Analysis Overview
Threat Level: Known bad
The file https://www.tiktok.com/tag/polarissportsman570?lang=en was found to be: Known bad.
Malicious Activity Summary
Detected google phishing page
Downloads MZ/PE file
Loads dropped DLL
Checks computer location settings
Executes dropped EXE
Reads local data of messenger clients
Adds Run key to start application
Enumerates connected drives
Legitimate hosting services abused for malware hosting/C2
Checks installed software on the system
Detected potential entity reuse from brand STEAM.
Drops file in Program Files directory
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Program crash
Browser Information Discovery
Suspicious behavior: GetForegroundWindowSpam
Modifies Internet Explorer settings
Modifies registry class
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Enumerates system info in registry
Suspicious use of WriteProcessMemory
Checks processor information in registry
NTFS ADS
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of AdjustPrivilegeToken
Modifies registry key
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2025-01-13 10:44
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-01-13 10:44
Reported
2025-01-13 10:59
Platform
win10v2004-20241007-en
Max time kernel
847s
Max time network
846s
Command Line
Signatures
Detected google phishing page
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\app-1.0.9177\Discord.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Reads local data of messenger clients
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Discord = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\Update.exe\" --processStart Discord.exe" | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Steam = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -silent" | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
Checks installed software on the system
Enumerates connected drives
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Detected potential entity reuse from brand STEAM.
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps4_r1_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\bin\shaders\D3D9Overlay.cso_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps4_trackpad_r_touch_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_050_menu_0307.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_060_vehicle_0090.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_rstick_click_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_mouse_r_click_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_040_act_0319.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\switchpro_button_home.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\switchpro_lstick_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\switchpro_rstick.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\public\SteamLoginDialog.res_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\bins_codecs_win32.zip.vz.a7f87baba9068542650f4733de1eec6325d55791_5615796 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps5_trackpad_l_touch_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sc_dpad_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\layout\cloud_pending_sessions_dialog.layout_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps5_l2_soft_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\public\steamclean_english.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps_lfn_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sc_dpad_right_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\shared_mouse_mid_click_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\xbox_rb_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\filter_banned_latam.txt.gz_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\layout\settingsdialog.layout_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\localization\steampops_french-json.js_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_040_act_0303.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_040_act_0326.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\icon_gift.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sc_touchpad_touch.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sc_rt_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\switchpro_lstick_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sd_l5_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\css\chunk~1a96cdf59.css_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_045_move_0170.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps5_trackpad_r_down_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps5_trackpad_r_touch_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_090_media_0301.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_mouse_r_click_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\shared_color_outlined_button_y_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\sounds\ui_steam_smoother_friend_join.m4a_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_045_move_0160.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_010_wpn_0130.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\tabSquareTopLeft.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\localization\xbox_360_thai.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps4_trackpad_up_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_lstick_right.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steam\cached\SettingsSubOverlay.res_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steam\cached\listview_placeholder1.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps4_trackpad_swipe_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\shared_touch_tap_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\switchpro_l2_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\xbox_p3_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sd_l4_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sd_ltrackpad_left_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\public\c19.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\localization\dualshock_4_greek.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\localization\steam_controller_brazilian.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steam\cached\steamui_postlogon_brazilian.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sd_button_menu_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_lstick_left_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\layout\friendpanel_compact.layout_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
Program crash
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\Joke\Flasher.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\DiscordSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\Joke\Avoid.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Discord\Update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Temp1_The-MALWARE-Repo-master.zip\The-MALWARE-Repo-master\Joke\Avoid.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\Joke\Launcher.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\DiscordSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\DiscordSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\gldriverquery.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\Joke\Curfun.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\Joke\CrazyNCS.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\DiscordSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\Joke\Hydra.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Temp1_The-MALWARE-Repo-master.zip\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\DllHost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\Joke\Avoid.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" | C:\Windows\explorer.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\steam\ = "URL:steam protocol" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\steam\DefaultIcon | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Discord\URL Protocol | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\steamlink\ = "URL:steamlink protocol" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Discord | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\steam\Shell\Open | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steam | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\steam\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Discord\shell\open | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steam\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steam | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steamlink\DefaultIcon | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Discord | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\steamlink\Shell | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\steamlink | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\steamlink\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\steamlink\Shell\Open | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steam\DefaultIcon | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Discord\shell\open\command | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4050598569-1597076380-177084960-1000\{381344EC-8314-41D6-8699-61B0D41C087B} | C:\Users\Admin\Desktop\Joke\ChilledWindows.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Discord\ = "URL:Discord Protocol" | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steamlink\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Discord\shell | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Discord\DefaultIcon\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9177\\Discord.exe\",-1" | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steamlink | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\ = "URL:steamlink protocol" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\steam | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\steam\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Discord | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Local Settings | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\ = "URL:steam protocol" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\steam\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\steamlink\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Discord\DefaultIcon | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\steam\Shell | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\steamlink\DefaultIcon | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\steamlink\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Discord\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9177\\Discord.exe\" --url -- \"%1\"" | C:\Windows\System32\reg.exe | N/A |
Modifies registry key
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 846284.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 573886.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 821432.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Steam\steam.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Joke\DesktopBoom.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\steam.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://www.tiktok.com/tag/polarissportsman570?lang=en
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd64e246f8,0x7ffd64e24708,0x7ffd64e24718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3004 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3152 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3160 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5620 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4e8 0x3ec
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5568 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5568 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5752 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5448 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5488 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=7800 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7876 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7756 /prefetch:8
C:\Users\Admin\Downloads\DiscordSetup.exe
"C:\Users\Admin\Downloads\DiscordSetup.exe"
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
"C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe" --install .
C:\Users\Admin\Downloads\DiscordSetup.exe
"C:\Users\Admin\Downloads\DiscordSetup.exe"
C:\Users\Admin\Downloads\DiscordSetup.exe
"C:\Users\Admin\Downloads\DiscordSetup.exe"
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
"C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe" --install .
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
"C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe" --install .
C:\Users\Admin\AppData\Local\Discord\app-1.0.9177\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9177\Discord.exe" --squirrel-install 1.0.9177
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\AppData\Local\Discord\app-1.0.9177\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9177\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:4 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9177 --annotation=plat=Win64 --annotation=prod=Electron --annotation=ver=32.2.7 --initial-client-data=0x51c,0x524,0x528,0x520,0x52c,0x7ff7b8696bb0,0x7ff7b8696bbc,0x7ff7b8696bc8
C:\Users\Admin\AppData\Local\Discord\Update.exe
C:\Users\Admin\AppData\Local\Discord\Update.exe --createShortcut Discord.exe --setupIcon C:\Users\Admin\AppData\Local\Discord\app.ico
C:\Users\Admin\AppData\Local\Discord\app-1.0.9177\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9177\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1960,i,14054625871935246350,1077656310688624170,262144 --disable-features=AllowAggressiveThrottlingWithWebSocket,HardwareMediaKeyHandling,IntensiveWakeUpThrottling,MediaSessionService,SpareRendererForSitePerProcess,UseEcoQoSForBackgroundProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=1952 /prefetch:2
C:\Users\Admin\AppData\Local\Discord\app-1.0.9177\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9177\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=sentry-ipc --field-trial-handle=2328,i,14054625871935246350,1077656310688624170,262144 --disable-features=AllowAggressiveThrottlingWithWebSocket,HardwareMediaKeyHandling,IntensiveWakeUpThrottling,MediaSessionService,SpareRendererForSitePerProcess,UseEcoQoSForBackgroundProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2324 /prefetch:3
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord /d "\"C:\Users\Admin\AppData\Local\Discord\Update.exe\" --processStart Discord.exe" /f
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /ve /d "URL:Discord Protocol" /f
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /v "URL Protocol" /f
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\DefaultIcon /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9177\Discord.exe\",-1" /f
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\shell\open\command /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9177\Discord.exe\" --url -- \"%1\"" /f
C:\Users\Admin\Downloads\DiscordSetup.exe
"C:\Users\Admin\Downloads\DiscordSetup.exe"
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
"C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe" --install .
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5144 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7064 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7388 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7624 /prefetch:8
C:\Users\Admin\Downloads\SteamSetup.exe
"C:\Users\Admin\Downloads\SteamSetup.exe"
C:\Program Files (x86)\Steam\bin\steamservice.exe
"C:\Program Files (x86)\Steam\bin\steamservice.exe" /Install
C:\Program Files (x86)\Steam\steam.exe
"C:\Program Files (x86)\Steam\steam.exe"
C:\Program Files (x86)\Steam\steam.exe
"C:\Program Files (x86)\Steam\steam.exe"
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Admin\AppData\Local\Steam\htmlcache" "-steampid=14412" "-buildid=1733265492" "-steamid=0" "-logdir=C:\Program Files (x86)\Steam\logs" "-uimode=7" "-startcount=0" "-steamuniverse=Public" "-realm=Global" "-clientui=C:\Program Files (x86)\Steam\clientui" "-steampath=C:\Program Files (x86)\Steam\steam.exe" "-launcher=0" --valve-enable-site-isolation --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-quick-menu "--enable-features=PlatformHEVCDecoderSupport" "--disable-features=SpareRendererForSitePerProcess,DcheckIsFatal,ValveFFmpegAllowLowDelayHEVC"
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:4 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\Admin\AppData\Local\CEF\User Data" --url=https://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1733265492 --initial-client-data=0x280,0x284,0x288,0x27c,0x28c,0x7ffd50e3af00,0x7ffd50e3af0c,0x7ffd50e3af18
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1733265492 --steamid=0 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1584,i,1176576469398316912,7933088477342531535,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=1588 --mojo-platform-channel-handle=1576 /prefetch:2
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1733265492 --steamid=0 --field-trial-handle=2216,i,1176576469398316912,7933088477342531535,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2220 --mojo-platform-channel-handle=2212 /prefetch:3
C:\Program Files (x86)\Steam\bin\gldriverquery64.exe
.\bin\gldriverquery64.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1733265492 --steamid=0 --field-trial-handle=2860,i,1176576469398316912,7933088477342531535,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2864 --mojo-platform-channel-handle=2856 /prefetch:8
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1733265492 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3140,i,1176576469398316912,7933088477342531535,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3144 --mojo-platform-channel-handle=3136 /prefetch:1
C:\Program Files (x86)\Steam\bin\gldriverquery.exe
.\bin\gldriverquery.exe
C:\Program Files (x86)\Steam\bin\vulkandriverquery64.exe
.\bin\vulkandriverquery64.exe
C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe
.\bin\vulkandriverquery.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1733265492 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3796,i,1176576469398316912,7933088477342531535,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3780 --mojo-platform-channel-handle=3812 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1733265492 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3992,i,1176576469398316912,7933088477342531535,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3996 --mojo-platform-channel-handle=3988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6664 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6592 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1733265492 --steamid=0 --field-trial-handle=4360,i,1176576469398316912,7933088477342531535,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3816 --mojo-platform-channel-handle=2056 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3220 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,4201971672996364809,7014533741657677821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8220 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\Temp1_The-MALWARE-Repo-master.zip\The-MALWARE-Repo-master\Joke\Avoid.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_The-MALWARE-Repo-master.zip\The-MALWARE-Repo-master\Joke\Avoid.exe"
C:\Users\Admin\AppData\Local\Temp\Temp1_The-MALWARE-Repo-master.zip\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_The-MALWARE-Repo-master.zip\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 7596 -ip 7596
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 7596 -s 1200
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault36bf467dh767ch450dha3f4h856bde652adc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0x104,0x134,0x7ffd64e246f8,0x7ffd64e24708,0x7ffd64e24718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,17649372101374741550,5273631234429040280,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,17649372101374741550,5273631234429040280,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2344 /prefetch:3
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding
C:\Users\Admin\Desktop\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe
"C:\Users\Admin\Desktop\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 9672 -ip 9672
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 9672 -s 1556
C:\Users\Admin\Desktop\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe
"C:\Users\Admin\Desktop\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 492 -p 9964 -ip 9964
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 9964 -s 1528
C:\Users\Admin\Desktop\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe
"C:\Users\Admin\Desktop\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 480 -p 10072 -ip 10072
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10072 -s 1540
C:\Users\Admin\Desktop\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe
"C:\Users\Admin\Desktop\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 508 -p 10208 -ip 10208
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10208 -s 1528
C:\Users\Admin\Desktop\Joke\Avoid.exe
"C:\Users\Admin\Desktop\Joke\Avoid.exe"
C:\Users\Admin\Desktop\Joke\Flasher.exe
"C:\Users\Admin\Desktop\Joke\Flasher.exe"
C:\Users\Admin\Desktop\Joke\Hydra.exe
"C:\Users\Admin\Desktop\Joke\Hydra.exe"
C:\Users\Admin\Desktop\Joke\Launcher.exe
"C:\Users\Admin\Desktop\Joke\Launcher.exe"
C:\Users\Admin\Desktop\Joke\Melting.exe
"C:\Users\Admin\Desktop\Joke\Melting.exe"
C:\Users\Admin\Desktop\Joke\Avoid.exe
"C:\Users\Admin\Desktop\Joke\Avoid.exe"
C:\Users\Admin\Desktop\Joke\ChilledWindows.exe
"C:\Users\Admin\Desktop\Joke\ChilledWindows.exe"
C:\Users\Admin\Desktop\Joke\CookieClickerHack.exe
"C:\Users\Admin\Desktop\Joke\CookieClickerHack.exe"
C:\Users\Admin\Desktop\Joke\CrazyNCS.exe
"C:\Users\Admin\Desktop\Joke\CrazyNCS.exe"
C:\Users\Admin\Desktop\Joke\Curfun.exe
"C:\Users\Admin\Desktop\Joke\Curfun.exe"
C:\Users\Admin\Desktop\Joke\DesktopBoom.exe
"C:\Users\Admin\Desktop\Joke\DesktopBoom.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 75.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.tiktok.com | udp |
| FR | 23.33.27.75:443 | www.tiktok.com | tcp |
| US | 8.8.8.8:53 | sf16-website-login.neutral.ttwstatic.com | udp |
| FR | 95.101.134.203:443 | sf16-website-login.neutral.ttwstatic.com | tcp |
| FR | 95.101.134.203:443 | sf16-website-login.neutral.ttwstatic.com | tcp |
| FR | 95.101.134.203:443 | sf16-website-login.neutral.ttwstatic.com | tcp |
| FR | 95.101.134.203:443 | sf16-website-login.neutral.ttwstatic.com | tcp |
| FR | 95.101.134.203:443 | sf16-website-login.neutral.ttwstatic.com | tcp |
| FR | 95.101.134.203:443 | sf16-website-login.neutral.ttwstatic.com | tcp |
| FR | 95.101.134.203:443 | sf16-website-login.neutral.ttwstatic.com | tcp |
| US | 8.8.8.8:53 | 75.27.33.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.134.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mon16-normal-no1a.tiktokv.eu | udp |
| FR | 23.33.27.81:443 | mon16-normal-no1a.tiktokv.eu | tcp |
| US | 8.8.8.8:53 | mcs16-normal-no1a.tiktokw.eu | udp |
| US | 8.8.8.8:53 | libraweb-ttp2.tiktokw.eu | udp |
| FR | 23.33.27.91:443 | mcs16-normal-no1a.tiktokw.eu | tcp |
| FR | 23.33.27.66:443 | libraweb-ttp2.tiktokw.eu | tcp |
| FR | 23.33.27.91:443 | mcs16-normal-no1a.tiktokw.eu | tcp |
| US | 8.8.8.8:53 | 81.27.33.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.27.33.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.27.33.23.in-addr.arpa | udp |
| FR | 23.33.27.91:443 | mcs16-normal-no1a.tiktokw.eu | tcp |
| US | 8.8.8.8:53 | storage.googleapis.com | udp |
| GB | 172.217.16.251:443 | storage.googleapis.com | tcp |
| GB | 172.217.16.251:443 | storage.googleapis.com | udp |
| US | 8.8.8.8:53 | mon-i18n.tiktokv.com | udp |
| GB | 71.18.4.241:443 | mon-i18n.tiktokv.com | tcp |
| US | 8.8.8.8:53 | lf16-tiktok-common.ibytedtos.com | udp |
| FR | 23.33.27.112:443 | lf16-tiktok-common.ibytedtos.com | tcp |
| FR | 23.33.27.112:443 | lf16-tiktok-common.ibytedtos.com | tcp |
| FR | 23.33.27.112:443 | lf16-tiktok-common.ibytedtos.com | tcp |
| FR | 23.33.27.75:443 | libraweb-ttp2.tiktokw.eu | tcp |
| US | 8.8.8.8:53 | 251.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.4.18.71.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sf16-sg.tiktokcdn.com | udp |
| FR | 95.101.134.96:443 | sf16-sg.tiktokcdn.com | tcp |
| US | 8.8.8.8:53 | webmssdk16-normal-no1a.tiktokw.eu | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | stun.l.google.com | udp |
| FR | 23.33.27.74:443 | webmssdk16-normal-no1a.tiktokw.eu | tcp |
| US | 74.125.250.129:19302 | stun.l.google.com | udp |
| US | 8.8.8.8:53 | 112.27.33.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.134.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.250.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.27.33.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mon.tiktokv.com | udp |
| FR | 95.100.203.200:443 | mon.tiktokv.com | tcp |
| US | 74.125.250.129:19302 | stun.l.google.com | udp |
| FR | 95.100.203.200:443 | mon.tiktokv.com | tcp |
| FR | 23.33.27.81:443 | mon16-normal-no1a.tiktokv.eu | tcp |
| US | 8.8.8.8:53 | 200.203.100.95.in-addr.arpa | udp |
| FR | 23.33.27.81:443 | mon16-normal-no1a.tiktokv.eu | tcp |
| US | 8.8.8.8:53 | p16-sign-va.tiktokcdn.com | udp |
| US | 8.8.8.8:53 | v16-webapp-prime.tiktok.com | udp |
| FR | 23.33.27.80:443 | v16-webapp-prime.tiktok.com | tcp |
| US | 8.8.8.8:53 | p16-pu-sign-no.tiktokcdn-eu.com | udp |
| US | 8.8.8.8:53 | p16-sign-useast2a.tiktokcdn.com | udp |
| US | 8.8.8.8:53 | p77-sign-va.tiktokcdn.com | udp |
| FR | 23.33.27.96:443 | p16-pu-sign-no.tiktokcdn-eu.com | tcp |
| FR | 23.33.27.96:443 | p16-pu-sign-no.tiktokcdn-eu.com | tcp |
| GB | 84.17.50.53:443 | p77-sign-va.tiktokcdn.com | tcp |
| GB | 84.17.50.53:443 | p77-sign-va.tiktokcdn.com | tcp |
| US | 8.8.8.8:53 | p16-sign-sg.tiktokcdn.com | udp |
| US | 8.8.8.8:53 | 80.27.33.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.27.33.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.50.17.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | webcast.tiktok.com | udp |
| FR | 95.100.200.144:443 | webcast.tiktok.com | tcp |
| US | 8.8.8.8:53 | p16-sign.tiktokcdn-us.com | udp |
| US | 23.38.167.232:443 | p16-sign.tiktokcdn-us.com | tcp |
| US | 8.8.8.8:53 | 144.200.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.167.38.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s20.tiktokcdn.com | udp |
| US | 8.8.8.8:53 | p16-va.tiktokcdn.com | udp |
| US | 8.8.8.8:53 | v16.tiktokcdn.com | udp |
| US | 8.8.8.8:53 | starling-ttp2.tiktokv.eu | udp |
| US | 8.8.8.8:53 | mcs-ie2.tiktokw.eu | udp |
| GB | 71.18.4.241:443 | mon-i18n.tiktokv.com | tcp |
| FR | 23.33.27.81:443 | mcs-ie2.tiktokw.eu | tcp |
| US | 8.8.8.8:53 | p77-sign-sg.tiktokcdn.com | udp |
| GB | 84.17.50.53:443 | p77-sign-sg.tiktokcdn.com | tcp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p16-pu-sign-useast8.tiktokcdn-us.com | udp |
| US | 23.38.167.145:443 | p16-pu-sign-useast8.tiktokcdn-us.com | tcp |
| US | 8.8.8.8:53 | 145.167.38.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| FR | 23.33.27.80:443 | v16-webapp-prime.tiktok.com | tcp |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| FR | 95.100.200.115:443 | www.bing.com | tcp |
| FR | 95.100.200.115:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| FR | 95.100.200.113:443 | r.bing.com | tcp |
| FR | 95.100.200.113:443 | r.bing.com | tcp |
| FR | 95.100.200.107:443 | r.bing.com | tcp |
| FR | 95.100.200.107:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 115.200.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.200.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.200.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.64:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 64.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | poki.com | udp |
| US | 104.18.143.9:443 | poki.com | tcp |
| US | 104.18.143.9:443 | poki.com | tcp |
| US | 8.8.8.8:53 | img.poki-cdn.com | udp |
| US | 8.8.8.8:53 | a.poki-cdn.com | udp |
| US | 172.64.153.109:443 | a.poki-cdn.com | tcp |
| US | 172.64.153.109:443 | a.poki-cdn.com | tcp |
| US | 172.64.153.109:443 | a.poki-cdn.com | tcp |
| US | 172.64.153.109:443 | a.poki-cdn.com | tcp |
| US | 172.64.153.109:443 | a.poki-cdn.com | tcp |
| US | 172.64.153.109:443 | a.poki-cdn.com | tcp |
| US | 172.64.153.109:443 | a.poki-cdn.com | tcp |
| US | 8.8.8.8:53 | 9.143.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.153.64.172.in-addr.arpa | udp |
| US | 172.64.153.109:443 | a.poki-cdn.com | tcp |
| US | 8.8.8.8:53 | t.poki.io | udp |
| US | 34.120.56.101:443 | t.poki.io | tcp |
| US | 34.120.56.101:443 | t.poki.io | tcp |
| US | 34.120.56.101:443 | t.poki.io | tcp |
| US | 104.18.143.9:443 | poki.com | tcp |
| US | 8.8.8.8:53 | v.poki-cdn.com | udp |
| US | 8.8.8.8:53 | 101.56.120.34.in-addr.arpa | udp |
| US | 34.120.56.101:443 | t.poki.io | udp |
| US | 8.8.8.8:53 | api.poki.com | udp |
| US | 8.8.8.8:53 | game-cdn.poki.com | udp |
| US | 8.8.8.8:53 | games.poki.com | udp |
| US | 8.8.8.8:53 | 5dd30ab4-015f-11ea-ad56-9cb6d0d995f7.poki-gdn.com | udp |
| US | 104.18.42.70:443 | 5dd30ab4-015f-11ea-ad56-9cb6d0d995f7.poki-gdn.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | tcp |
| GB | 216.58.201.106:443 | imasdk.googleapis.com | tcp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.201.106:443 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | devs-api.poki.com | udp |
| GB | 216.58.204.70:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | 58c2f51ae0d84addf740cf0c29d7817d.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 172.217.169.1:443 | 58c2f51ae0d84addf740cf0c29d7817d.safeframe.googlesyndication.com | tcp |
| GB | 172.217.16.226:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 216.58.201.97:443 | ep2.adtrafficquality.google | tcp |
| GB | 216.58.201.97:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 70.42.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.180.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.180.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.180.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.180.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.180.1:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| GB | 172.217.16.226:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | p16-sign-useast2a.tiktokcdn.com | udp |
| US | 8.8.8.8:53 | p16-sign-va.tiktokcdn.com | udp |
| US | 8.8.8.8:53 | p77-sign-va-lite.tiktokcdn.com | udp |
| FR | 95.100.202.210:443 | p16-sign-va.tiktokcdn.com | tcp |
| FR | 95.100.202.210:443 | p16-sign-va.tiktokcdn.com | tcp |
| FR | 95.100.202.184:443 | p16-sign-useast2a.tiktokcdn.com | tcp |
| GB | 84.17.50.39:443 | p77-sign-va-lite.tiktokcdn.com | tcp |
| US | 8.8.8.8:53 | p16-pu-sign-no.tiktokcdn-eu.com | udp |
| FR | 95.100.203.177:443 | p16-pu-sign-no.tiktokcdn-eu.com | tcp |
| US | 8.8.8.8:53 | 39.50.17.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.202.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.202.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 177.203.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.tiktok.com | udp |
| US | 8.8.8.8:53 | p16-sign-sg.tiktokcdn.com | udp |
| US | 8.8.8.8:53 | p19-sign.tiktokcdn-us.com | udp |
| US | 199.232.38.73:443 | p19-sign.tiktokcdn-us.com | tcp |
| US | 8.8.8.8:53 | 73.38.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p16-sign.tiktokcdn-us.com | udp |
| US | 23.223.209.9:443 | p16-sign.tiktokcdn-us.com | tcp |
| US | 8.8.8.8:53 | 9.209.223.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sf16-website-login.neutral.ttwstatic.com | udp |
| FR | 95.100.202.218:443 | sf16-website-login.neutral.ttwstatic.com | tcp |
| US | 8.8.8.8:53 | 218.202.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mon16-normal-no1a.tiktokv.eu | udp |
| FR | 23.33.27.81:443 | mon16-normal-no1a.tiktokv.eu | tcp |
| US | 8.8.8.8:53 | v16-webapp.tiktok.com | udp |
| FR | 23.33.27.82:443 | v16-webapp.tiktok.com | tcp |
| US | 8.8.8.8:53 | 82.27.33.23.in-addr.arpa | udp |
| FR | 23.33.27.81:443 | mon16-normal-no1a.tiktokv.eu | tcp |
| US | 8.8.8.8:53 | mcs-ie.tiktokw.eu | udp |
| FR | 23.33.27.88:443 | mcs-ie.tiktokw.eu | tcp |
| US | 8.8.8.8:53 | web-va.tiktok.com | udp |
| FR | 95.100.200.123:443 | web-va.tiktok.com | tcp |
| US | 8.8.8.8:53 | us.tiktok.com | udp |
| US | 8.8.8.8:53 | web-i18n.tiktok.com | udp |
| FR | 23.33.27.112:443 | us.tiktok.com | tcp |
| FR | 23.33.27.112:443 | us.tiktok.com | tcp |
| FR | 95.100.200.123:443 | web-i18n.tiktok.com | tcp |
| FR | 95.100.200.65:443 | web-i18n.tiktok.com | tcp |
| US | 8.8.8.8:53 | v16-webapp-prime.tiktok.com | udp |
| FR | 95.100.203.178:443 | v16-webapp-prime.tiktok.com | tcp |
| US | 8.8.8.8:53 | 88.27.33.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.200.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.200.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.203.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | m.tiktok.com | udp |
| FR | 95.100.203.218:443 | m.tiktok.com | tcp |
| US | 8.8.8.8:53 | 218.203.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | webmssdk16-normal-no1a.tiktokw.eu | udp |
| FR | 23.33.27.74:443 | webmssdk16-normal-no1a.tiktokw.eu | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| FR | 95.100.200.98:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 98.200.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 162.159.137.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | cdn.prod.website-files.com | udp |
| US | 8.8.8.8:53 | cdn.localizeapi.com | udp |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| US | 104.18.160.117:443 | cdn.prod.website-files.com | tcp |
| US | 172.67.41.53:443 | cdn.localizeapi.com | tcp |
| GB | 172.217.169.10:443 | ajax.googleapis.com | tcp |
| GB | 172.217.169.10:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | d3e54v103j8qbb.cloudfront.net | udp |
| NL | 108.156.61.73:443 | d3e54v103j8qbb.cloudfront.net | tcp |
| US | 104.18.160.117:443 | cdn.prod.website-files.com | tcp |
| US | 104.18.160.117:443 | cdn.prod.website-files.com | tcp |
| US | 104.18.160.117:443 | cdn.prod.website-files.com | tcp |
| US | 104.18.160.117:443 | cdn.prod.website-files.com | tcp |
| US | 104.18.160.117:443 | cdn.prod.website-files.com | tcp |
| US | 8.8.8.8:53 | 232.137.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.134.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.160.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.41.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.61.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| GB | 172.217.169.78:443 | www.youtube.com | tcp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| GB | 172.217.169.78:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 72.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| GB | 172.217.169.10:443 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | stable.dl2.discordapp.net | udp |
| US | 34.126.226.51:443 | stable.dl2.discordapp.net | tcp |
| US | 8.8.8.8:53 | 51.226.126.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| FR | 95.100.200.99:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 99.200.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fpt.microsoft.com | udp |
| US | 52.167.30.171:443 | fpt.microsoft.com | tcp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| FR | 2.22.57.122:443 | store.steampowered.com | tcp |
| FR | 2.22.57.122:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | 171.30.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.57.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.fastly.steamstatic.com | udp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | cdn.fastly.steamstatic.com | udp |
| US | 151.101.67.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | shared.fastly.steamstatic.com | udp |
| US | 151.101.3.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 52.67.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.3.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.131.101.151.in-addr.arpa | udp |
| FR | 2.22.57.122:443 | store.steampowered.com | tcp |
| FR | 2.22.57.122:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | cdn.steamstatic.com | udp |
| US | 151.101.3.52:443 | cdn.steamstatic.com | tcp |
| US | 8.8.8.8:53 | r11.o.lencr.org | udp |
| GB | 2.23.210.82:80 | r11.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 26.58.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.210.23.2.in-addr.arpa | udp |
| US | 151.101.3.52:443 | cdn.steamstatic.com | tcp |
| US | 151.101.3.52:443 | cdn.steamstatic.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| FR | 95.100.202.16:443 | aefd.nelreports.net | tcp |
| FR | 95.100.202.16:443 | aefd.nelreports.net | tcp |
| US | 8.8.8.8:53 | 16.202.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | test.steampowered.com | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| US | 8.8.8.8:53 | ipv6check-udp.steamserver.net | udp |
| GB | 2.19.117.24:80 | test.steampowered.com | tcp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | 24.117.19.2.in-addr.arpa | udp |
| N/A | 127.0.0.1:63088 | tcp | |
| N/A | 127.0.0.1:63072 | tcp | |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.82.131.75:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | 75.131.82.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cmp2-gru1.steamserver.net | udp |
| BR | 155.133.227.58:27019 | cmp2-gru1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp1-gru1.steamserver.net | udp |
| BR | 155.133.227.42:27020 | cmp1-gru1.steamserver.net | tcp |
| BR | 155.133.227.58:443 | cmp2-gru1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext2-eze1.steamserver.net | udp |
| AR | 155.133.255.164:27019 | ext2-eze1.steamserver.net | tcp |
| US | 8.8.8.8:53 | e5.o.lencr.org | udp |
| GB | 2.23.210.82:80 | e5.o.lencr.org | tcp |
| US | 8.8.8.8:53 | e6.o.lencr.org | udp |
| GB | 2.23.210.82:80 | e6.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 58.227.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.227.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.255.133.155.in-addr.arpa | udp |
| AR | 155.133.255.164:27028 | ext2-eze1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext1-eze1.steamserver.net | udp |
| AR | 155.133.255.100:443 | ext1-eze1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext1-scl1.steamserver.net | udp |
| CL | 155.133.249.180:27021 | ext1-scl1.steamserver.net | tcp |
| CL | 155.133.249.180:27038 | ext1-scl1.steamserver.net | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:53 | ext2-scl1.steamserver.net | udp |
| CL | 155.133.249.164:443 | ext2-scl1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext1-lim1.steamserver.net | udp |
| PE | 155.133.244.34:27024 | ext1-lim1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 180.249.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.255.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cmp2-iad1.steamserver.net | udp |
| US | 162.254.192.99:27020 | cmp2-iad1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-sea1.steamserver.net | udp |
| US | 205.196.6.133:443 | cmp2-sea1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 164.249.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.244.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.192.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.6.196.205.in-addr.arpa | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| FR | 2.22.57.122:443 | store.steampowered.com | tcp |
| US | 104.18.42.105:443 | tcp | |
| US | 104.18.42.105:443 | tcp | |
| US | 104.18.42.105:443 | tcp | |
| US | 8.8.8.8:53 | 105.42.18.104.in-addr.arpa | udp |
| US | 104.19.230.21:443 | udp | |
| US | 104.18.42.105:443 | tcp | |
| US | 104.19.230.21:443 | tcp | |
| US | 8.8.8.8:53 | 21.230.19.104.in-addr.arpa | udp |
| US | 104.19.230.21:443 | udp | |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 2.22.249.66:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 66.249.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mail.google.com | udp |
| GB | 142.250.180.5:80 | mail.google.com | tcp |
| GB | 142.250.180.5:80 | mail.google.com | tcp |
| GB | 142.250.180.5:443 | mail.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 5.180.250.142.in-addr.arpa | udp |
| BE | 142.251.173.84:443 | accounts.google.com | tcp |
| BE | 142.251.173.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 84.173.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 216.58.204.67:443 | tcp | |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.35.104.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p2p-iad1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| US | 8.8.8.8:53 | ipv6check-udp.steamserver.net | udp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.82.131.75:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | cmp2-sgp1.steamserver.net | udp |
| SG | 103.10.124.5:27020 | cmp2-sgp1.steamserver.net | tcp |
| SG | 103.10.124.5:27018 | cmp2-sgp1.steamserver.net | tcp |
| SG | 103.10.124.5:443 | cmp2-sgp1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-hkg1.steamserver.net | udp |
| HK | 103.28.54.101:27022 | cmp2-hkg1.steamserver.net | tcp |
| US | 8.8.8.8:53 | e5.o.lencr.org | udp |
| GB | 2.23.210.75:80 | e5.o.lencr.org | tcp |
| US | 8.8.8.8:53 | cmp3-hkg1.steamserver.net | udp |
| HK | 103.28.54.102:27022 | cmp3-hkg1.steamserver.net | tcp |
| HK | 103.28.54.102:443 | cmp3-hkg1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp1-tyo3.steamserver.net | udp |
| JP | 45.121.184.100:27020 | cmp1-tyo3.steamserver.net | tcp |
| JP | 45.121.184.100:27019 | cmp1-tyo3.steamserver.net | tcp |
| US | 8.8.8.8:53 | 5.124.10.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.54.28.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | e6.o.lencr.org | udp |
| GB | 2.23.210.75:80 | e6.o.lencr.org | tcp |
| JP | 45.121.184.100:443 | cmp1-tyo3.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp1-lax1.steamserver.net | udp |
| US | 162.254.195.69:443 | cmp1-lax1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-lax1.steamserver.net | udp |
| US | 162.254.195.75:27018 | cmp2-lax1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-ord1.steamserver.net | udp |
| US | 162.254.193.75:27018 | cmp2-ord1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 100.184.121.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.54.28.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p2p-ord1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.117.146:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | 69.195.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.193.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.195.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.117.19.2.in-addr.arpa | udp |
| GB | 216.58.204.67:443 | udp | |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 92.123.128.167:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 167.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| GB | 92.123.128.167:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 185.199.111.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.111.133:443 | user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.114.82.140.in-addr.arpa | udp |
| GB | 92.123.128.167:443 | th.bing.com | tcp |
| GB | 20.26.156.216:443 | codeload.github.com | tcp |
| US | 8.8.8.8:53 | 216.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| FR | 95.100.202.75:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | 75.202.100.95.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e443ee4336fcf13c698b8ab5f3c173d0 |
| SHA1 | 9bf70b16f03820cbe3158e1f1396b07b8ac9d75a |
| SHA256 | 79e277da2074f9467e0518f0f26ca2ba74914bee82553f935a0ccf64a0119e8b |
| SHA512 | cbf6f6aa0ea69b47f51592296da2b7be1180e7b483c61b4d17ba9ee1a2d3345cbe0987b96f4e25de1438b553db358f330aad8a26e8522601f055c3d5a8313cdd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 56a4f78e21616a6e19da57228569489b |
| SHA1 | 21bfabbfc294d5f2aa1da825c5590d760483bc76 |
| SHA256 | d036661e765ee8fd18978a2b5501e8df6b220e4bca531d9860407555294c96fb |
| SHA512 | c2c3cd1152bb486028fe75ab3ce0d0bc9d64c4ca7eb8860ddd934b2f6e0140d2c913af4fa082b88e92a6a6d20fd483a1cb9813209f371a0f56374bc97d7f863b |
\??\pipe\LOCAL\crashpad_2400_JZECTYAPORYCCDHF
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fa36bd29ab44ecb239cf99826c10587d |
| SHA1 | 1e6cb777e567f82a189c65d03e8dcf3a421a3d88 |
| SHA256 | 55d714d9f580530272075b5e30ccf26e5e97400f9dfedba124b08e60e32589b4 |
| SHA512 | c7b6269b8dbfc3935f36a85824aae96f98c3d116eea0dbc399a9a3217a706e49bece17653087647e59281d1230a0129ef703cee44e54767f0e9b0cbb8cf39a21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\index.txt
| MD5 | 7b414273622fa054a382408528b76504 |
| SHA1 | 3bd4f9520e848424603517ccd2f18f0769b1c922 |
| SHA256 | 7baf451bd186c876a7905eabc19ce0acd0eca653fff502e94d970b941564c381 |
| SHA512 | e9eee01af0c3db438a6a00f61c2f08132c0952de031066fb02a44a325ef54eeee0d204eda793506d489ea63015a344f6f457701199a7459a74db4f1cf68b8838 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\index.txt~RFe578964.TMP
| MD5 | 397050ee14989bff52677a962ef8781a |
| SHA1 | a3c7e94a670a88553bfd1935df13ed353af43d4f |
| SHA256 | dfc9df5bac669b89120cc8740f1f5258e3bee7f2ed49267a8a3f38eba09c25a7 |
| SHA512 | c58dc2e4dac2bd46b6cb2b26ff05deee55418ac50cc5340e472de634c531c93863d800f645a99fd243fe2478e272f67590c161a41b46b91cfd1228a4dbcaaffc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a
| MD5 | 5e53ed25086aaa0d3337101b741466ae |
| SHA1 | 08b6244aa107201b2b4e6e76ce4c123dcacda182 |
| SHA256 | 5ac2037030385ad8cf10e486b44475d778eef2e2a377751fbf3c938fd3991b1c |
| SHA512 | 7c90e1b48ee9a1dc112bc1921e2a42f4d329d734be246ed488aaead60ff14e2581580e6629bd2b24c109cb66279190df3ee494eb83d1b96f418886cd72f2747a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018
| MD5 | fdf2600d905a0faa060d691e0212e1a7 |
| SHA1 | 62550f0993a219e265ff9a0795a4d9f49b28748f |
| SHA256 | 52a37b3a78eb5b59df3bdb129b9115c6fed9bec6ca62b55ae56d8c2701de5972 |
| SHA512 | 7118d2ea3aafe3d77709842da20acbe3faaf4c6c92a50ab05ecd4986916bbb92fe297a1b00357572683b02c61762cdf31dc425f03221dd169803252db5f04f7f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d7e464fe27eed47bcdbd57ac19c3157b |
| SHA1 | 53fca433d88d110d2b21d3e2a5e2149471fcfbee |
| SHA256 | 2e132903d9fe3506f98e9634048f8e3d5cfc886ed8bf8e9b144ab2e16b9d0f98 |
| SHA512 | e07691306f4941b6b19693e80a4d9ecd2ea7fb95c13bd1d07082d530742208d8e94d3b5301a080d28d6a6088a98bafc7269ee648b86bf53074a96286594a1007 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 347391463ce1794b767747ed48ad0201 |
| SHA1 | 4252b632203e8c047e1cb23593b2ddcdd752a357 |
| SHA256 | 46c7d588b9f3a1d2614d6b12b5bfe1b30fc22353d7209160e4efced7261b0fd9 |
| SHA512 | 3dc2782681c0b22829cf4f1aeca7b3bb7e3891b8003ea01a435e734cfb6e7735d7c8640b0661d3529a69db5eb5ee9c485b6b9e1599ef7cf8ce348c57414c6566 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 10f2b2a5e5bed9a28f46d6bd4dc028d6 |
| SHA1 | 1fb07c9362d20a56b9f6667ea669979df0573158 |
| SHA256 | 8f9fcf6257e4c683e4bcbb82ca48355606a6dca6452fa1c98912b29c659aa993 |
| SHA512 | 2bb81c267c79c0528e0d689cffe13418cb884a6b3a3b7e8c88844aa3954de0cc988bd8c0247c190600e8282a42bbd79c39d883abbf9320993ee9137af13d5a74 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57cf66.TMP
| MD5 | 8d52a9f743f7e80b8ca4da411ade972e |
| SHA1 | 9f72837f4c9df4f17241b52af943ffa5dbc17190 |
| SHA256 | 6b6222600d79482b5e67f77dc28c5f05bcd9c5dfe6c23648fa3774802a376968 |
| SHA512 | 28edf1e42a6f93dbde3f7f26c56ffd24f7b319a1aa2ca7c9d5eaff66246f8a5ef5b4b8a675b840d390075503c244423d4cfa6dfa111e17ec26341284a84476aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57d764.TMP
| MD5 | 23e61cece0689668bb6cd22ae1a4d7a3 |
| SHA1 | a0444852c336acc681cc79518217a9918d2bc3a2 |
| SHA256 | 8e84ac5f5d7aaba377f03ca6d5e8b14001aba441e514609db7728a52a99a8a8f |
| SHA512 | bfe31ae9d06e87ca70303b83e50242884f2ac380cdc2c801ecdf0bc0e1f1bfbdcc2aac2ff65d9ede1be546708bc218e78cc92a12ac50b8303207e73408e0c350 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | d5cbaecd54950bfecf4df91ae6663027 |
| SHA1 | 5946890032d66f8d230f7e96fce316dc2ceb2a22 |
| SHA256 | cd6f78dcd08728f82cee6f745b7ca2b7df6e17ef4ad4ae7aa6b57ade2308ea25 |
| SHA512 | 67781a056020de92e09f66b5640b9979c7e8aa13305e611f9be3bbb44efd594b356e3d1c0e1d9fb188373c1e597ee3d6aa5138973b7eb97efcee0ea70d75f783 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\928b19b7-0cc8-4e6a-b503-70666e9bee77\index-dir\the-real-index~RFe57d7a3.TMP
| MD5 | 36d937ec8aac26a31a3a57eeec7d076d |
| SHA1 | 257807ed940f1ad3cc5e530db659f1cdf607da28 |
| SHA256 | dccb727b24a5da4d9e711f08dd90a430f937499fbd5c217e48bdcb8259c0107e |
| SHA512 | a2b827ee5b409eff8dddd39a16137f4a42fe617e564be06c4f73b653004806cf588edf71802980147ea6e95b62f28919121369a43f2b1bc46057dcb35a241ef2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\928b19b7-0cc8-4e6a-b503-70666e9bee77\index-dir\the-real-index
| MD5 | ae20928a6ef17a379665fefdd4fe6a0b |
| SHA1 | a36ba8ef3c3096aabd4ad48e23b0e97c0f386a45 |
| SHA256 | e3a1446489fa50baa3712fb8697039a083293ea84940355f746bf10bfd70da95 |
| SHA512 | 52ced6b1cf8ebb23fd45fda14573164be74f07c52c8405e7ff076608ed14567847c2c45ab1aea81e1333db4af9bda397f450f513777b867f98472ca571ab457b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\108e6188-65c1-4035-bb58-44c929bd6257\index-dir\the-real-index
| MD5 | c09a31df7066cf4a66e27993db205c97 |
| SHA1 | 7d0ff7d940d84ebe070c79f842756852fdbeec25 |
| SHA256 | 909bf265c11d4e150a07bf96a2f0a4ea2c114711cd841a0fd0a8ceb8c18c5c5e |
| SHA512 | e88a310bc3c61f24f55b8a37816df14d78a121579a197800b9dfa74dfb3d17eb963bce8d1dec5e5767875f341965c81f86e4210e033bd1f8e08d788df6dfaf81 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\108e6188-65c1-4035-bb58-44c929bd6257\index-dir\the-real-index~RFe57d958.TMP
| MD5 | cbf902a53998beafa2c553c55935d09d |
| SHA1 | 0c7e34afbb878fffdc7c14638deeeeb1217c3721 |
| SHA256 | 93960cdb3db33cb5f80d9a0c0448adef3621e3cba56516afc6023baa0b4f05c3 |
| SHA512 | a6af5cfeba293640b5341d530e977c31b59f53a4cba086a455eb00a5a3f160b5ba4de9549e448e37c6767e9ed9e67b8e94dcd4f6b06d8739801e5b9238547bff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\index.txt.tmp
| MD5 | fd273e530241f25d07a6702b3cd94400 |
| SHA1 | b852796fc93906223e3abca2873dc90e7fc351bf |
| SHA256 | 942e14202083bb3b262c94daa66b820f855d87b4a3b1841dc22106d77ce5f61d |
| SHA512 | e0c196df07434a67e035aa35ca83ac1af83d1bc4205b7298a51149adfd807b07df2641dda63086fd5bd3a312ac5826fa8cba0746e1c8f852e35791f8b5f0db8a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0495b083dcfb2e406a59051386c4083c |
| SHA1 | d13c3c61d004ab28bd54523f51c970bf1a849dbc |
| SHA256 | e56533b356ba576342156006467ae1df691a96a6c5fd180e47b43ae5b9535385 |
| SHA512 | d5c5250dd1302aed7e9001ae3280dccf065df2dbe4d3f3685176c6bfada04597fe6bceda479d6503e388fd79f8dfb51ad28e5d24c18ddd5a9831cda5f472b434 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8d247d464d45067d5edef1e9ff5f1dac |
| SHA1 | 912e7cb73f6905054c59988ee8dfffd684ea8ea4 |
| SHA256 | 5f619fc0d07c2c72f79e9c395978d70b6eacb9c597872717a1ceaea991f095d7 |
| SHA512 | 4273936d0bdb2f436b0741c0f6d0dbf78f120183ac0ab5164400fef0c3f5e38090ef5ebc3bedebc355ff742b3d0893ea1b074b89f6708c4f95fe5f0881a8910e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | defee844a3ebe395d5c74da420cae0e2 |
| SHA1 | da0714b523fb2c411366e079c8fe468ed838bb58 |
| SHA256 | 2ffb5cbf82dcec13b0c9d17f826c1a60721898b5e0f9801c9a7a021eb25b4d3a |
| SHA512 | 08a63a97430cc7a62ca9a0e0eab6c24d2fcb3f17fa949cbf3a6093e3e91471b9172f2d1844f5b8995f148ea9131dd61f88ecc1aeb36b259a5812d175467d656a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000075
| MD5 | 16315bcf3070d8ac56f4261da98c9447 |
| SHA1 | f03e102b8c0c9db837cb487d579589e9ead13b84 |
| SHA256 | b789d10251d072554ed3fa88a37193360d45bdab084b1e3db8fb615c2837cdf6 |
| SHA512 | 8d20666a163cbfe52981ebd144c8820f4bee5e35ce52b6503d5c39192f47b4dd635469d02ce8fe993289e14f9e918266d9eb34e9cabd9f6ac8ea82b7371e99ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c6da42fac12c29dc9be56f5270817542 |
| SHA1 | 047425be90e70d22968d6af89c85090285ba7366 |
| SHA256 | b04fc89c4793a234800a951fc9940fa988dfec2dd643c66925aed4ffb7db5327 |
| SHA512 | 2675f59bd1b12fd603bf92e7f078276f08d7c1b361f70a6afbe7a08fb6518bdedd153a81cf61456b254f5e1ce4c50a0d30c78ce11d0badfc19a37331a68c9b06 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 193bcb83f3893de3f532c4a1bab3a94c |
| SHA1 | 8ceadbf38e23ca2a7c886c36641846079e67ef2f |
| SHA256 | 3f236d83d361371935ed464541dce6c0400c5f1b8e6ae08773baab5c3125c1b0 |
| SHA512 | 01ac734dd0d17705ade62ec563ffeb3baefcfb84305d4176c914b88cca9a0834c0eda25cabdc960bd8f83ad098263ca9affeee4cb7b0eaaf9a386e00203a4156 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 63e627b79c929cb1a9c300db7ddeff3a |
| SHA1 | 0e725ef9fcf05875295c40fefe8e27fbaebe37b4 |
| SHA256 | 79fec3f12ae1d5c0ace7a1792236959c4f64294abb851ada1e1bbbf679f466e6 |
| SHA512 | 604042197a3b4a3df790b518503a5c4044b4f9774eae8a7089d727bfe74e3ed0adcce899a894a64a8dcc4674a58dec50e27193062c736f976ec7c8b71399cfa1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005b
| MD5 | afe28b973a6704674eb1096f80da6a32 |
| SHA1 | ac4c2f108fd1ab4277f34f958c8d0a5da2210657 |
| SHA256 | c76aaccd80a5d15f106ef4d7e5346249381ae7d0354a254d2124945d4a25d427 |
| SHA512 | cc35a22096c044214e5b5ea08f85974e713856b60ea9e4a52d98bea9a6ff9a87eac4f44b83e7cdcc4d0429c295bf519f4e037df7853b7c0224185d8b29aa8a80 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7058d7f830729e3ee7d3ffc971d5b711 |
| SHA1 | 7ca7127306f45f5e96450126ec9f0de1db08b3d1 |
| SHA256 | f71080ffc587539f93a8d9d29b3af81e992b3012933475dc2cf83859056781a3 |
| SHA512 | 20126e69f63292ada1c694e411b1db5367342c2f0783c9d3d00a72e033af8b54af0ddd7290b37fe3006f2085c9a75928503d606eb0829137c9b89250937a990a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5635a7bf09514635570c933ee95340e4 |
| SHA1 | b5fd21a6deaf9fed9cf6a664e6bf16a1e88ce5eb |
| SHA256 | eceac4504cfa77958786846c12cf079ce5be6508fb29c65afd3f771d49deff20 |
| SHA512 | 01f965c4bc349befb0195a31c647f8f17cfad2b6ae0c5d7098cd4a20c976f2075bac6e5dc2ac0a023c7904eb7c575219da05c83ec75578eeba52cbfd25c4d4d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 78319701b1e612a3aeb637c1513615e1 |
| SHA1 | 3736b97b1b47be5d2b46f0b65b9aada8e17876da |
| SHA256 | acc0802628cb19747e1a3f6de5e0a372f98e15cb7a0f1dc00c586c628fd86a73 |
| SHA512 | cdc74a830c314234f9d59cf404a6fa785f549e087fae219c113a7718f62c271dfcad8c58e7241406d2e7bdcc68602e96b62fb7ae1010f931c10c6f83c22d84cc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 68d1976bc54d64d66682ef4617544cdb |
| SHA1 | ec55a1bc4b01d414d7e6d8ffd5132ccafc8dc854 |
| SHA256 | 8cda109b9fb8fc8107688bcf64e7ed9cb4800e1208f7d56918905c557dc8ed80 |
| SHA512 | 2553d0d065041a6348d17204a9d7740cd23835ad2ec2f80ffe7303831bb0c93741625844562b3df690b2a24dc232f9347638427c139c430fc2104011eec8d5cc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 13c1c16499b00e7a75010dee7936419b |
| SHA1 | 4b23de7caf7fdcd872b3b974135a8f7a0b159622 |
| SHA256 | a0f8ef4fe92e189588a6e116a4722a32f1155e229d616140e0f681eb24b81583 |
| SHA512 | a81cafdd511890e6feceb951e6dbaa8a79c2916e87e966c51a8f3a1c76f859f0c7a22270869d6de587d9ffbcd53488f7466e6a5f8fd9e5c6775b8a08235a4c02 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 43774c883ff7321f62dbf34787ab6dae |
| SHA1 | 360a55b74d034507a9c9706e80d86dccaf0d112a |
| SHA256 | 874c2f6659de3f576e3177d1f97d54a77bd1a2f25ebd25b82653359d1fed90b2 |
| SHA512 | c199926f1ae945a1eff9f6208e6f79289da939d61a66aea79003765a477478f7e40536c0103e43fc27ce263d6e70ed64525ff8ef79f57958c99f6c31ce7931c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000098
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000099
| MD5 | 69df804d05f8b29a88278b7d582dd279 |
| SHA1 | d9560905612cf656d5dd0e741172fb4cd9c60688 |
| SHA256 | b885987a52236f56ce7a5ca18b18533e64f62ab64eb14050ede93c93b5bd5608 |
| SHA512 | 0ef49eeeeb463da832f7d5b11f6418baa65963de62c00e71d847183e0035be03e63c097103d30329582fe806d246e3c0e3ecab8b2498799abbb21d8b7febdc0e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009a
| MD5 | 1bd4ae71ef8e69ad4b5ffd8dc7d2dcb5 |
| SHA1 | 6dd8803e59949c985d6a9df2f26c833041a5178c |
| SHA256 | af18b3681e8e2a1e8dc34c2aa60530dc8d8a9258c4d562cbe20c898d5de98725 |
| SHA512 | b3ff083b669aca75549396250e05344ba2f1c021468589f2bd6f1b977b7f11df00f958bbbd22f07708b5d30d0260f39d8de57e75382b3ab8e78a2c41ef428863 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009b
| MD5 | 56d57bc655526551f217536f19195495 |
| SHA1 | 28b430886d1220855a805d78dc5d6414aeee6995 |
| SHA256 | f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4 |
| SHA512 | 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4a021bf132a6b1c79f4cc2a64a377588 |
| SHA1 | 3eb0467debf9618ac31bdbde5bf33d39071a0827 |
| SHA256 | 3cb3b77bad45aa7d17d2f3ad7d11cb412f796336eb5bd84164de0aa861119b95 |
| SHA512 | f7a0088b0f4613f38d70d9dc3b4cdb4929595ba6d84314f012fa6b6547c7fd17e430ab8c91177dfdaf6b5b1c1a92b8f86d82f1d672d8f5a73496ce19a236f8b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ab2699182b0f1d29a415ff4794f4c6ab |
| SHA1 | 534ef2d4b0f0b3dcd4127edf71dc46e40c80a82b |
| SHA256 | e7cdc9f496ce8559b5bc4b7120b5e678390fe69ce70101426c8a3892639272cb |
| SHA512 | 89e354a2a6f9e83c14520027ef1ceb76712777929650039492f87efb7f5bf5185a9f0a2a9074719fda75b0e27b286201a8bd4b162ec7279a7abc88a1c9a9bd84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0c177735c2adc44ba474ae2d237d4656 |
| SHA1 | f5b8442a79ea7ac5586f093d9cf7f21c997a7709 |
| SHA256 | ffd2c96e5b67bb328edd848ab88f70d461f39c44c5e2795c9f1b4073afa81fca |
| SHA512 | 29e1c97e3603013a1ae1afee5f93588a23cabe7d93406e0564bf33c8b51c3da83649ace7c9999b53f5168d053ffc4e40eced27057f7dbf81af8f7e622c530c0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\108e6188-65c1-4035-bb58-44c929bd6257\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 7f56fb09e6c278368c52d77b6c7b40df |
| SHA1 | e7cf16d5f6b5afaead821768f5252fab01e39d20 |
| SHA256 | 4c0aef6497262e9f3ba31fb3511c1be438223a8022d09c42d0cb8fe19e5fc281 |
| SHA512 | d17807b9ba1761251c5c31303f39b2ee3024483f3872225388fc34f5eed9e6860f02570fcc50302fd1680391c6dc2e81763da630c11a311c75f7fa6023e4a783 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023
| MD5 | cfd886e1ca849a7f8e2600763f236d78 |
| SHA1 | c1fc2b10d20c529c01b465a1edc0ed2fe04f0bd5 |
| SHA256 | c0b1c3c6995c24eabd1a6fcc4f00523e022b546cf1fa4fce6c30d04763244d1b |
| SHA512 | 254e37e3650b2c87b524c96f517586b690094abf7c8e0539b050ecdc4c56c2593bedab7b1a830b827ddc19f1c3e05ff4096ebdf4cc969b5bc5fd33cb34e94fd8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b6d3dc168941b96777c76712053e4a66 |
| SHA1 | 17f76d57df5dc6a23814fd3b849d372fae7eb74f |
| SHA256 | b3cf98957db15376924226d2a173a3473f72928e4a0fd9348146bf059c6728a7 |
| SHA512 | 19988ff18a294b94ef525b7eb87155e9522badc8982bb23f39225b10f93105cd0fef765275c94ccd3b8d458e1ad75c6ff1bc895e07b9b4b5b6f0057639ae209f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0e6ecaaecc55903b7aa868f31b7b91ba |
| SHA1 | 21ee823deec41722e43c3cac6ed83340ca529807 |
| SHA256 | 152db6f17e0dad2292712194456a4e34fbb63f4273834cf910dc5d6b37125a84 |
| SHA512 | b307ccd74cd674825480d776f77a4b912dbee0c7bd3827fb16f56cd536368ac5c4919dc6daa6ea21e6c5a1102768afc6a02c407f4e942a1d38e61151cfbe8d01 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\928b19b7-0cc8-4e6a-b503-70666e9bee77\index-dir\the-real-index
| MD5 | 172c00cabaa20f627b94dec031c5e813 |
| SHA1 | 9cdf36523c34e7ff91508f25da0bcbb6512fe8ea |
| SHA256 | e592538b6cf361b2d1d9a0e7e421c4aa40ea40a1c7143f6b958001b226c2b638 |
| SHA512 | b19804edecdcc4529a749bb6af23c2a4c435c3dc3bfad3a8b4bf928600e447e81754857698cb0d8ab5cbc489281d0b67f77f1f5d6bb16409eb0194d3513be2b2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 881cdd3e17655bcf483a022372b85904 |
| SHA1 | 1042f66cff3f1f22603cf1b47094277a7118d02f |
| SHA256 | 9b9c0bb95a59d3856a931934908353b14d747f48d6ce99108626350239bd595a |
| SHA512 | 1e160d35b4f2e36d6874dd8eb201c44ec1ef93e7d3ffab0ab552b12016531118a2753fb2e604cc057711574e2a8f259460c95054a114f4b0941379979e11ddb6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6679c959da38131a74f08ea30156bca4 |
| SHA1 | 7efc71b71f2e5c7ecb56070a6c632b7dd8e1876e |
| SHA256 | c7c017bd994934f009185f0c51025012ad60a41ec215f5cd009cdc8e8949342a |
| SHA512 | 094a7904419b42e1f2e9f4b822bdff0da428e96d2a067ecdd3b216745bea0a27abbad02ece5a1e899fe4ff7f629e9782a5577261060b52cfbcc106f7b2ba2ce5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 5132e3e003872be874958a21c6046ff5 |
| SHA1 | 4410e97b723693be50005eade21465595d6c686e |
| SHA256 | 3a8fc3c7c2e21bdaf2c97310013aaf17afda5c428c554c061da5016783701a2e |
| SHA512 | 3fce4cd2c191f53a2cb7082dd45fc586079aec52e8a65193b83220e56abd7a14db5c62b5b1adf129c68fbf0cf65efaf5715fda1196ce77eac4dbf37438b8658e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8eecb51e80eb7f459335441b6e8caa3d |
| SHA1 | cdcba2b378a6f0bf28a87e246fdffa0c43f96274 |
| SHA256 | dad8bf490944344b1f4c29b0359d71e59e974f891bdac8fac824a7c7c0fe8df3 |
| SHA512 | eed92cb4b22e61a38cc99a70b60eaddfe5defb941719d6c906dd229c5ad6febd7162b338c213f4794d32af22b3d85a0a2a1b3f03b766696281f7582df801a6dd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c72de4ffe8f9b0712161c53a63fca3e1 |
| SHA1 | de3608d7fc87eecc9a9faa345fa5073c8afc9b6d |
| SHA256 | 7d544acd089e0932d0efba90f6d2fb0131c3bf75e80138b6e0f1650cc7cea9ba |
| SHA512 | 2fd4a93b3b67e8a7707f0b95a106a11c8663ccb3faa2ded0f9b84e484a82481cbb844704ed492203abbe68500ec5211f6f6ab8e0976571914214d007f7bb9275 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3f02c9c117b7a1c14c96e974d1b2fec0 |
| SHA1 | 12c347b07163462aaeba38251af460dcfa8bbeb6 |
| SHA256 | 0aa3c25f8524a0737aa2a720d39cc4957689ce845292d0dfdcfbebce4067bd2a |
| SHA512 | f44af46ac1f7e78ccc2aa17173eeef0bff6b08addcdb98ab3b485048596961e683c669d8199f9a3de424d2ced23d593199eea12a76bda63468e4ff38cb8ede92 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c91a1d08e11a2275760563050313d0a3 |
| SHA1 | 717cbf5949f6119ec7944b8f8ff67e58a78a8410 |
| SHA256 | 19f584fe62169b09ee2fbea501e14b6bae86e26fee7258c5851153a2ad0762af |
| SHA512 | c41105f73686e645d974d2c4055c0cf73c06cbcbc5ff360a152a667b9c8cd42d1f384e91b492c9e45f1129863db1e812f1b11b4e7935f1d04628bebc3c7c139d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 250a26575d73a0a3e6067ae8f1ab55a1 |
| SHA1 | 9fe726720980c4bdad56d7d2485d9bcccd02e009 |
| SHA256 | 7dd77ccf223ee8229f49030b8079aaa2b4a5cf524a8dd29fbbdec6190e82f9b3 |
| SHA512 | 5e536caa3f05617a9947f7dc08c45fbbc3e92af00690af9b1fbf6691fa8aed52516ed4905da16231481737941edbb1f31587a08a1f435448bfaeea3760d53d3a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 46d5c6cad1c7bb31af5ec85f03ee1891 |
| SHA1 | a5d6345155f6dd45897d53b6df8587e5dbcd38fa |
| SHA256 | 2b2d71746472aeaebe769c8b7ebb46487ff2359206df05bd54a9f8545aecdc0e |
| SHA512 | ebd79e0ecc4c20312b6aa473cf0731d0db3a4f6e6b2f89537c6182baf0a086c2056387cdcd4eb895302013c787fa4042248b01ac99e4144209483d87bb31350e |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 3fab7a2817d004f580a006285acf3329 |
| SHA1 | 9f51c2fd1c77dc88cdfdcf9dc8c6af3023777664 |
| SHA256 | a9c0e7746f2daf5ed288eb9201e3d6805c7b66f074a2e01f6a0b36f2dd81c245 |
| SHA512 | 14bec240fae3224d92ec4bfa409ce1ee6efe2c1abeaf4eccf3e7107fd4d61804915a878d1a47ac8f4a432475c75735163268c0c691833e4779fb8f915d06d2e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 294dd9a5b378fd5162aea469188941a7 |
| SHA1 | 49765f32d546ec7b12ffdd3aac1aeb795705d300 |
| SHA256 | 1d4d78bdbc927f3e5e9bd2bf0679f3d0e3fc910eb54e27d0c0796eb359cb51ad |
| SHA512 | 4ad97902addca3c3603ba5ffa3d18312579b243fa95da320e3e5e711b77766db09a253fd0dad21631307eece20fec7b7d05c0970654e982e10a2b02616ca5926 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 23d90715380a6804c52713179d3da026 |
| SHA1 | 715a1273d5ecd05b19673cc7fc5d8b8eb9fc7135 |
| SHA256 | 3e167214df0bee0db102855a5186d62919331221d4288d3b0c2a7e8d675970ad |
| SHA512 | da429e7432043bb05962a54195420fe88cc10c044771e48aaef7721d9fa10dca86b96d87c997caa8b76ccf03dd4976af3ca082d8709c0363e82311509a22fd46 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 8028545b712f2d4ddd885ef7cc66df2d |
| SHA1 | d394c87b16f5338e666886649af6026d0ddb145b |
| SHA256 | f3b196fc09758bc1a7992556f998ae200fd54a471d733a73ef0a05768501b7de |
| SHA512 | ba96f5c2e8259eb7f64f79b8f24c63bcbded6d287abd28078273a7e916b9cec35932c0e4fe0bd50f01a5976d58860c61b78e8013ed79fa01d084ab314328e3b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0
| MD5 | 59bb8761e6faf5d6cbe08cb00c49a564 |
| SHA1 | c0124837b95ca5ea9ec8902145cc9a1e51a98b2b |
| SHA256 | 74a8e035d0c38185a83a0caeabc675f3a0327905f669a5a5f4dc1df5b646b981 |
| SHA512 | c6a4ca26d576d0dec0da8cb5f761b144aeb6d7f1a8de5fa2e34233fd4ec4488eeb97d501db9f3a278ab6098ddcbfeaaf2a2d1981bc8b9aa212430cc7dc846b79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\b6c28cea6ed9dfc1_0
| MD5 | f33a5d9490be6a5105185001b0a23684 |
| SHA1 | 27565d35102ce668703d31a2a5c3227aa327f452 |
| SHA256 | 4217ea11754ec17d6f36b63e6abad57456b98bca724e16969883767f3fc38598 |
| SHA512 | bab581e5677e0f346bc787c83586a3c64d8dc00555627530e08eb30f97e9b916fffe3dc8531d98bdccc754184ca0f9adabc35fda5c7bc0ce72a0e01d4d16ee6c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\fa813c9ad67834ac_0
| MD5 | 9494098604798e6a50babb722cd0820d |
| SHA1 | be339ebb9861fe19cba497ec80a75d99ca9c926c |
| SHA256 | 3cff0eb4d5b63cb9dcac6782826e9863d1bcc59a4c67a568a289e42e073a6d25 |
| SHA512 | 7cd9f555cce5f675789e5e5e2806bd116d821fd2af475b1d67760392ebae08574f8eed34a204f4406fe1c5c0007c2dd9bf8f5ccf454343e00be43ffe06a1e17a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\67a473248953641b_0
| MD5 | 08ce7a09b61a1efea8446817c6c7fa81 |
| SHA1 | 0ce5140124dff4fb918383442f9f035370e99981 |
| SHA256 | 4224cb17905d3b73210a7f17b20914732774679100b4fca8fc4f505f7a997b5c |
| SHA512 | 0b5617942759930f738e7c9fa1307f878b88b53007b9b462344d558451a26fdf1ca1b183dae1715395dc64bba140df87077dd5e2215305491b3046f6662e7e81 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\297ecea5cebb5dfe_0
| MD5 | f0fef2fdc8f4bc38397cedd5fb65fe50 |
| SHA1 | 315ced0412d49aa2adda2e82d8b36b734a8bfb2d |
| SHA256 | ed083e88d937c2435fb50c00e3ae0e8c72edfaa882ef575328362ffe0641a952 |
| SHA512 | 3322ba8ce7bc1b9219b9f6e8ba131010898a8f8b4971f680f2934c38d0cf051d87379ed7ab04d895a0132e16b0d9c1a478bed08cbd06fdd1e00b16710e2d0d3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_0
| MD5 | 749ee4f00f11036c3faee5a03a672edd |
| SHA1 | 7a47969fb41d50c67739687f86013d3c31730eb1 |
| SHA256 | e2b1bca3918592ba03f317dad5142791e128c25bd506fb2f65cca31788ff1c33 |
| SHA512 | e64944fec8fa2e5d75354714e7275c856c03f9510ad09918e0a1cb2224383301a3b0feb258508d5254ee114607f2bab422f130b9dff0571c9830d51fc6f0efca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0
| MD5 | 6c9c7aa4dad7bfc9c104f608a5125674 |
| SHA1 | 1ac9825027c7f1df17bdb949347ca98d8b2ea6c2 |
| SHA256 | 83d5812828583eee6cf712948ec8cfd8acad5df7e7639a503922c982f56c8e4e |
| SHA512 | 9a7498a33786354d15d41b75427e2ef30c6b3025f15597d59e4736965be0cb7ec15f5004441a26027652f356e8cfd163fdb2cfea0896fedf4509539268009e9d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0
| MD5 | ed5f15252b83791db3593694da12629e |
| SHA1 | b5255adc621b36ccb5bf73ba4344d90e4a49bc97 |
| SHA256 | 850aae720445692c7d95478c7950200d67bc6f654b1e83b1283393f4ccfdcf16 |
| SHA512 | cf45a9582a13dcd45353eb086993f4cab77da6a0a95f6fdfbc306d14615131e36e33ff3f03c80a4ea9e719a59d06db2a8a620f351130c056abe26dd661030f5a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 59d988d3f18687e1da2d2214c214afb8 |
| SHA1 | f20d36f6d5a2d9c835fb4527b2600391504f1f42 |
| SHA256 | e19b4db92f0152bfb06292c3480ea8d2e95ae7c03456561d4382695098fc5384 |
| SHA512 | c9e243a0aa13aaa20e3830a4a20f56d25ac452aff88b35e1191aaf1cd7f7719ed6e7cc3026f1df8129d5d4a9adfdb3d68eb4ab45c616dd7d5686ed39e9eec165 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f4338d554cac730ad8ba2bf5597979f3 |
| SHA1 | e89c204f97962a3133b4594317ba5961d843a97c |
| SHA256 | e1e6a4af9f43b8301d83abef65b98f27c459a4f523fa56bc599f7af572810429 |
| SHA512 | 92ba4738a1d2bb2e7e547f85ddeee90299fe743b3ef4c75153679dcb3530dd4cd2c878dcd868b964224bce6dd64b977ca2952315b579e09ec5a8b448924cf657 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 22fe44e90df9e24b4259fbbea529b22b |
| SHA1 | 6dcd0288bfff05eaa90e267f3c18bf885ae1fb65 |
| SHA256 | ec6fd3339e9296c10962c58aa146f32573cc103e43068a7c85efd25f78accc77 |
| SHA512 | e1b09ff8ba27202ec0e14246732bc82d3eea9da49c9c16df0ff656d88d8021660fe44a816fac294187feb9de73826d408853f7f1540c01b68245adafc92ca01c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b9ae25f2818a9a2460665d74cf7a8f89 |
| SHA1 | de0fcaa39fffaa83ef0ad93e952d8cb7c6a1f731 |
| SHA256 | 7c177ff49138ac3a02866710b171fd89219bf8d2d23118093441a3d75f6d6a24 |
| SHA512 | f65855d04f1afcabde4519345a2a99db4709c77bf9fd5a29de96290b40eafc7cf7b7472c824ed8366a25b893e907ea14824c713a98af1b137f9b2a63f718dc0a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6f037ee0e4f9c8938be34404121a697f |
| SHA1 | 54141f2b00b4bab2e7213dcb741e69fe81573f3d |
| SHA256 | dff2295fc143dc535392f40a4daf70ea832d90f2e92d997aaeb6ca13b40a502b |
| SHA512 | c20ab1e7e6b1d8876490b08dc896194c0a1d6ee17279af85450bb5e67b179c344e54dadc067597fc433563c0d2b2255bffeb0e96412ad1c65a836b70f6933f97 |
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
| MD5 | 748557a179cbdeb99cb20f1285d63740 |
| SHA1 | d62dc69d9f19a81f9b7c98ef0feee7b5459ee1c8 |
| SHA256 | 7d3d911783e437aee63b839e8d759cf71c546b8700e9e4283ec35c99074f3caf |
| SHA512 | 3787ead5c8ef91e2f70fb3d0f6bbbe1f11fb3d1389a30825cda0958d19b82bc687793916d492b3ce42073b3e0441c2b234d59139426eeaeb96481b14caccd60c |
memory/4620-2297-0x0000000000820000-0x0000000000996000-memory.dmp
C:\Users\Admin\AppData\Local\SquirrelTemp\RELEASES
| MD5 | bf25ff1602b5069c42687b04e344fc09 |
| SHA1 | db30ab60c785c1873e6ae8a3defa1a1c547e32f8 |
| SHA256 | eda43195cbcfccb0da5628639ba84bfe3529cf9b955366d827f477fe9c5f6edf |
| SHA512 | 69f58f88a0ae2e78e7c2f177817545e4d9fe399396f95575ea25a0d9c459fe1c70dc97b3d34cc7b2c3dceb837bea2b6d399d433118feeb17d031a18ea323dd35 |
C:\Users\Admin\AppData\Local\Temp\SquirrelSetup.log
| MD5 | b226fc53ef7c9647dc4afbce9c03dd61 |
| SHA1 | d07960ff351e5112c5ed83d6f496cf7f7f64b308 |
| SHA256 | 9d21a1ecc5c75108e77e1da43a323fd496bd88a1a3926f140a8d039216754db7 |
| SHA512 | 56caf080c7286bbd0f964caaeb64838edccedca7a1a80ef3a11c053f4408046beac12f7e1f2077fd93a90d027a18e9051a6557d30c0a2f23c2de20f0c154de7a |
C:\Users\Admin\AppData\Local\Temp\SquirrelSetup.log
| MD5 | 4f1f1cce9563d9661ce6e34f55ab5400 |
| SHA1 | bea39aa68d9ed6e66689b63b70270a8e2f8a9602 |
| SHA256 | f8941ee1123d05ac870766dedfebc7a8275d95044db8879fb5dfa18aaf8d95e1 |
| SHA512 | c815c4be4076605b9a72c90d9d0f5b7baa9fd069e9ad6fd45c57806575f6b475fe5c2867e614edb39da18d1782351fad62383eabb42331f855a62c544e2a90fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\928b19b7-0cc8-4e6a-b503-70666e9bee77\index-dir\the-real-index
| MD5 | 814ed6c02bf891ba84de74ffa931e966 |
| SHA1 | 30b67b8d064e91978071a14634ba14fa16884b32 |
| SHA256 | e9c86af737cf563af473c9cf634812ab789084bc7dda6983346edfa14ccadc2a |
| SHA512 | 77a620228eadffd40097983676fb537edfe20141620fd7800873e3933b5a681dfa480a224a3eaf157ad01c6e30a660e98aea2ae3c3f1413147dc01ce47ae9b47 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\928b19b7-0cc8-4e6a-b503-70666e9bee77\index-dir\the-real-index~RFe5b8b25.TMP
| MD5 | aff5b470ff621df58a4e62f392c44148 |
| SHA1 | efde82d283996bbef8a74600b15e721abb08f921 |
| SHA256 | ab99a5db0ed7a47fe5b410503ef5b1a03aab67c26ff505c851eae672b67f2ec3 |
| SHA512 | 1d1a3d1b49ee178d3425c5598f35e91fb7b805512762ddf6c9143c1db2603036a3b78c7c1a9299827341e0b9b13478bec2977802c6b5650cc46a16049ff034bb |
C:\Users\Admin\AppData\Local\SquirrelTemp\SquirrelSetup.log
| MD5 | 71f0276a164c46750754c368e3332169 |
| SHA1 | 01522f21d34dc645908ea6913875e4ddae31ad07 |
| SHA256 | 66e12637d75f0adf967b1e9629fe234f3fb1252d3f363269edd6f01182f4f359 |
| SHA512 | 0e9629a7eb24e14e1bb6a6729a5c296f90a01b920c56642967515fa20bd020ef0bfa683110c5aac8ee21d79c5bc6dffb90ab8c8eac696a3ba841f57548aba904 |
memory/2960-2355-0x00000000069F0000-0x00000000069F8000-memory.dmp
memory/4952-2356-0x0000000007A90000-0x0000000007AC8000-memory.dmp
memory/4952-2357-0x0000000007A70000-0x0000000007A7E000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Update.exe.log
| MD5 | e3152798ee190e4fc7411c64955c7eed |
| SHA1 | 5e6ceb9361df35a5a0fac32b604d3fdd9f65c650 |
| SHA256 | bd13a78aa4b2084742da4adf1f239308081ec9f6e47c8ffb070c4a2c0d39a569 |
| SHA512 | bdee879b69e620c7927caee863cb7f93fdfad14236b667aef59e1f1c01550fe6d09940ef36961014e8426b8accd91b8ab0c1ff72e492cc745525a652a8833758 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9177\ffmpeg.dll
| MD5 | 2eecfeea275cade84c09e274b94ec28f |
| SHA1 | 4f911d72246261b704f326fccdbae5fabf7f9988 |
| SHA256 | d9eb546b72aa016eb6a5972dbfb5fd6c712f49254128e3ba578b40f19e7ccd56 |
| SHA512 | 17584e96309788a719be323a6af7447baf5f57577c2049b44b0f09bf570580cc9b7d1d8f5288a3947ae312a26047eeee502df10dc988e1b5884b3e00bf640aa6 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9177\v8_context_snapshot.bin
| MD5 | c3048304913b58e1f8e0df23f15bc864 |
| SHA1 | 241013fabc2e905dbcd8f02af4d008676db421b6 |
| SHA256 | 8ac45d2ee2705bab53e3ff9564936455301ff722c3b0af0680fabb83d3c27bae |
| SHA512 | a9a1e2b3af0fee8eafede606594b4f934ee4f0c34ed288b6366897cd42042a1ce3fa9d55029f9a87e6e692ae7f7d5e83d007bcb8e6bd685d84ef0df0fdffa9e1 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9177\icudtl.dat
| MD5 | ffd67c1e24cb35dc109a24024b1ba7ec |
| SHA1 | 99f545bc396878c7a53e98a79017d9531af7c1f5 |
| SHA256 | 9ae98c06cbb0ea43c5cd6b5725310c008c65e46072421a1118cb88e1de9a8b92 |
| SHA512 | e1a865e685d2d3bacd0916d4238a79462519d887feb273a251120bb6af2b4481d025f3b21ce9a1a95a49371a0aa3ecf072175ba756974e831dbfde1f0feaeb79 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9177\resources\app.asar
| MD5 | 71b339d636428cf9319a270728bdfb0b |
| SHA1 | d84de7827e24d0dfb67e77a80a68772059314f17 |
| SHA256 | 56561c512212ca1215a7f97f1afd03c30068ecf1dab2b030a86d71c98ef06a5f |
| SHA512 | cfb3868bdf798bf186b0fa3241b4f5572ccf14e7d19ee47d0b8fbb5f6490474c3f7fed2da50a97d341d6cd69fab03ca5fe26bf9312dc4aef37f016401c5c7ba9 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9177\resources\build_info.json
| MD5 | 3cac8e203b550c80dfb9712ebc64da2b |
| SHA1 | b4a2f0c199e7046d65b80baa219db40d015a72f6 |
| SHA256 | 34f212f0098531a87acd919f00561e7954a9e71edf19dde1ff0f9d4c8d160c6e |
| SHA512 | 9c1cd6994cceca0f7aaa473e202f967b16a415a4b1f5d7902e7c0d2e99bcd2b64394d22ee6929f9b3497b2c8cadc2665ec907a9f7c97c362409d11fbce7c3384 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9177\app.ico
| MD5 | 084f9bc0136f779f82bea88b5c38a358 |
| SHA1 | 64f210b7888e5474c3aabcb602d895d58929b451 |
| SHA256 | dfcea1bea8a924252d507d0316d8cf38efc61cf1314e47dca3eb723f47d5fe43 |
| SHA512 | 65bccb3e1d4849b61c68716831578300b20dcaf1cbc155512edbc6d73dccbaf6e5495d4f95d089ee496f8e080057b7097a628cc104fa8eaad8da866891d9e3eb |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9177\chrome_200_percent.pak
| MD5 | 3969308aae1dc1c2105bbd25901bcd01 |
| SHA1 | a32f3c8341944da75e3eed5ef30602a98ec75b48 |
| SHA256 | 20c93f2cfd69f3249cdfd46f317b37a9432ecc0de73323d24ecf65ce0f3c1bb6 |
| SHA512 | f81ed1890b46f7d9f6096b9ef5daab5b21788952efb5c4dcd6b8fd43e4673a91607c748f31434c84a180d943928d83928037058493e7e9b48c3de1fc8025df7f |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9177\chrome_100_percent.pak
| MD5 | 3c72d78266a90ed10dc0b0da7fdc6790 |
| SHA1 | 6690eb15b179c8790e13956527ebbf3d274eef9b |
| SHA256 | 14a6a393c60f62df9bc1036e98346cd557e0ae73e8c7552d163fa64da77804d7 |
| SHA512 | b1babf1c37b566a5f0e5f84156f7ab59872690ba0bdd51850525f86769bfebc245f83988a3508945cf7617d73cd25e8469228974dd2c38415388b6a378552420 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
memory/3404-2582-0x00000000058A0000-0x00000000058C0000-memory.dmp
C:\Users\Admin\AppData\Roaming\discord\Local Storage\leveldb\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 05aed237bea51fec72be5bad79ca0afc |
| SHA1 | 8776b8d28ced1dc632b8200720689ca7be076b4d |
| SHA256 | 3e037793d00f4069e8d66a04a31003c4f4b7bbadd73ec99790338c10ce85bbbe |
| SHA512 | 776c4b6a5a01d124161b7c243da2f306aa8195a09c39054f73e702a4b43a7f73112512e0312e902d67f6027fc47b315404a20960988e4ea036ee35677651e63d |
memory/4152-2657-0x00007FF7AE2A0000-0x00007FF7AF2A0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 957b120155fd88c8269833c15d7ef513 |
| SHA1 | 408b501da7c46bdfed6d786157042219b9f72936 |
| SHA256 | ade218cddbbf14fa3f7032a79b25d8c53bdc3989efe76b9b45b422bc2054827c |
| SHA512 | 3e794f392c8d65b1fa9d606e4ef5c73ea50c041710ec2b5dc3510a33a620672a918d1124078156071c7343184d5e9621e0915b1dbfd932d6490b4e11dbb3b344 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dd745457e1faef4fa58565ec37f20982 |
| SHA1 | 5a2d3c285f2f8808c2f63d7c8c133e01cb625252 |
| SHA256 | 18bb601992dde04b8ecb6e1645b70b01c212dc8b98299f18474a18710908fbce |
| SHA512 | 26d34006bb54379d5b46c10558dcb92a8e480a330d75be1a9df35b12f720f358c1ddbf562906c65c8a8d146dcb6dcd818e995e6d2e7a1de8595279e8d6eac696 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000097
| MD5 | 0d89f546ebdd5c3eaa275ff1f898174a |
| SHA1 | 339ab928a1a5699b3b0c74087baa3ea08ecd59f5 |
| SHA256 | 939eb90252495d3af66d9ec34c799a5f1b0fc10422a150cf57fc0cd302865a3e |
| SHA512 | 26edc1659325b1c5cf6e3f3cd9a38cd696f67c4a7c2d91a5839e8dcbb64c4f8e9ce3222e0f69d860d088c4be01b69da676bdc4517de141f8b551774909c30690 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009c
| MD5 | 5dea626a3a08cc0f2676427e427eb467 |
| SHA1 | ad21ac31d0bbdee76eb909484277421630ea2dbd |
| SHA256 | b19581c0e86b74b904a2b3a418040957a12e9b5ae6a8de07787d8bb0e4324ed6 |
| SHA512 | 118016178abe2c714636232edc1e289a37442cc12914b5e067396803aa321ceaec3bcfd4684def47a95274bb0efd72ca6b2d7bc27bb93467984b84bc57931fcc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 63101108575b9c4cd45e0d594a8b576d |
| SHA1 | 10d3576f3cabb4a2d26f11d3225b5a705c659cd2 |
| SHA256 | 9497988cc9682bee458dfdfaefa762206cac19e3895fdeeb64b0d67fd8171061 |
| SHA512 | 897269e8b656ddea09ed66f4cbd3b9879ceabc9d4738498395525083192f381367621208ecc4770eaa74ae3d246dd113fcd7301f6930425fc0c9d615f911aab2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d2f9a2fc02c20de3_0
| MD5 | 253096bfff921780fcaefc0a7995e551 |
| SHA1 | 8491e3739d863efd9731cfeaf3dae3d528faa239 |
| SHA256 | d72b3b47ef0be4cd3b58a48c2d3c20afaa902ee7f463c61ef1bed471e169bb32 |
| SHA512 | b45c002d273478746cc8467c2635ad987c14eecbc5ebcb21dcae0b77568b1727c1965e1a18ec79b472d63aae891d980e5c45c79ec1c85cd7c6dd6af2a8281205 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4e9b18b0f66a7183_0
| MD5 | 181d4b3672f082ba288a7a86eed5a0f9 |
| SHA1 | 83ada756d8c8bb0c7ddea66e6adaa03dded994d4 |
| SHA256 | 002722f507da7c8cc11ee01308e867173ebe8fd418887a55a1d1feaa603c6bcc |
| SHA512 | a2851ceff80a9c7729f77168a4a00da59a05cad964fbf82ec8ae41230a9c605b827f543bc5898b0780efa5a2bc73f7dc51dc80586ed4312ad00b04b69b8b1fdb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000160
| MD5 | 68f0a51fa86985999964ee43de12cdd5 |
| SHA1 | bbfc7666be00c560b7394fa0b82b864237a99d8c |
| SHA256 | f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f |
| SHA512 | 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00015f
| MD5 | 3051c1e179d84292d3f84a1a0a112c80 |
| SHA1 | c11a63236373abfe574f2935a0e7024688b71ccb |
| SHA256 | 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3 |
| SHA512 | df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cbaadbd0f5f97ce194d58670b86a7c58 |
| SHA1 | 307c2e9cbb016fb461cc3afc79baf454fda04fe3 |
| SHA256 | 08ec93e3d5e0c7313f2a5305e271f216109efa5fd86053374c138abaa9c42a4f |
| SHA512 | 8c16e208a4cdf4f1c39be7c2bf82a735186a3af9b0ed392fa31c16df73f56b03e03e6a6952e870b3a871c2a8b907cc9ee6411a7b904e27acb6e5db220f3fee59 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f06f27561d3e93b53ae0a3a5113db4f6 |
| SHA1 | 775c775d8144c7e815966bdb0918c6ed0aa36744 |
| SHA256 | 61f7d648b411a5afb4c6d78f868d3255907dd9c3a7abe53b0e82ce3535b405ed |
| SHA512 | 4268c3c50c5bd3742ca208b91365f5e6cdb7814c8166a801c5327799a5b9fb753207d78c4031d9f480d7a4bcc3ce136caca175a185906cacbf4f751be5b17653 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001ec
| MD5 | 1b54b70beef8eb240db31718e8f7eb5d |
| SHA1 | da5995070737ec655824c92622333c489eb6bce4 |
| SHA256 | 7d3654531c32d941b8cae81c4137fc542172bfa9635f169cb392f245a0a12bcb |
| SHA512 | fda935694d0652dab3f1017faaf95781a300b420739e0f9d46b53ce07d592a4cfa536524989e2fc9f83602d315259817638a89c4e27da709aada5d1360b717eb |
C:\Users\Admin\AppData\Local\Temp\nsuEC9C.tmp\nsDialogs.dll
| MD5 | 4e5bc4458afa770636f2806ee0a1e999 |
| SHA1 | 76dcc64af867526f776ab9225e7f4fe076487765 |
| SHA256 | 91a484dc79be64dd11bf5acb62c893e57505fcd8809483aa92b04f10d81f9de0 |
| SHA512 | b6f529073a943bddbcb30a57d62216c78fcc9a09424b51ac0824ebfb9cac6cae4211bda26522d6923bd228f244ed8c41656c38284c71867f65d425727dd70162 |
C:\Users\Admin\AppData\Local\Temp\nsuEC9C.tmp\nsProcess.dll
| MD5 | 08072dc900ca0626e8c079b2c5bcfcf3 |
| SHA1 | 35f2bfa0b1b2a65b9475fb91af31f7b02aee4e37 |
| SHA256 | bb6ce83ddaad4f530a66a1048fac868dfc3b86f5e7b8e240d84d1633e385aee8 |
| SHA512 | 8981da7f225eb78c414e9fb3c63af0c4daae4a78b4f3033df11cce43c3a22fdbf3853425fe3024f68c73d57ffb128cba4d0db63eda1402212d1c7e0ac022353c |
C:\Program Files (x86)\Steam\Steam.exe
| MD5 | 33bcb1c8975a4063a134a72803e0ca16 |
| SHA1 | ed7a4e6e66511bb8b3e32cbfb5557ebcb4082b65 |
| SHA256 | 12222b0908eb69581985f7e04aa6240e928fb08aa5a3ec36acae3440633c9eb1 |
| SHA512 | 13f3a7d6215bb4837ea0a1a9c5ba06a985e0c80979c25cfb526a390d71a15d1737c0290a899f4705c2749982c9f6c9007c1751fef1a97b12db529b2f33c97b49 |
C:\Users\Admin\AppData\Local\Temp\nsuEC9C.tmp\nsExec.dll
| MD5 | 2095af18c696968208315d4328a2b7fe |
| SHA1 | b1b0e70c03724b2941e92c5098cc1fc0f2b51568 |
| SHA256 | 3e2399ae5ce16dd69f7e2c71d928cf54a1024afced8155f1fd663a3e123d9226 |
| SHA512 | 60105dfb1cd60b4048bd7b367969f36ed6bd29f92488ba8cfa862e31942fd529cbc58e8b0c738d91d8bef07c5902ce334e36c66eae1bfe104b44a159b5615ae5 |
C:\Users\Admin\AppData\Local\Temp\nsuEC9C.tmp\modern-wizard.bmp
| MD5 | 3614a4be6b610f1daf6c801574f161fe |
| SHA1 | 6edee98c0084a94caa1fe0124b4c19f42b4e7de6 |
| SHA256 | 16e0edc9f47e6e95a9bcad15adbdc46be774fbcd045dd526fc16fc38fdc8d49b |
| SHA512 | 06e0eff28dfd9a428b31147b242f989ce3e92474a3f391ba62ac8d0d05f1a48f4cf82fd27171658acbd667eaffb94cb4e1baf17040dc3b6e8b27f39b843ca281 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | fca403dbfb8812061be4c8b357623005 |
| SHA1 | cd518006cb1f2c196fb85ced4d8c46f323564963 |
| SHA256 | 9222a73621891acbcfdee14dc37c4db1578edc1ce0844849793db08db9d15108 |
| SHA512 | 2ccd4e71e73428a9fd176bc48c6fe7c3af3896ba75577e9fddec1ca58f646585c979d33ce03888e5e25b0e4ded3c566de0878699b44651a50e68d5e8492f97cf |
C:\Users\Admin\AppData\Local\Temp\nsuEC9C.tmp\System.dll
| MD5 | a36fbe922ffac9cd85a845d7a813f391 |
| SHA1 | f656a613a723cc1b449034d73551b4fcdf0dcf1a |
| SHA256 | fa367ae36bfbe7c989c24c7abbb13482fc20bc35e7812dc377aa1c281ee14cc0 |
| SHA512 | 1d1b95a285536ddc2a89a9b3be4bb5151b1d4c018ea8e521de838498f62e8f29bb7b3b0250df73e327e8e65e2c80b4a2d9a781276bf2a51d10e7099bacb2e50b |
C:\Users\Admin\AppData\Local\Temp\nsuEC9C.tmp\StdUtils.dll
| MD5 | db11ab4828b429a987e7682e495c1810 |
| SHA1 | 29c2c2069c4975c90789dc6d3677b4b650196561 |
| SHA256 | c602c44a4d4088dbf5a659f36ba1c3a9d81f8367577de0cb940c0b8afee5c376 |
| SHA512 | 460d1ccfc0d7180eae4e6f1a326d175fec78a7d6014447a9a79b6df501fa05cd4bd90f8f7a85b7b6a4610e2fa7059e30ae6e17bc828d370e5750de9b40b9ae88 |
C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_
| MD5 | 577b7286c7b05cecde9bea0a0d39740e |
| SHA1 | 144d97afe83738177a2dbe43994f14ec11e44b53 |
| SHA256 | 983aa3928f15f5154266be7063a75e1fce87238bbe81a910219dea01d5376824 |
| SHA512 | 8cd55264a6e973bb6683c6f376672b74a263b48b087240df8296735fd7ae6274ee688fdb16d7febad14288a866ea47e78b114c357a9b03471b1e72df053ebcb0 |
C:\Program Files (x86)\Steam\package\tmp\graphics\icon_button_news_mousedown.tga_
| MD5 | 00bf35778a90f9dfa68ce0d1a032d9b5 |
| SHA1 | de6a3d102de9a186e1585be14b49390dcb9605d6 |
| SHA256 | cab3a68b64d8bf22c44080f12d7eab5b281102a8761f804224074ab1f6130fe2 |
| SHA512 | 342c9732ef4185dee691c9c8657a56f577f9c90fc43a4330bdc173536750cee1c40af4adac4f47ac5aca6b80ab347ebe2d31d38ea540245b38ab72ee8718a041 |
C:\Program Files (x86)\Steam\package\tmp\resource\filter_clean_bulgarian.txt.gz_
| MD5 | 836dd6b25a8902af48cd52738b675e4b |
| SHA1 | 449347c06a872bedf311046bca8d316bfba3830b |
| SHA256 | 6feb83ca306745d634903cf09274b7baf0ac38e43c6b3fab1a608be344c3ef64 |
| SHA512 | 6ab1e4a7fa9da6d33cee104344ba2ccb3e85cd2d013ba3e4c6790fd7fd482c85f5f76e9ae38c5190cdbbe246a48dae775501f7414bec4f6682a05685994e6b80 |
memory/920-15366-0x0000000000130000-0x00000000005E2000-memory.dmp
memory/15160-15409-0x00007FFD724A0000-0x00007FFD724A1000-memory.dmp
memory/15160-15408-0x00007FFD73510000-0x00007FFD73511000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_1
| MD5 | d0d388f3865d0523e451d6ba0be34cc4 |
| SHA1 | 8571c6a52aacc2747c048e3419e5657b74612995 |
| SHA256 | 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b |
| SHA512 | 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 6e6a2b18264504cc084caa3ad0bfc6ae |
| SHA1 | b177d719bd3c1bc547d5c97937a584b8b7d57196 |
| SHA256 | f3847b5e4a40d9cf76df35398bb555117dfe3626c00a91f2babdedb619d6ad53 |
| SHA512 | 74199ff275400b451642cde0a13b56709735676959d65da11ac76dd645ab11dac5de048ff7ede0cb8adb3a3056b3ecbeb3dc7481bac3768d02051e564c74b679 |
C:\Program Files (x86)\Steam\config\config.vdf~RFe5dc585.TMP
| MD5 | 3cdebc58a05cdd75f14e64fb0d971370 |
| SHA1 | edf2d4a8a5fc017e29bf9fb218db7dd8b2be84fe |
| SHA256 | 661f122934bbc692266940a1fe2e5e51d4d460efb29d75695b8d5241c6e11da7 |
| SHA512 | 289c40fae5ec1d3dd8b5b00dd93cf9cada2cb5c12bcfefea8c862ddf0a16dced15d6814dad771af9103b3a5d3016d301ee40058edde3fdea30d9767146d11cd6 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | a2ec2e91c3ef8c42e22c4887d032b333 |
| SHA1 | e2c738a2e9400535b74e2263c7e7d1ecefe575f2 |
| SHA256 | 8f9f970835f133258a7f740126012439385bbaa5a1d6a9d0d967a390977441c3 |
| SHA512 | b069d241efb19e09ec8b5e60ef6c43e00d5cc0f774b9340127c2180356dd1964ac625c1afdfaee5f99e72b26f56046fc329aadbbc365b403af765a55e9c9aab3 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 9dfb2957a6d3972d5dca9b0c3af069f2 |
| SHA1 | 6705ae5f3433e70dd5ea082de05028abda2d8236 |
| SHA256 | 0467c4ceab72a0a9da68d17e5600b21920ad15eadf9e2109fe6299a12f4dcee7 |
| SHA512 | de6e4f5a705efa06ad649c9eebc195d62c27bd7c7eabd72ec1d21b5b892f43ac0f76cc869b639f402dee93000b0a064641071bd3a8d4c64ead380b99108eedf2 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000003
| MD5 | b201e8da90ef456598b8b3bb0e31bf53 |
| SHA1 | 8bb524c8e9b17920c83d9a06c0b305e41cfca560 |
| SHA256 | 2c8b630d1edafb8cc8c8cd73fff10c8ab6d06232929a4d458ec34628920f1665 |
| SHA512 | 50126ac5b7800f5a848ef49ebc8e71d78cb5ee9c1602486b30e697ce57af32c868e46795ac2c157cdfd7fe65c03133c7a752813d520a9106adc3e50620b473f3 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000004
| MD5 | 46f57737d50e34053f1f7633d74d600a |
| SHA1 | ebb8c24e34d2f6f7e25de8ff516cb46ee8dafa36 |
| SHA256 | b49341286ebd650e4486d60e7bed27076f7d583f825f7440faa15d16ba3714b2 |
| SHA512 | c72f440d2a1a3fd6be82cc8c2b10a15f045f0c3485d734ede9fcbe436ba1a9f291830830005d386458092a1a6df1431b58cc6ac95fe2ea745e74ba70b050f2cc |
memory/14440-15624-0x000002C72F6B0000-0x000002C72F759000-memory.dmp
memory/14652-15625-0x000002C626330000-0x000002C626331000-memory.dmp
memory/14652-15627-0x000002C626330000-0x000002C626331000-memory.dmp
memory/14652-15636-0x000002C626330000-0x000002C626331000-memory.dmp
memory/14652-15635-0x000002C626330000-0x000002C626331000-memory.dmp
memory/14652-15634-0x000002C626330000-0x000002C626331000-memory.dmp
memory/14652-15633-0x000002C626330000-0x000002C626331000-memory.dmp
memory/14652-15632-0x000002C626330000-0x000002C626331000-memory.dmp
memory/14652-15631-0x000002C626330000-0x000002C626331000-memory.dmp
memory/14652-15630-0x000002C626330000-0x000002C626331000-memory.dmp
memory/14652-15626-0x000002C626330000-0x000002C626331000-memory.dmp
memory/14412-15615-0x0000000067790000-0x0000000068AD1000-memory.dmp
memory/15160-15644-0x0000021CE4740000-0x0000021CE47ED000-memory.dmp
memory/15240-15645-0x000002B6DF900000-0x000002B6DF9AD000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5c3f3cf3b114747b_0
| MD5 | b6bbfb572c5d5cf91a0d32fde37bd56b |
| SHA1 | 82b765715347c55c6ec61fa475e418ae6915fc11 |
| SHA256 | 8cc0232464fd32adeedce8f275fa10c06764e15875ffedaedc7d5738cd84e875 |
| SHA512 | 5d554ecb125b0ac3f235c0e3b3f669f14656d68c5d8d7b945450dd8c211a28ea7c2c9c42744e5e2d12b9eac10a50f00b2461abee52588bcf88225729b1faf883 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8da2d64f7c04235a_0
| MD5 | 336a252266813eb0c2b3ec4f693f7816 |
| SHA1 | 895f19866bfaaa02cb180f0e5cccc8aa85b63ec1 |
| SHA256 | f60117ac64daa6640d4f1dfc9823fa066d4fdd54620250343a1b68fc5da5ef3f |
| SHA512 | 386ae6ad966c1dc88001c4c8b767c20c727a9a9d32a6bdbe463b22b377e237428dc005041df2578054c50ee85394a8c9cdee900f86caf71ecc60b3a1f780b585 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bda03fc6154eedd6_0
| MD5 | daaba73749ae628dfcd0095731d65e95 |
| SHA1 | 034a30c8ebce425b0e6886114b5c8b168e494156 |
| SHA256 | 8a69964d8fd0c5bd30f210620cebd877ee5e45d352bc8e318a5a46d9c3351aad |
| SHA512 | 9cb2f5f1a0bb06d6a0d80b24344bebb38fc97013d35a7b236c384778164525ca054eb111870245bb79f6e7eefa2b922b66ee7a18a93eea865508f8f2696298ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1a914eb5fc51fb84_0
| MD5 | 191d56586d7151342328b6d4fc730ab9 |
| SHA1 | db5f711b94f063610c294da35206c19847aaa2ed |
| SHA256 | 68afa602eadb76a6ac1c0e52986a6e9a6f526520e574b5b5bee4325ae59bccb1 |
| SHA512 | d38dbb6b048ff3a53e6b0c0fd8efac0d7613cae5aa11aa6f4f3685ba16b98c23e25cbd151ada6bbe68ae16d871d29ccb722aaaae27994c51a9d3353d43c6b907 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c91c845c83814759_0
| MD5 | e990dd9ee0657c4a15ea8718077fdb61 |
| SHA1 | d40916e12a3a397c4acadbda911d9c0b613201b2 |
| SHA256 | 7f3fa64ef52f7609a7762509460950899a9f6da5339ed5ff30846f8212eaac71 |
| SHA512 | e4a27b13424c58868c3deaaa21d7cdd2156045298257f6da97fb93108ef3c9e6f688b45f6b701c5cb6cfe11e29b619bc5279181ce0f5c0cfc68d3b8fe156faa4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\61a0b4d20ae0e222_0
| MD5 | 8d2920351380d9d9e85623e3e547137e |
| SHA1 | aaf6a82f526a54f175da7243a50efa6495f37e16 |
| SHA256 | 01aecc9da4f40d5c34901e240323d9f712a3d9427f239e7f87302ce56f9e680e |
| SHA512 | edf1288bf80babe76b3c4710b5e94bb3130d3edb4aff516c85df5ecfea3c7edcd7b2955b9e919647d18f7b4734bbae135541d730db192ce7838bd0cd8c1190e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0bbe00d9bf7b798e_0
| MD5 | 21fa0f01af0a21c44a8804d7499e5d5e |
| SHA1 | 500fce057e06f955a17f9b335149e2acb8eda219 |
| SHA256 | 74b5f4a8c7b7974fd90d853f48ccecc1105595e809ce0f29043202485204102d |
| SHA512 | 8126ecba38b5a7d326b6e158ba666d07cc2b71971d2e2ca4bd15513a395117108e5a2297e4c967ea729fff2a366f9d2e896668c58a1eb28def68c2eebea4f4ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3a4259a0181983ba_0
| MD5 | c78c1b0872966128203b559f781e991d |
| SHA1 | 561a491534d2fbc06e7c69b62fa15d4d80114ac2 |
| SHA256 | 8fd55bd94fb77dbd9c905210010218f7a8bdbc23969ea4930b76c7a6948706a0 |
| SHA512 | f983ac835dde5dcdfd28f6b703e4f8151529cd58def62cac1b63ba6b9d45c55c3f89e2575bfa61786c7c727a98725cae0b4e710afd16f133c0b25d54f6c7a6b5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ffb062f3faa1ea0c_0
| MD5 | 900a3c45dd67ab6652edc56a1761a8dd |
| SHA1 | 5afd4a0249fe601ce0a2879236f2d1465fb1453f |
| SHA256 | 4b7ec99becffc03d454126a310217fcb53cf7661a71c6772a5cfa543de37dc7c |
| SHA512 | 2d501b9052651a56a73f0f172ed1b601e26cbcca87697fed8afef4edab376c1dbdf2ddedc74cbe7daa9cff877cdd0199ddf4aaa33b9b4b7b889de47d8ff3cc71 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\90d7d7591a1b39bb_0
| MD5 | 65787990ebf14dc71162fccf4d52c0de |
| SHA1 | 5a5d8443e32c192fdfec018ec63d59517d078ca1 |
| SHA256 | 6bad6eacd45b6a19c6f1dea2355bb4f14fe428262d71d635eefd8081450ddd8c |
| SHA512 | 98adbe18148dc15e9c113a7679079d327bf90df0eeb1522a02f2187658ac369891e23615bcb55e8d04dbecea89ae75485e859f5b07d296943c7aebdb71530787 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\37afe38eb817b647_0
| MD5 | 3c2a9a62613f0fcc515c8dac7134824f |
| SHA1 | ba68e5313647f6f2af81678d5a7dee140cd77196 |
| SHA256 | f4c8de11d132f211c97db62878c0d7fb8b21fb7e107389a89d08af3bd7071153 |
| SHA512 | 151ae1a888437f9590b7ebbaa7d0b2ee1a07deac491472f38c4f9a696b0b9ea46baff7c1876b32d325a553e7fde1382d1e7ebd6a9460bea83f8ef2cd9f9f841e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0
| MD5 | ad71b83d5524ac6470d51745f7d0c194 |
| SHA1 | a7e52e9d72e39c6722cbb1d92f08ac3858fa0537 |
| SHA256 | 21070f8e472881032116150bd4b3cb062541892b322d985687a06ded3dac2141 |
| SHA512 | 7b062d168de43ebfb0968cd9dd7e4e52d54340f950339c22a742fe6a76c2ccc6b5cd5024ea4f1d865bc21fe11339c94837c07286f6d55967f169cec1b67826ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0
| MD5 | a4ee63b58e759028a1bd289dd62cf6b8 |
| SHA1 | 4e3397058efbc0ca181d3091b94b80182ff261d1 |
| SHA256 | 27625e9c0f8b2209e3afbe7290a4d0e2010b27c4efb139127d61a2d2580b76d9 |
| SHA512 | b0107513816809a6dc47266b5c2e5e89b62cfca82188dd4d0bc202d853017184cdda590cd7607b9a70ae77eec182ab452a0fdc809084149dcf9e14ba5b111955 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\be6d12311ce2b399_0
| MD5 | 3036559056af3a73d2ea8b0f9f6314db |
| SHA1 | 6cc89b35374dfa84b9dcbace5827c2d0b673c90c |
| SHA256 | 429eab1c24da32a254a47f0cf7a09dcaa8da1f9cdf79602f5c40f271d167e200 |
| SHA512 | 646722f22d66c3311ae535a2280764f3e1adc6f1c778565cf1e46b33b9c2ba13bf9500c26eebc56ef38775bd1f1b5e026502dda6da03469828d3fd19ce5925ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0
| MD5 | 3bfd20d4559ae261314ccd2a4a0ca44e |
| SHA1 | bd275b7b2f50e7913ed37f8f7937f13a3cd2f105 |
| SHA256 | 05c1889195a4fb100da0106695af61025faa29320ba73d730257285db53cd5f2 |
| SHA512 | c0ee8ff7086d737ef5ab4d6a3471faee1633dbc60ab75afcf8dc97f269c49f2d97fa06eaaad4dff97506c51774214a9b3913d167681a63197f0cfb387b4beb30 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2692617678c042d9_0
| MD5 | b213ee041dd7ac9588150ed69fe23a2b |
| SHA1 | 6b414a9d81f626290d6697352a67b20346a51d8a |
| SHA256 | 3c72d27499fe4af8469b3f97fa548995c80ad65d780af3510152fb87b011c521 |
| SHA512 | 0270f90d09aa5d43850288246aeb42ce22f660391037fcf4476d612f2bf5c4372ca67937ef087846582ec3c0f41c7a35b90837acad6dc42afb6c40b4784c6e68 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0
| MD5 | 4eeb8c5ee6edcc3dd4f665c919451860 |
| SHA1 | 0098a0d76bb3e6de94b581bffe31cc59c19704b7 |
| SHA256 | 4456786746081a2a64ad51910b7b2ab95e56f39e67d4f553d37cfa5bc24df2ee |
| SHA512 | 3c9f550957ba1ec1e33868b553fe7f513487f9c9af1066532c830de7aacd39ca5742d33078bec3ef2e20b1b5171b6b1fbf8afd8881b1fcb6406f2378addc4ae9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\71d68e68ea4089fe_0
| MD5 | b59b30a9e9915b537a297f20245cf63c |
| SHA1 | 08e4f82512df05b89269ae974a15c9e8a7c63efe |
| SHA256 | b55d7f534a16ea474851ce3019c15fd3ff29b7a9cc70ec259b4dee8692dac137 |
| SHA512 | 137407435d50d5da7d9fcc74696a46c2e6df7fe20db95298d02631b898fc91f1c9f2ab9853bb1075fab75a5095dde195500c4daa62c5ed3e60babea27b8b3a34 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5dd1e579c9681f95_0
| MD5 | a05117279694a400f13f39211d3d08b4 |
| SHA1 | c067a32472af7fb90a5c8d5092db8354dbad4e0e |
| SHA256 | b5f1155211ee1860895fd3c0c38d798fde20a294dc1ae60c355cafd25bbb3a24 |
| SHA512 | 294b4c52500f82bed491ca139a582f1e72aa3578270f0cac2db699150f69c9524b298e114385166d24ed2ef40aa39d99ba498edc496918fd344f0b60130bb056 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0
| MD5 | 7332fc438b0c665e9ee70ebed5ec18a7 |
| SHA1 | 14b530c52255cb40cf0148fa8564941338faf65d |
| SHA256 | 5100d5e1c5abc8a2c2912c5f4cc485cbc76f2b78d1f944e249a94293176076d4 |
| SHA512 | b1d2b631d9dd18ef927e9067a0d2717bdbaff84e63ad82cfa8a2488f918bbed84dbdc2925ae827fe464b4bd9a163e625123800de9becc7cb03d097c683ff14fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e146fd968644d345_0
| MD5 | 1cc3d6cfe52888950c7efe70287e169c |
| SHA1 | 7a8db2d8cd39a29aae14d0bef1df798912053a2a |
| SHA256 | e1f99ee85a1789def64fa082cecd0f28c2228494fd3420236ea83f73ecbf4e12 |
| SHA512 | 88838255f440293ec8b010607b57c3e511c8f82667e85fc0824c92b9038fca5ae07013856c7fbabdad777a08204ecb479c363cd45c14d0b641de641e88a073e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4a514561a7866b0a_0
| MD5 | 9429c006be34fd80f94cc6ad21950cae |
| SHA1 | ca971db8810721bc06de039fc3458a1682c9246c |
| SHA256 | 02c9c2a6260a39fdc49e644bc155bb830c3ffa687a0df95df8b49d5b933138ef |
| SHA512 | 28fd974cd0bed9625756bb5b0b06344f3b0bc727cca0ee09e00ea6221ebb501bbaba7f258310ba1045d24da791a9191f38ff28c4a6177c4e742622ac51e6d458 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2f4680e8f8f8a14f_0
| MD5 | fb822185358b1b3a45d1bbaa0037d006 |
| SHA1 | 18cd945dd322a25ea26aff9328353a892fca477f |
| SHA256 | 55a526d1f489970917baf5a36181ea5aa294aa66f465e02516f325378eb0aa94 |
| SHA512 | 14cf2f1468e081eaab657571550cdf29806ae724c6f90c1c548d5c0c825feceaead574334721621bd288b2c8d17739a804a6833a0074b0030ec2445b8d416f93 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a89f635cfc4e3ab3_0
| MD5 | 01b5baff6e169e8ad9182debd0f4ebf7 |
| SHA1 | ef91b4f06b5001a16ae730c89ceb579d24f7caea |
| SHA256 | dd80e340824e80e57becc8c6679f0a080893d96a9d131136aa439c1034aa3c6e |
| SHA512 | 5eb663fb3281925003c98d61f4ae86bf4dbb660d4cecd6def5db3852989a6f44962b71d94dc1002110043b476f875f32564af07e4b6540230be06b2c190f85e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d79e0a2891fc014a_0
| MD5 | ff89fcd3350b0ca2a8967d6b7e92ba57 |
| SHA1 | f5f7f13fef0bf4746e75350c9a18c031d5300267 |
| SHA256 | ae8fd3b170c7f2241c6594d54a1430ef9ce30b110c6bc63ed8cb3b6cbf22eeda |
| SHA512 | 051ac0ca29c8f0aeb2575812d1ff5cfc48ebf0094f98896ee41e1404e9928a55932738aaa779ced0ba3ed5a7636c88102ceaa00c042beb1541440bdf178dd481 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e9c7e700cc3e33cf_0
| MD5 | bb4deb3f95665345ae96923df85c74d2 |
| SHA1 | 7182fa59d7003e4050a2b2820f8bb44b84207501 |
| SHA256 | 71018162717acfae3e39c54af225c6ce6b2d748b5709a3c135abc585f74204a4 |
| SHA512 | 90ee233f09f6a71086612c74de22232687ccdc97ecba43f15208b157f006d3a9452034c1f9be7004d264244f5b68caba6750bc76e7dff5eb48f669fe626e1cb8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\766094f4b47e839c_0
| MD5 | 866b0e786bc53d062b55e1b4bf04d4bc |
| SHA1 | 6616e3c48a004268daf3d20f7281f6af9da7a48a |
| SHA256 | 17eec07ea2f60d8439221a615e37978b7b71a1e63641a78f37eadf1a3342aa9d |
| SHA512 | a842eba512e2f1ef90e5153da07148c35477c5b64a71ea11053a425ef3f5d5892472774cec992bdff0919d5de03445dd865af72d49f60fcb7e55f192ea7e7264 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9dbb949d27873cbc_0
| MD5 | 75d4a38f11752e16241d8bbd8b16e41a |
| SHA1 | 804346f9b529be17ac8e3cbf1e711c6e09a2853c |
| SHA256 | d83ee9f5f8625dd4f6fe0af78654ee6038240f404530ab51080f27012c7657fc |
| SHA512 | 90133d22a56a48e186987444c8a78d510ffea01b859dfb7240ea198e9727ce4d771b5426ecf8df4f65acdb60e708f96ba507981a8a333d2c920e8dec515e1f76 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2076e2a98754e97_0
| MD5 | f07ce858ddf4d6c3a85325fdad63a021 |
| SHA1 | dbdd8ba92572d4f55ae5a95081623c63dbd3cf07 |
| SHA256 | 4f2874138367d7de4b0c22ca02cfe4d027deb5786c8157f18529cd3b5d236578 |
| SHA512 | a9c53a16b300ff8ddd4422a05d5a5a11038158ab134116422118f532c1f3e5e2943ab088c6993b21c27576685720503363cb625e48289013baa5a91d85714b38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8e5987d08f7b6e11_0
| MD5 | 6d9209d3024cdecff3e288ab98f6a4c7 |
| SHA1 | 1e210dfcdc38a6eb76268b15f0c5206d7b3be8fa |
| SHA256 | 56c4423da0a91332c4a5115567635c216ae5d9ac09da21412264f7e9b6fcf867 |
| SHA512 | ae4278d8da52aeee3acbe70c7224957d4b76f43bc68579f20561697ff01b227b52e18718dfe68f334dd58cf9dbb6f30a371f2869d6045b2947f7dc18598ecad3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\86b9cbd77d05d034_0
| MD5 | 45e3340ed7db1d17336729f0de659e2d |
| SHA1 | b74a16bf8d94881331d1f814bd2c2d22c582c279 |
| SHA256 | 02d6b3466f17a67fd63537e4db7d30f8e7946570312baa0737a7170863ad3a00 |
| SHA512 | 1d5edaff2f4b8ee063359b0bb7b6bdabe274c2df1d0bc484229d673e5ebb4bb4d77664a4dffc0c1da7e8c9cb5ac0af83423ce0dff44c7dacc6f7b82935d6e68f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\96bc766215a93e35_0
| MD5 | dc3744a32afa759917c7e64dba66be1a |
| SHA1 | 0c38a98eb5d73ebd29ceb6fd0544a5bb76c91506 |
| SHA256 | a0fee58ceb483ecfd0f85d5be1eae7a57faa785d53d06d3d2558dde6672e41c8 |
| SHA512 | 3ea27abb33c31f68b32c2b4ebcc1b1faeaf29c8ee1431ed4f6a4d6d84ad91785ec0364913888f9d4e5101f49e63e998fc74ef2a7cd407059e276b6fbc71fdbcb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\55d1a302ab2e2689_0
| MD5 | 3384bd9df5f66d9c314c93a1c09d72fb |
| SHA1 | 6c38de113a2ee7dd39dc2437a59373cba9b63584 |
| SHA256 | ad0b4d12d7d6ce8b0a9e7897524d703c42ff721c81c2c0fc3190b3ca071f2f2e |
| SHA512 | ccc4455b178237ccff5d09a248092a35eb8b68ca71d42fcd109dab6bf8afa9e48c4bd1c1ff1be5ec3c446785ac614f9e1a8b6251af292f308968f54e1a577935 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\49f654861166b28d_0
| MD5 | d4182b7a3cb059d98c8b7108af4dfdb1 |
| SHA1 | 7e82702c13b4a689c39eb891ae74bf0e981e419c |
| SHA256 | 215b4b385f840cf47eef92ea4f2cba1b465916e457a8de7c86158e23fc41c82d |
| SHA512 | 7aadf852fa29f1dcb2a263459fa2c9c33e40b75e9fe0738616cb5aca222592218f9b30300fec94c10ae9eaa758de73b1e7db583c567f2cfee0f3740d5adfd2e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6b1c3d6d62495ca9_0
| MD5 | 9c02def830a7ba8024eead83f742dca2 |
| SHA1 | 8354172afdce34b11c5ce864dfa41d5c4a655f8b |
| SHA256 | 4737d1e95eb38b593fa5709ae3a85af7781e2fb2984700fef3eef19735ae4012 |
| SHA512 | 7afc2a19ef7729035210d30fa6bedcaa36e4a5a4ad93f4a86a7f3174a1986bbacab822a996afdd32024421b1832a69b19c0ab4632f233a3a6f8677d591951831 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6a5e8bb53a565b9f_0
| MD5 | 5702887d030bab9803b5d73513514659 |
| SHA1 | c3510b6e8194ead3670dcbe483f159be18bdfb38 |
| SHA256 | 106a3c225e25ca81e5a48d639cb4b5e1c0bcb54d670b4299e8ab3dad08021895 |
| SHA512 | 37782ddf28cc891938b2a8a7fda34545dc4232382befd48c72c13263ab757d7f792529fdfeea008033e7e0b9008777a46e3c5ea4236b58e9773314524f35620c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\06cdbb7047afc473_0
| MD5 | 2f0f6879b9225b6dfce0033f3c88ce5f |
| SHA1 | 2cd9fd063f0d8f071d41fc1115d657e711ed178f |
| SHA256 | b9b7584a2f985a4380ad25e1b444b6ceff0130fbb6fd2eaec77ed0554a8f979e |
| SHA512 | 058008a2b750ee68be4338bd344fc13bb96e5997cc9ba294f81a664a1bc3a91d7e8a2e2ca40d3de3f874ff85e9df8da0d55939865e80cd1d1b9eb23b0d90c060 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\15d2ba66b474cf52_0
| MD5 | 5bcac8197b744e1ce01bf60b99a8b394 |
| SHA1 | df10fc83684584d1071712b21bef50e328f05275 |
| SHA256 | e1162d6fb49f4890a7fc33e333f407cda766392383bd1b108c83a4b5e821cf96 |
| SHA512 | ae0e84077d3ab4cc50ecc161fc8a3bbfa2ca135db0ec5e5d0bc43a0044b16437b5f53b13c2f252a53cf143387df340162bcbce57b6b8013ada70331e52d0f0b7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0f958d80ab38c515_0
| MD5 | e408a4221a910d68cd6e05522a85f7b8 |
| SHA1 | c49660ca6c668954aeb520f058af2d172151d74e |
| SHA256 | 238263a596007ecd210b55d8991cd20cbd0a9e066bcdecc3245d5a74c41aad61 |
| SHA512 | 8b8eee686f0ecf9fe491066711238af46836d6f12e53005872183c5baf7794eb0c9bfe84a3e0b8ad9d1a8df3db05ab5ac56ba27b08c58753a607c7940f23a0ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b985d8383abda828_0
| MD5 | 26d3454c04e698af85f94078b2bce7c3 |
| SHA1 | c269ba262262c7cf8d42c3b4f1506442f3619a31 |
| SHA256 | 09708382112a39ae5e37ec1a1ecff091c870799a90aa205c6d0ae1542d2ef807 |
| SHA512 | f887bee0bad97e2469aa3068e5ce5a9b0ff80897839491afaca7b0fb47ca3adcff96f0f48c8e241efb8f94226de5237b62ef18fbe0faea65dc32383920905365 |
memory/16072-15762-0x00000246E87A0000-0x00000246E884D000-memory.dmp
memory/16452-15764-0x000001FF51510000-0x000001FF515BD000-memory.dmp
memory/14412-15763-0x0000000067790000-0x0000000068AD1000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d82e70d3cf2d5a7114414e32024834ad |
| SHA1 | 852d06607fac60bdab1b7e4c55451226e220adcc |
| SHA256 | c3220437e5bf6894ebd7d7f3fc1fe6d6fe33e40e8c5caef8afc73f7c49bae6b7 |
| SHA512 | b05276c4675077532c5d33d6e7c06fb2f9cbd582e063a5f9f7568e49431f19be2fc1183b1ff1ae7fd902f544d1380e89085212b2afb34fb37923f9d42232448a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4ab445b1ed9cecb15c416bdf6d1851c3 |
| SHA1 | 111280a4684116da5caab55f178281033ab920cc |
| SHA256 | 6766cf24be0a1f03caf5d615a5530e6893cc140d27d8febcff619e40cebd48e8 |
| SHA512 | 81520700c0dfc00c52291b1a5c1f9163e873615ff8d36f3d7934b668902e6ed1fe75d5bd3449cfb9f6b2a63aa11ca939f401e75b1dc3a3ff186d3b9d052e8ab7 |
memory/14412-15814-0x0000000067790000-0x0000000068AD1000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index
| MD5 | 82330547be6520d43db38e28b03b453e |
| SHA1 | 8fc261f091224decd64ae9c2e563c54c5961d3f7 |
| SHA256 | 6b1e16034988d8169f94f42015ff4061d5a964fb3a6415e3de1a05e9d065717b |
| SHA512 | 5117473a3c46848be41a6faa7f6c3f64a06577bf26dfd84ef406965c88113db574bdbcb56592f13444acf2657dc78cfb5ba72f8d38a2121b4c857bd1736c8f93 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index~RFe5e3268.TMP
| MD5 | 87b7deb66a9802810e55577e9dd42bfe |
| SHA1 | 1e6ca47d1d4cfe150973136934f5a31467743699 |
| SHA256 | c5d71e1df9c6c1a835f3846c7baf75b2ef60324e79712b5dba22937fdf68f056 |
| SHA512 | f61f5f5bab0e1373452f8a81c454f04efc7f3512c2b94f3e2d7e18109489f647e526ba1424cf7dc7b1a3947604fbafd71ed6080268ea79ea5d515fcb2b8d7052 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 38bd8ed1b404f622beeb90a56446568e |
| SHA1 | ba5a64252c8a87fe14cd5ac3b5e83014a561c3df |
| SHA256 | 871a24bac6351fdbf1608decdd436e9549fd90f29ed918c5c5296ce9e0cd1b4d |
| SHA512 | 11b2471a799f375ab7e29e7fbf2a2cb957f5ca43f55626d84b754e9331ac1bfc18fe95f322192fb9c118fc9a64b24601cc798f9fd34595d8aee5e57c1a578e58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2dc0bc3eda3667ea8dbf15a3d07e824a |
| SHA1 | 3357f6005c31ac69dc7995fc2a8b59e150fcdc2c |
| SHA256 | 3f5b30c2d873c6bc03069e63d4daea8e6baf9b9cf727d06ee67a564bef7f9a9c |
| SHA512 | 85ecfce2b1957ca5ae83a4c56441f40cb4bc78439cf875585c97d9fd29307ba242b3a941ede33ec31a6d0feb2206761ddcf4280506a8ee46311e2e43156a234e |
memory/14412-15861-0x0000000067790000-0x0000000068AD1000-memory.dmp
memory/14412-15874-0x0000000067790000-0x0000000068AD1000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 500f993b03d298fd0921c39f460b38d8 |
| SHA1 | 81ebd5afecc3445321c46bd48546fdb99dde2d02 |
| SHA256 | cfd0a83a0fb278a6b559213638c00d83e75e7832faf5e56d9e4dc3052110d814 |
| SHA512 | d36ab91864fd444f3d1e355a878759c821e0ab39f7c557008ac9b23d991493ed6a3240a620497b5c6a412b2a13de35928f73426dcac64931efcb40fc96dcca4d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 01bd058ef55ec8ad9049698468a9d3df |
| SHA1 | eadd10e2e92431b9b0480e6923354d888ccc3374 |
| SHA256 | 56fc6ed0e05b9e7c92e203155e53db00f1b761735d14d4485341dfe8fb9d9132 |
| SHA512 | 6da9261d2d1372c5a611a1fc07bce71642a53eafe79694ffa07acda4d025c878ba032a9967f3a636bae4a14ab6df5af457e8aa33dfbf13b27bd359214ddcf1d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e14f976f0ecb81af4d8b3662e81a74be |
| SHA1 | 6eda85e292cee6d75d7a94de1099a2c64ba7aa1d |
| SHA256 | 0eaf910212f54cdf26ebad00e89c7c2e330ed8341e9f7a83e702584821ce9612 |
| SHA512 | 0cfb4258340a59b1df9591d0f3c01eff0ea81244d4c10fe091801d8e9629899a78d7616ccd6319c43775f3722c9f2c22a390399fcc4d664b5074924643b0fe73 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json~RFe5ed32c.TMP
| MD5 | 23edd51568fcf539353ac1467a13c029 |
| SHA1 | 53d7a006221084c541686d555bb02c94151ba572 |
| SHA256 | 3036ad4ee8c42c3b9701dae837951e42a3fff312a4016b5f6c4d990b012d432c |
| SHA512 | 2d8a13210c5b111425caf5e110818a5fb11c1d7aab73684734a931c6f31c93c1a567cc4192d0fce0f7edcf7594ecc984a558b7c510f23432d781734f11408ccd |
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json
| MD5 | f456b25a05f327302ebde791675e8f39 |
| SHA1 | 4a8cd723e85ef6f627521d3fa62f7354458e1977 |
| SHA256 | 3b912063f3546187ae92d6dda3ebecfd5ca5e1303577fc01fbfa4e5ec59edb18 |
| SHA512 | f6323c9532562e93a235d37d933cf39309ce7c8ff29c98eadb1f91201c1994c6f65985d3cde833aa7df33997f147d662d28134287215189e98b327c8927c2fb3 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State
| MD5 | 8a49875106fce7155d03ec5f7dc9e4a1 |
| SHA1 | dc009c484f1489886aff2c87bf641bc918823325 |
| SHA256 | 90f246ce686aebc7c5d9dfa183d32983ea1afaada0ead50448dd2ea755bce576 |
| SHA512 | d295ec48cc0d497bff56cd72ff5a523296f195b8245a9498899981b56f92dd00fc4881c4f8089b3f3b7f79162e793b12e0bac4db6a7ab8dd21d973591e8d1958 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State~RFe5ee6c4.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 6598315dfc7dee03a7b7ee69fae62206 |
| SHA1 | aa51f8c032f7d9686118ff55afbb8b94779dd7ae |
| SHA256 | 17cb0514be2b444811e7cedd4985846354f7eb2ca9414b337dcf9dbbab3e758b |
| SHA512 | 431adeb1ef249bd8630aba0e02e2110f2ea84117ee07c7d6e3dada3835b212fb726e12920ad8789994559f180c9245474cab6477a2b5d41cf88de126db20889a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 12715bbf2b39565e1e4c32187fca109d |
| SHA1 | 0e4d3187682906928a0f8a974fae4ae7839d80db |
| SHA256 | 74b818fa2ef9d48c7cf6228d69bce256a4bf95d7a6ca6084c34d128fa02e4e1e |
| SHA512 | 9d605f3577908f8d5365cbff0d80892afd1d0fc63ed9a38358378365ab8e9b6b95a99d47ff939c668dbc3927d0635ffa812b3eec8c0a177406a60f1b82e4a327 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c68ced5db179d3a4083d413a6db9e375 |
| SHA1 | 1af5b36722380310afe4d8442a3b6a0205be4599 |
| SHA256 | 5cc99ddc79734108264a0d7bb48ca4b4e25e6c4d25d2be463aa849725aedb135 |
| SHA512 | c517e39e0e4eff544f420e59d3baf512e8a2f6cfea03e3395b1d45590dc34f3cda23682f4e6f5e911e367427326a743281cd6b6ad567901748d2ff4552571537 |
C:\Program Files\chrome_Unpacker_BeginUnzipping14440_1395053357\LICENSE
| MD5 | f6719687bed7403612eaed0b191eb4a9 |
| SHA1 | dd03919750e45507743bd089a659e8efcefa7af1 |
| SHA256 | afb514e4269594234b32c873ba2cd3cc8892e836861137b531a40a1232820c59 |
| SHA512 | dd14a7eae05d90f35a055a5098d09cd2233d784f6ac228b5927925241689bff828e573b7a90a5196bfdd7aaeecf00f5c94486ad9e3910cfb07475fcfbb7f0d56 |
C:\Program Files\chrome_Unpacker_BeginUnzipping14440_1395053357\manifest.json
| MD5 | 2ff237adbc218a4934a8b361bcd3428e |
| SHA1 | efad279269d9372dcf9c65b8527792e2e9e6ca7d |
| SHA256 | 25a702dd5389cc7b077c6b4e06c1fad9bdea74a9c37453388986d093c277d827 |
| SHA512 | bafd91699019ab756adf13633b825d9d9bae374ca146e8c05abc70c931d491d421268a6e6549a8d284782898bc6eb99e3017fbe3a98e09cd3dfecad19f95e542 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 021a0401c7d032e9af0c80aaa5bc1ac5 |
| SHA1 | 4e4f7daa3a27b9fcae4e87e5c8c7efc1b6933b3d |
| SHA256 | 6a338519baba70e9da02da1959c7e6bc169e82d1e4c5d22102285ce7406230d9 |
| SHA512 | ae91a37b4eae3524453507f0bc2f63a92bc6db7c8132e28302d0bf3ce8768d50fb1cc273ddf8712630af30b2754a32c832128a83efe65641b5c7d88005363302 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json
| MD5 | c79b82df4b122515ab3f47f4a369a86e |
| SHA1 | 6041aa9d5f066932aa20aa48e77c8252cb543890 |
| SHA256 | 51fea5e81939309bb0d74e819bd58e7eb56a203dd9c875c08288358f37daa140 |
| SHA512 | a1c7f12e6b06791beedb98a73418b8ce72c9c4d821602f323d0afeab598e692ec6aab93ef8b4a5cf482fb5886f217098082edf7528344c7c8965ce31fde00d0f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 84966a11e4384c580328c619f9f959bb |
| SHA1 | 12efd6214f96d10dec10078eac801db8dc4b1540 |
| SHA256 | 297a16f85953cbcea4fe2bd914b7cc7cd86d20fc50c99b2007881cce2fa5f69a |
| SHA512 | 43d43debabe306bf67ef3edcda4e1a8218753d752bfa42a43c5c750e506f1ed5d4ee128b9cf1db7af3a01fa7e60a72f1400947bd97297ca6314896ce8b019c58 |
C:\Program Files (x86)\Steam\logs\cef_log.txt
| MD5 | 1a1516e6c9816513448cb5b3b926d616 |
| SHA1 | 4531e52f766c9ebb78d6aa234d23a9544a69b68d |
| SHA256 | ca37de0164481c50e98166b8eabe75bde0cf140f58f4374228b20fca620948bd |
| SHA512 | b325bcd4c8b2502bf666a8aea38a404439685a8adce779bd4cba65630a46878cc64666444e58a53088bac1ad8e1dd5988a109bcdc3a91dcc14dc3217e5e2a006 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4ff4b179c1c05fed_0
| MD5 | 9783faffbd685965100d97d64f1ed615 |
| SHA1 | d481c11e6cc00a5c0b8f6405c82e62b0b9ff1bc5 |
| SHA256 | da710a4ad6036127e0da20c4119bb131eb3794e8cb07868e3506ace3c095a062 |
| SHA512 | d49d3c1c9198f67cf1f14719a56da200f2f0a446938af1934515d5861bd51364012eb54f90b971f94a1c0586daf4bc2c10f92909daf8a3e48ab552b0c47bede6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7f3b4428cb588614fbb9a13a374bfad7 |
| SHA1 | d23edcaf18ff14febae4e7427a905351cbfea97c |
| SHA256 | 3c5c5a99967b275ed273446b64127257b7f2554ce4c1317ffe023b8057c1412d |
| SHA512 | 057a8bbc9c7cba79c6e4ecf04fdf8c0e5e9e6f81e156cc14f5c00578e315003cffc1805f4029d4569114c55045b65f22d0e8ef9f5302afb3078e58c9963ca4e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 24ce0af580700be3dd00f6ae90ab42aa |
| SHA1 | 219307f18fcd4c6163a2f273aef2a6b0669de436 |
| SHA256 | 58e3f77fa3f316342ce14bc169e5bf9b8a255c4a9025c50c6c4ef2b2e98a56a2 |
| SHA512 | 8dc2720a1de3da44fe759e52ba423634afa30b01a30f44ebf2728d4965ae7e9cbd5ed31a377575a4ab074a8f0f111e924db1366cba02ed3f03876a41173f220c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 36e6e73c13ccab2243b7c2c512456b62 |
| SHA1 | 1c7ce5d3d2616ce6d142f916ed470608b6646cd9 |
| SHA256 | bc6b47d528b909d007b9eb8eac912073cfb1f59cb8284093cab72a9c770237fb |
| SHA512 | 8a30875fdd008dacaae29f44925788a1ec4a72b8e8a35e0f01ab4fc6b81f839d3ec85db4cebd3fd8324095c9ad689c38b350718d4d8073effdaaee4a7bf18440 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\14ff8116b518ca2d_0
| MD5 | bc150f15d02dcf6210e13846d465177e |
| SHA1 | d43a4df7cc9f6c0de6e200a0b65e1239e58f11c9 |
| SHA256 | 51cb4753a88b8c37885adbed71d765f24ba91eb07ee87d7ae52edf7be099363c |
| SHA512 | 20a67aa893ff99739788a4b74f85ee3ef8aa1b30831230d7d3c7165e9cdd001e88c067f429edf64e1ea6f1dedcf729844ef2f3b35106b4a113e8fdec8357d395 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fbd11ea5cda006cc_0
| MD5 | 43eb0ffd3ee4023cbf2698eb32502169 |
| SHA1 | 369b28e601b0b6e9827db06129b89d17bc88cc2c |
| SHA256 | 215f858c4a54c2b4994cca99b938ab61ad5e0ab082fe6cef872d511501ac3a34 |
| SHA512 | 2ed361fcece5e87ce6f0072cfaee054de05c8c5a63424ede282a76eb17f4993dd6e58ed7cf0510fe50361c600c168caf718c48effc5f174291af340ca5a5cf2a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fdd02fff03de4c25_0
| MD5 | 432b2ef3894b68c279fd7735f32db4f8 |
| SHA1 | 559b3ffe1bc8ef3d30b80da23b04da2502057675 |
| SHA256 | 1ba6281cb188fef110ce2847d45145a941d5280586771007106ef62cbbab17d8 |
| SHA512 | c479f29fa1be116daf0212e7c177245a8261d2a6173224d179e0e41a1b8b94794fb60ad3c04b409ecd64a772a367f52657e62cc092129deb76b4f10a0b80c20b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9a849c411baba02242afb1372154b941 |
| SHA1 | 35377389f9d0b6193cf4a487298aeea82120e41b |
| SHA256 | cb08fd3411e216d5da4c4fc8c57ef79ef9702a8f0008d4b6d2b9d3714745d5a2 |
| SHA512 | 918d6659c9dea391d87bd10f2425b5fd9ef8ca6887466e58652803478fdfdb063d6e292ac2fc9b7b737608d9d0a27226b1084062368fe772e11bff87634793c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5282a482e1b243664862144fa35b6319 |
| SHA1 | 0efce0b1d34ce88eb341749b4da5dd963a05d621 |
| SHA256 | 6a842f312c3bf77c5a28f3bd57690bec31e2d6e4f82af780531aa09f3878b733 |
| SHA512 | 66258a170921c5fbba203ada8720df1e15f6a9f5de0a7fccc7e7f70a601d449c0e3d0891915977e295f2128abb00f0aacae7ed5ef232af96440028a6371b07e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6188c33e73afb3c21b9fb3cd0e34a064 |
| SHA1 | d26282712dabc7d936537ced83b452a8ea62661a |
| SHA256 | 6b4645d5ce51255b063204a6df7fbe4fdaabe55fab07ba3d0538087e9c60458d |
| SHA512 | 7dd91d8189106ec1d366bfe0c29d33095a39f7ab0ba337b76059267b36858bfa61d71de72e60ab163e228477fe4aa819c7ea84c5d330fad7e6f826d687fc9333 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001fe
| MD5 | fe6e182c22ce8e0fca04e21242825a4b |
| SHA1 | 363fb33914dd0ff41a473aa2fc0f3d8e11670384 |
| SHA256 | 6648d0b2d3cfade77810ab3e50524488fb4aa8e0dc843c66782c8742149d60ff |
| SHA512 | 7442d0b86bfa2386a8712e70a7af21adf0494800d55a518bf3bc1ad55a9f24a1c448c99e4ea5e5a9412105398b68255933a262a8ceab103b676645de039f65fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1f4a2679e4de524aa02c91f7e4f61add |
| SHA1 | ee2b451a055cde0d20b1ef57fdc40d7c3e75304f |
| SHA256 | 9ec98359ebda203ab2847c08a9b85fee4c06dc587b33f2766d254eb1a54dad69 |
| SHA512 | b6e990ca2198b1ac446d6fc35ce3f857078abb4a46003e8ea805f4e5e7db73c4d578bab8c2de5b8e007751cb3e8e793dcc8b1903efa70f4e8fc173ff79318d99 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 45a9487e33483af3291f54e4c63d6717 |
| SHA1 | 482b953df8564098ad40d0aeef5b24d4855165f5 |
| SHA256 | 196e83ff585cf257779bd27430d50381939f35374de9e3169571c5350c8cbbe7 |
| SHA512 | 43b518b5dbdbb2723766476c13a893bd15501c218124e674965a4b70e16a537318210418cd64648a74634e8655ac0850b2421a479652350595ba98952dc270a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e57bab345e32de1d69212cf6926dc6bd |
| SHA1 | 2d0f5025365395d97d094dee9b30527bd63920d2 |
| SHA256 | 5892914c1c69562ec1cda1343017e24520b1df8136b8bfdccf86a00ca3e0cd99 |
| SHA512 | 7b1bb24315214aa33d2a7ee8008b78325d0e9df4ae4bd86909d5dab452ff56caf07e5c4a8bc5e549b67caa853029de939a0bf6112e1c7c349c6583224f953cab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4d487dd6595bd94ed0d76e1627eae21e |
| SHA1 | 3187ad0748c850ce0b12282d51a24c6c21cbd93f |
| SHA256 | 9ddab6cb7d650df18c92c0136c1abecc86aaeda0241a9ad7a96e3a0c8ccc1cba |
| SHA512 | 7070fd513af0d8e49d21edf183329f7b304f369443dcc4235dc14b7da3f09e184e54530eca43653c31ec5441aa58550c64f49bd10208c8a91cb8623b4e8ec855 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 76c90db3a6cb45582bb779090fe729bf |
| SHA1 | a99a3b63b545fa17b96d42fb22eb1bc2f0ca2c06 |
| SHA256 | 3fbeac377d58ee6bf613fafe8acb05a1833f3ae3df8aef3673d3c0f58258e0c4 |
| SHA512 | bfa2dbf50420b19673d4f57f6f4ca268a5c6e1b4ec038f41b9ca7f78ca1225a2bdf383c6af4fc5615a7fb7a9779eed05d26d9a739b2899053098ca39e4dcb572 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 10196aec697ab6c20077b0964306c9cd |
| SHA1 | 3a2e71196a67b6770d6e461ecd8b197664a4f561 |
| SHA256 | 3aa7363f6384c9decb68d14ed26748591bb466af7939b52d91358bcb93b1f598 |
| SHA512 | 723380712288e05c330d949dcd7cadf10568c7639f996c4ac7e140c0fafc215e09106f925d6def545c076246b87f057ef7c8d8fcc8c72f242de9ee389155bbde |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 11db0ae83a545558d5d5c66da221b105 |
| SHA1 | 37a4ee6b90991ceb9395ca686f2a3d1ea77776e6 |
| SHA256 | 410ad13984c6af3b97540e2c35624fdb7020b6dd6b212c78fa91e326fe0bce63 |
| SHA512 | c2cdac80fea8f8720d0fbffd125e91dbb8c84cc6b6c4db909a2eab2fec86dfe7261e9500b49ef21138211591cf096a0a74e6dba5655a39f798bff0c4fbe83b79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 893d6fff65cf81a604add2f61622fd7f |
| SHA1 | f6e6926fed15b715ebe1ef35c770b1f98ab43dcb |
| SHA256 | f8310fa796dfa087a3157069ccac2846fd6fa0023e4bf4d5bd5c5101f2f74d36 |
| SHA512 | 3011bbc9dd7bc1a80c4ef7d88453f5741d257ef1016506cf7d9cc27c561bc6a4bb7892105a96c4d06c7ce09e6c8b74d24f54954565fea63f4878bf9aaf1a5743 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f95a920dd6f6393ebca2333174654619 |
| SHA1 | 219596e5876def655ffe413b2f553ed21467307d |
| SHA256 | 504170686dd5823286f7256b6615dfc75380bc0b69c28d197a87326e3b88b39f |
| SHA512 | f4541ebbcc5722e116aacf2794226546528c04b747191b8d3087b280260fe5c915676c584fc3208fb9371bb0f0a5984e56de955221fb02ad4ae8525a4ca2b691 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | eef4f4a353a521e4bc75950dc934e739 |
| SHA1 | 37da8ebe1a6b759ba3f9b55981b2eaae4b7058d4 |
| SHA256 | e150c127bf801cdffa9d3b49ea2bc6d81c58742322a081fb6dc18abb2f42b2e6 |
| SHA512 | 4592b6aab8376c99d0f0725178b9a0e3d154af27beea2eab6fa52fc50c7d94b8aa81693e5a76b7cba0814f87fd140182bd0f58040fcef172868d90213f989dfa |
memory/7596-17213-0x0000000000590000-0x0000000000602000-memory.dmp
memory/7596-17214-0x0000000004EA0000-0x0000000004F3C000-memory.dmp
memory/7596-17215-0x0000000005560000-0x0000000005B04000-memory.dmp
memory/7596-17216-0x0000000005050000-0x00000000050E2000-memory.dmp
memory/7596-17217-0x0000000004F60000-0x0000000004F6A000-memory.dmp
memory/7596-17218-0x00000000050F0000-0x0000000005146000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | b696a23384c573dfe30b0dfc0852e519 |
| SHA1 | 7c6c349384b3a78016187810e2c17fc20365b1aa |
| SHA256 | 29335eca25125b10270a96e6bb49bf002eecc3bb5d186f343153d1a1acd3e556 |
| SHA512 | 6953e499c1417cce78ded2ab7535bcc8436fa004f47e11a218b37eb1b02c27af2e53a6bd92bf85263baf747570583ef8708c6b5a7415e51f1e23ee0f82d58967 |
memory/9672-17295-0x00000000057C0000-0x00000000057CA000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9daebb0ec699e9fd045a5bc558ec95fe |
| SHA1 | 4f0627378bc343b784d92a4e2d8586f7e3be21e1 |
| SHA256 | 526d18f7efd4353ddccae6e03200145f708752328a681ffb6c29655c38498bda |
| SHA512 | 7b1e2c659a30e4efd5d8555f3960cead1a4025bd5b56ebce7c4b84d6c6f3762d2ceff91803a00181a3a4d55e373dbb230ed3422d312f024d61f03458851b4a85 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2e3e2e53077149be2450878980d265b1 |
| SHA1 | 541353116d33d409d266426632a0403a4a950b0f |
| SHA256 | 9509f2e7bd3adce03f2137a5cfe07abe72a986bab528b294550581fce27bf523 |
| SHA512 | c07b499f80bb88a671462ee897149628d12b93db2c220e396022d979c49b1f41945b5a6eae5b5add1a3b15fa786167185073e4c9710dd9c7d68282b1212a4522 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fd38a1b42b43129ebfdbfd310e52d74b |
| SHA1 | 42c866392adeba8c53c05f88c29d3cbe57ba98b3 |
| SHA256 | c8dfdc3fba2581a423b90133f35a29058fcc98e20841a8f8fad54df83804fca0 |
| SHA512 | 67eca90440fa6e8262365c9c270fe1224f1a4697cba747c3d27d403c9a8d71143d40ba2ca379709af0f55fdbfceee1bf0530171b94a5b1b4e980a447534bcb1f |
memory/10668-17344-0x00000000004A0000-0x00000000004B0000-memory.dmp
memory/10712-17345-0x0000000000920000-0x0000000000D84000-memory.dmp
memory/10748-17346-0x000000001B250000-0x000000001B2F6000-memory.dmp
memory/10748-17347-0x000000001B7D0000-0x000000001BC9E000-memory.dmp
memory/10748-17348-0x000000001BD40000-0x000000001BDDC000-memory.dmp
memory/10748-17349-0x0000000000AC0000-0x0000000000AC8000-memory.dmp
memory/10748-17350-0x000000001BF70000-0x000000001BFBC000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML
| MD5 | 7050d5ae8acfbe560fa11073fef8185d |
| SHA1 | 5bc38e77ff06785fe0aec5a345c4ccd15752560e |
| SHA256 | cb87767c4a384c24e4a0f88455f59101b1ae7b4fb8de8a5adb4136c5f7ee545b |
| SHA512 | a7a295ac8921bb3dde58d4bcde9372ed59def61d4b7699057274960fa8c1d1a1daff834a93f7a0698e9e5c16db43af05e9fd2d6d7c9232f7d26ffcff5fc5900b |
memory/10712-17362-0x00000000212A0000-0x00000000212A8000-memory.dmp
memory/10712-17364-0x0000000021310000-0x000000002131E000-memory.dmp
memory/10712-17363-0x0000000021340000-0x0000000021378000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb
| MD5 | 987a07b978cfe12e4ce45e513ef86619 |
| SHA1 | 22eec9a9b2e83ad33bedc59e3205f86590b7d40c |
| SHA256 | f1a4a978ce1c4731df1594043135cf58d084fdf129dd1c8e4507c9e06eac5ea8 |
| SHA512 | 39b86540e4d35c84609ef66537b5aa02058e3d4293f902127c7d4eac8ffc65920cb5c69a77552fc085687eed66e38367f83c177046d0ecb8e6d135463cc142aa |
C:\Users\Admin\Desktop\Joke\chilledwindows.mp4
| MD5 | 698ddcaec1edcf1245807627884edf9c |
| SHA1 | c7fcbeaa2aadffaf807c096c51fb14c47003ac20 |
| SHA256 | cde975f975d21edb2e5faa505205ab8a2c5a565ba1ff8585d1f0e372b2a1d78b |
| SHA512 | a2c326f0c653edcd613a3cefc8d82006e843e69afc787c870aa1b9686a20d79e5ab4e9e60b04d1970f07d88318588c1305117810e73ac620afd1fb6511394155 |