv tcp
US 159.203.146.226:443 prebid.cootlogix.com tcp
US 159.203.146.226:443 prebid.cootlogix.com tcp
US 104.22.5.69:443 p.ad.gt tcp
US 172.67.41.60:443 btloader.com tcp
GB 216.58.201.97:443 ep2.adtrafficquality.google tcp
US 34.149.50.64:443 s.seedtag.com tcp
IE 63.32.147.8:443 ads.yieldmo.com tcp
IE 63.32.147.8:443 ads.yieldmo.com tcp
US 104.18.27.216:443 ex.ingage.tech tcp
US 104.26.2.70:443 ad-delivery.net tcp
US 104.26.2.70:443 ad-delivery.net tcp
US 104.21.16.1:443 bt.dns-finder.com tcp
IE 52.211.179.180:443 bcp.crwdcntrl.net tcp
FR 18.244.28.120:443 rules.quantcount.com tcp
IE 67.220.226.238:443 aax-eu.amazon-adsystem.com tcp
GB 216.58.201.97:443 ep2.adtrafficquality.google udp
DE 18.195.234.25:443 match.sharethrough.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 130.211.23.194:443 api.btloader.com tcp
US 130.211.23.194:443 api.btloader.com tcp
US 172.67.74.232:443 cdn.btmessage.com tcp
US 34.107.140.113:443 s2s.t13.io udp
US 104.22.4.69:443 p.ad.gt tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 69.166.1.35:443 sync.go.sonobi.com tcp
GB 216.58.201.98:443 cm.g.doubleclick.net tcp
US 35.165.178.134:443 ids4.ad.gt tcp
US 172.67.23.234:443 p.ad.gt tcp
US 172.67.23.234:443 p.ad.gt tcp
NL 198.47.127.205:443 image2.pubmatic.com tcp
US 35.244.159.8:443 u.openx.net tcp
GB 172.217.169.2:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 58.169.222.52.in-addr.arpa udp
US 8.8.8.8:53 4.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 137.146.209.52.in-addr.arpa udp
US 8.8.8.8:53 141.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 193.27.18.104.in-addr.arpa udp
US 8.8.8.8:53 115.193.25.184.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 97.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 64.50.149.34.in-addr.arpa udp
US 8.8.8.8:53 226.146.203.159.in-addr.arpa udp
US 8.8.8.8:53 70.2.26.104.in-addr.arpa udp
US 8.8.8.8:53 8.147.32.63.in-addr.arpa udp
US 8.8.8.8:53 1.16.21.104.in-addr.arpa udp
US 8.8.8.8:53 198.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 120.28.244.18.in-addr.arpa udp
US 8.8.8.8:53 180.179.211.52.in-addr.arpa udp
US 8.8.8.8:53 238.226.220.67.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 25.234.195.18.in-addr.arpa udp
US 8.8.8.8:53 232.74.67.172.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 69.4.22.104.in-addr.arpa udp
GB 142.250.180.1:443 tpc.googlesyndication.com tcp
GB 142.250.180.1:443 tpc.googlesyndication.com tcp
GB 142.250.180.1:443 tpc.googlesyndication.com tcp
GB 142.250.180.1:443 tpc.googlesyndication.com tcp
GB 142.250.180.1:443 tpc.googlesyndication.com tcp
GB 142.250.180.1:443 tpc.googlesyndication.com tcp
IE 34.252.59.114:443 ad.360yield.com tcp
FR 164.132.25.185:443 sync.smartadserver.com tcp
FR 18.155.129.106:443 cdn.browsiprod.com tcp
US 216.239.34.36:443 region1.analytics.google.com udp
US 34.111.152.239:443 optimise.net udp
DE 91.228.74.244:443 pixel.quantserve.com tcp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 34.160.152.31:443 c.pub.network udp
US 8.8.8.8:53 106.129.155.18.in-addr.arpa udp
US 8.8.8.8:53 134.178.165.35.in-addr.arpa udp
US 8.8.8.8:53 244.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 73.80.16.104.in-addr.arpa udp
US 34.120.63.153:443 prebid.media.net udp
US 130.211.23.194:443 api.btloader.com udp
US 76.223.111.18:443 eb2.3lift.com tcp
US 159.203.146.226:443 prebid.cootlogix.com tcp
GB 172.217.169.2:443 googleads.g.doubleclick.net udp
US 159.203.146.226:443 prebid.cootlogix.com tcp
US 35.244.159.8:443 u.openx.net udp
US 34.149.50.64:443 s.seedtag.com udp
DE 51.38.120.206:443 onetag-sys.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
IE 34.248.62.168:443 dpm.demdex.net tcp
US 44.239.121.240:443 events.browsiprod.com tcp
US 104.22.4.69:443 seg.ad.gt tcp
FR 3.162.38.107:443 yield-manager.browsiprod.com tcp
GB 87.248.114.12:443 ups.analytics.yahoo.com tcp
GB 184.26.56.245:443 ads.pubmatic.com tcp
GB 216.58.201.98:443 cm.g.doubleclick.net udp
GB 142.250.187.196:443 www.google.com udp
NL 82.145.213.8:443 t.adx.opera.com tcp
US 161.35.127.40:443 sync.cootlogix.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
US 104.16.184.87:443 cs.seedtag.com tcp
US 104.18.24.18:443 js-sec.indexww.com tcp
FR 18.155.129.106:443 cdn.browsiprod.com tcp
DE 18.195.234.25:443 match.sharethrough.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 172.67.23.234:443 seg.ad.gt tcp
DE 57.129.18.113:443 wt.rqtrk.eu tcp
US 151.101.1.108:443 acdn.adnxs.com tcp
IE 34.247.205.196:443 usersync.gumgum.com tcp
GB 184.25.193.73:443 eus.rubiconproject.com tcp
GB 184.25.192.27:443 contextual.media.net tcp
US 172.67.23.234:443 seg.ad.gt tcp
US 100.29.110.210:443 cs-server-s2s.yellowblue.io tcp
US 8.8.8.8:53 12.114.248.87.in-addr.arpa udp
US 8.8.8.8:53 245.56.26.184.in-addr.arpa udp
US 8.8.8.8:53 8.213.145.82.in-addr.arpa udp
US 8.8.8.8:53 40.127.35.161.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 87.184.16.104.in-addr.arpa udp
US 8.8.8.8:53 18.24.18.104.in-addr.arpa udp
US 8.8.8.8:53 match.sharethrough.com udp
IE 34.247.205.196:443 usersync.gumgum.com tcp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
US 8.8.8.8:53 visitor.omnitagjs.com udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 bh.contextweb.com udp
US 8.8.8.8:53 csync.loopme.me udp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 ads.us.e-planning.net udp
DE 51.38.120.206:443 onetag-sys.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
GB 2.22.144.25:443 csync.smartadserver.com tcp
GB 23.214.129.249:443 secure-assets.rubiconproject.com tcp
GB 23.214.129.249:443 secure-assets.rubiconproject.com tcp
FR 3.165.136.56:443 sync-gdpr.intentiq.com tcp
IE 63.32.181.175:443 match.prod.bidr.io tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
NL 185.235.87.42:443 ag.gbc.criteo.com tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
NL 193.3.178.3:443 ads.us.e-planning.net tcp
US 34.1.237.230:443 csync.loopme.me tcp
FR 178.250.7.13:443 dnacdn.net tcp
FR 185.255.84.152:443 visitor.omnitagjs.com tcp
FR 185.235.86.127:443 gem.gbc.criteo.com tcp
DE 148.251.20.70:443 sync.richaudience.com tcp
US 64.74.236.127:443 b1sync.zemanta.com tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
US 64.74.236.127:443 b1sync.zemanta.com tcp
GB 2.18.27.82:443 th.bing.com tcp
US 8.8.8.8:53 152.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 127.236.74.64.in-addr.arpa udp
GB 23.211.236.240:443 www.riotgames.com tcp
GB 23.211.236.240:443 www.riotgames.com tcp
GB 23.211.236.240:443 www.riotgames.com tcp
GB 23.211.236.240:443 www.riotgames.com tcp
GB 23.211.236.240:443 www.riotgames.com tcp
GB 23.211.236.240:443 www.riotgames.com tcp
FR 18.164.52.93:443 cmp.osano.com tcp
GB 2.20.12.84:443 cdn.rgpub.io tcp
GB 2.20.12.84:443 cdn.rgpub.io tcp
US 172.64.149.96:443 xsso.riotgames.com tcp
US 13.107.5.80:443 services.bingapis.com tcp
GB 2.20.12.87:443 lolstatic-a.akamaihd.net tcp
US 104.18.5.5:80 validation.identrust.com tcp
FR 18.164.52.93:443 cmp.osano.com tcp
US 151.101.66.217:443 cdn.ravenjs.com tcp
GB 2.20.12.87:443 lolstatic-a.akamaihd.net udp
FR 18.164.52.93:443 cmp.osano.com tcp
US 104.16.120.50:443 auth.riotgames.com tcp
US 104.16.40.28:443 fast.fonts.net tcp
US 104.16.206.131:443 authenticate.riotgames.com tcp
GB 2.20.12.87:443 lolstatic-a.akamaihd.net udp
US 104.19.230.21:443 imgs3.hcaptcha.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
GB 2.19.252.146:443 aefd.nelreports.net tcp
GB 2.19.252.146:443 aefd.nelreports.net tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 142.250.180.5:80 mail.google.com tcp
GB 142.250.180.5:80 mail.google.com tcp
GB 142.250.180.5:443 mail.google.com tcp
BE 142.251.173.84:443 accounts.google.com tcp
BE 142.251.173.84:443 accounts.google.com udp
GB 142.250.179.238:443 play.google.com tcp
GB 142.250.179.238:443 play.google.com tcp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.179.238:443 play.google.com udp
GB 2.19.252.146:443 aefd.nelreports.net udp
GB 142.250.179.238:443 play.google.com udp
BE 142.251.173.84:443 accounts.google.com udp
US 104.19.230.21:443 imgs3.hcaptcha.com tcp
GB 2.19.252.148:443 aefd.nelreports.net udp
BE 142.251.173.84:443 accounts.google.com udp
GB 142.250.179.238:443 play.google.com udp
GB 2.18.27.76:443 www.bing.com tcp
GB 2.18.27.76:443 www.bing.com tcp
GB 2.18.27.82:443 www.bing.com tcp
GB 2.18.27.82:443 www.bing.com tcp
GB 2.18.27.76:443 www.bing.com tcp
FR 52.84.174.60:443 www.paysafecard.com tcp
FR 52.84.174.60:443 www.paysafecard.com tcp
US 172.64.144.102:443 cdn-pci.optimizely.com tcp
GB 142.250.187.196:443 www.google.com udp
FR 13.249.9.118:443 widget.trustpilot.com tcp
FR 3.165.136.75:443 content.cdn.paysafecard.com tcp
FR 3.165.136.75:443 content.cdn.paysafecard.com tcp
FR 3.165.136.75:443 content.cdn.paysafecard.com tcp
FR 3.165.136.75:443 content.cdn.paysafecard.com tcp
FR 3.165.136.75:443 content.cdn.paysafecard.com tcp
FR 3.165.136.75:443 content.cdn.paysafecard.com tcp
GB 142.250.179.234:443 maps.googleapis.com tcp
GB 142.250.179.234:443 maps.googleapis.com udp
GB 142.250.179.234:443 maps.googleapis.com udp
US 104.18.86.42:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 75.136.165.3.in-addr.arpa udp
GB 172.217.16.241:443 csp.withgoogle.com tcp
US 104.18.86.42:443 cdn.cookielaw.org tcp
US 172.64.155.119:443 geolocation.onetrust.com tcp
FR 18.245.175.27:443 my.paysafecard.com tcp
FR 18.245.175.27:443 my.paysafecard.com tcp
FR 52.84.174.60:443 www.paysafecard.com tcp
US 8.8.8.8:53 42.86.18.104.in-addr.arpa udp
US 8.8.8.8:53 241.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 119.155.64.172.in-addr.arpa udp
US 8.8.8.8:53 27.175.245.18.in-addr.arpa udp
FR 13.32.145.22:443 login.paysafecard.com tcp
NL 91.235.132.130:443 h.online-metrix.net tcp
FR 18.164.52.125:443 cdn.appdynamics.com tcp
US 8.8.8.8:53 130.132.235.91.in-addr.arpa udp
FR 13.32.145.22:443 login.paysafecard.com tcp
NL 91.235.133.10:443 tm.paysafecard.com tcp
NL 91.235.133.10:443 tm.paysafecard.com tcp
DE 3.5.137.176:443 ecash-static-pr-1.s3.eu-central-1.amazonaws.com tcp
NL 91.235.132.129:3478 aa.online-metrix.net udp
NL 91.235.132.129:3478 aa.online-metrix.net tcp
US 104.18.32.137:443 privacyportal-eu.onetrust.com tcp
NL 91.235.133.10:443 tm.paysafecard.com tcp
NL 91.235.133.10:443 tm.paysafecard.com tcp
NL 91.235.132.130:443 h.online-metrix.net tcp
NL 91.235.133.10:443 tm.paysafecard.com tcp
US 192.225.158.1:443 h64.online-metrix.net tcp
NL 91.235.134.131:443 8bcyihmua6nnxahrmwawivr3hnjhuuultqvgoqa79e4b88ec5f046a7aam1.e.aa.online-metrix.net tcp
N/A 127.0.0.1:63333 tcp
N/A 127.0.0.1:5900 tcp
N/A 127.0.0.1:5902 tcp
N/A 127.0.0.1:5901 tcp
N/A 127.0.0.1:5903 tcp
N/A 127.0.0.1:5931 tcp
N/A 127.0.0.1:6039 tcp
N/A 127.0.0.1:5939 tcp
N/A 127.0.0.1:6040 tcp
N/A 127.0.0.1:5944 tcp
N/A 127.0.0.1:5938 tcp
N/A 127.0.0.1:3389 tcp
N/A 127.0.0.1:5950 tcp
FR 18.245.175.16:443 static.hotjar.com tcp
N/A 127.0.0.1:5279 tcp
US 104.18.32.137:443 privacyportal-eu.onetrust.com tcp
NL 91.235.132.129:3478 aa.online-metrix.net udp
NL 91.235.132.129:3478 aa.online-metrix.net tcp
FR 18.164.52.73:443 script.hotjar.com tcp
N/A 127.0.0.1:7070 tcp
US 8.8.8.8:53 16.175.245.18.in-addr.arpa udp
N/A 127.0.0.1:2112 tcp
DE 18.159.7.205:443 fra-col.eum-appdynamics.com tcp
NL 91.235.133.10:443 tm.paysafecard.com tcp
NL 91.235.133.10:443 tm.paysafecard.com tcp
NL 91.235.133.10:443 tm.paysafecard.com tcp
NL 91.235.133.10:443 tm.paysafecard.com tcp
NL 91.235.133.10:443 tm.paysafecard.com tcp
NL 91.235.133.10:443 tm.paysafecard.com tcp
NL 91.235.133.10:443 tm.paysafecard.com tcp
NL 91.235.133.10:443 tm.paysafecard.com tcp
NL 91.235.133.10:443 tm.paysafecard.com tcp
BE 142.251.173.84:443 accounts.google.com udp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
GB 2.18.27.76:443 r.bing.com tcp
US 52.167.30.171:443 fpt.microsoft.com tcp
GB 2.19.252.148:443 aefd.nelreports.net udp
US 8.8.8.8:53 spocs.getpocket.com udp
US 34.149.97.1:443 firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net tcp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 34.149.97.1:443 firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net udp
US 34.117.121.53:443 attachments.prod.remote-settings.prod.webservices.mozgcp.net tcp
N/A 127.0.0.1:53262 tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com udp
N/A 127.0.0.1:53271 tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp

Files

C:\Users\Admin\AppData\Local\FiveM\FiveM.exe

MD5 357b5269f142658d15f2ee3f0ff949f4
SHA1 cfd0b2e11701095ed8e38c54c9a275125f989e9c
SHA256 2ed4cfb162f0e3294823b18e6198465181c56e2d362b37f439c35f57fb92617a
SHA512 3305293964364a9b72f30434834e8313883df8c125a40a4730b3795b27cdfe8deae5ebcfaa72f060b5e609764bb46c5a9872738fb691badee9106d78d1468498

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM.lnk

MD5 775a337ccc87b90508dffeced48e5163
SHA1 1f17f33621b3d468c5d62c3f3ccf37504e9fe4be
SHA256 907f908397cd50a8f3ec42bd30e7ce7f13b58fa17579fe334bdd8f362be1c3a9
SHA512 6fd9ef4a9e264247e1a1bbcdecdba911d7c1a053faa64cfb744055489b49e54ee3e7503247dda48a2b0d10e58594925225225a12e19fbd5b0e5f4604c0415321

C:\Users\Admin\AppData\Local\FiveM\FiveM.app\desktop.ini

MD5 f9d948aa9426cb1a2a82e651b81a1912
SHA1 2d496caeef3b0bff6b91b99e58736cea51366348
SHA256 b1fe21f251cf7875783ea162ef86c2a5b5022a1c5157bbb7972b6b34e14ec08a
SHA512 a962fae3853f43e4a8e2b33aa5f51a917673d76648845dffcc32037c25cb3f300e4c4fc3ea633bf78b714449dbda84416e41cc16256373c170fb82d8485e3369

C:\Users\Admin\Videos\Captures\desktop.ini

MD5 b0d27eaec71f1cd73b015f5ceeb15f9d
SHA1 62264f8b5c2f5034a1e4143df6e8c787165fbc2f
SHA256 86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2
SHA512 7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 9314124f4f0ad9f845a0d7906fd8dfd8
SHA1 0d4f67fb1a11453551514f230941bdd7ef95693c
SHA256 cbd58fa358e4b1851c3da2d279023c29eba66fb4d438c6e87e7ce5169ffb910e
SHA512 87b9060ca4942974bd8f95b8998df7b2702a3f4aba88c53b2e3423a532a75407070368f813a5bbc0251864b4eae47e015274a839999514386d23c8a526d05d85

\??\pipe\LOCAL\crashpad_2956_AKKUQUSIUIELZNTS

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e1544690d41d950f9c1358068301cfb5
SHA1 ae3ff81363fcbe33c419e49cabef61fb6837bffa
SHA256 53d69c9cc3c8aaf2c8b58ea6a2aa47c49c9ec11167dd9414cd9f4192f9978724
SHA512 1e4f1fe2877f4f947d33490e65898752488e48de34d61e197e4448127d6b1926888de80b62349d5a88b96140eed0a5b952ef4dd7ca318689f76e12630c9029da

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4b7c52d6c55574bd4e2395c1d034e9bc
SHA1 74ca0fb8bad7bce170816c82c40da221ea2d8089
SHA256 2ff55267166dacb5fe9ec24fdcaf6e1801e907e43a23031c8de6c8d2c266591c
SHA512 7939364a46c6fb47d6faa06bd375215d195d9408bf95e4295e6c729fcada5f46d0b3b58e5197658c6c4864e4e3a5d11204bc295690584104b14c527c288ac9a7

C:\Users\Admin\Desktop\FiveM.lnk

MD5 44a97488158dacbafdcb716c045e6337
SHA1 86db8fcc32cf0bceb76d3b9edfadabf7d0cc653e
SHA256 345a9e4eb7a6877516407575a0176b8a89ec6649e801794ba5d67693c1858d9e
SHA512 bc4df8eed9af41cb7294552307d08b6564c278897f93df05967457da8592b89cd7d1e65cfb36784a673683bcbe59540e099f166942d55a91ddf93f5984730077

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f1650e5b12f3d932193910108df4e54e
SHA1 690e2da6b1aac3b81658cf4ee690b73bbabe38fc
SHA256 7854d0ed3fcfec9b7d1814dc956ee0b1ec876bf7a576dd268717c6f3d6e3b458
SHA512 0508a5feaff00e775548d8e50ff59b2e6e94de3c4f97cddb04fff0d6a2fe20abc70e09d0495202ba6df2708647e35e9f01cb73ae7fbf0aecec53e56d0461aaf4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 80965db199f4e78cecf2c130020f7515
SHA1 6056d92bb9944ac7e0b6330d2644cb62262e0b30
SHA256 47092be8765614d1c4bd2616d6aa747586b37bbc1c45962547152d6f44539a1a
SHA512 8e5bab8652b9e51d41323d6dfb7a0b4e58457e5be533695b04c65c2685944169dd40be604b14a8fe5f9616733464d76ade1aa0c6d67f285ea233e7a7f603949f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 785917a66a1aad48f477ca41ac267789
SHA1 e44dffdfedc1ff3e85b14ab3f3685560bfb617b5
SHA256 bbab9a245c3758c94d50e7e606390ea15fef3cad4aafa1292773bec6602707f8
SHA512 e13c409bddd3c365ea53609093d59a61b058aada47d4f806622c64f765ea5aaa150eed89ae12cceb8c357a15f81c8f91bbd5e4c9c1985a5f7766a73b54c91443

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 69df804d05f8b29a88278b7d582dd279
SHA1 d9560905612cf656d5dd0e741172fb4cd9c60688
SHA256 b885987a52236f56ce7a5ca18b18533e64f62ab64eb14050ede93c93b5bd5608
SHA512 0ef49eeeeb463da832f7d5b11f6418baa65963de62c00e71d847183e0035be03e63c097103d30329582fe806d246e3c0e3ecab8b2498799abbb21d8b7febdc0e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

MD5 c813a1b87f1651d642cdcad5fca7a7d8
SHA1 0e6628997674a7dfbeb321b59a6e829d0c2f4478
SHA256 df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3
SHA512 af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

MD5 226541550a51911c375216f718493f65
SHA1 f6e608468401f9384cabdef45ca19e2afacc84bd
SHA256 caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5
SHA512 2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 1bd4ae71ef8e69ad4b5ffd8dc7d2dcb5
SHA1 6dd8803e59949c985d6a9df2f26c833041a5178c
SHA256 af18b3681e8e2a1e8dc34c2aa60530dc8d8a9258c4d562cbe20c898d5de98725
SHA512 b3ff083b669aca75549396250e05344ba2f1c021468589f2bd6f1b977b7f11df00f958bbbd22f07708b5d30d0260f39d8de57e75382b3ab8e78a2c41ef428863

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 37fbb9d1c0acc2428c9834c1573e56ef
SHA1 6491ae3f1d294efbf7f7e9971f2b226729b0ca5b
SHA256 a3814b231cfea396db506323cb7c2fcac1a6eee04e2a1dba0ccf2a00525eb283
SHA512 a2a2057897dfbea8895a906ae330806dde2700790f647e81e23649de2e608b07eea07cb284f09649c0587f4d3d6f8a4ab3041eaf4a4dd1e0a6b679f1c395d83e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5861d2.TMP

MD5 a16022a7a9862073596c2d4ae3e23724
SHA1 668d1c36643723a3ecc93e2684df51b100c64460
SHA256 dcbb9e578989635d986f00ae222164b46aa051a3ab4c2cf41b854fc389514f8d
SHA512 042a73be3583c9fea13a24f769b8269f74a5f44e739989329cba76585d68c6657ab7d1882fd2d26a5e87f0bd9819f4f4736a498a8f0f3cbed198ffc8b8b19fea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3a4d806501a133176b69d4db10e41ece
SHA1 19b8b59d16828d55eabd4148b33b114fcc9f7948
SHA256 99a6ff4fc373274045d583c65aeb833a81accd972ce4bd142194a3fbaab81ff6
SHA512 527c23f23af59a844ef01b42e9608637b9d2d0de33852733e6a0f523c939679702fa1257e354166df7dbf0149c72ebd5f74f493051396260dcf33749222824fd

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 74796a912b4b1d9b000087dead205768
SHA1 9ee2663e3ceaa7b91aba51d1d46cc2bc40ff7db4
SHA256 1faa4a93a1af1d915a5fb23be16d9e35de91d56674bb3b0775dd20b3d2cf4eb0
SHA512 5d1e13c3d1a5233d68227f485d73402929dc29ca9d7384384038d6de742d48899c72f48677a2a47c6922c6a4ca04b2389dd34a618d2d9aaa73943cb2b945e06a

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 b502b87d22ebc458d94590687163a4ae
SHA1 55f0df12918cf5c1d3f1825707b867e73b0b24c4
SHA256 6850be9912d6aaef1418775049db517fce04fe9d465a44e6628513b18716f3e3
SHA512 b107041d22a4d6c818ab618ebdef4252e7793ed4775e6a5e376b8949f3d17f29b552e886f8bc562f1005bc2638df02db2a30075bcc67eea5001deb7f0d7d82a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 90d73a18523f377ca013b0dd2a6490cd
SHA1 d8121a0b1e0e05decef458655088a7ada6d0a425
SHA256 13416e1ff75355dd5b85095df2dfcac24282ac4a6ef8cb82212cb714e7a070c2
SHA512 412b8e726e7ae9f5bba043423703523eb5612b66b3c70e4614772e50427dc4b0faceecdf97360b0cd4ff7721a8c629b02748184124e7286bbc81bbadef6a9e37

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ee7a2fae9294633c42a1e61c9451eca8
SHA1 3477ecf2f1558c931110b9b67b7a6680432d5730
SHA256 4c6f0ed8736a7a3c65cd0f908c8a53fabbba42cc79200ae3c18ff9a9693c38b0
SHA512 4072d2695f571182d9aa0d3d8c9d790858f8b714b7b710c7c9dfda03b8ee645e008eed3d8d85333eb116f409a8086177ec9078f33bcf2dda248e406b88006734

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4f34fb0851a07f2b28be7e8ab9dabd0b
SHA1 ac38c665a5d2d685485cc5c39dd13721408e8551
SHA256 dcf72c679184a22f999e2963963c86b3b0bd35af0a213eded0fa9ea55cae4f29
SHA512 793de598420e723538cbead6627fb04b020ebecd9e8cee10b574f78da76ba466dd275522e3043fe4bb399d80329f3e4a8d71c872b466187f13f4828f0e6d31d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 d9a273603e807affcab72202f4eb4787
SHA1 b6cb974dbad46a875936b497db8f89ec20fedf19
SHA256 f0f583fe06949e701f8bc5aa5dcfe8d7ab4a7712006d88f7c70c8c4149c5d514
SHA512 9ca02c441c8cb8f491f1683a961e2e161e1620bf497c339c82ef8fe784d1d56d4a2f2352fc5a43d98e77905492f7e3509e23d06e5dafd0393bb7b7551a470c33

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 dd0fa63d7a6164ee38a2d8c56734dae5
SHA1 e64d22f6fd29c7a77466659eae1478e0fa65ce91
SHA256 10ae3cbea6525955edc9ac5d8b90ec4f50990edc15cf52d132b67a23fe0eb8a6
SHA512 262d6846bbdb5286cb80a78b2dbac31bc10bff30fdc5ff7c2bd2bcc7748a4fca98b20dc30ba5960f31307163b82857544021ccb9233257885289d17707f8b9ec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 5dea626a3a08cc0f2676427e427eb467
SHA1 ad21ac31d0bbdee76eb909484277421630ea2dbd
SHA256 b19581c0e86b74b904a2b3a418040957a12e9b5ae6a8de07787d8bb0e4324ed6
SHA512 118016178abe2c714636232edc1e289a37442cc12914b5e067396803aa321ceaec3bcfd4684def47a95274bb0efd72ca6b2d7bc27bb93467984b84bc57931fcc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ee63b26875b9224e4d52cc63a36bfd27
SHA1 f7e982227349eddb7e6d299d23e5d8a409e0cd82
SHA256 46176e4986dd6431144306995c5898194943767d4d2d69feb21e2c1e4dad5198
SHA512 690cb8096ef0caef15b11402f90b763469d4e073018c44ef07a6090c791037ec51857334abf79c03dda9eabf279bdd541c0fcb401c82619e067ec45ddcbbd86e

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 0ed57b8138f63cec6be392bbc420efc5
SHA1 4c78579a96ba942968ddc6b27ca66accfa33ca83
SHA256 5d73da40d2051cb1a60e31eae3e895656d58315f027ee0f18090a08638b0cd42
SHA512 e0d075081e7fc6e2ba93ebec33971cbc6ea36020d5dc3fa85c10a37286947b83ac04af0b16c23307706e9294978417765d8d4cb6de33757eecee4e564fa3938d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5b7da7cdb7291c5863d71024f2c9efd3
SHA1 50f10ce75f8b5af015b4e6ae5cf305ce693d0b27
SHA256 67113d8aac648de56d11df85b350a6c3d24598ca9fcd9e99a82f60e8a2e315f0
SHA512 3a834e479f0cef244ec409d2fd1e4e64c18c70d99472d14bf4583deb9af2c6df640cc9b1c2eb4faf1b216e00b2ded87f9861512b7009cea6ab33fa298706fdb1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0f9c6e37e107a946a36ff61ef9e3254d
SHA1 0d496d4841f2718ddb32537f15691818928f0fe6
SHA256 b4fe61d778d24df822c57b3db518ecb30c9fd4d5cb55b366c93d1d9143f3f8d9
SHA512 9a629b4ec01b8980a26df5bba5eb61d0978cb75a7ae5a93b30b54fff0d15706e4be024d43c5c7d975b453c8aa8f6322014693d031d8200520f4d4bd95d9423a0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c7865ed57ad7fc6472996d84fec1c335
SHA1 6e2f6c6e78218b9a02ba82a23f91b2bbc7983805
SHA256 b37f08cf79233d4c1f787180c5e5322c44b1f6e32863859d5b2e8eeeeb73ea7d
SHA512 b951f00bb78228d37bcb54a6e94aace937415745e0d79986ea2eda59f3b8199cb17283777c41f1939ead85b048beeccb2ad04b07ba0a2e077bd7125698c0c3e0

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9498f95e05711ba385994332e0afc741
SHA1 1ac82ccf9344d8f4118bf65b854a58809dccf021
SHA256 498e94e386978b7c9a6afef6eb4ac9c2cabaaa9e6ad2ffd658b0d3a819fa4099
SHA512 5a2e7b417f158e8e524f7efddd0078a692e92deb1202efdc4e3d506c5d70b8afe222aed96f09f5b1d7aaca9aa9de26012420f07a3c628717a1432cba9a7c433b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 09a542bb9a3b70d36976f8f234effb30
SHA1 5ffa83b9711ba98a763d4b1ee5e1a51b7ccad5ec
SHA256 e75b4705d1e74230f5111e830977ed6291d0d42a211ed1c60cb42d6838e22d7e
SHA512 9a0905c11b8c46aba7c4f6199fa6b7003e55475c6ed0d4f7e53e70b684ba36bcc4ce6e643ff841d8fbf858c3391688d06fa0f256d8a3c1af817f5947b24a6f96

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e07050cf4eb753ca26c74915a543bcf3
SHA1 28b0e60306bba5384ee4e763a5424c9847647b1b
SHA256 cb608135502d9192d22678205eef411709318c32525152fd2740a168959da107
SHA512 ab81deacbc6bafd1d3f61aecfc21800fbcdb1f37b73626e08bba4120041705d08609c3f482b72ab554f71c53043141d74425efc0754c2826a0efabe18400b244

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f9e8e01de0a33ee0a9020f361826f0b3
SHA1 aaf4a4655573933745efdfd2756e632135e6e95b
SHA256 1caa292aa16703b1f814a96e34227006fc9f45d90b0afdbbdada7b05cc52c697
SHA512 17d7bbb3076e7760dbbbdbe0b2018984ae9ece1bc914d7438b6c668a5d0c2ed4f8cb4e44c578f9d030e5ed9b2bce468b56bc67a1b56d2475e95de6f43d68dea5

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 04bb38a9d35a28365f320789ab31ccd0
SHA1 d8c6d35722279ed44c056177b872e2c53c0f9a39
SHA256 6fc211bc8bce6e123db9798fa074fc3d1d5119a7963be693e5e387974c069621
SHA512 1bd1d0be0ab90a4cf1c6673ca09738e7628015f32589f2f6b12d33174467d43423784480dc96fe676d6da77176e233134201e7404a71bd731ab0d3870e7a053a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bf64379eef43ab159428768abe4ea74c
SHA1 b78f80b891e530538e3387ddf6f498e14c4eb56d
SHA256 b027df0aaef390c587c9e76db99223ffe83e876166f2cc4b7f9369d126a746ba
SHA512 f352f9ac4e87be702626c98e6cd8b14990b3b272219789d38906713964058e7a3ded54289385bc8981531d76b42043684ad55dd212a9a8082eb834abbf3ca139

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ce90c3e1c6ee7374f090c7df0b92459b
SHA1 b549edb3a7d68ca7f5bf28ef81939a8d3da75715
SHA256 bfeff6ce7270de501455679e30a398708191c8cfcbd469b68c2f946a97531095
SHA512 9c2ba5765df1579614bac233de3bca5563976439d2cdadbc6eb225fefde5ff324c0fcc9b5175b785b9f2cabe08b55a79f7d5fc823bd85cf2bb525adf9853f575

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a53fffbb923b9cd651607bfc71bfbb97
SHA1 8b316862e6e772016cda179dcc945ef78cf14b9a
SHA256 4a1fbc620f01aeb0efe7d3403cc193b013bb49f38f27be1755b8d9f0ea7f8dd2
SHA512 f5df1a529347b60fe4cc9f7901632626468099bb3e6cbf805d944149b9ee676347e791721ba0555bd37586ee476bda751ede1fe62243db0ab433b58595c4e396

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 80d0e8fd0bec554ee3205044319c396d
SHA1 1135a7b8750e795692e0112cad9ac164cfb13ccb
SHA256 8db1ec32064af949776359593f78c45c809208c1f9f466add43e889aa62a4895
SHA512 faca7fde258f7cd4fa25df8bab93184fc4959d4a68ad018cb77a758e81375977ea7197612bdbcb6614423996d6c58f394bc76da4aff85fa2501b79286e5be955

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b3

MD5 d79b35ccf8e6af6714eb612714349097
SHA1 eb3ccc9ed29830df42f3fd129951cb8b791aaf98
SHA256 c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365
SHA512 f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 22d6899e88c8cb9997c72057ec656ede
SHA1 c7fe6d18aff5ddb97a06c08ed792b635bab49407
SHA256 ad4394736efc05289abf0e78e89f4470834e35488a26d2e210092a6fe0f75d2e
SHA512 561318a350808a49e25e09cf2e8f6c7e756da0ec9e1817513f350a0392dea4a765e42dc87656c2faba9177a153f432465e81b9a07de2cb9c1e0aeb5516e5746f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\index.txt

MD5 ede1c1e288d6a450b3a67024cb14f51c
SHA1 9b4022ec73db8ed09bb422d7cc86e7a6f8f8f3f4
SHA256 c822a8b34278ef98b1890b6e942978d0a40d87d99702857d3a6620f14b22dae5
SHA512 981aa2c3dd9aa8f0466efc2b65c03320f76665a50e51812c1c9c2a62088c85b724bfd5c234b22b7ef6dbf14a25272888a53dfc0dba935b017795846e6baabbbb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\index.txt

MD5 0f99588a7b1df67282548de1e7f37252
SHA1 6ce0ebf95ac3dc72d9255f93e7ff16bff2b4c839
SHA256 e97063db71d708b103b6bd08eac23bd49856cfe26caf7623ea474287c8b0fadd
SHA512 39943535c79bf1e026a944ee3a39180a6ff47f13fbf0c7c88bac1c8cbb75a709c299e73c77dbd533c042143e45f8a746810c5505f9a887d4508c07f15ab817fb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\index.txt

MD5 a3ba48b3662517606879fb9a5f400109
SHA1 83d47edeaadf09ef3c03f9268890ff1aac9d376a
SHA256 c7e9745b8e9b4042eff7f8e53b7eaea69e4f179587aaa606db020c666e98908e
SHA512 f84c2f2f829fb94de77e8c93f08c5f5c40b01dc5e4d4fa6471536971ab92b9e66ec42277ab7f19b9419ca06877376bd55428a8c8e6bce4798dec91a3e1c5c1e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\index.txt

MD5 44b833bbbee7a55b888e91ba1116964a
SHA1 37e21a88ab465136323ae66865d404f7d03f4046
SHA256 1f676a201081107cc077dc4e133585a3a8df0b19272c1e3934afe7b7f70f37fd
SHA512 c03df21cf05ca11a3ca1e17f573ffccaafc087eb382a941e21090b22a4240bc2255bdfe3bf68375cbe4019489d42b13895a264dd0c3bafb74ebfa7e6d5d000de

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\index.txt

MD5 ae5846cda8a7a97cb492e5c94fdee96e
SHA1 87c28fba92875cab805da3acf14beebcea7da851
SHA256 dd5232671948039fd101d2e1b2ea11c102fafe6eeccbad3b4374e549afe8ed8a
SHA512 39a70bb8e7ef4c5f4e89ae29880218efd542686cd715f8206ed9bf04e67b5ce5bb7a225934f91a3b4c94ee43d743ab3494a8afbc883e2ac8540e7f767e904f1b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\index.txt

MD5 7889758503fd4ee0e2c71929435ce28a
SHA1 bb01c7a5dc2c98ad2ed5ba10aecc1316d6551b26
SHA256 93923cd1b18d2636236e7c7bb7e7fb8623d9add57a8000a57ab44b95830eb6a0
SHA512 73fb8e0027f10031c45b7181fc415df9bb3e6d9fbcb837628c4fbf052307a32992632b495f99b8aba99fe50817cccee14d1dea7e0e6e5d2d2fcf3b2e2b5f97e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\index.txt

MD5 14fe40357d77f1d80c1a11e957585bae
SHA1 d0e312ee265ec1df0871b25e26e943f268651305
SHA256 2a93e6d7442f4400a4d8e257a1887f1070ce3cd89c00d2b454c605415e3f09a1
SHA512 315a17b2d9a1d08cdde7c6a72ccd028acd10f8e88976a27c7e3dafccdbb3948ca7692bc18bdaa976dbce020c1b51b0cb5989fb694c8632ed0dc8767c37e8f7db

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\index.txt

MD5 1f1b0349f0aa4ea965e59d6fe5a4a955
SHA1 2be353f441f8c567a032bc92331f750ffe2d22de
SHA256 ddd06bfed4936a4edf40e67f171be707ba5fc7d3c74d56cbeb49bebc83cf7413
SHA512 e5e36652e6cedac016010b569cf237df7b6fefb31c3e9e0640ce9088d6f41d7bc5c7902957503cf12debc4f7224cd736dbdad26ebc84e640a2933ebd69525498

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\index.txt

MD5 d1e51d49a9ac09268a5ad249030e5276
SHA1 ba7839c5be23410af8aa5635fd26c3f20d84dd6c
SHA256 fdfd7ecf77f6ca7d93342c7beadae8af49d2254823a1aca659307c1c31c29b06
SHA512 0e3ef1f27e38493f0e1f9340c24a3e8f99f02f9fdf5c5360e22e39b80537a04d0b28d065bd44908eb6753414152b09ecaf0e9fa91a587493bd0dbd5f3cb5b1ac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\index.txt

MD5 9629fb6346c7f3c1afc939b270d2b2a2
SHA1 f99c9f2054d785dd210900ebef7cc5c4ee75f813
SHA256 f0992605e93bf25733b78ff4af258cba53bc9895435dbd188c99b0db12cae049
SHA512 dd79d15e31fae32a486a8ded38ea6b132f6fbffe49e7ef413430e74cb303cf4c098a11255790204bcbf3bbdd5dd8e8ce18a2ab18f1b3b51aa53ea72dfd6985f4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\index.txt

MD5 f709c4057ab0a391b6ed63c4f6323330
SHA1 9f87fb5abe56a31a37859c2cec4542be4e6f1cdc
SHA256 669dfc45ea6091fe620ff3be24a03921747e9ef34986c8694da24d7923938595
SHA512 95b15e39934b35f1d1cd45017d233b3ede541506f355c72d5e95f601f7a916cc0f3be1f1155d764cf5ecdc38c4bda6e8aa37b1164e2f62857eb51f277bf9e1c4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\index.txt

MD5 fde285070f9e0fec1f7d76b134fc7573
SHA1 1c1275d965d1ad4f7255f7d285fc4b1b31861e15
SHA256 7681f27dad850614d8d5e40226af71ab7f060767a29122efd70adf96ffa9fac5
SHA512 42ea648c13ac65adca3b0e4b9f42c246af546940b2ba7ccc430644ff3a15ca48a765ee08e22866e13825ce70c45e64697e680382666e21c4341a0947270a75e1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\index.txt

MD5 d0f684a4321c72bbb44bf3d68a218e1b
SHA1 a292615c0ecbf10e32b3f7c5b5053593df4ed5d8
SHA256 3040dc5b576d9df1f4162b97cba57c083abb54116d9a62c8f2ac14924daf5eb0
SHA512 8a1cae1c2cd1110ed90707e7d7e4e94ab93bba4f5eafa61d3b13d1bf1bdbe4631cb0b2190cb1d89dbfb257f2454e2c3da36bbfa83b1fd86480b7555f87d8ded4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\index.txt

MD5 e9bb39f094f1aa46fb6b0fc63fd4f2be
SHA1 21bb3f09a3802d28671cfbc6d1642f6e6f127c21
SHA256 b3067370df5460e1a5f598892d261ab9056f77a344a7e1f9f979bbb0dff04ad6
SHA512 263eb7f2b080c446638b563cf07abe04dd679cb3c3b7af77ca95d04bb010db43e44f76f86ab0efdec3e661783ae2acb7021cc0bbbdf3f3182eb99ace73d2bacf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\index.txt

MD5 29e14deb6cd312926660bd5fc22daa00
SHA1 dfdcd62aa9f752b71123ec0a7a6595953b01c0bc
SHA256 9902b717f7cb3404b12a933121ea429c7caa39ec1d6167a21430c3fa9a6aad83
SHA512 93c65c77816a5d2b31adc2d99ee2023baf774b5dbcf961f37a05df8a63ef1e15f26a93872fe5eed5b51e3d71a44b65691f5c65657257cb8d3c6171c58f680e2a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\index.txt

MD5 784a9e18657f2f91c16b06e8058e44f7
SHA1 186df39771446bc62dcb0af80439a059ccd41986
SHA256 37f1b74f4248d4a096fba54047de0b1614ee0093fc7612f8a20654e50c20c71d
SHA512 d25e37cb582b995deaa0e0c3d1e71f17290af90ccaae35e9f03da87d272e29aa6527da1681065b37362350911f073b0531e061c1e8f71049eddd5e06ccb7e096

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\index.txt

MD5 4227858af06c6bee28c66466ca8e52d9
SHA1 9151a05c1f453f41e65a58cff3af09cc5c5a756b
SHA256 fe417701f72fddc3c0600f59fa95f25eb940ef98da51507d4b953b941be4bb9f
SHA512 5b0a2228670b39a5b65b6095efba3ffbec7cb3846a96dadf17567b4ec00c4efeb64db332127042279ca3eaf914833ffeaae01e1a39cce33d0c8abb1a3cf59ec8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\d73ea209-80a3-42f2-9738-bc10834e51ac\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\index.txt

MD5 476c2c23ad94e237ec94408adac19e93
SHA1 fcedac7d155ce1a4b500f6bf54e20be836abf028
SHA256 7cc72658bd130f074d4c60f54e82468876d97d3795e78fd0d2010d4c5bde1b52
SHA512 157372f82e0a50535cdb4e259ec7eeb08353af4f2637cc6e32b67e55afaf0916136a8e551681868d4cfe576fb50b8487d10010be030f969359059d6ef3da620b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\index.txt

MD5 54fccd60bb5d1412a2cda8808a54dde3
SHA1 71a1e43d753f22c96eabc74df3bb7af94515f77c
SHA256 b50daa725357dcfc71bd124c0e8b52be9128d10f569b045b059974e128ca0477
SHA512 8ad9b054179a06c8716916e33a4cdff2393d2d89a6534cca97f3e5ef91841b8f4f8f0cdec819da41f7aadad1aa2b9cc4314efdf4a8d3726416dfca76a4de0939

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\Origins\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 625b48b48bdb5abf2bcc9dbb1f14c46c
SHA1 5e74359ac9a38b9135a8b5ea85e565b1c3d37eb2
SHA256 6262e30afcaa445f2b5feacf27c62d679fb91bb14a1d5ce7cdad38a169140d5b
SHA512 e33f6e351ff196cc7b6f0127a6952adec0836e8d4959d0ce0eab2e6c778b0f0a97bf68f71a4f6e108ee5d7e1515328456c75eb466b7abf29052e3f65eb1d7a94

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 4270835f458b1cf634aa228dd40e0895
SHA1 c1a3fcd1c665dd1d72be9c0b82b6af4e7ec3e268
SHA256 8c26689a608a3b98bc143b7373a6809b9c1846d5789863b71ba680f0722aeada
SHA512 a1831f804f9f4774e7061a83a048245bee884433f129e65df4d9a24020c4fad2e15792f14d86acc05627a619f74193e1196e44ee358bfb50d28c147118261aef

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\ee58122f-b122-4bc7-87a1-d7d6af083c09\acb360371ef6af68_0

MD5 f41306ba8c6a9e204aa4e7389abede3c
SHA1 4d94987af95cccaca811395728a5b5dda2eb99c4
SHA256 60fc05837454c917280c1fd9c545c38f1a14c98c62969d43270d9354364e3a20
SHA512 e1484548cfb95cda505b6883aa3e697d82db56af466c445aa281d258cf5b36cc9083c427653d63fdcddf8456809b7211c6aff14f3ec4e86c35bf947bb232398a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 97481a74a9eba71fdd25fe86c02d5dce
SHA1 09b6bb0931a951f12bee456fb18cad6c027b6870
SHA256 020ef53869d67d9f9b5b80ba36206d33b64e2ea81780c8b4baf5dcbf1601e9bd
SHA512 75b2e505c2a8656db098f16408b03adce4f4b24000e0c89c30a98cf698d86174ec161ec9f02a316ddfcff0f099b29c9d374129539f749df8ccdc547fadd73bf1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d4d98d41b13a511184674908448ffca9
SHA1 7191ed5681c32c68c643573d718fa82733918550
SHA256 31c06de49b9e282be8bb057d678a747ab8c1244c8d2f4029c9a6e578e9bcf3f6
SHA512 6cbd0145fffcaaf77f1539214d2976e62bb4e11558a9d6ee3bf55f0c64f75e5a451c1fdd919685fc881faac0d11d4b150ff949a5bee64609232548f45abcb75f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 7e1fbab5489a4703865db1dfea80df7e
SHA1 3f7e488884480aa200e03633eddbb0e82e16986c
SHA256 9eeb556498fef9c719df3fe3e5fa4c8ac22209f74b8114a1dff74a4e6bc026b0
SHA512 6c7eaaed8c4bb00f4796b44b3f59e09ad5bb9dd52673f05f46dd86b15abe0dd8f0cc67ac46d838ba59b2105c24d979144291fe1d146c39d13444c75efda3e9f6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5dc5c4.TMP

MD5 0fbac26a2c78583c79d10435f2897df8
SHA1 c76035bd1b8d96ea3ace0294b1d1e8423c6caa3c
SHA256 ab776f4ec5f327ef56ad10a0becd8657ed582507a4a5748dd1274a22feb3d992
SHA512 5a73478a093c733352ddbee2c9dd51bafce32c31e306cadb86158635073c608b4cec5aca6fa26946bba267511b7cd8758cae3ca442782bc1bec7f798b1f7052a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f0dc514468d074d4f20f7277fb5be7c1
SHA1 c9fb844eab885d8c547fffd61fa4ac45d8df534f
SHA256 976ea30e7a6c0367ada6a5dc67f48eb760a981bb7b5d00e219083addc1f8c854
SHA512 d4cf6e48302f4a18f7c1ad95e340a6b37ffa0453ad3b22f2ddf3355a4cac614090101b92c180fdcfdaf553b01fc7130f0cf5e6a77beb81d02c3aa2b315c8f09c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\ee58122f-b122-4bc7-87a1-d7d6af083c09\index-dir\the-real-index~RFe5de179.TMP

MD5 b29dadcfc42dafb9ade8483c079ef6f6
SHA1 43fc71be5ef20a716f985d0c959e240c544e0b8e
SHA256 d2dba077ec4674029b5af45e2f04adeeb2996b17624d9599bde32da908bb83ac
SHA512 838bdf8032189c5c5f51e9491e34099db5921ec1c5a2c53068d3debcd403c0c1b9e931b93ab24babc179dc166f3f2c5e2a86dd43ae92e7a7da92055e2bb7800d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\ee58122f-b122-4bc7-87a1-d7d6af083c09\index-dir\the-real-index

MD5 f66f1cca9c99544b40a058bb9b13e6d8
SHA1 3ecdf07e8ff45ec1ebaf749444dec435276196c2
SHA256 5304334d031efb15739c7a9e0bc672730be90e6f11e6a8427f50f9c49f962b0c
SHA512 9954867e046bd06763df4cefd866eb2cd008249a80761292680cd594dda70321604e76e1bc9483ef1ecd00c69ae9e49514525a662573e73ed11da203644aa3a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\094eb715-01bc-4e27-ba82-794ee116955f\index-dir\the-real-index~RFe5de590.TMP

MD5 ed88543ad5965681ba3fcb8133ffd654
SHA1 43e4d972a044c0f93c3ba6bf449a40181b4a76d3
SHA256 4d5e71aff1bbff3ed99f8f309c854184a3e060cb6fbf90f51a4483272d6cbf81
SHA512 78526b0f99ce1df614f970a12bb100d5534134b88b1eb3f221e704ac3f6652547b6d10a8f41d7538cd4205ad5b801e6934b2776ba949c874aaf77d6175bb0518

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\094eb715-01bc-4e27-ba82-794ee116955f\index-dir\the-real-index

MD5 8da69744d65a5c10c8b7536176d213c1
SHA1 fa51e62dae8add3442c53acf6e1e26b6128e0b42
SHA256 2b6fd855a63a0f71ec05c3a273c177177202fefa5dbf83b09d5b4388ad3abb98
SHA512 09aeb241e29944a07cd42dea5b7a89fd2eee70420837dc58506710fdabd21fa38079e9c8a8612e6e13500a0988ce35c0a3a044ffcdd61ae040a8b5b1092e8628

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 778f6a1a3232f3e6515d53f5359d0bff
SHA1 6e2ff367e7cf994dd33fbb5877d3781efba71c17
SHA256 469612f5ad42644327879fd06bb2ec2b58159c2a45a698972eb629242804dff2
SHA512 71eb30872695023ed901889016bf92fbb4ff883d7d432859403d847a9b4a2f42dc08fa53ccb668071f7e0ce8f82daf1f6c992f3fff0ce0c743c9b7efa0440457

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\d73ea209-80a3-42f2-9738-bc10834e51ac\index-dir\the-real-index

MD5 0c45dae81b79d630749e71b39375ed22
SHA1 b8bc9d97986dfa946688b8f7586c851a3378f598
SHA256 ee6e9fa7c2b1c6cab5de15f6d6bfd70d7211d978372fe7f50483d21854eaaad2
SHA512 7ebcc8b90936dc5c26758c23cbff7c1fdbac4a7bd7f1f062ec6c60bbdf4ee7a6e1bf5d21b722a4265244e6ac38d69f794f9c00fc4754ef3822c85f88ab22ebe1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\d73ea209-80a3-42f2-9738-bc10834e51ac\index-dir\the-real-index~RFe5e104a.TMP

MD5 e730f9993611617d4c0166807f5f9c45
SHA1 34e8520b4cf9b9fda94078485bb13472f10c0683
SHA256 a9d1c1f430f67578379af180c3bb2b4e0bf782a13d34a2fa22fe447d2ddb4697
SHA512 7a5a95c6dbc73d740fd673a83919f085094fa0d7fbc399bc29b46accbed51a2048582a38354fcd9c1146b375039e245c52e844affd7dabb728abffb290aa4793

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0c1394ff9f56f9f7c56b37e320008ade3b66a112\index.txt

MD5 973e833fa742313b558bdfe6a2dd2d9b
SHA1 be1132f257c73d792b47263c74bf585e509ebf4d
SHA256 c8a98bf4bc0261c742377458f4a950d25482a7e75be85a3d6d9243955df10366
SHA512 61394a502b87db62324930f682a565f0a69f3ebc1277b87f7ed90c34564da7f5ed609b761c1a62f8bafc43546840eadb360ab56e8240fdd0c193defcfe5db29c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 7b1be336c755cd2791bb84396ed79ffd
SHA1 da3630c04ab57a395457b59ea9b1236ab00f0d6d
SHA256 b125f420a3ec14617853ac9cadee2e2102b517b9e31e84e56d20e02ac628e138
SHA512 1323915636df7afd6dc2411cc33986ca968511534670b5a77d23be342acb0c30ae9edef2b6d93104d3aa23fda7aaeadee1df1259a4f118aa1359fb7e17a55f68

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 51788f81adaea88fe0da13af8aa5e9c2
SHA1 f288824ea4e6756d30d1f97275f0b8d93a2ec118
SHA256 ebe49972894c906ca2c348d47b4db30c501d9bea6846af6fc57408705fd79250
SHA512 167d52c066a3956890a416599cc70f0f2fa5e5e894cee0cd2a24a7cc6b4caae7d8016d072b337f64e20e4b859c11561b8e650166ac9afee26f41fd4a708d8c24

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c7

MD5 ca9e4686e278b752e1dec522d6830b1f
SHA1 1129a37b84ee4708492f51323c90804bb0dfed64
SHA256 b36086821f07e11041fc44b05d2cafe3fb756633e72b07da453c28bd4735ed26
SHA512 600e5d6e1df68423976b1dcfa99e56cb8b8f5cd008d52482fefb086546256a9822025d75f5b286996b19ee1c7cd254f476abf4de0cf8c6205d9f7d5e49b80671

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a84a24670944c7f4cc4c4b1d25db0e85
SHA1 71df3174fc5c4cda810ebb25fb12c0563b515ba6
SHA256 a34e60bca0a7bb43f30fdf1293e6ea9bf58ada95679a6af84c157f7bc65274c0
SHA512 87aab3720fac96671c88991152c4aa646b150110ace96c21e107692acccc630fd419431fb2a25d8ec7dba8db2d9afc666f0aac64773fd968235b5c8e4de8aa14

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 3e2ab4f88efbf8c8c63a641c544f358f
SHA1 58cde0c5921014566a740f24936ed6dae15329fd
SHA256 da2717392efedb0db733022303bc84acf59845c33dd5482cb377fc1a32935e3b
SHA512 131878886d6dc6166fc1fa65be789b3420e8f5ec08ea613bdc88e18560d6e6ba9c4a2488aff10d96556825040915905eee51e8c157f9a14c10668dd4eff3fbe5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\37afe38eb817b647_0

MD5 11a50abe115b1567d77bd846d70f9ce1
SHA1 117ccb6eaa84ce43603973382dee81f3210eb4b5
SHA256 bb6a1e9146331bd8172efc7b9a2805773d0334c2a3ed73a9ff46f36ca8447796
SHA512 4da914d7c153f00abc95902380658d4b6888d582e9831511993906feb9c30c27f1a7fc9bfb825be633e09021394e0250a059363c69b568734597e7a2d337a867

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0

MD5 ff98b71b30033b5b0e80b43144467220
SHA1 6e3bf489c988d1074e8df209a9f41a8f15978d7f
SHA256 cb014c64497a54e8491b4a1363732a4966ca687bdb643adbdab9a12c9db62c09
SHA512 1af5b85901b1b6fe04d1f156f56e71f333ca437ed8b434a54a3802292079f6dfc5d307a5a805aa209cc4a1bd76a6af3b3d27833f660eb60ebbbc4eb737adcec5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\be6d12311ce2b399_0

MD5 ce12684d5e1386ac104d7967a0bc41af
SHA1 2481db3983a590a03edc0098d850bad35c6d8a6d
SHA256 fc662a79463b0d1b45712e2025583930fa902d21cb88faf70fc2c3d6628d8bee
SHA512 e6f9379605d634ab10f3faaa6141d85efe8a30d8a07501fb8941187b62d7e54f1ffd4ea44e3890691fdd43cf6cdd3da0dcb7a283c734e68eb7a165ec15cae899

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0

MD5 45b8a3e0801396d8349fe58f2adf3113
SHA1 06d6c77146e60d06a594aec405b93f0d2ffb4a2c
SHA256 f59d674a2a51249d47a0d0942154ba89c23b356523c91042f00c6e03ec663736
SHA512 b4f9696c967f8f8c32dd8e2d9a68f136a0ac2a5cb84ae5a5d6108d98cca8a8ca839453ce19254b6dd5a86c67accb4a3baf06a020b570bc57ce5d3849caba7b99

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9dbb949d27873cbc_0

MD5 5f1d27075f4011a9e8320260c5ca33f6
SHA1 b38ee5a2bad1a07495129d57caa2bdb3034ad974
SHA256 096fa4edbc49cbc580cc6603a3d412583a2e8daefe7715d5cc860660b286a807
SHA512 74af2dcda9602d91d5ba3f64dbaa3a2516ff7e4e39d2a997bba58c182fa536ded3556407f86eb59dd56bc841e353d9e1b071af1e25ca8cdff821d1f16d483196

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2076e2a98754e97_0

MD5 3269a10de7b9d5df9c272499e4598ee9
SHA1 7344badb2f961e1509285ba30d8926ef318f5cc6
SHA256 9536aba770f7e80f95e9bf8aec173e48126e558696a23004f443b5d6048028f3
SHA512 fa04eb71061de6c3eaa276f76dee103eec02bac5437cbc6b14de2e13a9ad67dc9ef52a762c6f2ab56b682a864e1d026e22b04108e50fdb91c68125668fafe60b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8e5987d08f7b6e11_0

MD5 8e4be69f5274c4d6f57d3eda5fd38cdb
SHA1 92a5a4675736768eb4ad25b7e103eed4d6a9d3c3
SHA256 3d962433b8312db992f3cf6dbe09055904a83c6b943488f8c259d90a3c6a476d
SHA512 c894e4c47232e450ffbc1a57a20dbe98a7f7a48136ae72b265869b76d1478c40d32bed032134c2f1adca6e73bf69fc35659e090d9b5014ad50bdc941853ef7d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\96bc766215a93e35_0

MD5 219b767074ce6b94d1822eeb5fdfca49
SHA1 0de8a2bfa245b52087b886d519ac622540309282
SHA256 c2fe2692468f2ade9632e25164c4bf886839be9499b94f36283927d36f618e64
SHA512 b711165b3c88edc4c03c5b1f4b92f57da325aad0215fbbc6bf7b7ecf9f87692a665f1b8c75994abd7aa23c92aaf8fb588c2a14cfb4f9cb180d2c0e68e632d6df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\86b9cbd77d05d034_0

MD5 d2252dd09901a39aace6290fbc05942b
SHA1 839d1047c2bb81de652c82334e66ca38bff11c7b
SHA256 59fa29a686d5fff811412849b46e16404913ad9cc36b0d0cf0d1a265a6003c0d
SHA512 cae8cb4bc79db19110b5be71ea5060c713f8d4ff31c3fc886d1c264d72f70ed8b5cfa685b7ff859ba9e3340cb6ad4b774c872adea592851fef1f8d55023194ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\55d1a302ab2e2689_0

MD5 22b89b1aa938097e4218dcf66c999e75
SHA1 9b6a3ec65c47d3fb9c72c226a1fa589d615f435e
SHA256 d35a2804f48bfdf44698c9ed429c8b9ac9d5f839a5441fd0e55183b23b677306
SHA512 88fb617ebff00b2df15b327535c1d36a36ec5541b69e63a153f9cd34b9c6319798f06c7d4a188e7cc80b7f02b0660b7e9d8f73ccfa3869f2b7efb46f40b8833a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3fd2be14abb3904c_0

MD5 a30808e53e3646744027dd5ab9d8eedd
SHA1 258bc495328469811e9187920373ef2dfc89188b
SHA256 23b44b2cf6784d54da4c1ef555ad6f7a41ea092833bf093c160c7b41c5bc33c7
SHA512 30fdd3f94c00c31217acb853c88819433ba24b85ee6447ed7e739f78485ba1ac8d9520071b024201f748da8c6eb674e331075782657b7b0b8c01ff663d75f34e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007a

MD5 3051c1e179d84292d3f84a1a0a112c80
SHA1 c11a63236373abfe574f2935a0e7024688b71ccb
SHA256 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3
SHA512 df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007b

MD5 68f0a51fa86985999964ee43de12cdd5
SHA1 bbfc7666be00c560b7394fa0b82b864237a99d8c
SHA256 f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f
SHA512 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bb3ce34f21f8292bd2fc09fd0de1a780
SHA1 3b38e92d592aa1048942e816a3744430c4891eed
SHA256 9390087291cdbdb529b1280f9a5768b49328cb37358d3ee3c235fe917aa64dfd
SHA512 d05b42744c71279d8afd96203ce666d1bb7bc025a1495e2f9bc2de7ac22fad59e31354065e7eeecc3235bc837dd5fc94ac77a533a85a306f49c981170f995297

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cf2aab1bb61d0bff_0

MD5 44e531e0d4c91c9147217f57c20cf226
SHA1 32aede01c37239b6dd6b37ac3607f2f32d65f878
SHA256 5b62672b338d0ef0da6666a944ab15240f0cbbef14d5ac59f25ea597965a7d46
SHA512 f2141b3c3e211e066f9f8a5fcecda0a050869c33e006514912f4c7512a8d923a9103a568f92aa79ff5071f8c70b444f32b3622840f390b9717e5035f476e5d04

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f3ae0d23e488645b_0

MD5 fd624cee6d475c51f56572d62d47c436
SHA1 eb8a94ded2e67eeed9564ecc1430535028833dc4
SHA256 10b03b54c77e00a46f27749a77e0785236997f01a3d16c92a24a9934b01c1a04
SHA512 96ccae705665591e022ace68b821d59c47bad7865d212d6946f51fd01f1f1c97f9e582a58e2963d9aa3f01fcff59a706911d9d19ed2004b9ac0d048fa23f00b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2d62f54a9f132af6_0

MD5 d98b5a6bf361c9e2b0963a2bca82810a
SHA1 6a7390b67bfbe58ba8a1f5bf7d0402d5ed8e49d1
SHA256 fc1437fbc26ddb552159e2c35cb843e2a88ac7c92397c9193f0f55d741ceee0a
SHA512 99acf76c25924c24c2174fe4556e8863da2d69790b4fdd28df75dcfb957306236e8c6e60f633bc277adb328b8a5534fb96fd6af6176aafe1ddafa708abbd2386

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jj59r4xg.default-release\datareporting\glean\pending_pings\4113c135-a7fd-4144-861b-bad26c59f3ad

MD5 8129700870bcb11b139398d379d2ac2f
SHA1 bf4198d1639aad2bf0525b743e6f15f439ab9cf8
SHA256 53f112dcb7747dbc9e7edad8b0bbf8d00797e203541afaa258691c29fe63b357
SHA512 3ac57b4c24dfbd1b7be29577fab4896b8d6f9f13fa525924a7cad5f9c92220cdd97f5d9ee7b43139c4f6d3357b513fdcba9786a29503bbd7ab91932f1138d96a

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jj59r4xg.default-release\datareporting\glean\pending_pings\cfba93ce-417b-4b03-93eb-46870c1ee406

MD5 5f8e325639a6bfd6c8fa4ef1dfb57f46
SHA1 e688086acfbca6029b4628945303604e50e22852
SHA256 42d02676000ff4e8db295cfc5847a7cfba72cdf3a8f8de4ba52a556c1ca91ca4
SHA512 9b49106e5a5fd32be2faf3dae39d6701bd881972e0578b0213b01ed92023b42644af2024ed510fc6ea16924713e06e80cc48dc132cda071267c87a77196f3313

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jj59r4xg.default-release\datareporting\glean\db\data.safe.tmp

MD5 6fceaf02fa39dfdd0ce2a8ea64a51112
SHA1 8f35902923e21bb47acd72c1a2e062c6ffccc92a
SHA256 a568920b912c5770deb857b877ccd7369b240df072ac5a9afe5c99db5878e3d2
SHA512 5fe1ffbfb2644ce07599ad7b269178fe73b12356b90fb97b49d20a1637f5a14da73f365c3a6eb2185a2a7eaf0a02bd0585226a8cbd6b76d39cddfa26758a673d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jj59r4xg.default-release\datareporting\glean\pending_pings\cf56aee5-e403-404d-aee6-f72d1220b8dc

MD5 65e4bb2bf1bbaeaa74d12e1729db5f1e
SHA1 66749f975213e2923125b2fbc5874441238ad542
SHA256 746ee18340d149e65eeee15b81978eebc75c681ba6963bd6450065b15e452e8d
SHA512 d404c2d8d388c2f54255ddf4d5c69b90943e684317b59921c018878ff278b41751bf9ef5eabc398d17c5840139bc69be825855cee5e09124f039c6bfa374a409

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jj59r4xg.default-release\datareporting\glean\db\data.safe.tmp

MD5 3d578452f349b3a6f6629fb43e106993
SHA1 e9f8d20df70a18b0d92dfecb24ce1fc1e378ac5f
SHA256 a0e690e4e8b427bd10064b1e7b3b444655a086113110fdebdaa02ef006342f8c
SHA512 39cc4ad65cdcd9d7d1ce6b21d5cc673b2047bf29aafb04b57f0bbff9555f31d5d3ea978689fad5cf04d5e5ab49b8e4d73f4f50431ed3c9797ed0a63cbc991f4f

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\jj59r4xg.default-release\settings\main\ms-language-packs\browser\newtab\asrouter.ftl

MD5 96c542dec016d9ec1ecc4dddfcbaac66
SHA1 6199f7648bb744efa58acf7b96fee85d938389e4
SHA256 7f32769d6bb4e875f58ceb9e2fbfdc9bd6b82397eca7a4c5230b0786e68f1798
SHA512 cda2f159c3565bc636e0523c893b293109de2717142871b1ec78f335c12bad96fc3f62bcf56a1a88abdeed2ac3f3e5e9a008b45e24d713e13c23103acc15e658

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jj59r4xg.default-release\datareporting\glean\db\data.safe.tmp

MD5 a7428ec8e5b74322c9c24afce4468ac4
SHA1 c3f9686ea8460de8cf8937caf5d33b0c22027159
SHA256 05aae45a95c83c6da20b16a2f7227859a0b28dbdd0e6bbc76d22b1b811482510
SHA512 020092c365360587d770781b5a342203ac626b43a33d735cd343aa43012beb265760e1b63c0cf191ec502ef7bd5340470ee7602cbb3ca74ef8924955a0a013c6

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\jj59r4xg.default-release\activity-stream.discovery_stream.json

MD5 af4b85ad58218ec8f35c4e9d513fc15e
SHA1 07c434cb64600a1c3315f6af78f8cd736cdc3ec5
SHA256 d6999e56f7e830a401e833d1fcd78aecd23b96d7e0192488b247d4083a8e6cbb
SHA512 ca33a7a5e3f4d40fde4f2584628c59bee824ffd08cb7e0536b9949d4cb9970252d4c86eeb819b884c5e3ed0f91efbb97029636f94db7a458828061c5d2d97efc

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jj59r4xg.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 ee6223a5eb16915d9383c2239c533564
SHA1 c45842a34512ca3e7a2d7859e9a514e8e2aaa91c
SHA256 dd51650abacd1d7a3954bb42eb0d3bbe990b95f62fa6dcdd72800b26c381ba37
SHA512 a0d098cf8e8128d70478274f31c46bb3c080a90ca966d114ddb6b3fbfdba770bbd0a2701bd0a264576e22971c66797a1fa10b7c8e4ce331cad653130a764539f

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jj59r4xg.default-release\prefs.js

MD5 c243398d0cab2466e520f1040db7272b
SHA1 70d27c90eb2fc77ff76ad9969c014a1d5ec8801c
SHA256 259d5004909e727f269fedd43a52091358c8eb1ce976a7951e297831d645c56e
SHA512 7a5d5d4e8e6d3b0df9239d1e4c234368f4aa5157c18866a2b2d9bcd95aeac21680aa3ba6e727408597a8b67e8658c4b91e91d2cbed2a0835d9da7747241bc921

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jj59r4xg.default-release\AlternateServices.bin

MD5 328305dfd114ffca58cc7dddea4d0d01
SHA1 7f0543d69526c1279945f6939d4c4ac9db4b9645
SHA256 65cf2330d42c9eabee5aee8edaee33a987a213aad921b643289a558af9edf658
SHA512 d874dc1d6f44b2ea3b25bdc1ea26c21a88dad3c239e374c7455ec8b3534db41319fc3a479ad92b4e17971707781f87532570ad5889816c891ce6b3be5f553ea0

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jj59r4xg.default-release\datareporting\glean\pending_pings\c9261436-6652-44c5-86b5-40c5e05e171a

MD5 23cbcb1f9c91947ffeb662b76fa13ee4
SHA1 2c423cdf87443d17650f2a4484b5e4d16897f6df
SHA256 31b0bfa8f73b12f67e5dd61400bbc1cbea3edbf9a177a999a32c125d86285c82
SHA512 bf843b271f04b092ccbbec08de09f10eeef51e956eb5d79883ecea83789f237037b60de8ff543744050116387aeea572a266f92c79f356522878d96f03b7f494

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jj59r4xg.default-release\datareporting\glean\db\data.safe.tmp

MD5 dc847ed363366bebd5a15bc20417d5e3
SHA1 4d98cf5a9308ac4cc7ac1d803843f75397c6ca99
SHA256 daa1636207abf9441803eaca82f28a0323ddc069a6e095cb29620f9ae3ebc3de
SHA512 44d40b17c30ef38d62c5b50033fa45401989d586ff96ccd58a7909cf461ee8f43d37b9bf5094a6dcec7a91c40fbd43a7ff4d26449fc4256fe7e2a1463bd58039

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\jj59r4xg.default-release\prefs.js

MD5 31a3366f11cb9560afa8cd14a6f2e311
SHA1 5ad24c95f44cbcce5a174303e30512376d2f1287
SHA256 06c28c7b2e50a94041fafaf5afe1b1b90446dee6309cd0274c8e3995fe3c3bc3
SHA512 7a2a4be9305d1380e3e3038608bcfecc623b797aead9e04a4fc0f471b270ed14ead637f4928edef76a101d238b9a6aa08539f1808850ed2696dc98cf2b768536

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 7e0c10e1251eb8f3214236e4c8739a09
SHA1 eba091e1312b43cb98aacb946bd71a16c4eea792
SHA256 2dae418bfbb0d80119edff46293aa8b5cceadf97858997edae9ffdde703b4384
SHA512 9cbed74b07e98992f507fc5a7cc9e07a3a8bc376c734e9f8f68cef8c2d8cbba83ac8d222b71fa0024a2fab17b8dabc42b636f400f0b84cbb3b8bc18dc173b4fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 62688fd7d0a7b8f2ec841ed888dbe23d
SHA1 19c96fd829046d553c53a0f062cbcd421cae8a8e
SHA256 3f7b1e618bc802de8748acb66efe0a2ffa2c716c4f40aab057bacf03478cf626
SHA512 c0379671403cec4d97e39d47797cd1130a4bbdbf9f2cdf12d4d753e448800c35b6cab35f953968e840886dbe311dffd3ab0a21b6ea9a4039702230f80b6a8a8a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0a675cad7e7ef5ee063ad53c426fcd35
SHA1 048695ca0fbcd850c79f40c1c042f46cfb208b61
SHA256 ca9ee9d25d7bc9b22b4e87c6c7f88a98415a3cf306c65669934b3d17e64ab556
SHA512 0ab729c998fd5f1985301962a8c29f28acb8905094226f3013eb88a1eae88cfa9311f5ddcdfc3e78886ee171f563d6628145d1db06e719ae85642c00e25fa411