Analysis Overview
SHA256
856a3fa141a74a7040438ec8a7b270bc9f71f7babb93b7c41510d4f347ec21c9
Threat Level: Known bad
The file svtrnTsSnw was found to be: Known bad.
Malicious Activity Summary
Detected google phishing page
Blocklisted process makes network request
Downloads MZ/PE file
Executes dropped EXE
Loads dropped DLL
Event Triggered Execution: Component Object Model Hijacking
Checks computer location settings
Obfuscated Files or Information: Command Obfuscation
Checks installed software on the system
Adds Run key to start application
Enumerates connected drives
Drops file in Windows directory
Drops file in Program Files directory
Enumerates physical storage devices
Browser Information Discovery
System Location Discovery: System Language Discovery
Command and Scripting Interpreter: PowerShell
Suspicious use of SetWindowsHookEx
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Suspicious behavior: GetForegroundWindowSpam
Uses Task Scheduler COM API
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: AddClipboardFormatListener
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Modifies registry class
Checks processor information in registry
Modifies system certificate store
NTFS ADS
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2025-01-14 05:27
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-01-14 05:27
Reported
2025-01-14 05:42
Platform
win10ltsc2021-20250113-en
Max time kernel
897s
Max time network
886s
Command Line
Signatures
Detected google phishing page
Blocklisted process makes network request
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3454535599-122122096-1812617400-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\eanimatesetup.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\Let's Compress.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Let's Compress.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Let's Compress\lets_compress.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Let's Compress\upd.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\eanimatesetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\NCH Software\ExpressAnimate\expressanimate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\NCH Software\ExpressAnimate\expressanimate.exe | N/A |
Loads dropped DLL
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3454535599-122122096-1812617400-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\ExpressAnimateInstall = "C:\\Users\\Admin\\Downloads\\eanimatesetup.exe" | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
Checks installed software on the system
Enumerates connected drives
Obfuscated Files or Information: Command Obfuscation
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\NCH Software\ExpressAnimate\expressanimate.exe | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| File created | C:\Program Files (x86)\NCH Software\ExpressAnimate\shellmenu.dll | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| File created | C:\Program Files (x86)\NCH Software\ExpressAnimate\shellmenua.msix | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| File created | C:\Program Files (x86)\NCH Software\ExpressAnimate\shellmenub.msix | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| File created | C:\Program Files (x86)\NCH Software\ExpressAnimate\expressanimatesetup_v9.48.exe | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| File created | C:\Program Files (x86)\NCH Software\ExpressAnimate\expressanimatesetup_v9.48.exe\:SmartScreen:$DATA | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\f7c2ed65-0b25-472d-a057-0bcdc627c449.tmp | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\20250114052737.pma | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Installer\MSIE819.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIEA21.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIEC27.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI64A.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{2F9F9042-1246-4D55-8DF9-F7E578E6A718} | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIEE1C.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e58e6f2.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI1AAD.tmp-\Microsoft.Deployment.WindowsInstaller.dll | C:\Windows\SysWOW64\rundll32.exe | N/A |
| File opened for modification | C:\Windows\Installer\e58e6f0.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIE897.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIE945.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\ | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI1AAD.tmp-\CustomAction.config | C:\Windows\SysWOW64\rundll32.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI1AAD.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI1AAD.tmp-\RequestSender.dll | C:\Windows\SysWOW64\rundll32.exe | N/A |
| File created | C:\Windows\Installer\e58e6f0.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\inprogressinstallinfo.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIEBC8.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIE8D6.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIEA9F.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI435.tmp | C:\Windows\system32\msiexec.exe | N/A |
Browser Information Discovery
Command and Scripting Interpreter: PowerShell
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\eanimatesetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\NCH Software\ExpressAnimate\expressanimate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Let's Compress.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Let's Compress.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\NCH Software\ExpressAnimate\expressanimate.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\system32\MusNotification.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\system32\MusNotification.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.dng\Shell\NCHconvertimage\ = "Convert image file format with Pixillion" | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.nrw\Shell\NCHconvertimage\command | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3454535599-122122096-1812617400-1000_Classes\.tar.gz | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3454535599-122122096-1812617400-1000_Classes\mpdpfile\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.avi\Shell\NCHconvertvideo\command | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.cr2 | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.sr2\Shell\NCHslideshow\command | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3454535599-122122096-1812617400-1000_Classes\wpdfile\DefaultIcon\ = "%SystemRoot%\\SysWow64\\shell32.dll,19" | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\SystemFileAssociations\.tgz\Shell\NCHextract | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3454535599-122122096-1812617400-1000_Classes\heicfile | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3454535599-122122096-1812617400-1000_Classes\heiffile\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.oga\Shell\NCHeditsound\ = "Edit sound file with WavePad" | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\SystemFileAssociations\.mp4\Shell\NCHeditvideo | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.rw2\Shell\NCHslideshow\command\ = "\"C:\\Program Files (x86)\\NCH Software\\ExpressAnimate\\expressanimate.exe\" -extfind PhotoStage \"%L\"" | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.webm | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.webm\Shell\NCHeditvideo\command | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.3g2\Shell\NCHconvertvideo | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\SystemFileAssociations\.rw2\Shell\NCHslideshow\command | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3454535599-122122096-1812617400-1000_Classes\srffile\DefaultIcon\ = "%SystemRoot%\\SysWow64\\shell32.dll,19" | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3454535599-122122096-1812617400-1000_Classes\dfxfile\shell\open\command\ = "\"C:\\Program Files (x86)\\NCH Software\\ExpressAnimate\\expressanimate.exe\" -extfind DeskFX \"%L\"" | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3454535599-122122096-1812617400-1000_Classes\.shn\ = "shnfile" | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.avi\Shell\NCHeditvideo\ = "Edit video file with VideoPad" | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\SystemFileAssociations\.tiff\Shell\NCHeditphoto | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\SystemFileAssociations\.asf\Shell\NCHconvertvideo | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3454535599-122122096-1812617400-1000_Classes\nrwfile | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\SystemFileAssociations\.png\Shell\NCHconvertimage | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.gif\Shell\NCHslideshow\command\ = "\"C:\\Program Files (x86)\\NCH Software\\ExpressAnimate\\expressanimate.exe\" -extfind PhotoStage \"%L\"" | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.jpg\Shell\NCHslideshow\ = "Create slideshow with PhotoStage" | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\SystemFileAssociations\.mp3\Shell\NCHconvertsound\command | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3454535599-122122096-1812617400-1000_Classes\shnfile | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.m4v\Shell\NCHeditvideo\ = "Edit video file with VideoPad" | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\SystemFileAssociations\.nrw\Shell\NCHslideshow | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.dv\Shell\NCHconvertvideo\ = "Convert video file format with Prism" | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.pgf\Shell\NCHconvertimage | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\SystemFileAssociations\.aiff\Shell\NCHeditsound\command | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\SystemFileAssociations\.mp3\Shell\NCHeditsound | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.mpeg\Shell\NCHeditvideo\ = "Edit video file with VideoPad" | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\SystemFileAssociations\.webm\Shell\NCHconvertvideo | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.nrw\Shell\NCHslideshow\command | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.gz\Shell\NCHextract\command | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\SystemFileAssociations\.arw\Shell\NCHslideshow | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\SystemFileAssociations\.bmp\Shell\NCHeditphoto | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\SystemFileAssociations\.m2ts\Shell\NCHeditvideo\command | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\SystemFileAssociations\.mp4\Shell\NCHeditvideo\command | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3454535599-122122096-1812617400-1000_Classes\.mrw\ = "mrwfile" | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3454535599-122122096-1812617400-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 = 14001f50e04fd020ea3a6910a2d808002b30309d0000 | C:\Program Files (x86)\NCH Software\ExpressAnimate\expressanimate.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\SystemFileAssociations\.mkv\Shell\NCHeditvideo\command | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3454535599-122122096-1812617400-1000_Classes\dngfile | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3454535599-122122096-1812617400-1000_Classes\7-Zip\.tar | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\SystemFileAssociations\.3gp\Shell\NCHeditvideo | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3454535599-122122096-1812617400-1000_Classes\wpsfile\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.raw\Shell\NCHeditphoto\command\ = "\"C:\\Program Files (x86)\\NCH Software\\ExpressAnimate\\expressanimate.exe\" -extfind PhotoPad \"%L\"" | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3454535599-122122096-1812617400-1000_Classes\wdpfile\shell\open\command\ = "\"C:\\Program Files (x86)\\NCH Software\\ExpressAnimate\\expressanimate.exe\" -extfind WavePad \"%L\"" | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\SystemFileAssociations\.wav\Shell\NCHeditsound | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.dss\Shell\NCHconvertsound\command | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\SystemFileAssociations\.mrw\Shell\NCHconvertimage | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3454535599-122122096-1812617400-1000_Classes\pgffile\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\SystemFileAssociations\.webp\Shell\NCHconvertimage\command | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.avi\Shell\NCHeditvideo | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\SystemFileAssociations\.webm\Shell\NCHeditvideo\command | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.mpg\Shell\NCHconvertvideo\ = "Convert video file format with Prism" | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.dng\Shell\NCHconvertimage | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3454535599-122122096-1812617400-1000_Classes\dngfile\DefaultIcon\ = "%SystemRoot%\\SysWow64\\shell32.dll,19" | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\SystemFileAssociations\.tga | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8 | C:\Users\Admin\Downloads\Let's Compress.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 040000000100000010000000e94fb54871208c00df70f708ac47085b0f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c0b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000006200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df8653000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c01400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b1d00000001000000100000005467b0adde8d858e30ee517b1a19ecd909000000010000000c000000300a06082b060105050703030300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b81900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b4200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\Downloads\Let's Compress.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 5c0000000100000004000000001000001900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b40300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b809000000010000000c000000300a06082b060105050703031d00000001000000100000005467b0adde8d858e30ee517b1a19ecd91400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b53000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c06200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df860b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000000f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c040000000100000010000000e94fb54871208c00df70f708ac47085b200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\Downloads\Let's Compress.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\NCH Software\ExpressAnimate\expressanimatesetup_v9.48.exe\:SmartScreen:$DATA | C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 275663.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 858268.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Let's Compress\lets_compress.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Let's Compress\lets_compress.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\NCH Software\ExpressAnimate\expressanimate.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\NCH Software\ExpressAnimate\expressanimate.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\svtrnTsSnw.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffe813e46f8,0x7ffe813e4708,0x7ffe813e4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2860 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3604 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5576 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x248,0x24c,0x250,0x224,0x254,0x7ff63d415460,0x7ff63d415470,0x7ff63d415480
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5576 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5716 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5900 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6820 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6952 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5364 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6716 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6052 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3628 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=7336 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8004 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8172 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8152 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8040 /prefetch:1
C:\Windows\system32\MusNotification.exe
"C:\Windows\system32\MusNotification.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3892 /prefetch:1
C:\Users\Admin\Downloads\Let's Compress.exe
"C:\Users\Admin\Downloads\Let's Compress.exe"
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding A2680B03355128A569F875F25B35C12C C
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\MSIC749.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_240699203 350 RequestSender!RequestSender.CustomActions.Start
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\MSID6D0.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_240703203 739 RequestSender!RequestSender.CustomActions.NextWelcome
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\MSIDC8E.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_240704656 840 RequestSender!RequestSender.CustomActions.NextEula
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\MSIE142.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_240705875 943 RequestSender!RequestSender.CustomActions.NextInstalFolder
C:\Users\Admin\Downloads\Let's Compress.exe
"C:\Users\Admin\Downloads\Let's Compress.exe" /i "C:\Users\Admin\AppData\Roaming\Let's Compress\Let's Compress 1.4.0.0\install\8E6A718\Let's Compress.msi" AI_EUIMSI=1 APPDIR="C:\Users\Admin\AppData\Roaming\Let's Compress" SECONDSEQUENCE="1" CLIENTPROCESSID="3160" CHAINERUIPROCESSID="3160Chainer" ACTION="INSTALL" EXECUTEACTION="INSTALL" CLIENTUILEVEL="0" ADDLOCAL="MainFeature" ACTIVE_WINDOW_NAME="ready_installation" PRIMARYFOLDER="APPDIR" ROOTDRIVE="C:\" AI_SETUPEXEPATH="C:\Users\Admin\Downloads\Let's Compress.exe" SETUPEXEDIR="C:\Users\Admin\Downloads\" EXE_CMD_LINE="/exenoupdates /forcecleanup /wintime 1736591845 " AI_INSTALL="1" TARGETDIR="C:\" AI_SETUPEXEPATH_ORIGINAL="C:\Users\Admin\Downloads\Let's Compress.exe"
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\MSIE4AE.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_240706843 1038 RequestSender!RequestSender.CustomActions.NextReadyInstallation
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding DC115A58BB9760CDC5CF618D6E4046CF
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
-NoProfile -Noninteractive -ExecutionPolicy Bypass -File "C:\Users\Admin\AppData\Local\Temp\pss73E.ps1" -propFile "C:\Users\Admin\AppData\Local\Temp\msi73A.txt" -scriptFile "C:\Users\Admin\AppData\Local\Temp\scr73B.ps1" -scriptArgsFile "C:\Users\Admin\AppData\Local\Temp\scr73C.txt" -propSep " :<->: " -lineSep " <<:>> " -testPrefix "_testValue."
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe "C:\Windows\Installer\MSI1AAD.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_240720562 2045 RequestSender!RequestSender.CustomActions.Finish
C:\Users\Admin\AppData\Roaming\Let's Compress\lets_compress.exe
"C:\Users\Admin\AppData\Roaming\Let's Compress\lets_compress.exe"
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\MSI3DBD.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_240729531 1853 RequestSender!RequestSender.CustomActions.FinishInstall
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7684 /prefetch:2
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
-NoProfile -Noninteractive -ExecutionPolicy Bypass -File "C:\Users\Admin\AppData\Local\Temp\pss3E1D.ps1" -propFile "C:\Users\Admin\AppData\Local\Temp\msi3E19.txt" -scriptFile "C:\Users\Admin\AppData\Local\Temp\scr3E1A.ps1" -scriptArgsFile "C:\Users\Admin\AppData\Local\Temp\scr3E1B.txt" -propSep " :<->: " -lineSep " <<:>> " -testPrefix "_testValue."
C:\Users\Admin\AppData\Roaming\Let's Compress\upd.exe
"C:\Users\Admin\AppData\Roaming\Let's Compress\upd.exe"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell -encodedCommand "JABtAGEAYwBoAGkAbgBlAEcAdQBpAGQAIAA9ACAAJAAoAEcAZQB0AC0AQwBpAG0ASQBuAHMAdABhAG4AYwBlACAALQBDAGwAYQBzAHMAIABXAGkAbgAzADIAXwBDAG8AbQBwAHUAdABlAHIAUwB5AHMAdABlAG0AUAByAG8AZAB1AGMAdAApAC4AVQBVAEkARAAKACQAaABhAHMAaABBAGwAZwBvAHIAaQB0AGgAbQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAaABhAHMAaABCAHkAdABlAHMAIAA9ACAAJABoAGEAcwBoAEEAbABnAG8AcgBpAHQAaABtAC4AQwBvAG0AcAB1AHQAZQBIAGEAcwBoACgAWwBTAHkAcwB0AGUAbQAuAFQAZQB4AHQALgBFAG4AYwBvAGQAaQBuAGcAXQA6ADoAVQBUAEYAOAAuAEcAZQB0AEIAeQB0AGUAcwAoACQAbQBhAGMAaABpAG4AZQBHAHUAaQBkACkAKQAKACQAdAByAHUAbgBjAGEAdABlAGQASABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABoAGEAcwBoAEIAeQB0AGUAcwApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAKACQAcwBoAG8AcgB0AFYAYQBsAHUAZQAgAD0AIAAkAHQAcgB1AG4AYwBhAHQAZQBkAEgAYQBzAGgALgBUAG8ATABvAHcAZQByACgAKQAKACQAYwBsAGkAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFMAeQBzAHQAZQBtAC4ATgBlAHQALgBXAGUAYgBDAGwAaQBlAG4AdAA7AAoAJAB1AHMAcgBBAGcAZQBuAHQAIAA9ACAAIgBsAGUAdABzAGMAbwBtAHAAcgBlAHMAcwAvADEALgA0AC4AMAAuADAALwAiACsAIAAkAHMAaABvAHIAdABWAGEAbAB1AGUACgAkAGMAbABpAC4ASABlAGEAZABlAHIAcwBbACcAVQBzAGUAcgAtAEEAZwBlAG4AdAAnAF0AIAA9ACAAJAB1AHMAcgBBAGcAZQBuAHQAOwAKACQAYwBsAGkALgBEAG8AdwBuAGwAbwBhAGQARgBpAGwAZQAoACcAaAB0AHQAcABzADoALwAvAGUALgBsAGUAdABzAGMAbwBtAHAAcgBlAHMAcwAuAG8AbgBsAGkAbgBlAC8AdQBwAGQAYQB0AGUALgB0AHgAdAAnACwAJwBDADoAXABVAHMAZQByAHMAXABBAGQAbQBpAG4AXABBAHAAcABEAGEAdABhAFwATABvAGMAYQBsAFwAVABlAG0AcABcAFwAdQBwAGQAYQB0AGUAcgBJAG4AZgBvAC4AdAB4AHQAJwApAAoA
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4052 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7708 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x304 0x4d0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7260 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8684 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8076 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6592 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9152 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1
C:\Users\Admin\Downloads\eanimatesetup.exe
"C:\Users\Admin\Downloads\eanimatesetup.exe"
C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe
"C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe" -installer "C:\Users\Admin\Downloads\eanimatesetup.exe" -instdata "C:\Users\Admin\AppData\Local\Temp\n1s\nchdata.dat"
C:\Program Files (x86)\NCH Software\ExpressAnimate\expressanimate.exe
"C:\Program Files (x86)\NCH Software\ExpressAnimate\expressanimate.exe"
C:\Program Files (x86)\NCH Software\ExpressAnimate\expressanimate.exe
"C:\Program Files (x86)\NCH Software\ExpressAnimate\expressanimate.exe" -installsched
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6160500557330762718,2822043171601768638,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8904 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 74.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.173.78.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 51.140.242.104:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | data-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.69.228:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | data-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 104.242.140.51.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 2.16.153.206:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 206.153.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 2.16.153.224:443 | r.bing.com | tcp |
| GB | 2.16.153.224:443 | r.bing.com | tcp |
| GB | 2.16.153.224:443 | r.bing.com | tcp |
| GB | 2.16.153.224:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.23:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 224.153.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 216.58.212.206:443 | www.youtube.com | tcp |
| GB | 216.58.212.206:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| GB | 216.58.212.206:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| BE | 142.251.173.84:443 | accounts.google.com | tcp |
| BE | 142.251.173.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | x.urs.microsoft.com | udp |
| GB | 51.140.242.104:443 | x.urs.microsoft.com | tcp |
| US | 8.8.8.8:53 | 206.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.173.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | rr3---sn-hgn7rnls.googlevideo.com | udp |
| FR | 173.194.18.8:443 | rr3---sn-hgn7rnls.googlevideo.com | tcp |
| FR | 173.194.18.8:443 | rr3---sn-hgn7rnls.googlevideo.com | tcp |
| FR | 173.194.18.8:443 | rr3---sn-hgn7rnls.googlevideo.com | tcp |
| FR | 173.194.18.8:443 | rr3---sn-hgn7rnls.googlevideo.com | tcp |
| FR | 173.194.18.8:443 | rr3---sn-hgn7rnls.googlevideo.com | tcp |
| FR | 173.194.18.8:443 | rr3---sn-hgn7rnls.googlevideo.com | tcp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.18.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 172.217.16.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.16.234:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | download.cnet.com | udp |
| US | 151.101.193.91:443 | download.cnet.com | tcp |
| US | 151.101.193.91:443 | download.cnet.com | tcp |
| US | 8.8.8.8:53 | www.cnet.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 151.101.193.91:443 | www.cnet.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | assets.dwncdn.net | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 151.101.1.91:443 | assets.dwncdn.net | tcp |
| FR | 18.245.202.34:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | images.dwncdn.net | udp |
| US | 151.101.65.91:443 | images.dwncdn.net | tcp |
| US | 151.101.65.91:443 | images.dwncdn.net | tcp |
| FR | 18.245.202.34:443 | c.amazon-adsystem.com | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 151.101.65.91:443 | images.dwncdn.net | tcp |
| US | 151.101.65.91:443 | images.dwncdn.net | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| GB | 142.250.200.46:443 | syndicatedsearch.goog | tcp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| FR | 3.164.163.127:80 | crt.rootg2.amazontrust.com | tcp |
| US | 151.101.65.91:443 | images.dwncdn.net | udp |
| US | 151.101.65.91:443 | images.dwncdn.net | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | 91.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.202.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.87.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.163.164.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.201.222.52.in-addr.arpa | udp |
| US | 151.101.65.91:443 | images.dwncdn.net | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| DE | 157.90.33.68:443 | push-sdk.com | tcp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | bt.dns-finder.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 104.21.96.1:443 | bt.dns-finder.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 216.58.213.14:443 | youtube.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 172.67.74.232:443 | cdn.btmessage.com | tcp |
| US | 8.8.8.8:53 | 60.41.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.33.90.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.96.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.btmessage.com | udp |
| US | 8.8.8.8:53 | uidsync.net | udp |
| DE | 157.90.33.68:443 | uidsync.net | tcp |
| DE | 157.90.33.68:443 | uidsync.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 172.67.74.232:443 | api.btmessage.com | tcp |
| US | 8.8.8.8:53 | 232.74.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8338f57d97efff9029805707bdaf4222.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 172.217.169.1:443 | 8338f57d97efff9029805707bdaf4222.safeframe.googlesyndication.com | tcp |
| GB | 142.250.200.2:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 216.58.201.97:443 | ep2.adtrafficquality.google | tcp |
| GB | 216.58.201.97:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 1.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.201.58.216.in-addr.arpa | udp |
| GB | 142.250.200.2:443 | ep1.adtrafficquality.google | udp |
| US | 104.21.96.1:443 | bt.dns-finder.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 2fe2be0bf8323396581ad97ba9039c08.safeframe.googlesyndication.com | udp |
| GB | 142.250.200.2:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.180.1:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| DE | 157.90.33.68:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | b1d82f9bd832921fc62580d3d3752335.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | di-images.sftcdn.net | udp |
| US | 151.101.65.91:443 | di-images.sftcdn.net | tcp |
| US | 151.101.65.91:443 | di-images.sftcdn.net | tcp |
| DE | 157.90.33.68:443 | uidsync.net | tcp |
| DE | 157.90.33.68:443 | uidsync.net | tcp |
| GB | 142.250.180.1:443 | tpc.googlesyndication.com | udp |
| US | 151.101.65.91:443 | di-images.sftcdn.net | udp |
| US | 8.8.8.8:53 | download.letscompress.online | udp |
| GB | 143.244.38.136:443 | download.letscompress.online | tcp |
| GB | 143.244.38.136:443 | download.letscompress.online | tcp |
| US | 8.8.8.8:53 | 136.38.244.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.49.80.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8f4ccaec9e633d26c2565846aba8f970.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.adobe.com | udp |
| GB | 104.91.71.70:80 | www.adobe.com | tcp |
| GB | 104.91.71.70:443 | www.adobe.com | tcp |
| GB | 104.91.71.70:443 | www.adobe.com | tcp |
| US | 8.8.8.8:53 | 70.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | adobeid-na1.services.adobe.com | udp |
| US | 104.18.32.195:443 | adobeid-na1.services.adobe.com | tcp |
| US | 8.8.8.8:53 | geo2.adobe.com | udp |
| NZ | 23.222.88.205:443 | geo2.adobe.com | tcp |
| US | 104.18.32.195:443 | adobeid-na1.services.adobe.com | tcp |
| US | 8.8.8.8:53 | 195.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.88.222.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prod.adobeccstatic.com | udp |
| FR | 3.165.113.58:443 | prod.adobeccstatic.com | tcp |
| FR | 3.165.113.58:443 | prod.adobeccstatic.com | tcp |
| FR | 3.165.113.58:443 | prod.adobeccstatic.com | tcp |
| US | 8.8.8.8:53 | use.typekit.net | udp |
| GB | 104.91.71.78:443 | use.typekit.net | tcp |
| US | 8.8.8.8:53 | p.typekit.net | udp |
| GB | 104.91.71.95:443 | p.typekit.net | tcp |
| US | 8.8.8.8:53 | 58.113.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.71.91.104.in-addr.arpa | udp |
| GB | 104.91.71.78:443 | use.typekit.net | tcp |
| US | 8.8.8.8:53 | 95.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 216.58.201.110:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gettintopc.org | udp |
| US | 157.173.209.220:443 | gettintopc.org | tcp |
| US | 157.173.209.220:443 | gettintopc.org | tcp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 157.173.209.220:443 | gettintopc.org | udp |
| US | 192.0.76.3:443 | stats.wp.com | tcp |
| US | 8.8.8.8:53 | 220.209.173.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.76.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pixel.wp.com | udp |
| NZ | 23.222.88.205:443 | geo2.adobe.com | tcp |
| US | 8.8.8.8:53 | sstats.adobe.com | udp |
| IE | 66.235.152.156:443 | sstats.adobe.com | tcp |
| IE | 66.235.152.156:443 | sstats.adobe.com | tcp |
| US | 8.8.8.8:53 | 156.152.235.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | e.letscompress.online | udp |
| GB | 143.244.38.136:443 | e.letscompress.online | tcp |
| GB | 143.244.38.136:443 | e.letscompress.online | tcp |
| GB | 143.244.38.136:443 | e.letscompress.online | tcp |
| GB | 143.244.38.136:443 | e.letscompress.online | tcp |
| GB | 143.244.38.136:443 | e.letscompress.online | tcp |
| US | 8.8.8.8:53 | compressing-lets-1.com | udp |
| GB | 79.127.237.132:443 | compressing-lets-1.com | tcp |
| US | 8.8.8.8:53 | r11.o.lencr.org | udp |
| GB | 104.91.71.90:80 | r11.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 132.237.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.13.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.71.91.104.in-addr.arpa | udp |
| GB | 143.244.38.136:443 | e.letscompress.online | tcp |
| US | 8.8.8.8:53 | checkappexec.microsoft.com | udp |
| GB | 13.87.96.169:443 | checkappexec.microsoft.com | tcp |
| GB | 143.244.38.136:443 | e.letscompress.online | tcp |
| US | 8.8.8.8:53 | 169.96.87.13.in-addr.arpa | udp |
| GB | 143.244.38.136:443 | e.letscompress.online | tcp |
| US | 157.173.209.220:443 | gettintopc.org | udp |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| GB | 142.250.178.3:443 | www.recaptcha.net | tcp |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| GB | 142.250.178.3:443 | www.recaptcha.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 192.0.76.3:443 | pixel.wp.com | tcp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 2.16.153.206:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | tse2.mm.bing.net | udp |
| US | 8.8.8.8:53 | tse4.mm.bing.net | udp |
| US | 8.8.8.8:53 | tse3.mm.bing.net | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.180.14:443 | www.youtube.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| IE | 20.190.159.23:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| GB | 142.250.187.230:443 | static.doubleclick.net | tcp |
| GB | 172.217.16.234:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 172.217.16.225:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | 230.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | www.youtube.com | udp |
| GB | 142.250.180.14:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | rr4---sn-4g5edndy.googlevideo.com | udp |
| DE | 173.194.1.9:443 | rr4---sn-4g5edndy.googlevideo.com | tcp |
| DE | 173.194.1.9:443 | rr4---sn-4g5edndy.googlevideo.com | tcp |
| BE | 142.251.173.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | x.urs.microsoft.com | udp |
| GB | 172.165.61.93:443 | x.urs.microsoft.com | tcp |
| US | 8.8.8.8:53 | 9.1.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr5---sn-q4fl6n6s.googlevideo.com | udp |
| US | 74.125.3.106:443 | rr5---sn-q4fl6n6s.googlevideo.com | udp |
| US | 8.8.8.8:53 | 93.61.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.3.125.74.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | www.youtube.com | udp |
| GB | 172.217.16.225:443 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| GB | 142.250.200.46:443 | consent.youtube.com | tcp |
| US | 8.8.8.8:53 | rr5---sn-4g5lznls.googlevideo.com | udp |
| DE | 74.125.11.10:443 | rr5---sn-4g5lznls.googlevideo.com | udp |
| GB | 142.250.187.230:443 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | 10.11.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr2---sn-5hnednsz.googlevideo.com | udp |
| NL | 74.125.8.231:443 | rr2---sn-5hnednsz.googlevideo.com | udp |
| US | 8.8.8.8:53 | 231.8.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i9.ytimg.com | udp |
| GB | 172.217.169.14:443 | i9.ytimg.com | tcp |
| GB | 216.58.213.14:443 | www.youtube.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | privacyportal.onetrust.com | udp |
| US | 172.64.155.119:443 | privacyportal.onetrust.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 2.16.153.224:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | fpt.microsoft.com | udp |
| US | 52.167.30.171:443 | fpt.microsoft.com | tcp |
| US | 8.8.8.8:53 | fpt2.microsoft.com | udp |
| US | 8.8.8.8:53 | x.urs.microsoft.com | udp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 51.140.242.104:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 51.11.108.188:443 | x.urs.microsoft.com | tcp |
| US | 8.8.8.8:53 | 188.108.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.30.167.52.in-addr.arpa | udp |
| US | 157.173.209.220:443 | gettintopc.org | udp |
| US | 192.0.76.3:443 | pixel.wp.com | tcp |
| US | 8.8.8.8:53 | www.nchsoftware.com | udp |
| US | 198.84.119.122:443 | www.nchsoftware.com | tcp |
| US | 198.84.119.122:443 | www.nchsoftware.com | tcp |
| US | 198.84.119.122:443 | www.nchsoftware.com | tcp |
| US | 8.8.8.8:53 | 122.119.84.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.nch.com.au | udp |
| US | 23.235.214.26:443 | www.nch.com.au | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 172.217.169.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | 26.214.235.23.in-addr.arpa | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 13.107.21.237:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | secure.nch.com.au | udp |
| US | 173.247.253.164:443 | secure.nch.com.au | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.129.74.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.253.247.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | u.clarity.ms | udp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| US | 8.8.8.8:53 | 197.249.227.4.in-addr.arpa | udp |
| US | 23.235.214.26:443 | www.nch.com.au | tcp |
| US | 23.235.214.26:443 | www.nch.com.au | tcp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 51.11.108.188:443 | nav.smartscreen.microsoft.com | tcp |
| US | 173.247.253.164:443 | secure.nch.com.au | tcp |
| US | 173.247.253.164:443 | secure.nch.com.au | tcp |
| US | 8.8.8.8:53 | u.clarity.ms | udp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| US | 198.84.119.122:443 | www.nchsoftware.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 198.84.119.122:443 | www.nchsoftware.com | tcp |
| US | 198.84.119.122:443 | www.nchsoftware.com | tcp |
| US | 198.84.119.122:443 | www.nchsoftware.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| DE | 157.240.210.35:443 | www.facebook.com | tcp |
| GB | 142.250.178.14:443 | apis.google.com | tcp |
| GB | 142.250.178.14:443 | apis.google.com | udp |
| GB | 142.250.180.14:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 13.87.96.169:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| BE | 142.251.173.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | tcp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | tcp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | tcp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | tcp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | tcp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | 35.210.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | u.clarity.ms | udp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| US | 8.8.8.8:53 | u.clarity.ms | udp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| US | 8.8.8.8:53 | u.clarity.ms | udp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| US | 8.8.8.8:53 | u.clarity.ms | udp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 63af7b2048710d6f167f35d94632a257 |
| SHA1 | 812c8f140a72114add2f38cab52fd149ad8bdcfb |
| SHA256 | 15aafcc88226b6178e02a93858555ca48fb205ae317815ce31aa547555329046 |
| SHA512 | 0519b7dcbce66aecefbd2aaea6120c0da213d8bb3e00a7599bf2e390bee3f643baf952cc553766f8c2779fe9fa303570a56a8c846c11e2fcf9c2075c1e41ccc4 |
\??\pipe\LOCAL\crashpad_4004_XEYCFRCXQEVJXVXD
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico
| MD5 | e5e3377341056643b0494b6842c0b544 |
| SHA1 | d53fd8e256ec9d5cef8ef5387872e544a2df9108 |
| SHA256 | e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25 |
| SHA512 | 83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 17ce65d3b0632bb31c4021f255a373da |
| SHA1 | a3e2a27a37e5c7aeeeb5d0d9d16ac8fa042d75da |
| SHA256 | e7b5e89ba9616d4bac0ac851d64a5b8ea5952c9809f186fab5ce6a6606bce10a |
| SHA512 | 1915d9d337fef7073916a9a4853dc2cb239427386ce596afff8ab75d7e4c8b80f5132c05ebd3143176974dbeb0ded17313797274bc5868310c2d782aac5e965f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 88406c8274e996d9051e1339e32d83d7 |
| SHA1 | 937b2a993ca81e8b2d67ab222e211356f3665767 |
| SHA256 | d9d1536a9febc957278b06c928c94d62fd2561e72e255e8c38de54d1c1f11b3c |
| SHA512 | 6d2c2d6e1bfa3577c6a5f6394845019f7b182da9c4e1f264aafc8580aab55764f1901356d2aa738a0014a7985153418e590eeba63e0203260652258a39be1871 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | b8d5a6329bbc5edf31844f6bfa4ae972 |
| SHA1 | 1014d91ea7a8867459e7014a725794728d75793d |
| SHA256 | 2d90e12869f60c869911a3030ea58211b6b0da7c53d396769f4b3dea0c406309 |
| SHA512 | d6b4a08d7188e48b3ec2dbaa78f1ccc23334f43266602c677ba5c52d54554ad02e5ffc32e852de47291e3f1291dfc34db62d4a1eb5f631aad0a0340d30e5f7ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | f295b5bd9fc7c7657031066ee25c8256 |
| SHA1 | 63af2f10ca95f1651928f7d6c23ffcfd021e00bd |
| SHA256 | 12104568b24084b4a328a8607eff0425abc6f342b7ad236372925a00af6c47bd |
| SHA512 | 13dab1bd6cfe9753383db94d9a368849b569b3cc30e500bbadf53b2cb6f24df5536661b26ddea421ee53b6b8c7f1f9c942243cbbf2511cd2d8feff9ea9175bfb |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 4b6f169cd48e684a13f4062f7497d245 |
| SHA1 | 278629aea29c3ab06dfb94334a2f8522ecbc21cf |
| SHA256 | 1f3d7e67802881a3f0191cfb37ff55629c7b3b56b3e42b3d352c53d052be32a7 |
| SHA512 | bc0d1bc067ff9c198cda19f5feb0806c222123d038d25dbc4940ac2985ff9c4c15ee7d9a183a36a979a93d54a676ab84ee383c30e6eec53b1817650d12c28810 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8ff1055e43a5f5945ad2971ebb934a22 |
| SHA1 | a1cc18479a2894d26a36d07be9b89e032318b31b |
| SHA256 | f6320ee97c5eb301cf072594751dff10d694bdd7e48c8b032a752835ff87a870 |
| SHA512 | dad84df9b2744a79e6ae8d3f08fda06e341cdf5394389ea7a7d553fb8f3ec3f808af86c265bce6457b06b2471d73a718ad4fe6345de0cbd27c9791c2c09ebba6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | da8cddccb99a5eee8e189969e5edf8ce |
| SHA1 | 6afe2aa531273be3cd01ddb7171a358de5ab4b9d |
| SHA256 | 70ca929ebdbea1ed9931923edccf787f02c49d485ff66edf6d38aeff2c9fdf33 |
| SHA512 | 40c584460ddfd55d73e0ef1529afa25de5c1f2693d3327ed64639fdc55f69a177322d3ecb666a0da675dbf96e80f03886dc20c75846ad9cf3a24986accff827d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 8ade2f3a82060e6d5b1e97b275213d86 |
| SHA1 | a13c13d850addf7c1c1d58c583255f77b40b7834 |
| SHA256 | fc73beb5ec396531d7267cd4980e720590ae4c7c34b6bc63bcceef59730d324d |
| SHA512 | 51d989a44462ffea680e4bd9b20c46705793236712d11f0400e12caaac3512d662a41b4b49e7e309c8e752dc7738eda080451b74736c6428541196dd7bb8ca98 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 35f759b0d5f048a4a3769136bb201925 |
| SHA1 | acdc0d020897c174708828f20a06fb4b0c6b2914 |
| SHA256 | a7d5c0ab9faaae2912f7e665191887d8aa2ae451ca5821d16cb8601ef253af42 |
| SHA512 | 57581a43f452e53d04563b6f91771fdc066a74cf0c7b794ac87290843481bf5671d29873a73efcdc0c3021edf8bbea7c6173ccb52c0563a0c1e6c461a0eafdda |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 9a3aeb294d8ff07fba9c3332d8a66483 |
| SHA1 | ee4ad040c70dd11dc1c5ba066aeca4eba608330b |
| SHA256 | 7350fd04d85a3a2d0c1d8a698eca6219250dd9f69883a8f394cfb3ae06199e90 |
| SHA512 | f6e0f6f0e3f4181f5e11a8079489601ce4b0ad1254c0ea26d1cc9130beb64ad01c1b6c111a004df184a7f6b2b1f83e1725352acae041807eea02701861a2fc3d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 2bd903f3d4a888e2af2097bc4af4ead2 |
| SHA1 | 0e41ae409acf60512185b14856719a7813ff83cb |
| SHA256 | 47d5fe0fba314264e3ac32e7e8319cec29910e30e79732a14d835b9fd354f4c9 |
| SHA512 | e7b760b2af32eede18a8a79be4c21d5cd35e989173752ef059e88e6192edf2fde0bdb6a64d6dd6db67d9355acf8f81da5ef35a429d89cfd2a7aaf9406f70f64c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | c813a1b87f1651d642cdcad5fca7a7d8 |
| SHA1 | 0e6628997674a7dfbeb321b59a6e829d0c2f4478 |
| SHA256 | df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3 |
| SHA512 | af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 1bd4ae71ef8e69ad4b5ffd8dc7d2dcb5 |
| SHA1 | 6dd8803e59949c985d6a9df2f26c833041a5178c |
| SHA256 | af18b3681e8e2a1e8dc34c2aa60530dc8d8a9258c4d562cbe20c898d5de98725 |
| SHA512 | b3ff083b669aca75549396250e05344ba2f1c021468589f2bd6f1b977b7f11df00f958bbbd22f07708b5d30d0260f39d8de57e75382b3ab8e78a2c41ef428863 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | 69df804d05f8b29a88278b7d582dd279 |
| SHA1 | d9560905612cf656d5dd0e741172fb4cd9c60688 |
| SHA256 | b885987a52236f56ce7a5ca18b18533e64f62ab64eb14050ede93c93b5bd5608 |
| SHA512 | 0ef49eeeeb463da832f7d5b11f6418baa65963de62c00e71d847183e0035be03e63c097103d30329582fe806d246e3c0e3ecab8b2498799abbb21d8b7febdc0e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 226541550a51911c375216f718493f65 |
| SHA1 | f6e608468401f9384cabdef45ca19e2afacc84bd |
| SHA256 | caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5 |
| SHA512 | 2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d6950afbe94d154e47a0a7759a5e5846 |
| SHA1 | 50424d9ce5ebb439a9f17f77ec33b207f85f9474 |
| SHA256 | 5cba2b1fbf969e93ecc6bd41c11b24109e28617fbe17a2371beb72e6653e9943 |
| SHA512 | ac5ce13f4979d0dd114d7d7c7a405c42d9e2b9d2197cd143b1e35590d68dcc29225bdae172c7417ebc8959cd3aa7179705632fee80d917499364036683ba7c7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_download.cnet.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c53fd27e2564e30efb23a8df9b20de1b |
| SHA1 | c42671f24a5414ce9ce1cf42122240fd5d44b5a2 |
| SHA256 | b9a76ce092f5c0e863d755fed8a52e887294943547564e54e63c800cf9081fca |
| SHA512 | e2291652416c65c8d41f2f501fa8be2df39b1b7ac3f7d61fe0c99208f8bd164e89269c0ff436a8925fd605df188a7706ce19c6c1ed56bcae62e1eb1267b4d48e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e04e.TMP
| MD5 | b1b9a0cf83345ee1bc27d8ef15b99acd |
| SHA1 | 805faa3ff9e46a17db617a4b309af8f596564799 |
| SHA256 | 116effe5570246a70950c56d23f78b74ded40c34006262fa8fd7896ed2233751 |
| SHA512 | adb834ffbadb94481497fcdd3206ae752313ef3ea61cf4d7850aeaf13f21cf901e0b511381c4ccd8ed77b809e71c0600e628e7887026f2a7d2af669aa971760c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b99de0995db9c151d631ec9d55645ce0 |
| SHA1 | ccb3e98e22bf87a24a7d28b2cd1b68ae24657756 |
| SHA256 | 2a1c78fe7e9063a50c6095cd61d26b91cfeffdc083a379055e89ab7701653641 |
| SHA512 | 2aed9297d7fba6c01b47a7af6a2031a0e5e6599cc2742aa8e063ad2e0c3a52720847255eaa83b05e60f7eff47fa39e9c1a2d3b49a96e4a50d3d17960fa2f4bd1 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57f443.TMP
| MD5 | c4b6415ea004cf85a7c9d10d45f3d015 |
| SHA1 | 8602c2cb55cb32a4309eed5bb6db4e16e1b887dc |
| SHA256 | afe5444c2575728c619a55c5163dc809b37116c2aa2228af65c8a40b8fef439c |
| SHA512 | 6bb7a27d23d4b842ae396ff7308e12cf65e59512009bae974f8839026fd765c9f0864ba9c66ab351c087a04deae40a33a83fabd3fc5f630b77d9b4ee2aa70656 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 8a440a477e08d4467a44fc24853de1e8 |
| SHA1 | 1b15b5df1b31af688a36286f0b164a4858bd17c5 |
| SHA256 | d2d60ef76e8d313fcaf327836460cc163a3fa484128e5dfa5bf898400c19a248 |
| SHA512 | c349593224e208b1b7dd9de02189e4a9eb572e82a4da286b079d55daa21623744f02ca7c22ea687c8930ba47a82e0ab37984ec1655ada6c06f2d6ef012f14955 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\6fa98ea6-a9a9-4c34-9f2f-6dd76ef7393c\index-dir\the-real-index
| MD5 | a02115c8bad7a19161da00185dc9e9c4 |
| SHA1 | de398f636baab4a34e5f2f07541477a719aefdcc |
| SHA256 | 69100131c2683672b05d1725cb4b965ef0492fd9ead4c07814a4a2e45ed8adcf |
| SHA512 | f40bb14cc4c612637877c181055a5a02428ad20b125f7623459f8a20be7ae7285fb11d7636e4652a3514e8faa36d92ff6244efb246492a8bfd1b9e6e3f6f7c4f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\6fa98ea6-a9a9-4c34-9f2f-6dd76ef7393c\index-dir\the-real-index~RFe57fc42.TMP
| MD5 | c7834c73ea2e8359a59a9ed63c7742c5 |
| SHA1 | 4acca53aa4accf60ec2c6ee6161dd7e02e1c959c |
| SHA256 | 67b2e37dfe3784118076fa88df2125d24b71ee57fe8c6c93638decac5df87cfd |
| SHA512 | 09c20c17949cccf07a9d760bb04af63c751a1f9179e9630295dedb626e1db61f440b5afa65756d6288f89d4668f216df9fc162a46d0c59d995c4ebe38cfa16ea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 9470a6179abd96f78eeb95d1452f5d29 |
| SHA1 | 624b5beafa1e569550c24c721eabd3e159e03fba |
| SHA256 | 5a475d31351ec718be59b42dea4f467b02bd44439d7274731580bda9915a95f8 |
| SHA512 | dfc72c4e0394454984445b31e451150b38130c0bc3287e2c2d41deb0551c136324d123e6978fa1e2cb3366254de33e60da3dc947c0011e27dd86db2747c26312 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8f4818d6715c78a34d7d775a9a6cea9a |
| SHA1 | 9a7afc8415c73185aa54056fff17470bd313df76 |
| SHA256 | 7c555ede5c7c9e843f6c9cfc82d84373c449075b74a37c05a7e82c72b81ab68a |
| SHA512 | 0b9d27cc7c118fd867f5bc40cd204d85bbd092de0e17bd94a10871599169d746d4286fde7ef1930235bde1d22485ce429a5620be69771b68002ec10f05f25352 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0ef54ba21223cbcfb9f10cde813007f8 |
| SHA1 | 4241ad403cefcc82e9ff6324961f81074d6049f2 |
| SHA256 | 001b2be49e581d943404ed04907abb7a91b49033be3a647766c700e83f4e6d08 |
| SHA512 | bd2b3fa6877dde0047dbcc28e755290920844606093eee1ab5cc8ba4123b013ee133c1f4ef9de9c07dca1e3ed3ce7d0675a7c16ad4d3414a1210ecbbb8ea78b5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018
| MD5 | f22fc5850a05b8c3f3ea1d2e07ee52d4 |
| SHA1 | 1ab1d80e508cdf5214763eaefdad3adf073ab807 |
| SHA256 | d032e15310379a5158a61aff62c4fc612b9ff1f58138b53c9a9f7ae458ca4ce5 |
| SHA512 | 2716ec34bc9c42908b69db863f7e81321d7edcb839adb4f46635bef75166c6bdf639df8c241b34508e822020b520e6ee100fc7c4acf6e031d200b06b97a5cb03 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b
| MD5 | 82a9a8892ca7f865fab20c713efa4f81 |
| SHA1 | 0fa6f12ad3bfc1eb203d064eec2f945576ac78da |
| SHA256 | 87bc09728215ebfac50618c1f999236f335d1f21ba7bcdc71a37002706041c4e |
| SHA512 | 9ec769ce20b0edee767d96998a4cc33feb34258e295a7d363ada24c34dfcbde372849a74f6dba77b0dce7a28a65ceb3e60e83cd42254278a04b276fa140ddfe1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017
| MD5 | ce6e42de934047985492749eea637cea |
| SHA1 | 890186919e400742a355749b3c24d5c44985afa0 |
| SHA256 | d2483a6071a0d31238c93dafa6e506f6cb96003121d019593cab4697e197cdf6 |
| SHA512 | ba15f55c7921e64a960f3bb0e840872bcac2d12b3f884f6494c232b42f96f1e4c80fdb88f26245a34a35b322bc0213db9106cb1c597273922077bfab29bcd435 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c
| MD5 | 9db6b78b48ee9dc8b83edc709cc333d9 |
| SHA1 | b81ffa0c29d42fe81eaebe42f7f720df4e37840e |
| SHA256 | dff8ab15e64f1401d86d4a8df6296a3b2311851a6c60a9ca4f9ce9be31c4b543 |
| SHA512 | 77b20b01aac72a5fea6a47e8e4d49210fcc67eae36470ed325f85ec4b759255b0344d9e3806e67c62c440422c931920780f6b0cad51f220d2f070876d21e65bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019
| MD5 | 59653510a5d262338db1a4726667e7ee |
| SHA1 | 2c4dee972b9b422c19d69ef29714212ca02ab28a |
| SHA256 | 8517dd91e7cd2c30a32ffdb8fd679480dcf2d1d503c7f666c81134e347498226 |
| SHA512 | 9d6f366895db760e12867322816a6d832150edfddf488e955d190dc1001d1db70a6b5d6093809d5add4e7ed08dac441427b2758d5b03c4133b8b790225754dd1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a
| MD5 | 4740cb5b659840fbf87affd2a9df5eb7 |
| SHA1 | 2e436a50af9c65259d7b86fd57d1d52405d155e1 |
| SHA256 | 3e0ad051cddba2e73aaa2ee16fad6df507f23bca77c7875475a8093384ece391 |
| SHA512 | 4157d5cd90102ce4771abe4c66d89e571a0e65d970e42d7b17fe39a02622d2adaf84dc32cd7ccf39000a040c9d4f495fee71ee039ce40a60e67375f2d55a9f37 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021
| MD5 | 6c5ab03dadee8c1ba1335b5b12d0e79d |
| SHA1 | 125f31a6d8800e62e307f7a21fce850bdbf7cdd2 |
| SHA256 | 050c1e160cd81f5eb139511dc5de1ee79a6ea2d76254c22750b82f85bac901c1 |
| SHA512 | 98713c3320cc04caaaf77366cb58215021dc66ca6dc3137cb2f3bf50457854a5ab82dc61e804fbb307152a15d4879ae65cebfacc9672aafbf377f163689cf243 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023
| MD5 | f1f1776d0040b6c4d5e12726d53abeac |
| SHA1 | c8f339d7b2b7ea8a9002db487e10af98476d13fc |
| SHA256 | e6626ddbdddbb7f232d38425883aab257fc6f9892965e915b2dc725d24d42a11 |
| SHA512 | 0b432aeb90637425c67895dbb3c98e40ba48440059a6c90bf0eb7e0407b2fef42d50cb68d1022cfcb1228eb464bfb19d56a7cfd7ea970d918b8a9c45aed6f548 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026
| MD5 | 9c00d76c5517ca4639c8bd32ea44069d |
| SHA1 | 9885b58ca0fd6a143901673cca6239baaad03ebf |
| SHA256 | 363f3854758febf2884c15240a60765adf7bf715efda7cd0a3185b0508b67b7d |
| SHA512 | 75b477b63fb07f4f443c84311937122a035df4e67e56211e51e9b7db07dbfc64f25e3496b5fb12dd9f22fcf5e71d78691cd2cadb1a7b211cf82ea1ddc230ab64 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025
| MD5 | f52e4a118c318f5025e5c073aba242b0 |
| SHA1 | 0b4fb1fbc5f0f62fd5ae56145069daee274d3c21 |
| SHA256 | 46f5f73343579025c44b7d5a5b014164934f858c4a5bd1a5eb9e6c3e2092cdbf |
| SHA512 | 251c7888ae24a920b6c11421856258fc7651af8593dce4cb9a4cad0a80dda3a19e197572b3b89b0f2de7b2e9ea313dd9d95fb36010f04014f7288b36193a9b3a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027
| MD5 | c9211c6446ce9ad563a0e832bfc6588c |
| SHA1 | 289ff5de5db423fc0f36c9c505ef3d39ad3b35ae |
| SHA256 | 2799495e918d70d91b1bc983a247a0434635abb3880bf46fd215ab14665ed523 |
| SHA512 | c09814273c0931c09c2a20bdf653ccb50a2a9e09c3ff9044030cc123297c662c3ca4474a7674401892d185f9e83f89845914e4913e6878f7c9ef2a939d7afad6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022
| MD5 | b46d16cd0883047fbce1f552e41823da |
| SHA1 | 33819b1da09607ea43fe739dbe81be5b56c041c5 |
| SHA256 | b99992c2952effcdfbfd330ede13f0361440f528ee21e93d3b9788fbe641e614 |
| SHA512 | a4f016ce44dd14fb0af214a052b95d8e67570acd816b7e730cf2acb834cccad5502276a447ba02629b9be10748383b5594c61f73e039291fcdae5241a40b6ce3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028
| MD5 | f8d2f086316029882e3fa56b7a47f4a1 |
| SHA1 | 3ccc2f9902e70137029ba85c10838b002b9661b3 |
| SHA256 | ddefcc64c47ddfb7eab728d717b62fca3a6498d74357c4298d4976477fc7f4a8 |
| SHA512 | 1d6b74b56af059724a81f6e1226a109b73facf8b8107d4d42d1ad46db14f277ce7cb47cc907702a6fbe85eff92df693cc1f01332992fccac8d5a114d6e8bd22f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024
| MD5 | 6bbcc2dda89865b11be73371361ab954 |
| SHA1 | 65d4093813230f3f8113a6bbb6eb0571bcbe1adc |
| SHA256 | 77bd239cd0a784f96cbc0fd8ac8a469c66e2b4d97c92538d37b32dd2f71ae8ec |
| SHA512 | e8705cd1939f881431a35ad7138c0ed74b7a1563d497ceba5990c76e6bdc585fdd7696c197d95ad5934721defc10d34ace8fefd8ed820da36bb5640291b9e3b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029
| MD5 | c71cf92103783b21f78dc899c08c1910 |
| SHA1 | 47a48bf7452eecd9f22f1c4ba79fe8def6a446a5 |
| SHA256 | 8ecbd49ee92bf16ca7d6578efe69b6f166e4fd7c5050306298d61348e7e5d3ed |
| SHA512 | 1eab36037895ebebd56f734b769a8da160b432d5d824b50da788240f6240aac203d71793e11936e5ecdfdbc094dc141201df498f219171a3482d9435c5a477e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a
| MD5 | aaba52b707a392f8f6772cdb32637f5e |
| SHA1 | 4a7ee36e467b2a8afb2c15a56f0a1890e9c81d5e |
| SHA256 | d9e2a530fab681b6cfc0e7642d7be341e10f7b457c71a174501846d8d9674837 |
| SHA512 | d511e83ff363e19c4a54a1ad643d03ca4ec60ff91fcc309bc02cc4f60d14940997378206ec5635c23e9969b221231a6fb2253473d845cf259881feb720a36519 |
C:\Users\Admin\Downloads\Unconfirmed 275663.crdownload
| MD5 | d629d8c47d85ac364508e10d8d8cd61b |
| SHA1 | 18c10e70191203a2eb64c32dd07fe58c7a85706f |
| SHA256 | 9b8393d44372463610cd0ca50ce77e50198caca8e4580f06cb5a7ae84d9b3a33 |
| SHA512 | 89573f5f957e8de7b623861ff6e3a04f75821cfc2535fca6c32e64900fa4b539c6caaf21fa637f834ffa3ec7650918062de3fcd82849b642d07c822c6a0a3da9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7518c7a5825fa75bd8cd61fddc02ce61 |
| SHA1 | a0f6aaddcf3b68994611b041414610bedab41525 |
| SHA256 | a79e03c892df502150d8143a17bf51ebe88dda96832847e1743d8e817c92d33e |
| SHA512 | 3ee2e7ef03201d0e21806b8289f6a45b9cd905046aa20b8f2cbb3d81c48bc63accd1703a34580af154912cd0a50919399ee25d11993a05d23fec962659ec7636 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 56f13e3a04a6f6a5a04edc76403d6259 |
| SHA1 | fade434cc6e4d66b5a43afb1a5534c1a360b077d |
| SHA256 | 7b5514cd444055f970c0d1ae4fbd2a2607efc5d0a671db1917f199178d41dc92 |
| SHA512 | e25d6c7dcb1913a2455dca4d275f7a728488ea349cb439cd8dfb2606c38dfae2b69fbd9b777f4f3c636e757e3b2e8ad1cc55cf46274b750549cb061519e8f6a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 808f8739df1f08c6e1d264e6624549c7 |
| SHA1 | c1d02d4d9e82efe5ca1fd37a695cb084c26e23ee |
| SHA256 | 1418a8d67829cc43151e668ecf4f1a341b89c5d32a0c21a25d2f711be5c54c1b |
| SHA512 | 4603c8256cb03056a59fc6f49244bdd85d806ce0871cd3f322a4c811d17a1e3c91d1f661d30b17fb84bbe38b31f4ee0dcd918d243abf3f1801e6b59888f2d192 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c90cfbf21fcd726ae245190b67a6e831 |
| SHA1 | 87dccc2628ddfcc51ab8bac5ce4dc8914183c61d |
| SHA256 | 631bd86a00261e8b39b703527c64c0bd9d435386f35be06a39e25f56d36bd9ef |
| SHA512 | 1b44f692bdf7544e5c2ea5f8e15f509d786a6f2a21a0dd4dbedddc4a1911542130c89bc661548d92133cea4a4ed824d6e887177caede23aafbb4c72ef6247347 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 437cbe544bc2270813e78330fad11d28 |
| SHA1 | eaa3cedf698c6684802d715b8756e06749495a2f |
| SHA256 | 741f0d3d1ea4a70cf58f84918fecc90d0c16eada985d5011df3f2de52e16c2dc |
| SHA512 | f4fb087eb924a07d3ce9780de0a8384a0a1f84de83cbc90308c925ac77eae9cda641844ac2b0ba73d422f669d796265d5bc1d16bc642e2e86cfe5d79b5a648a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State~RFe5898b1.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fa5b12c5ce5a004ee3b5699e93960e55 |
| SHA1 | 4f87d5e5db2537dbeef1a1917a43ae7b7227a255 |
| SHA256 | 70ce265e6e34a2cfdb8361bdd11a3f71115a2965f0a7d7dce7c798c07138f34a |
| SHA512 | c6ee09c47bff7e25c59258143a7f4606a62c28710ad78202d65519e75dc3fa17369e7192d31db1ac8085deb66e37edd975411980ff3da5bd29914d8ddc375921 |
C:\Users\Admin\AppData\Roaming\Let's Compress\Let's Compress 1.4.0.0\install\8E6A718\Let's Compress.msi
| MD5 | 5407854b8f76baefc631b4e860b3cbd8 |
| SHA1 | 2487f38f0a6ba10e4c21bd98177768c4e1084f82 |
| SHA256 | 782c99579679a88ffc42e5633292d630669643c9e8dabd7603935a23d6ff8526 |
| SHA512 | 3cf717c62e5bc5917a3dde2947a6962a20a14c14084ad08745f44a29e7d7f8f603163101f540edbaa55ad87ea60f30c15f79f8536203180b9af433f4a4bc01ef |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\357F04AD41BCF5FE18FCB69F60C6680F_D343022F8C5E519322B5D9E07C403E21
| MD5 | b8f7eb8cdbe9bf44bbbf688c95d75116 |
| SHA1 | 8339b9c51d9b82a7b14c2846975d62a8506fec56 |
| SHA256 | 646a491f1ba6a190a4e04706fbe82c3584cd5e5747a6f60bae933750fe1790f5 |
| SHA512 | 8d3ca779464e8a3d4411d9c7fa1e44a91ec7b1247ac10729c5dc0f1106790f752659d8bda7afd82d8c2ccb6068d3fa40aa3b2e689162f03ff8ba3d175a09c85f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\357F04AD41BCF5FE18FCB69F60C6680F_D343022F8C5E519322B5D9E07C403E21
| MD5 | c6fad4b9bf43495f51fbdec18f32f09b |
| SHA1 | a79e9b3a661688dc9160dfe27470171f3fa6f9e3 |
| SHA256 | 31a901b3554b2d12e444cb14fcbc8ecb4e17eb02fb30537ccfce07c469e244e0 |
| SHA512 | be15093c7df1801a8ac615637889f31b003d939a21556f7f204b088bc1bfebbe9b8af8d8f40d70e8d558308306088a1d236a45daed9d2c8a0221a6c33e911d65 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9CB4373A4252DE8D2212929836304EC5_1AB74AA2E3A56E1B8AD8D3FEC287554E
| MD5 | eba28cda0f6f121f02f6d6c119b0be21 |
| SHA1 | d89a9c9c148cf5971050e8e7586b7cd4a99a5da6 |
| SHA256 | bcb3f69b416235fd9219b020449b7b7cbf33c7994011ce9f982a17a79f774a3b |
| SHA512 | 3d1741c4d5acfb4e8ca3134dd7023d76b73525b81430901cbffaca27593bed0c941b3fdf3644761f059fc5b62b00333da1741930e432e03e9f911b747cea9ae3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9CB4373A4252DE8D2212929836304EC5_1AB74AA2E3A56E1B8AD8D3FEC287554E
| MD5 | eaffbdfee18c5136b5294745095a9937 |
| SHA1 | e4bb57376c5da38c4167443b92d4a826605c4aa0 |
| SHA256 | 3bdf34dfe9edca03a80e22ef0298e5c25eb7ee7e796d13bfe277105441aacaa5 |
| SHA512 | 6231d6a6d274229f177124a0e32e2d3b8bb7e8c8527363e7e2d7fdd1d16d90152f668eecf82360608685c6999f6c1a27572b0e94eee944e474e7c093f1075a92 |
C:\Users\Admin\AppData\Local\Temp\MSIC5EC.tmp
| MD5 | b7a6a99cbe6e762c0a61a8621ad41706 |
| SHA1 | 92f45dd3ed3aaeaac8b488a84e160292ff86281e |
| SHA256 | 39fd8d36f8e5d915ad571ea429db3c3de6e9c160dbea7c3e137c9ba4b7fd301d |
| SHA512 | a17e4512d906599b7f004ebb2f19ee2566ee93c2c18114ac05b0a0115a8c481592788f6b97da008795d5c31fb8d819ac82a5097b1792248319139c3face45642 |
C:\Users\Admin\AppData\Local\Temp\MSIC749.tmp
| MD5 | e9e77a444817e445f12c5e4d7ae563a1 |
| SHA1 | ac44d1512ccbcab3d621ee8996c899e816d4263a |
| SHA256 | 983f2c051221b7d9cc5b0c53a8952502f2769148d87a7a89340fca8a081c4a50 |
| SHA512 | fadf784080a6c7a8ec1d192d7cddc82cee3f8cfcadcd6117aaae3a501c87bc3b25b2154b719e5caa867654298ef9e05bfb23cfe26f8a64ef3dd5b53a1a952eb4 |
C:\Users\Admin\AppData\Local\Temp\AI_EXTUI_BIN_3160\dialog.jpg
| MD5 | 40e9c790fc05030071eb615d195c28ca |
| SHA1 | 3a90c8770c15e7ed07b95d49f33299e1142c054d |
| SHA256 | 1d7d8d52adce21c1317bd7ed5717292e7bf3cf50332495de73ff6b8c0c9cd31d |
| SHA512 | ba94e19388fe82f06e1f89f37cffbba608aeb3bf5229fb99110d740ad510dd2a47aa16c1ca4d3b501e6112005cc4caf4661437ace2dab71bd223b5f9ea21e5bb |
memory/2728-1354-0x00000000031B0000-0x00000000031DE000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d1ce1a6f93ce74d06772787b6691d676 |
| SHA1 | 6abf74d47217b279d0692421decfa03b43bca58f |
| SHA256 | e6fdec7510455ab9efc8be1d2fa12a62892b63939c01a66d8b9cdcc178c1de0a |
| SHA512 | 7d2981ddd1347a3695b2735240b66c06786c4c64a43dab7e77914c4277106881bb6c98b20acc7201a9f2a37097b3a124aa657e32f745083ecb54081c234a154c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | adee1c53e0db507b86db59b9ff8feb7d |
| SHA1 | 779975acc74f6a903e5cd364fbc5ebd14f29180d |
| SHA256 | 1c5314394543cb027fe2ca5ba7ed10cc30feef02be0de90dc0c87d35d519fa0f |
| SHA512 | e311f7cae3666d0d1b3648c2fe97e80b3d1d9d0f979cb94a05eb70cdca0026574c40621df12c1737d8e05ed59e85e22c1285b237522efd0fac0ff90ddcdef682 |
memory/2728-1376-0x00000000031F0000-0x00000000031FA000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\AI_EXTUI_BIN_3160\banner.jpg
| MD5 | de1459af81f7d448e39553c663dc2426 |
| SHA1 | 29b786b17b8ae102eb613970f305ecefd9ce61d6 |
| SHA256 | 4f23824737a445244cb3ddc615eb26db9463142b170bf8ed9df1605bf23c26ec |
| SHA512 | a3b26f33be15eab0ddff9790e179e3138580345335f05cd3094ab2889d381bebf1f170d38865822c91c9254880556af1bfd40018654dab52a0cd1f6021c8cee2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 990bf2ec7fd786557f085c796997c2e7 |
| SHA1 | 9c387b103bfabfc6c432a1d49b89038bf4f26d1d |
| SHA256 | 792487e33a558c7a62587b42742a21039a7d090c2301b740e9346019dc128ac0 |
| SHA512 | de95e789c608e345855bf772f9146d63f1faeeae47afbb77b070550406ebc341b620954cc9192142d13e2999f1123fe9ba5d55341934391e20d3963ea0674964 |
C:\Users\Admin\AppData\Local\Temp\MSID6D0.tmp-\CustomAction.config
| MD5 | 8c22d283225f3bdb8e36522c359796f9 |
| SHA1 | cec5168b62bc7d39930e0843a0a285c3d89ed23e |
| SHA256 | 5d6fd5049f33ac6b16ec0431787fa61c66630ba1916bb4c70f3f6b5844b74ecb |
| SHA512 | 826550987a6140b870894c02c20f1c890e187c5919fc60f5fe3fe962fc87bfcc3879ee1de6141d679aa85f6cf52f8be88a9b23a8d43b8561b6b70baf138ada3e |
C:\Users\Admin\AppData\Local\Temp\MSID6D0.tmp-\Microsoft.Deployment.WindowsInstaller.dll
| MD5 | 1a5caea6734fdd07caa514c3f3fb75da |
| SHA1 | f070ac0d91bd337d7952abd1ddf19a737b94510c |
| SHA256 | cf06d4ed4a8baf88c82d6c9ae0efc81c469de6da8788ab35f373b350a4b4cdca |
| SHA512 | a22dd3b7cf1c2edcf5b540f3daa482268d8038d468b8f00ca623d1c254affbbc1446e5bd42adc3d8e274be3ba776b0034e179faccd9ac8612ccd75186d1e3bf1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6bdbed78ee2194d7_0
| MD5 | 2aaf0839f6473caee181c4231a6d97c8 |
| SHA1 | de180eee20111dbe2fcf4558f35ccb2f1080595b |
| SHA256 | c37ebe4575d2d80d56af548b317a3b5feab68394ff1f9ee14cc5a727d0a39c9c |
| SHA512 | 82fb267295cd779b2321b276c2c534f7843a12dd15d9a1fd015f6ffaf598f11898eb4348156fe6f3a3f273d98a7477ff49434db38b0d903f2550eee6d1baa05a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c6c496a640027ca8_0
| MD5 | 5d08197fb75a954fc0f3c7e1ab6bfbb7 |
| SHA1 | 9110ab7d7bed950fc3b6433c20c4f7246f0a5581 |
| SHA256 | 924d2f77497dc8423d1f86ef850ad259c410187c6bae07e86756925ef55e33d5 |
| SHA512 | aa878fed541317a90f14c05d9d268af7396a75cbfe2af7b768c11b04ecb8b89f93d832e507bb356e219b7ab40c1b4f1d284de2bdb6d68f44dc9da139b002721b |
memory/2728-1432-0x00000000055E0000-0x0000000005646000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\MSIE142.tmp-\RequestSender.dll
| MD5 | b580a63e82c50119aca3d2864897700c |
| SHA1 | 4f9329c98260d20ec398f0a9b39aee424eca37c2 |
| SHA256 | 3766a96231d79108a8dd6867927a0b081c1ad2b3265f9117839050bc7a3e2600 |
| SHA512 | 22d2e273a86fb8418d3eae398f88836e95bd425135b88b4fddcaa673dfb11abf630e1f31c2be433742efc1bf6d8478847e230ffccc95ad7d899b9fdcb10803a1 |
C:\Users\Admin\AppData\Roaming\Let's Compress\updater.ini
| MD5 | 1537975f30004da58105aa1f3c17ab2a |
| SHA1 | af60b4e285b3938494a6b22187f730bfa28be757 |
| SHA256 | 8a47c6478c5c53bfb33683cf3c6d50e5f0bd2436388366b13ae61a03da60cfe7 |
| SHA512 | 3458a43386a2594a2530d58f64a4d2f20a4629a150dc47bcd5b8db22de01006ae5e4501328edb31d97a9db0bb578b9bbe329610bb936d66a35a542f8a55614ec |
C:\Windows\Installer\MSIEE1C.tmp
| MD5 | ce54edd73936babc1063484db5473e94 |
| SHA1 | 39e37ccc28b7a56c51a91029b1207049f0d3ca81 |
| SHA256 | 16c72945a548b51f9cd4f1c9ac9e8c0209a1220dafe0a5760944db883b892313 |
| SHA512 | 4e1fc9057edfe3126d0c095afbfd31f909f1474cf5bc09834664872ee0a402bb0ecadf6f15046529c92b342eaf9081a7c605df6e64d67c93ccdae8bd2a88f1c0 |
C:\Config.Msi\e58e6f1.rbs
| MD5 | a0e6375cdc2fa72dfc21a4ed895335d8 |
| SHA1 | c624c977cbd7555ff08112a3b948d53ae09078bf |
| SHA256 | a224f0ca48281e235509c0bb94f3c0a9c45765831ffa34574f5ad4e5268906fb |
| SHA512 | 0feeb71e0bba679c761e3c82cccb325852ad077638f6e120611f2cf1aeef71b5a208fcde5607f34b1d543409d910486b47471a3a537984f69893263a48454394 |
memory/3288-1632-0x00000000051B0000-0x00000000051E6000-memory.dmp
memory/3288-1633-0x0000000005A00000-0x00000000060CA000-memory.dmp
memory/3288-1635-0x0000000006140000-0x00000000061A6000-memory.dmp
memory/3288-1634-0x0000000005980000-0x00000000059A2000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_bdlcstwz.v34.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/3288-1645-0x00000000063A0000-0x00000000066F7000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d1d9c8d97982f5bc31707dc0ad30527d |
| SHA1 | d5e77a467e57a432c7f2afa36757d89c360a61dd |
| SHA256 | 41f13a4c660902d50cf428a82352aeca9ed795391354c9204460b427dc754b65 |
| SHA512 | 2da0be9090b7b8957351e44862a76dfcd7057f4d9dba76a5d041d1afaf01eb7c6fb0bac50b8cb41cd4eb892b0b4be45b37153e0ada9bcdcf264bc4a3374de39c |
memory/3288-1656-0x00000000067D0000-0x00000000067EE000-memory.dmp
memory/3288-1657-0x0000000006880000-0x00000000068CC000-memory.dmp
memory/3288-1660-0x0000000008180000-0x00000000087FA000-memory.dmp
memory/3288-1661-0x0000000006D60000-0x0000000006D7A000-memory.dmp
memory/3288-1662-0x0000000007B00000-0x0000000007B96000-memory.dmp
memory/3288-1663-0x00000000079D0000-0x00000000079F2000-memory.dmp
memory/3288-1664-0x0000000008800000-0x0000000008DA6000-memory.dmp
memory/3288-1665-0x0000000007C60000-0x0000000007C92000-memory.dmp
memory/3288-1666-0x000000006DFF0000-0x000000006E03C000-memory.dmp
memory/3288-1667-0x000000006E150000-0x000000006E4A7000-memory.dmp
memory/3288-1677-0x0000000007CA0000-0x0000000007CBE000-memory.dmp
memory/3288-1678-0x0000000007CC0000-0x0000000007D63000-memory.dmp
memory/3288-1679-0x0000000007DB0000-0x0000000007DBA000-memory.dmp
memory/3288-1680-0x0000000007F00000-0x0000000007F11000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0c26a4d92238183eb7149489b095cb0e |
| SHA1 | 5338a0cf67af36bf35b43bb1e1cdbb2af233aa22 |
| SHA256 | c4bfbb61b1b8f21e44ee02eec20000625cadfcb9acffcdf0fadc9515eb56785f |
| SHA512 | 778c0b07cda38ff03c3f2df229f6ade5963aada34aa0dfaaee13e82ad64da040fd4b2b056aa06ecae4581e3abe16a2bb11c2ef28e3fa2d397fb3cb39f3cb3c5b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 68dad1e4ed7df87314f3d92c545e49f3 |
| SHA1 | acc4b004a3ea1758244ac177692150dbdecefbd6 |
| SHA256 | a4627f2b243107399dcc36f8b1a126513d567828797bd9a47058c769177e0a20 |
| SHA512 | e9cd39c0db60bdccd7b5bc795bbb1b9a2532c97bdb5af698766ce665d44a5ae59d03b846e02a2ce5cc05cdbb3a6637e0904be6181b25fb4cf194e26fb44ea414 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 167f4bcc85cba011441f1883c2dab436 |
| SHA1 | ac79fbb2ee2b74e5b37bfc2d343c1050d5a02f44 |
| SHA256 | fb3ae3c0b2f3b85a53e76637048f5eb0f44d0ec56e50a2d4462fb6d753861c23 |
| SHA512 | a8eacebe7f8d8009784565563e3e6e15a63ec3c25aacb64bac23bf60555f8d797e24e92b0c68474c0b159c9d4c0866bc27351a3349193055655d5bb99bcfad4b |
memory/4448-1730-0x00007FFE6DF10000-0x00007FFE6E559000-memory.dmp
memory/5124-1755-0x0000000005A40000-0x0000000005D97000-memory.dmp
memory/5124-1756-0x0000000006520000-0x000000000656C000-memory.dmp
memory/5124-1766-0x000000006EEE0000-0x000000006EF2C000-memory.dmp
memory/5124-1776-0x0000000007400000-0x00000000074A3000-memory.dmp
memory/5124-1786-0x0000000007650000-0x0000000007661000-memory.dmp
memory/5932-1797-0x0000023575850000-0x0000023575872000-memory.dmp
memory/5932-1798-0x0000023575C30000-0x0000023575C5A000-memory.dmp
memory/5932-1799-0x0000023575C30000-0x0000023575C54000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 44b13518449442b9fbbf76eb4b4eb85a |
| SHA1 | 736dfb74f1f3aad1fe87a809b41a1b911de718b7 |
| SHA256 | 5d387db793eb825e120c3a51349882510c26360f06544b57d488075feae8e2a7 |
| SHA512 | 7a7c06f63ade6c557755e62585e91db4346a02d1568892ae9f009cd629e3341a576e6b70e60260bec85326ed4309d944fc143791c6dcafd4e20330cc129d9d83 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000065
| MD5 | d79b35ccf8e6af6714eb612714349097 |
| SHA1 | eb3ccc9ed29830df42f3fd129951cb8b791aaf98 |
| SHA256 | c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365 |
| SHA512 | f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b8e445c183f81c5a4c31637e9db0de95 |
| SHA1 | b54da03dca4fd44f7651ed5ecb8af400aca85b42 |
| SHA256 | 0d3efdc2ad4ce2c709248bf81a7eb8434560d9685ca2bbdaf1651e0b0f962cee |
| SHA512 | 034d3efbd7c0a0570e2d40b1a1e89f6eda90fc1e8a6b242c862c58f49d7097b9bee3efab8a95a1c0211345f3fcf08ca8a4c603b09c10d19fa5e1ed82e4cacab3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 686da35386a81bf7d72f591d830e3d90 |
| SHA1 | e5036892284cfc69f9bb84c39b2484f74a39d322 |
| SHA256 | 46e797ea9db6f19efe5475d03403dd803e3f401a2a6d2713b9445213797caca0 |
| SHA512 | 1182eb2c2997870c839d30fbc662c65f51b800a01f6f60ca11515b38dde97cf0504124af79373f33d4cf6dca255f241677f651d23cab8afab8f9cc5d54b36382 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9fd22620170b63fa53b051bc936ff94b |
| SHA1 | c926889fe9a75037313801c3d619d6d59cf6f95d |
| SHA256 | 060f0027f5b147d40054795b624d054254fd8ca748c20b1e391f3142c8fd9d62 |
| SHA512 | add8cfe4deaa54a375b36e9e55213738f9e9b46e1234c2de5f88fc8be3f035cd417cfd404924044fec44eccf7a704b5e1ae63d7fa0c39acaea23d09b9a7bfd0f |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | bcc84b0280f5ec3e3cc4f60d838d22c7 |
| SHA1 | a2b4f609fb516569ffce0a8735c5bef1557d02b9 |
| SHA256 | dd23a41794dda2b1c6d9fe22e100a49625c7fb9487c41a6f07d8846b9994728d |
| SHA512 | 76ac524f66ec71025e659f14a8fa43861671fe6184dd4160eaf3226019d82ae0b3ebfcef678f106c1752bc39a677bbe9064b7770c76f2345aafe65b0b916ee1b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | 0d89f546ebdd5c3eaa275ff1f898174a |
| SHA1 | 339ab928a1a5699b3b0c74087baa3ea08ecd59f5 |
| SHA256 | 939eb90252495d3af66d9ec34c799a5f1b0fc10422a150cf57fc0cd302865a3e |
| SHA512 | 26edc1659325b1c5cf6e3f3cd9a38cd696f67c4a7c2d91a5839e8dcbb64c4f8e9ce3222e0f69d860d088c4be01b69da676bdc4517de141f8b551774909c30690 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2370242bccd4d05b44906ca57490e644 |
| SHA1 | 3063058eb323fac600255d61d2aa12521ec6eb40 |
| SHA256 | b78cffb394f7fdd30a2eb13f43fe358b8e4ff1c5163e7aff3fd585f9adfe2b84 |
| SHA512 | 62bdcbde15cb53fc2e8cf15f79c03ee2056bf4c0777665b4b5b5243e67f74faeb496ff10ae71b4bc830a3d8305f472bdda852d372d7c8abcc7e433b22f52936d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 95bc04217d5e00ac994ad557c4826c30 |
| SHA1 | 91265b1d4f1acd92ee6e17cae71f539cbfea3511 |
| SHA256 | b3a23839909774902c24d7f7a9f9af6758effa1a7acf1a4f51d7562c8bd9de18 |
| SHA512 | a40d103ff3f646898a171f3110b0e0fee7cb8fda812890ba4b04cb7affc7cf64e6dec8bd1700940cc1e15ad0cb1394dc30e401b1b2d42b57ad86ff62dd167b0c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006c
| MD5 | 65da8d6932ad74d3b51694b5a28dd0bb |
| SHA1 | aa6e37cdacda153f499c299299a4dacf50c93765 |
| SHA256 | 309ec80a404d5ba8c9816e0932bff343c8e205fe36819908682289ed7c7ae482 |
| SHA512 | bfce7ba0e18dde7d6f833709e565f704701d7a51b14d7c11b06cdce0b057290a334219c9aa4f7ea098c097eb779a2ceca397a9ad1ede0784348f78c81fd55015 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000070
| MD5 | bda83e115d4a1d2610fe3966ad90b291 |
| SHA1 | e6061b6cd959a5a9ccc781790cf509228237eeab |
| SHA256 | 189bbdff5bf4ba979ea3dadec4bae9c228927ca776494a1cbef5cf9f29459019 |
| SHA512 | 56313f3f5c8c955e0c835d0b726f2672c27ab803206617c43a106a750d7b767a57699aa3e5aeba391eb473e7e4aef1a5812a6a8a581137e3c1604a3ee4cac173 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1a914eb5fc51fb84_0
| MD5 | fe3f8e1a8b8c757e740d101e6157d2c1 |
| SHA1 | 923140fc8fb56145bbc1a11d21a1d3b1226c40c6 |
| SHA256 | d63efb2c8b15270f9956f563e6478200eb947c75024449016e2a6e101ed85d5b |
| SHA512 | 0e143644e4e9025491a69bdbafae2d8227c85b724934638db6139dcd09e3866ad4afbb9964adc00b10e42b2ec2ea2e05959c0d32d177db8e87b859081ed54646 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
| MD5 | 0a8bada670350e0f338e378a494e58b7 |
| SHA1 | 15f4fd25197e2b492cababe12b0eb142f6b9f2f9 |
| SHA256 | 9e4d6f6e470008bb34be4bbf35db6aa06779cef26ef26acef13a49fd1ab6fd11 |
| SHA512 | 4288922844fdd428c738d292f31eb42141ce6b3c8984e4fd2e5bda212d48524ca6209c0edd8d41f664972f0404099a063f70e69969130b1cda023c9b6d417421 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 2892eee3e20e19a9ba77be6913508a54 |
| SHA1 | 7c4ef82faa28393c739c517d706ac6919a8ffc49 |
| SHA256 | 4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2 |
| SHA512 | b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 5257f9c08bc5d0dd4aa1c3d75eb409ae |
| SHA1 | 7beb1eae91cf12c64ecd48ab5a422c212b809b68 |
| SHA256 | f9eb487540ab56a32e88e004b8393198dfdae7407a8135698b3bd19777be234e |
| SHA512 | e31fcaaece6e64b4450180ecf714b42441fe951574686193570f984cd37bdbf8896ccfd57a0ce17c7991fb63c61788a48f38d44d5cb423a6a4a1cc4f5a360fcc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 6bb80fdef56d1fc5f0648015d81221c7 |
| SHA1 | 9f0e1d11c384cda1ad32fb6efdc28ba0a2f96a41 |
| SHA256 | e2b44778776bf86c37fad2f33e70e50eff841af1af6f434e416b101b1cda9e49 |
| SHA512 | a841590717f54c718432ca506f9f82f6384d4fe26cf9b6e0db509f9a4e5607177ad5a260d53705e14409339d4f52ff804e29f9c38469eb38ba2dba081073fb8e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\d66ac09f-1271-486a-864b-e8f1d56a8515\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | b3555e531bc575cc127c77b0033fcc74 |
| SHA1 | 245ee79d8e2208d9a44c894056570985c60c3315 |
| SHA256 | de23d0d9cbec9e6fee5b14206a4cfb8feed63b06beed045e31b809eeb6ced277 |
| SHA512 | 4031dc57c3fde48d10a2b8f2722c75536ad5222468cfdaca5d7a9ad7ec05e854c21cba9e28d7f7e7ee0ae2ab6589a31eaef1d394d1e48420a65a258adc51c332 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8ab3d1ee37f6acb513bf7a4775f7ee94 |
| SHA1 | 8d3e1efbfdbc28777110f4e61d4ffc76be87b632 |
| SHA256 | 95d7d7ffd6f22013d653adfdb57964b9a0d5514d2209f0236f51cebf0060ac6f |
| SHA512 | a915b7301b671f8b3a46cd38b7fce3e5186899dbf4da080749e4bef5196c143310f00a7193253c88e1a4533d02670116ee289f6c809a0479fd1ceea99ff797a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0659d118f633a14d8695e3873dc1ff7b |
| SHA1 | 69f7f1704f7f74c8740b03276037c586bfa45206 |
| SHA256 | f45d9c4821811c49e03973120e1bb943e9126d1e352d5400e6a89ec06acc8bd4 |
| SHA512 | 5464730f351f7a9bddc8134f588e4e5d7c9090444604160354e1c2e89715c309a5798bd89270484fcddf6f0b80fe684cd9d8137b1e3499b43852193a1fc324b3 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 2add1ec68cff7847edeba68f2fa03701 |
| SHA1 | fa026a819249ca3eb189f16a9fe83137ea4e5a45 |
| SHA256 | 2974a75f592e6edfb16ef3e27da26d08919ba3e4ae65f1e4e18d5d61b3a347ec |
| SHA512 | 3c7fc86493fb6e4708f2e07697d2ecb1561c931cc1985fe07e46f04a97a54ca8a02174cea628c54458d2f5896dc9b3943279dfc88a211f63036ac279384f69bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | 778ca3ed38e51e5d4967cd21efbdd007 |
| SHA1 | 06e62821512a5b73931e237e35501f7722f0dbf4 |
| SHA256 | b7e1bfadb8d9c061f17a7234df012df7842ab1aa8fb6f9579fa3f0a3b4a75bc0 |
| SHA512 | 5f6f02099ca8079305fb7e7f43ae4344d522271fe30379c0854d6a81b7d8adf408a50a4b799b5f52e6ed162ba6ce7fe97e24a2b9719df780e75683d3aa103d09 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | afdfdba750d77a65fedd390d20a727bd |
| SHA1 | b7948f70661731c45fd41e8be62be134865fd299 |
| SHA256 | 5d23ab16d09cc8960ceab365597dbb3ae198b10ff61adb3ef2131a63fd8a0075 |
| SHA512 | 6a7469772bd4815f5836864cb21bbf3d4a3185a7c88ab927107252e4403a90c90ba113dfae87734ff3e3edf8e2320b684fdbf463da2be1cfe816c73d4272ed92 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | 8eff0b8045fd1959e117f85654ae7770 |
| SHA1 | 227fee13ceb7c410b5c0bb8000258b6643cb6255 |
| SHA256 | 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571 |
| SHA512 | 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
| MD5 | 4ef030bc816262e8c61774e41de416dd |
| SHA1 | bc0ed6a1a56092a01c2c811024bd9cbd5fb1fd11 |
| SHA256 | ccf18efca1c5f65c7511fe08ed9ac93322fc34ef9dadf2800e32c683e4c09c63 |
| SHA512 | 382cce635d0eee2bf6278ff11a42307bd3c5d2c409e63b91c997a6c4478167d46eed8849a52b2121ed7bb789619f87ea53cd6c6041e1e05ccdc412e040775193 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | 06e7f7a97846eb194dfda746226d0960 |
| SHA1 | 6f07d517553c4205ed29a650116737743a1f3ac9 |
| SHA256 | 848fb61fc851cf2056bfc1989074bf887568b70b67c9e777023135deb8eea913 |
| SHA512 | f9fbdbf6b0e9f9e2f448ec4eb0a452919487ccc545f06d928488cea018faefb771e769bf7d496b312fb3fbaedbc41082b64f94d44177a9df9af639be5fcba1c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 88ef7faf6a3759177b9c6b3ef197d570 |
| SHA1 | 8f43cecd553578dcfce380429d35b070670e2b5e |
| SHA256 | 0a35e70989fbcf28e34d3ac32d55c16e7ee05e34cb7e9054bb56dfee04494ed2 |
| SHA512 | 1bd5de800c5add3b5b388e1fb6e74a51bb1dcff3dacdd33bf381fee814ebb0f55f5920c750d1914190939ebb3e883af6c273e212961cf09e0d6803ce330957c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | c24c16b8eadabae3bb7b6aacef6e8a6d |
| SHA1 | 876160588ac4daca9386d0ceb10b06fffcd40afa |
| SHA256 | de7300780280ae8ebd2e6b99802b6ff58532760f2a958787df95d15071938af7 |
| SHA512 | ad9b0e4fc381d2813a0166acbd698db83928a74e5d5e3a1b8607e2ef42f2437cbab62b9657cae3e3249b6411c8d8b8076bcbf54ecec35bf3f01b45e0fda84fd8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 326a8a6f3e30d415e5cf1f23a15f7387 |
| SHA1 | 31b5a4728dbd515342ae539cdd2477f3064dcd46 |
| SHA256 | 18bea49070a8f8e340f7efe5fb2130320e134c57b6a3c9a0b3b2a1e322f946ee |
| SHA512 | 6d298fb37aa5b90915e128dc485bf13e65793c6ce9a56bd9d0ac011b7316fa402fa8f4294fab519cf052bdf44e03ad7a26342e274d0fbe0d1d8d904da3778bc8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
| MD5 | 115c2d84727b41da5e9b4394887a8c40 |
| SHA1 | 44f495a7f32620e51acca2e78f7e0615cb305781 |
| SHA256 | ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6 |
| SHA512 | 00402945111722b041f317b082b7103bcc470c2112d86847eac44674053fc0642c5df72015dcb57c65c4ffabb7b03ece7e5f889190f09a45cef1f3e35f830f45 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
| MD5 | 2d0cbcd956062756b83ea9217d94f686 |
| SHA1 | aedc241a33897a78f90830ee9293a7c0fd274e0e |
| SHA256 | 4670bfac0aeaec7193ce6e3f3de25773077a438da5f7098844bf91f8184c65b2 |
| SHA512 | 92edce017aaf90e51811d8d3522cc278110e35fed457ea982a3d3e560a42970d6692a1a8963d11f3ba90253a1a0e222d8818b984e3ff31f46d0cdd6e0d013124 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | c83e4437a53d7f849f9d32df3d6b68f3 |
| SHA1 | fabea5ad92ed3e2431659b02e7624df30d0c6bbc |
| SHA256 | d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb |
| SHA512 | c2ca1630f7229dd2dec37e0722f769dd94fd115eefa8eeba40f9bb09e4fdab7cc7d15f3deea23f50911feae22bae96341a5baca20b59c7982caf7a91a51e152f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | b11d470eb31f7b9be80b0b244aceabfd |
| SHA1 | a01bea49df6a786077033eb6f5540329817f57a6 |
| SHA256 | e4c4ca6449da44efbdcaebcc7ce34503f5b7a040fe7e718b47fa4b643ab12037 |
| SHA512 | e7773c528877d4a0fff6cc1a6b03f0d595580b88a28615624057d2b7fa8ecd75bed2bb4dd2fd9570d651c936cb88ec102fe7e80a5067897dd2b08e8156717b10 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8a0bc6f3abade2acbbff11a9619164a1 |
| SHA1 | 96dce7fb922aa5562b13d2c1dd855d0d5fd15f72 |
| SHA256 | c219c83e6fd4206d413a7d9072f60aa1d58813526eda33453dcef2b3defacb10 |
| SHA512 | 4bda7799464ea3611548df93f30fd323e920af7a4b0586a6ccecaaf0efe27a9446a66c244c36b1b3773fe84bf0ceb2fdb766f9792b3fb00f37b9ad5f239ec194 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f0242a3f489ae123886f28788f4c4ee8 |
| SHA1 | f15c4824307f79570ebf057de517633f62c9fa48 |
| SHA256 | 67ec5e1180c8e260c9a82e654ca28925b31f20a85f99381c7d680028338a3a95 |
| SHA512 | 96a3337ffeed12b7194b01597bdc1531cdc9b78e88207521c7dbae191fb3ceea13a19fd9aa98c246d467ff3a7ba207f5a8f1b02e51c2ba7ca438b3589a5c3a41 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 66b42dd429828de0cad86ef5a9e407c0 |
| SHA1 | ef653698f82a72bf8c1c58d581b32cfcb4bfbff4 |
| SHA256 | 481b1b499585cb4f780f97cb0bb296726dfdc154920e4d50c0ddf00693474d1e |
| SHA512 | 4c444363aa4a6e506d9002d331bfd451704c79c59294107c1b74ce97a2cb2ba56d9985acf2d2e7cd3a24717f78bec8578595f218acae70dbedc278d73e072f55 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2d55ea8e70021a8db7f87da0cfc927cc |
| SHA1 | f31d10a825971ae828f984b7603de2c4687128df |
| SHA256 | 75e8bc94e87805806ca355b15cc4cae5271351595123a71509ca474c8f5c1ee2 |
| SHA512 | ecabef0ea2c6d3e08be95e7571c7d0ae5c334eec9b8f71d179b2f3e47734b307a0dd117d5afde926e81bd5617c9a6a151cdfe94a792850f1ee842a13ae2e0f87 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 40ead33ddd0c7a88cde45e56d6320759 |
| SHA1 | a66503d5183a55bbd1be9c377882336cb230c10b |
| SHA256 | aef97f6f2620c170270bade40495b5b4aa100bc7b806abe0eea0e60af06c2dd0 |
| SHA512 | 92e1eb9eaf12102bd78acfe1cfba6cdcf7d361cfb161103b455a5dfc11247cd4b02c178c936f38e2fd7d95fd15c311de1a4648ee99a21ede1f619ca645d8358c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\318215e8-2308-48e4-bd3d-95003043307d\index-dir\the-real-index~RFe5ae83e.TMP
| MD5 | 1d27105e5311dcd6297b9d25f79b0794 |
| SHA1 | 7f4b634044526712cdac0b32913d1f43014bb10f |
| SHA256 | aa6ea60c54a43f3ab09a70019c92dd4546075e09963aff70dfd41369eb335107 |
| SHA512 | 4e0a432c25e4d023ff645446849919a5f91ac63bacf4530088b21e43c9dc493e34e986edf9a209f483984f516a669c390f97b8c9260e7b884226e7565dddc4c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\318215e8-2308-48e4-bd3d-95003043307d\index-dir\the-real-index
| MD5 | 8e3a1a7678949042c8fda5ff654027dc |
| SHA1 | 39f9387bc826e841bfa290359cb4df7046c90629 |
| SHA256 | 22e0b3e535802a1c6b544f0bc36c488105e5e0fac59698947df9583b7824e87a |
| SHA512 | 5ee775749d0526e071e2cdd7749f08e28d86311dfbe3894d5f22ce1c1db2c8734e1ff831e28eb94aa15f7fdc15ffe0f7ed743a196571084a13e6a043c0efde11 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\b473a2ec-33dc-4d9a-b085-d4d15efe4b2b\index-dir\the-real-index~RFe5aece2.TMP
| MD5 | 1c1f8a96def56d97db1a8f2fc06846a1 |
| SHA1 | 29f39a4434a2b58888c65c749ba682b4102f0a22 |
| SHA256 | 9ae298f8014bd702cb53bae0fd2a610e8a70df1a3e4d48203c702a6d37839496 |
| SHA512 | 111da54519b5a603410c63ceffc33d19b64302a8b07015761f41a3c16da4add27412fc7ed5ddbb64a71671bf467b36c3f349c88ac1b74690066a1089ee058cff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\b473a2ec-33dc-4d9a-b085-d4d15efe4b2b\index-dir\the-real-index
| MD5 | 87c20a60da4402094167764f6ad5eb12 |
| SHA1 | 41f39e722df25c45bcd6b1928bbcc1bc22b813b9 |
| SHA256 | 99e3eda356f77e31c434e6e0f903b304479aca72da4bf087e5f90d3c8f584f64 |
| SHA512 | 88ae5d113441a134d6ce9301880a13611487435cd016d68f334eb74151f254cf9ccd45fc1a7673f28e6a63aa86f94479c88c03f76c0b63d3a45039fa7c67187d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | b61b0ebc88890db91b9f1fcff2f225c0 |
| SHA1 | 4833c8523346ed338a732bfdfbfcd2975bdddba6 |
| SHA256 | ee7b7ec083d8ead4ef8240409e9c8b8c0184625dfaf6e9ef42dd8900b5a2610b |
| SHA512 | 47928007fe984cebe29bf20be63ed07035cbb236b4c027fedb24110d2f3579a08b40521ed7609215948c596671377768b4025b7e97604560b191ae9af5e64646 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | dd62cf7ff03da4403247e7a379174509 |
| SHA1 | ee2acbccbd1ec4d3848bfe3386b30d26ddb3bb2a |
| SHA256 | 4af863f8ba79ad4353566882b1a34007b5c658f24583870b862e3bbf66296fd4 |
| SHA512 | 82ce861f1819ba59333cd0cb1c9a4d8cbe1f1a53ef02de6fece7f239fd3c627ed6413719a0eb84826f1950fd504d8ec9e22e9667507a549d16e02d79d0f57c4d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 9050a073d13dc9bfd0b91c06a44ba47d |
| SHA1 | 628c7bdb47ffb71a328b897186238aeced6c7acb |
| SHA256 | bcd976bf8ef37bd14ef376267be6c5c0353b7147e7cb8855232fb9148f389630 |
| SHA512 | b7edf51fb2c5ce16914cc07a6868dcb848e9e9acfb1cbbdaa25017247f7cf80f86e8fc99a5cdd8c97cd06d3bb7351d1b4f4d113a31adb5ff7e8ddb62c36ca312 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\31b9025fcadc6fe4_0
| MD5 | 960db649d3cbd3ed40a8b59bbd51dd60 |
| SHA1 | 3933ac2b701a22eb1d8215e9cc37a7e40413375c |
| SHA256 | 57fbf154f05322cc7466ff9ae8b654b359e29756448da5002b4c28947ba6a2b8 |
| SHA512 | 5e79f7536f51ff9635ebdfbe3e4e7e0084650473841384f8d5070df1fd42524a247b507ee177a05703cd4570151dcb7868edd7cf7b9efe6ca28302bbcc1ad96e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\75962dec606931cc_0
| MD5 | 0c0a84340197b15500810cd45cc62396 |
| SHA1 | 4bd8881eef07feff19a730d1105de96d7b5a65de |
| SHA256 | 3d04e6e86ffeca26cc49f02d4c61cab91d0305dd5467f95bf87f475fffcc686d |
| SHA512 | b6247adf6d0c28c111b5f1c97ee87f30402b500ac1ce4e5d380869b1bca17a46e471d13303761fb47a01d5cc688fceca358f01f22db7458a34b37ddda8e88582 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bda03fc6154eedd6_0
| MD5 | bb2bee856e8c6ecac7249bec955808ac |
| SHA1 | 041a4f4a88d42f071526ee09ef2472b5917282c5 |
| SHA256 | 647bb71cd38cf3be8b5da83db0e314c483749457af35c58ab824bc1917cd8127 |
| SHA512 | 7006db905b02479cac83f36502cba49563f3eabb7139c4efa2884df8524b48d1229e620202b1fa849923f7a5206d8497c495000e8df008aabf0ca8f7967f836c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c91c845c83814759_0
| MD5 | fa2a7798b4bf6663b6deb45ac6c8a955 |
| SHA1 | 7310ce5925ce108205e5cde68d6bcbb21a24a18c |
| SHA256 | 2dc39f6a676cdadfb964399127aa4a0449a14abac3ad4f4f3d3994fabaf7bcb9 |
| SHA512 | 3b92510e7adecad4a9f65bb427fefc47bcf076787228ca1783cd1418e3d5c21055d7a8bc1af18fde7ef3860fbfbc37dcad8cb43b43a53c8ac40b19f09e4bdc2e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0bbe00d9bf7b798e_0
| MD5 | d00770e3b29de6a0045d903c3a65f68e |
| SHA1 | 88f4612ce8548be811525f7451ed5791086748ab |
| SHA256 | ec4b841327d3f478528498c56275d48426837e4173405384545fad3e9350db01 |
| SHA512 | ea5a6fe7999011f1a8bd869a14ae0ad3b0468c2023c2e01954c66ab974ed9e7ea421b053b06dc9fec6e58055b59f5bb77c390c0b0baa5101583f60fe157c611f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\61a0b4d20ae0e222_0
| MD5 | 5f38a49edaec303854f17ba376c27a0b |
| SHA1 | 4ff39afa50fda8eb0b6b4b5e9bb3e9694087dfd9 |
| SHA256 | 2993b47fa5b071cc79687bec695ab01d28ead60ca72ab2f8b9b39ccbbb57bc6d |
| SHA512 | 56fc09b6d0632b899882ea681331cb4e694ef214965cb4c4a692e68e34546118e4f7e9e82bccdabd5383e64b73134818353209d8a6852091d082a207d807713c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\99f63ea01d6ef034_0
| MD5 | 5b67945155c91e608e0a587ef61816b9 |
| SHA1 | 3079e091d534be7d522b7652f184b6c243441592 |
| SHA256 | 6249da22d3cae5965780da942fc85747e10e62f5e015af609ee1791ebb1450a2 |
| SHA512 | 7e03e1185bdbb98a44aef1e0df6159eb5ea3be7078ac88e8d1bdb12a14d784108f2e9c81ea3bf3a696a80a110c9ae1fcbd67a9fcd56b8e85a578d7dd426a5ba7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\90d7d7591a1b39bb_0
| MD5 | af58a84f0ec3f697a418ab7d2cc25cc8 |
| SHA1 | 9d1990e738658460d7e8ad985392dfac0ad4f3c1 |
| SHA256 | 3cbd8b3f1afb6616c0f1cd733877d15c5e87f16b1578600b165e48634390ad23 |
| SHA512 | e4f4bf39d5180403bd1e98b6d7bb9f9013814e1b8e33da3201bd4a9bacceb942bc97e5d8fb999d566a2721e5399553ad18fdd2582ca08dc7b5445af9d0615269 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3a4259a0181983ba_0
| MD5 | 1c837523b64b4e1ae89535ca621c0c48 |
| SHA1 | 6bff5d5f9b425ee25d3ab96defd9a716d1080373 |
| SHA256 | fe61983a23e920201b80f83419b77c6c9e1a1e10b3e5b772cceee4ede54329ed |
| SHA512 | 0e34749fdc9631a191e897f91d0da17bc0b24ec951920f1ab34cc93a93639a9325f1c6ecff100356e8b9087bc694e5839d34e7c22a1a729f89a866ad872a934e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\37afe38eb817b647_0
| MD5 | 594d5223e26c1583399e03649fce90ee |
| SHA1 | 9769ce54a476061a0f13a632223a0dd48fa8feba |
| SHA256 | 349267a391936ca960d843d67b9dc6175b151af47b76d6155613626acc25e257 |
| SHA512 | 79b69361554c6406086601c5ecaa2c18c60fe04b35675e45b2cad9450b194d3cf32784e81ae64bbae4f98fcac0ffe1d01f98a93cb3a6d28dee39c853613f39a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0
| MD5 | ac86a2afe6084dcf55f73f84858b503c |
| SHA1 | 016b770c44b226495899f312475c3233fde1c9b2 |
| SHA256 | 7062e66ac902eecb403fa21377c52fc07b2781b333ef7253fa7e3a86b817d32f |
| SHA512 | d803c1f73547dea7e0f700583506ddb97e65b976b0684f3eb75ef549af054ada9744f40796dc933c1918a49ba7d230c8e40a13a995f0e15dfe8ec1fc231f83bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0
| MD5 | a29782261e79ff1c1ea687ce040c7771 |
| SHA1 | 70afcb644acce6bee0241285009ef16ba4a9381b |
| SHA256 | fd8870f90f85878de33339cf371962379ba6039c027738e57fef671d3f795086 |
| SHA512 | 9957efc79617f19690f930fe6b3f5784bbf7db4127eff5b76c3a2fe895492fcc9fdb5e6ad3ce31b6f836ce6dab5ac958e668d3c79467406f06e758d4cc55421e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\be6d12311ce2b399_0
| MD5 | cbf1439111aa91c59089dac5ce46d504 |
| SHA1 | 0d1903d282f3d8ffacda7b57a5d79e3b1e4d50e4 |
| SHA256 | 34fa11eb8e91cbe9e0c0cb359efdd60f63db96cfca7f70ac08cd73a069f6cb2e |
| SHA512 | e4cb2f8cbdbae77df8b1e726fe6a16a4e23c8c1bbf9a60d39105a5a24e0a6ffae04a7304c7c96005de89ad00e8d531286fa21ba050fab0eb3051bc6c407beb2b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0
| MD5 | b018ed499ecf602b3175dd56d4c010a9 |
| SHA1 | ecea9dfe4142f490c012e6084cfdda12be9b4d48 |
| SHA256 | 1660ce30699abbe82bc1bc43fffdea3e59e56b0cf3296113a3a666483444e01c |
| SHA512 | ff1edfc47b808c3e51e50e9f4757f904ce7d0fe1c239d75c4c37a6b5495340d879acfb6b60b810b1235b6da91e4e1d6067e15c2f62b7cdf45b3b13a35768348e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0
| MD5 | b4d1ce2f4f10f74021eb2ee3e5c83dde |
| SHA1 | 4b7cf48d882bcb07950126bc5e50e68c736ed154 |
| SHA256 | 766be90d6b5c31143b964cbba6bc42204fb42e27789fe0637bfc0e77d788532f |
| SHA512 | 6ef8c9821d9f9231efc190e428ecc8baf5d648c60d9dd86fb3fd3f84b91f160ed2faa759e8473ec34ac9902769b653de01af02954a917ad407c41127f7a5c9fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2692617678c042d9_0
| MD5 | 320216fbcb5fab76f88236184bd27680 |
| SHA1 | 6c5296f413351a4de26f1ea99c40512799d9f341 |
| SHA256 | 6ceded7acae72c137668a52af5f4ea0cec0917f58dfb26bb813f284fff4ba63e |
| SHA512 | a730f8dab76ee16179a8437130d9d134b9999d76d0b11064b1331964bdb2d3a398958ef52e71c9ec950a08490143ef65508e34ff712932be211c83cc7736a7c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5dd1e579c9681f95_0
| MD5 | 6c18c545fc286f09f912bcc97aa0a4a7 |
| SHA1 | 15fada291369782e1834dcc670fac1e761023245 |
| SHA256 | 9b9b545c70d16ceee108dc901f903b344aa875ca2e896e2728e26c52a420addb |
| SHA512 | eede91bc805fcbf66bf34fc5550acf839db67994a16205b35e140cc6147c04b1bbaaccc99282d03b6bc06b61be14fc6617135c084ac5de9b17e9a8cdf5c91512 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e146fd968644d345_0
| MD5 | 5536b0f33e8d90f2bd5b2903c5c532b4 |
| SHA1 | ebc51529fb494c3ccfbc1555c9fae985732fff15 |
| SHA256 | bf01d3c238053e2ebd34d8a1ce8aebdc1aa584522d0183758178660e1f781677 |
| SHA512 | 941217339895ddc6d040cd902b5fd072076c7e76188de2ae5fcbaf64ec46729ddf64028a24cef96a2e46b45c9289f5118a5823986ab857d569d7d4b79140dba6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\82af833e9b5cc26e_0
| MD5 | 0491409b30a776b1478ad1c362f9bc8a |
| SHA1 | 5721d98d27628748e36827a21f793ec247223d6e |
| SHA256 | 2e7ba74489683408a1a2aa04ff87cddb9d09f72c7d06cb82b7eb10751039d7f0 |
| SHA512 | 04234282880af60eae1de0023d26173010afd0aa0713cacd3d1a13230c1e6de02c5ae2b8cb102ce4e96c69b5156555df5f7f7964d0b48dac5ed3a8773d552214 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d45aae6d8d9c9ff2_0
| MD5 | 8ac84633574fe75fb36253fbf21e0d0a |
| SHA1 | bb5892bc7f452187e46366a59702958cd9271f0e |
| SHA256 | d907e2c8d9ec2f38cc3db94989ee5f8cb19569611951503ee7b6a13c25e41b04 |
| SHA512 | e88b912df4ae777831548ef963da08136b0eb32d923c51cc35334ce317980e7eba987befbed039be3054745bf48e25f6a7b5893a8fa4118d82d866ac2b239fef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\78bc646c0524ce58_0
| MD5 | a314ceda09f5e5da14f314ae04ab22b1 |
| SHA1 | 4d1485d8337a45232633f12aaad798e7377a008d |
| SHA256 | b10434e9a78d945022d34cad4073c00f2e2bf9e29c7e107b4dff2dff8657fc3f |
| SHA512 | 2e1833627f059cfdbef2f4751c63d60e3047bbf0946b3e0ad9ad36f913719cf2a48cfc866e7bbcd514248f6697cbd7b04bc36446849363d43585f2a748b72535 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6db290dce274a012_0
| MD5 | 7f5cc5d00dc09d87e1068ad583d8f7ac |
| SHA1 | dde7e981ace746e0b5722421686cefa53fd8ecb8 |
| SHA256 | a8efde2ce8f3665675dc006e115dca106a321b4d763efd041b664b8451fffb57 |
| SHA512 | 983928d9aa3b5bdf94cf4ddef5d6377b693148454a23174e86ce9fe8b996517a8c51b0b0f21db2683d423238f4e2a9dad024b762b8f19409a7aa7615c41cd522 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9f608f61e011c420_0
| MD5 | 278a537318284ec7e7e162ab20f767da |
| SHA1 | b6ceb2293ac8960e57d979f737c0e79f082ae124 |
| SHA256 | 7c66d71bbaa428f1d44ec0aec273fc5f9e31f404c943bd626e4bbe945d115e0a |
| SHA512 | 2b2ff1b3abf8e4ad389e49fcad06a6bfcb31c7e411c9e34b9b76cbf9eee3b0df7dbdce25991e2c0437ef1a24cf39b9159db2eabc58b5f595d4177e9a1225493e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | 5dea626a3a08cc0f2676427e427eb467 |
| SHA1 | ad21ac31d0bbdee76eb909484277421630ea2dbd |
| SHA256 | b19581c0e86b74b904a2b3a418040957a12e9b5ae6a8de07787d8bb0e4324ed6 |
| SHA512 | 118016178abe2c714636232edc1e289a37442cc12914b5e067396803aa321ceaec3bcfd4684def47a95274bb0efd72ca6b2d7bc27bb93467984b84bc57931fcc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004d
| MD5 | 112d28dd7d1773fd3b08e03478fe9fbe |
| SHA1 | 42af5412274eeb82179e55b3dd13bf603a66873b |
| SHA256 | 4639591ce08e165dfacb4c817873b6a4a8f6135fb51af47b6c5419787d35257f |
| SHA512 | 81c01731249ca3422207bfd72ae3b9c577e241873d9358ed2d810f00c63273e72a9d7fb3f225871cbe2865ea49c649a7b02b1fa520fbd0ddfc5653c791c3394f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004f
| MD5 | f74c05877e5870e8804c67a5024f7f27 |
| SHA1 | 2b6a8d96a1e057eb52d5fab02928d962daf3225f |
| SHA256 | f212de74bb0b05c93f6e414bfe23c340635baf6f08fd9784cfd90a9a87a2f72c |
| SHA512 | ebb491a244d164a973cb2e5ca0eccdf37178fd7c8412517a9f11f4c66e5b82196b85bdd6789ac27552c851d4baff22df087cba80ca41df3bc9c0f20482acdc43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004c
| MD5 | fcf351c67e1148e1cce9988fbd3d794b |
| SHA1 | fed42ba6d9fa0b67338b712ee60e83ede1a757f3 |
| SHA256 | 908a5f9081c42bb514bdc21ed1b37609322f86992ead753090b28cd04ed595af |
| SHA512 | 0ba5e5a4bb570045c101d4d9bac0a6c63055132a87d0e8d5b603a6092248ece8bdefd53da04c437bc062440b7d74cf0c1cde5277b2433f41d317f6201c299ee0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004e
| MD5 | dde3302f841d31db6dda2cfc51e0b5f1 |
| SHA1 | c22a3edb24ca4ca9325ed9ed6e06cf0fd4880454 |
| SHA256 | f00ebfa4a09f618268c6c5e9b60ab9fbbd5a45e1f584638485bb74c82c77a326 |
| SHA512 | e2b659f5f17948c059dabe618e5c97a155696b941d504507d9b4ff275499415ba62428ec68d87845aedc58ef315ab39c0a27717da6fe54837c8fc16a81ce71d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000050
| MD5 | 70265afab2a0846e7045a2aaadb1962e |
| SHA1 | 33f2c9fef0eefb52d5f15fd5e406bc81f130a2cd |
| SHA256 | fda3c6bf555467c120fe124c87439cf3348ea1814693cb2394e52ee1153beff7 |
| SHA512 | 4b69215a55c4990a557c2d8970236497ee93f2b6421eb0b9bf433ce93e12a877fcbffb789365c1ff9c9d6157dab03c2be5141d02f32bf42eccedcb02619a94ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000053
| MD5 | 566f4f5230dfe8e59f25acba97c25d1f |
| SHA1 | dcfe0b6b743167b2a7026c85f96cccd325963316 |
| SHA256 | d93a8dd99724a05fe5e7d21e2a9a65c7c1b778fc8c7c379151109861ab88c607 |
| SHA512 | 7f0107bc027d395ac4aedae55d7763039ce8f7c480a8bc34663658fe8cc32fc811dce5a85f6dbf5deb47df880a67a699f224e3bd6d090e38a53f95f21389a2b4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000058
| MD5 | b0663d817af20fe9abe56b13d72e71fc |
| SHA1 | 27ee835ba88619b9bdcc5026b8e2c9c7ccf5d0db |
| SHA256 | 7d37e93dca8f3f3491730ec0063a947a63675c6fec273bfc37947047b29dbe86 |
| SHA512 | fa49e920332c203e360f8cf42c012aadc2e93ec4d1dd307d3ab959ab0236911afec97c1dfa422bcda8e2e59557eed6134a52f21e05ad648bf3d880d77355f99e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005b
| MD5 | d7491ea474d74fd6d105e27dfad83d71 |
| SHA1 | 9c097bc7107976fcc5c0622ab05cc9a35c772342 |
| SHA256 | 8775402ae4b321bb9c596ad77c9d7df49e7671578ed4c22fb992e549703447c2 |
| SHA512 | 061a3f1153c37fa8fd182cf6b19ba000f0a18177b084411f3e910437654db3a824a7aa68158d5e2ec76434acfd45f8059b9e3d59b085304bc237ce5e47424bb6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005a
| MD5 | b0e7e3288eff10333975732fc0024d8f |
| SHA1 | 8bd16b252d0c436b8e812fbc8809145c2190d8b9 |
| SHA256 | 7390f67e9ecabd8619d3b0e501b8e89337b054c0912dd05f25225ae4e51b2b8e |
| SHA512 | 62f1d6626384012e66c88e29f8038a761fa183149f92a4637f114f0f8728add2d950839986a0b33454272823727a07bd29a3f382064dd8e23550fa4ba2b79e71 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000059
| MD5 | f443a61cc190f35fbf7f81297095e6fe |
| SHA1 | 3d5ca980649b4128b30e917c920012e8bcdc4d8b |
| SHA256 | 4606145834693b7c7695a546ff4267f84c119efe516a9ffc9d88a8f9e5fbe403 |
| SHA512 | c250090b27fd513c2e4787a14f556a97668d6e33e2661d246f59eb1d267fda874c5cb160f66fc3596d804bcd85355205dd665dd953365836b712e73dc91f7fa3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000055
| MD5 | 6c4eee562650e53cee32496bdfbe534b |
| SHA1 | 1aae708e3b94ee981b452a918d28ed037fbb5e18 |
| SHA256 | 9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2 |
| SHA512 | ebcb5a2e2a908228f77ecd03b45491778cad73ddc39fa3a6334b129aaf9fa36c16c0307aeaad74d77f616b5b34aac52d91e9f4816945253dc9a826ddd71f4d12 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000056
| MD5 | 023a4a925fa3fce0f66b769ef6bbb264 |
| SHA1 | 2ed706340547d19c10a409ee02fb08f3d52ff670 |
| SHA256 | 2bccecf0bc7e96cd5ce4003abeb3ae9ee4a3d19158c4e6edfd2df32d2f0d5721 |
| SHA512 | 40f3ef2bfde073d33a2d3cbc280fb40ea50dc2b0c3619c8d9717d665351ae219caa5f17ae67cc87e777ff73c1275c1f3778b26e95f19459594d2f42ab95aecc1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000051
| MD5 | 83a7fe667ba5c3ab0d316baeb66bda46 |
| SHA1 | f4f1b893c452414018b4d9a9f03eac285eb7156a |
| SHA256 | e7164ba121877a43c5346ed4a1ff1d79db1e47c742839653db30635bae86d171 |
| SHA512 | 5b2218aa6f76cca66e4a898734efda0815b98bcac9791fb7b5762b26568c97d304c5b8db89878c82dfec069d411d60a95d486fe09edf3e7af92c195e3a92670d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000054
| MD5 | a47c9b377021a20af3c6e14d789d58ce |
| SHA1 | 26424dc83e8ef6241107f4bac6f07059fdfd9bde |
| SHA256 | 81422e7b0b20334fb7aaece03998a2a53c8430104ee3f3255ff038317192df8e |
| SHA512 | 7901f48c1b772aad025b7725535f2948a6f51a1364649f5c513e1b0f4ffc9dc5c1583922e7dd5597d594fe13b6cf04f9f674c5ec21c9991a42fc85d029cb535a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000052
| MD5 | 5c138044f30b8c78119264cd744e686a |
| SHA1 | 7605e014180d49087785350bd1906c16c389690d |
| SHA256 | 47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445 |
| SHA512 | a7a257429f4d2ce7275d7ce5667cda9f3df02bce7e7d64713fa6d02605b388b7b0f79de915a1201be0baf2383c55bb2a102bca19dafef3a5943d78a2952bd09e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d1f8a9c9949dd0a6db2ecaf4e7014159 |
| SHA1 | fbc5909ce126402c1f743b93e7da61ad1d7d62f6 |
| SHA256 | 6d817a733027caa5c66d1f1e04984f643d3fce8b832d1af7b7167969c87c6c95 |
| SHA512 | 67234805a43d7a638e62a645619fc8d5d9ac4e5258497837f3bb34b4b1dc2bf01ac609c6583d3e69117bfa8794802094cd5a1b04dffb660996772a640508a60d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cab464183b6c55239f49d2898f5f1270 |
| SHA1 | b9a07a249ef24933f797dd14c0ce1102c0308d30 |
| SHA256 | 9f82206a1ffde3f3f13b8bc2d211970b6a3275c1bab932b229ab83129193be69 |
| SHA512 | c31f98220e1f1057672d8766f1075ab5a610e3c82f94abeb837e370b7e3d2be7d55cc2e0c236618c85f728e5ad8ef4dec3a38e217e4c8ca4da10fa4503a619d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5b590d3d4d12fa82d20e4c958bc188de |
| SHA1 | 5605cdc26654cca7f3e8debb316120b72070ad70 |
| SHA256 | fcdf894a73c5341cdde63a21995cd91ff0ef6753978ef9e261ec9fec1b6831a8 |
| SHA512 | f7e6c22b91b9c821f576bfd5681cc80d55bfb953162c9f92464f027f1b52533acedf41a1fd14381bcab2cc082d843ace7efe626ca64d7e65b512010a5f7c1a3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5ffd9bc30558eb4864f4f42510934891 |
| SHA1 | fb5ff5f1d29984d6b39cebec0703407297b578e4 |
| SHA256 | 3b85b69b8743b4b352dde3b55d6a66f1a926f2633b02a4786bff612f44b1c2f6 |
| SHA512 | bd0836a71a880004e1c72edb94b890b24aced31188435dc07416b6866773ef7cf38745909367320bfbb545296d6e284b6535368b48df3f018a2abc5b2dfaad9d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c211c9dc68f4bf01_0
| MD5 | 1aaa2331e20be98ee517dd59320ddeb4 |
| SHA1 | cadbd78a967cd3dec9e76b2bf303d9e298848010 |
| SHA256 | d4b33786d0e8d2f929cf0b4f82e0e0f8fcd5aca4e16ab6e804b0423a6115caaf |
| SHA512 | 0617accc74d531b05c0008938353a0dc1dc300d377f9042656e005145eceb6dc1f25da0dd978ec5178dc52daae31dfc572a438e84b7eb02eeb5f6b8802b67b1f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a2867f20b5c0a400d1b7df30a1b66be2 |
| SHA1 | d4d0dd90af750632c97416cbccefb8ecac3aaaf7 |
| SHA256 | c84f47193bb79820f203cf9bda883f66dcf0a5c54d420b46c9fdea6e856ad6cb |
| SHA512 | 7d45d5aabe12ee3e918b4ab9e8830a65f25e671cc0cd43d8a35357b75451000e758b79edfafef1980a8b7035f575d1b66e4aaccaf59742b95073afc4f7fd27ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2ba543f71dd3c4b4223f853d6eca3a43 |
| SHA1 | 34328c4dbf6ca1d0edd74e4a826859f0925fea16 |
| SHA256 | 8ee4cc308a5203eaef04864a298afdad818ddd10300540830595188c036b9f57 |
| SHA512 | c2a672d92bb05a45c3ff209b3e12046f144c32e040d0acf94fdc14e59af932b3bc833a02aa2644c6cf3dd612ea44dd757f71f3a5cbbe84271ec201c04763e648 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d2f9a2fc02c20de3_0
| MD5 | 07d7e0a76e47ff559012fc333776364d |
| SHA1 | 636c5cb5e0349fb1c7616959e29d0e6d63178ae3 |
| SHA256 | 43740e4d314cc8f91b63e2523f571820e174e27e501762ce26e59f413aa3cb2a |
| SHA512 | b6ce5cbbab741a09092966e42859479daae43dd474c07480c0167b45ca540381ebf815914d18402cdda501c743f837b8e2f08b87a36e0da015bf6e1f4a4fde65 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\71d68e68ea4089fe_0
| MD5 | afd572b9888a542c860578c23b4808af |
| SHA1 | cae2b3c75ecfa9189ea6ef97e11dec7700da866e |
| SHA256 | 20406c8bf7af1281b0fcdec70ad9179d537cdd940cb54a415e44c321d9279d4d |
| SHA512 | 690f25260519dc6d344281918f80fe3821d7a9b060fe70d9f9ac062a326d553e5db1e62783fe07dd2e496e8adbec5452645f97f82bec7fb549c96523c380a404 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0
| MD5 | 0548623a7ecbe2fdf41c2373d112227d |
| SHA1 | 1c1121995df74325f854984285b2f29e487d4674 |
| SHA256 | 53a3d47c4d773518ea0edfb34e1b971a0ed9f2f304cce57de7f8c9d336acb3b4 |
| SHA512 | d8e35c05b4b27f83a004ffe8bcaaa0130512b36d6e49b25a8f4a789b7c4e79cd53d0b15095d186f1501e02a68f511c6bf54467de9563576aeb8813f8b3377605 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2f4680e8f8f8a14f_0
| MD5 | a53027aa89114670c82ab4ff0ab08ea9 |
| SHA1 | 11360cea475e732348b874c247024ee5704cf73b |
| SHA256 | 8cd05c03ab899737c69229b8ce7ff33e0ff1a8ce2f96b6dc919835ecb5647bbb |
| SHA512 | 0bcb62f6e6895fc42d82a7caa72baf88efd475c69adeb49c8ed0d7bb95d7cd1bccb9db7353ef7255494f5b6d2f63702dde860ffc41250d37d55183f5314a4261 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d4d825576498379c_0
| MD5 | f2ba62cb02a9ee320bcb3148d7158750 |
| SHA1 | 2edbd4a03f5f1dd7d5011834db1cb3bb31358c7a |
| SHA256 | 63cae660f0c24784bd476e9a929e223fe92a4441493c1c435b9fe0a061eeb5d0 |
| SHA512 | c3d38455d04ba4177d7d6e8ec938678fbbffbc8f7aca66b92151aa4694bf6b8ecf7bfc3a7dcea96ab5f205f68e3ce1e01128426286a752be1d1470ceca0e0c73 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d79e0a2891fc014a_0
| MD5 | 1584217ee3bd6b64bd47054a4f868088 |
| SHA1 | ec97dedea22e8e1c1f57843ff468b1d717900578 |
| SHA256 | 8029d51037083868a427a8d35efe91a26036c1cb93430cd04e5456c483230141 |
| SHA512 | 074bca715e782d8e5da1408814a419232b29807efb3f9f2a1cdd84459cce5dbe5aa076746c9c63c2e0bad679556bd90799a3b22c7c70ac47ae75b678d3e38310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e9c7e700cc3e33cf_0
| MD5 | 6e642c40a55ac5e0366df9d227317474 |
| SHA1 | 7088b56f61c73521af81ec5079e69ffbc827f540 |
| SHA256 | 1f1a8f43f917fbfda77c8cbe5c7080946c64716db3dd2aa1f85bd2ec4740cbc5 |
| SHA512 | 2e2ec72cf5c4795afcad62a3db1683708a0162fc795bddae959818ea4d5eaebf60d9c365a27131795f6720c41127df8794720e2a82530f55963615c9b1c89dfa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\766094f4b47e839c_0
| MD5 | ce18738724c5f09cae57394153b5296a |
| SHA1 | bb09bbd0f69f58aaf3a3b836f2968560a5df4597 |
| SHA256 | ae015aee5b81d2a584a31cad33bb3c55ac24757d7f93a83ce9c63ca05d5a94e1 |
| SHA512 | 91aea670df4e6260a40ce9b604585959676760dafdef552831096a7c1346cf05b8af1f27b6c1b91a454d13ca0164b2bc8ac6cb343f763318a12de8ecdcebacac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\14ff8116b518ca2d_0
| MD5 | 9ecb2544aa90d9b578083b4c8233e1f7 |
| SHA1 | 881a8256101092b50e0d4531d62fbc4d167f8ca8 |
| SHA256 | d2dc718182c86302e66f5cd0d66488649d18fd16b51fd69076af5f75a58e0ecb |
| SHA512 | 96c1133b284ef65ae2bb49741ae5c32c7525423068b15bf83bd6aa9c0d606170a644cd9aec8c5452fa510e62910458a4ed421f150a3a65386009c1d3f4deffef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9dbb949d27873cbc_0
| MD5 | 8f360b996e147b7643f64b61fbf5dbdd |
| SHA1 | b710d34bb87db4375ddc51af2e4eb6123a5cad7c |
| SHA256 | af1cd13193cb2ac2a417ea959cb6c7dba245d84dee7a8502882606a1785254a1 |
| SHA512 | d267c81873b8de5d2bfc07997e9d6059e5c67d3fd4a0b7b267679520cfc1c075a042f68b12c372397e9f81a14ed1e20651cbdebffd686e43aa9546fa2d28fb5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2076e2a98754e97_0
| MD5 | 0cc2359b22d5775b210979171b6cd01e |
| SHA1 | 15133030964fb8d7040eacf02f72f79dcf8003c8 |
| SHA256 | cf295db886f5ee454578939062dda9451f415878b7999f4e3b510fb20f775fc7 |
| SHA512 | ed278a2fba36c574d243d368fcf6a4be83b7e887279b120394b44bcf702cf4d259e2c966966bee6e0a45d96a534bdfe99fe3625c37ec42cfc55d024ed1fedd2b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\624c9bd517fc9c91_0
| MD5 | 876d5bfbcbecd3f86db685677a582b7c |
| SHA1 | 686b97c812bb8ac4ae524ff7a3cb16ecb0937c50 |
| SHA256 | 672303f0e9bb03eecfa405dae9793dec87139e09896848ac6e386f743ff6e979 |
| SHA512 | d00d74cd886b405db0e0055f3adb6e6a0a9fd1d047a0496a35317bb549def40811c99f9cbd1967cb72caa652cf4a382fe5d3f518ab66f65cb8634a7006f4f51f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cd9a47d844308cbb_0
| MD5 | 42ba464469d36de5ffbefe9d7c0f96df |
| SHA1 | bb29e9651651f7c17a050d583a615b650b8d68e8 |
| SHA256 | 8ddb20feaec1a05c49827afc3b034f30c0d7b474010000e4eef6508e7f054949 |
| SHA512 | 3a35cc8d61868cb5cb77b93070231a2f6fde14a639d70bf1ae7aeacb91e0a058e3b47deda8665f69679f54b78440c80c733245a39a04526a4f906e35a1d775ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\163cfbbbd670a71e_0
| MD5 | 32e8bc41ef8129ad401ce408089acfda |
| SHA1 | 673bd62fbaca5c5008cc4280b2bbaa31a722b7cc |
| SHA256 | 507b618f3788a23b0dca90976e96cbc65ec0393d6d17f292c0fc3e7e780c9224 |
| SHA512 | b0b3440e9be6631c94bdeaa097d3e5cc0f8c6cd2bcba815bd599903c4e8841f4b196ddea7d4f98ad5d9d39fe95b187d3295a9623261653bae24990cbe2aa6cb4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4e9b18b0f66a7183_0
| MD5 | 6ac707966834c0698dc91807fec1235c |
| SHA1 | 6c8964d212266c63bcd6cba226724686debbe846 |
| SHA256 | 2e8a77e29282a44758ffa0c4c55bb2a5c557863542dda165c316a9641480f4e8 |
| SHA512 | 90799b4edbb4f58a0e5a8b1b51be63018a14da984f3f3db74b33a91b4d67be21dd567f4575176ad6bf0e2bb7dac50e60e1a25f8e5c14507e38206eab4a48b5c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6a5e8bb53a565b9f_0
| MD5 | c3faf01a4707c0f7a14ef225280be7a2 |
| SHA1 | d9a3f2ef3e1417d4f0b915b4dc1e6724ed9e77e2 |
| SHA256 | 564a1ebf595ffe36abde6a121f44d5b9a16fbf1838aab0f8ba9f836822e0927f |
| SHA512 | 50dd1e35dcecd42cec9f715c4c99a9d2f550780542972f06b55d74ba7e91a2ab08d1e9ac823ead238272f410277a3883d0226096e7d7b10a098b780e12742a29 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\15d2ba66b474cf52_0
| MD5 | 6493f2863df2c4e7ebe0970fdf4be461 |
| SHA1 | 0e0fc0b940186ff648e99fd56db76b6b555a0bd6 |
| SHA256 | 81f4d9ab2b4cb90a8f72b071a1defac02992cbd57306b1cf25ce75fe2890d514 |
| SHA512 | e8c8179692f81d3a20df2702f52a6aaf933742a04637c92c3f67fe5cdfb080a0b4f6b30b641af6ff346eea9c06273747b2b22afb1e15987ededa028d35ad1e63 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\44a80d5442ccaffb_0
| MD5 | a4a5c65388feee8196c05e2969dc42b4 |
| SHA1 | b0c2f65578a263728b370b6eb9a59e70f181a178 |
| SHA256 | cf365254185bfea96bc5a008b8ffffb010b0053efff84ecf33a2e273e17952c4 |
| SHA512 | 2e5e5bcf8e16cd57ac4d0d497c40d401c02e999525c5101b8bc6f63ce16c19e7a8856f0d1248d7c5fe43d7b59383ac68c384f3ffbe1567e2fd2c317946ae0f70 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\06cdbb7047afc473_0
| MD5 | 07f80f481af60a01bc08622d4e0121ba |
| SHA1 | b38202cbaa4c07161b3841872d9cfa5762929420 |
| SHA256 | 0ee66c1b5af64eae1b91731a2b736e8cf9d2816e043777de0cd496a2c203da66 |
| SHA512 | 5a3f306ab99a38d560062a9d4ab205f7687101bd0430282ed7c4f519a6947da0eed31718127301767a99eb0be7abd0e488a6f8b9e902849871cc2336bf5ef9c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7e0cd756c7280eaab1fb739243fd1a5c |
| SHA1 | a8c9f93663bf6b28795f137f89c18ca04193071a |
| SHA256 | 5cc882ad5289e380b3604353d908e2a1c6eaa762188542d011b438c58aa3fb84 |
| SHA512 | 72a80b15085a2050b78d0f6c950dc958edb55147decb5d2997cc8d3a6bb5df3a69d945cdcf326d68fe5fa371d3956b26feee2b46e2ad753dedaa1293122866ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9da0d70b1bc4e5507cc30d7286268346 |
| SHA1 | 78694e6244ccdaccae693f1891849351f100ac0c |
| SHA256 | 3ddb91ccce581cf83efbdf47ee567f7f74e13316f10bc0d417aa1269dbf8b8c7 |
| SHA512 | fb6a6db75494bd0511b3f0e1d5d98576ae57141e1d1749f0803faf42ccfeba7140bc5871e7d5b063128b4d994c43fef3376e8cfa1f1e5baf778c21c3eadc333e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | dcf12f1d046450cfc0601715cce1b53e |
| SHA1 | 689218d14ff00bfca20868d8c5b3e34e43df7ded |
| SHA256 | 9df4562c4d3514a3b18332f24583b684574f2571c68f2696743a8e8477c71520 |
| SHA512 | 072aa4fcaf1a61bf525a1d00292f3569f8f6cb10aa57f3658fdda0c6b05b18494398bfa3b0377dc90708d42763e2376e2e1184f1e4916423e63b7a220bf08e74 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 755722b85a43a5bb78d50aac29dd2d5b |
| SHA1 | 39cf5c9acaf1947ad1953af88caa12d3f41bb61f |
| SHA256 | e6aeb4500191c61be8c7aa27f0eeca60d2dbd653f2dff6319df66e4de2e771f1 |
| SHA512 | 77b412462f3f14bec5f3da09628d531c93f7f85a0da10b6b0e8c288cd7c852f2339870e90f779005b4a6c9dfb138d0b081884419755a3b0348779894c4c8f598 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1e3d8a2b5a675515664c9637ebcd4c0d |
| SHA1 | 9a0b3c07e68acf3a1b7a42a68fa43a89431f1cf7 |
| SHA256 | 858239a423f06bb3f448f5b032bab89e11c4f7ca0adae19f5c04abab2bc5d145 |
| SHA512 | bd9936d7e64d62e894789454c3b84a82ade46f267f5f552e41425f16744d1a23f5bb92243fb8c108bd71d0f63335decb431d204f7ceb4dc6402935f500c98b68 |
C:\Users\Admin\Downloads\eanimatesetup.exe
| MD5 | 654e0ae21344cfdf8e4d96a598c04658 |
| SHA1 | 05c664fdbe989ab5a4d73b144e19e9fd1fdc70dd |
| SHA256 | bd775ce615ae5fbab798df6bceec3951d44c3925eeea4ca600853549584c62f3 |
| SHA512 | ad8ecc70c1a65574aa156ad3d4f0f0ee5ad9e3363c050d64e5ec0a45f7dcbe2361b0a0deb008145ce98ff1c716201ab0170dd4689fe55c1bd2122495edfce999 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 742a91b0afe1bcecbe33c1db7b1de8ce |
| SHA1 | 8a795f99850d62c8041815abf1bb70ec73db8a29 |
| SHA256 | c6b996e4f8e528807c1824975d6caac572d451b352ccde29571a04d77063cb9a |
| SHA512 | d658b61d656f36ec0d2284b81964c5177912025b97b0579bcc754e61f84fd77193a7c9ca933137b93e4f2eae457c5faf8288659c1787e1d1e625997b8a3c43d1 |
C:\Users\Admin\AppData\Local\Temp\n1s\nchsetup.exe
| MD5 | 88cbd27fe084cea38a479e8f7861141e |
| SHA1 | ec711bae7e7e58ab542174df6f07c403a460dccb |
| SHA256 | a996b315bdc1f850c1e331160740741467a56bec13cc285758b802af28ff0d88 |
| SHA512 | 384545638638c470ef68778ec0af0d87dce0dd5841c228f8357e73dea3af4c3f9fb266bb8fa989fc73fc756a8a6d139ad3fc81c68b05495864f603eddd397936 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | c3e7da42b4a4ec689fe187e157a0641b |
| SHA1 | a36342e96c6269c39de96d6a3df929d1599c57e6 |
| SHA256 | e344594bab2c59c88fefeeabb043ccbac0bc9a6369937d69f4d58043b4878f92 |
| SHA512 | 6373554f215616b0429ea4c802e5de411a6ad205f317af2d69bb27c30ba00aad9e88afed4ac7032e7a7386b5656278d7f0953a84c13ef711bed60655f5c0e13f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a2f322c6f9c00a93c154d6c4d37e7fec |
| SHA1 | 3f1e422fdc3a60169f3058c505a44055bba04fe9 |
| SHA256 | b024ccd631d43d9d125031abac7a7f8f330bc200e8aa43dae3b10ffb40994ae6 |
| SHA512 | c0448ee0f98fe1ca2e78b2df8072f240979830df688d21c77ca5ac99a76ae504c3ccd3ba4ae8ecf5b6fcf1873789cd1a01ed4ead892b460b9e04bc4f845c2c89 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b728e1758f58ededcd6362c9d3eabd4d |
| SHA1 | f0f63982254b51fa8205e5d1353169a93a5c215f |
| SHA256 | 3a8fbfab301a11f0a5b3b0cfafef7e9dce8e9ef1d9f2ecb8939f57f75ca9ffbc |
| SHA512 | 24da6f03a4da110d61dea269f82bf4041c241c8d3bca4fd78d0267e8a96cde2a7d59423f669b164aacf9fbde41cbea1399243304badc12d994c0efa67aff1e55 |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\BlurayDataDiscPresets\Default.dat
| MD5 | d8a1d13b6a709284f4b6f03944c5a777 |
| SHA1 | 92b682c0feb24ff7eff26b37179e84714dc48d7d |
| SHA256 | 3ebab07816a054e2a63d47088bc396cb35ab56f9c514e9246fded7aab2e061fa |
| SHA512 | 00a23f21cc7bca0de880dc3c8d8fe43cb668765587d7348c381816c64400da15b63a65114aa7b07ca1ad1a576937469c8987cb0c0282077688497921e36fbb43 |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\ComputerPresets\YouTube%202160p%20%284K%29.dat
| MD5 | ee49e3f82d40b9186643e4fcd39582b8 |
| SHA1 | c2b2cb6d3144483b5b7e9a26dd37c9b1be74e315 |
| SHA256 | 97d09214d6d22f649d7c27a9ef49fc40a4d7b6aab698282062e9cf07ab468444 |
| SHA512 | bc2b0adc37f5850f6c43ace19d65820fcd43d803f67b95bb0454ed5280e3bd4e8821d6675f50474c5f547d2fecb63481672dbadec8091825341875c610c9ed71 |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\ComputerPresets\YouTube%201440p%20%282K%29.dat
| MD5 | 4885ffe9da2d96661bf27a0e5898cac8 |
| SHA1 | 6df1b3e7e8776ada563a0c3b14032239b8d46390 |
| SHA256 | d9083c33c460165687bf9402dfb3068fd096fd956e33cd9303b2d29f06684709 |
| SHA512 | dd9958fffdfdaf8ee00ddcb35495b45e03e93664f5437099d882ca315724ec9574d63d881c280e1600b0aa08542048fb32e99e931c8c3d2bedbd73e3ff1bcd0f |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\ComputerPresets\YouTube%20720p.dat
| MD5 | b53a1851ee6a504a5b3450d1f1e18db4 |
| SHA1 | 35ec235ccb19ec4080243c6bbc26442d67d5b0a5 |
| SHA256 | 2d94adbaf849e40d46ec02632c7025bd53a158bd0732d7e302be2e56da8557d0 |
| SHA512 | 725f5bb8f7237a0b10f86ada0ff987ac0506fb4f49517af8a40d298c8caea4ae21b6f4c7621a43fa14a4792388a91c1ab34b735e8301be724927598b48079866 |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\ComputerPresets\PS3%20HD%201080.dat
| MD5 | 5eecf5c5045b9f6df7920d8002dbe901 |
| SHA1 | 393138a461474bccbcafc3745a752b5f183ad8c9 |
| SHA256 | de0cbf678226d04528cdfe667217eb5e24833e169a818c4d633771acfc274a1b |
| SHA512 | 3e4eb313813268a75556a7a76c845f1c77c2b643455fdfaba7b7f856d4ceb62fe390e024b3051a28226fb2847b91e9788a479042c621b273f97aced24c91fb44 |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\GoogleDrivePresets\YouTube%20480p.dat
| MD5 | b6e85c8dbe74a5b7d83c616e3d8b3514 |
| SHA1 | dfe6769ceb3ddce434b692b09f47822a2c97f47d |
| SHA256 | fc32b8315987ca3ed5589e2f2f6532a8f296e8364281b0bc10f65344d0680e9c |
| SHA512 | 945c3c0689bbdecf7d93c0eb6250f19ed2de5e4e25ec1f052ed8b91c36b6e723d5d16c14c9fb5e0e49f712f92baf975929328e5a808676e3060950405f5fa1f6 |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\GoogleDrivePresets\Internet%20Video.dat
| MD5 | 94ce49ca59596a8c37b670f8e9aea146 |
| SHA1 | bd4c003c4d7d99d6758be8374b69c6ba051f1660 |
| SHA256 | bf8c927f01ea3dbab2004ad9bcbf1ac11863e0b75015c7c002f092c546dce916 |
| SHA512 | a57e31f26c99261b9789ea2dc64c55e14a7974554eb6a7139e397f820f82f0a552ea08ef69290b5ddad82b6bb481e0452f307a49456b531dafa2d295848d30a6 |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\GoogleDrivePresets\Animated%20GIF.dat
| MD5 | b87cc2e85d1b38ce6721841aeb944959 |
| SHA1 | c6dbefbbe4dff194f8011a98222bb9ddd6cc03bf |
| SHA256 | 95a0216e4b898535e9fde3e2f3dc451188fa0c7ab474cf5364ea0ed23cf1ba9b |
| SHA512 | 0bb88c58a80b8b0fb9247c191433cbb71f93336b557779ea1a4c5b65ddacff654040ef5470e980b30ff32adbcdee60173188217157f4b9818dac777280fd1cb9 |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\GoogleDrivePresets\TV%20NTSC.dat
| MD5 | 0156fbc4bfd6e88b9a69d0a50cef0123 |
| SHA1 | 9c18e7f4c66a966078bc697a3288551d3501365d |
| SHA256 | e8a9783152f0c00f2406660bcd53d477a4079a4399ef92a69dae5110e75f4767 |
| SHA512 | 4c87db505e39c1d94384269477bfd5c8ff1498df97c5ca780509bf8038a2cd6f3eda79d26bb397b3df6aec09bfdafcb0547f4d58b9d8d5aca254b90233fad68e |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\GoogleDrivePresets\TV%20PAL.dat
| MD5 | 1d0d31b5da6de39ef04b1b1e9ffd5523 |
| SHA1 | d47d1afd0b0406311c24684c1be1743ee15e1917 |
| SHA256 | 371b1290b7d047a3f8542fd1a9bc21c489c70cfb0392ed9534dfa96db97733e8 |
| SHA512 | e8f79675d70640ef7dbd1e327f0b5cd8a95ad3df2227bcf0e496b8fe8c70abf1cdcb86b1fd8308b0a6be8eefdb040c648543336d324b0ea9630da3e18d4b4ef0 |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\GoogleDrivePresets\Widescreen%20TV.dat
| MD5 | 52efff8aa9febbacbdd819aeb3f4d9df |
| SHA1 | a13e9b88c5619297a1f0e1959357252d6bf5be14 |
| SHA256 | c03878f47765535655a187bed85f3c8a29a2d34cb85bb12871376f939e17e454 |
| SHA512 | 1edff88102d57b23de2e13678514539b84c80f6f7de06e7be11c0f4d5ea7225c26990cef9ce4072dadbe57a3168415ba04af7c7e7ca7b15cc64aabca22bd0f28 |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\GoogleDrivePresets\PS3%20720.dat
| MD5 | a9e4349bd0962dab1cbeedf15231fc61 |
| SHA1 | be44b53af8766c7c4d319baa71e8b1102407ad6e |
| SHA256 | 5906d9f29338e141a6aecece90a3729ef4bdc0437428d3b3351101de81941b0e |
| SHA512 | 1324394ecf08e9f9aa9cd896f9df0acc5cb93547272d129c7752af22442d74973c8d5c4e9679bd227367e451e54b09073a3b1aed3b8f1c7ee9523b5ce106dcd1 |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\GoogleDrivePresets\PS4%20Pro.dat
| MD5 | 6085a62ed0909dde1baa21880f53a9db |
| SHA1 | 160787a65973cff18ce85c828454bb7bd0addb24 |
| SHA256 | 17cbe4143db916c4e79e1f491112f21359db46379f7985678c34fc3ae6b5c24c |
| SHA512 | c0e6391cfbf000e1973b58bde16162e8154a0fb8cc8f4b7fd6bce1ec3744213da2d8e50399b904feb9bf42a0fd7d9f99a264d2d095799c76a28a9696a3abf594 |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\GoogleDrivePresets\Facebook%20720p.dat
| MD5 | 66f7701ff524c397dd386ba51cf5424c |
| SHA1 | 08d58ef9c27e2a5c4690a627220408fb848b3511 |
| SHA256 | cca275b89dabaea3d71078a883f8b2d5aa66c4c13cdcb0f4f16e4d242616e033 |
| SHA512 | c48ef0d805949c441b64583a1b09b231a9c9a1cae5f2fc0984ea63e91a0272573854827f9ff0e7b925be5b278cfd8d7a29e42e208d9863ad9f35f718549c6d5f |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\GoogleDrivePresets\Facebook%20480p.dat
| MD5 | 9d464516256be22f266a00510ee2af7e |
| SHA1 | 5b7e7346f518fcd29701cde078161e7d4a0fc203 |
| SHA256 | 9032142620bcffafb741911906500159c24aa74e41e4d399a556efeaadd1cf7e |
| SHA512 | 88d52ef07cf60f2994f5c22739f5b8e7ffc4f6708c14a8d598fc53710a9892e30df44d34a789d60c741e7868c638766e7a41b2880b09116129722bb4ecde4137 |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\GoogleDrivePresets\PS5.dat
| MD5 | fa64fb416dcf191fc93c3caebedc311f |
| SHA1 | 247d211e91c61ada2780d5ba0d792dd7f595dc6d |
| SHA256 | ad926282a522b563f2547935054ee3bb0022dbdcd8c0964b56b9286fe4eb1a1b |
| SHA512 | ff01873689d9df78297471e7a9ccc16102c83b438ca921c29efa37924e120e412670ee56e2a168877a9681190768e5e9c23860883d48cb2dcc3076a79416b4d0 |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\GoogleDrivePresets\Facebook%20-%20Vertical%20Video%20%289%3A16%20-%20720%20x%201280%29.dat
| MD5 | 1f00842c3b8fc67011a68216886775a8 |
| SHA1 | b62e0c3ef2f37bbf8788519cbf2799ab25575a26 |
| SHA256 | d4869aab58135fb48a6c54653bbac494c30ec9f2bf447ee916b190831d4b36de |
| SHA512 | fbb0d6c7a51576d4b931f9cc26f11f4c0fd0f468b07775e30bbac743cc3d4dde6b6e702f18437e4befe71abbf0ad4490b5277e612ed42e9a4672693ba79c57e4 |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\GoogleDrivePresets\Facebook%201080p.dat
| MD5 | 095cdcf5f0b3b9833ffceba3e9e2cb91 |
| SHA1 | 01ed1292d6f9fb414ac72f72595e9c22ba00190a |
| SHA256 | edccce9d96efb8e964ea9d67ae9d75e8a69896f2f4d2bf49b46332f98d5732e8 |
| SHA512 | 8b9577fc6625959fce694eef57ee4d793ddbd04e2788d665f0cd9447917978ad7505568f70f9a305cde9a44639d748dd3a3b0f4c4bdc153d5e87f01ab93ede6b |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\GoogleDrivePresets\Facebook%20-%20Vertical%20Video%20%289%3A16%20-%201080%20x%201920%29.dat
| MD5 | 1cda61236694c03e5854b89657bdc201 |
| SHA1 | 555439bd9dd3499737fffb039f84869850042458 |
| SHA256 | e5377ef13c5783acfd8fceb1d4926f3c23d9c9f67aad68de6908ad99974c6698 |
| SHA512 | 9147a2bdd63eea10035ffb4788734c4ef89b582a72237fada9590e5d45d45f4a9f27bde3da46e39009b641ae42d484318be74f707544c93c26c77ae16e395965 |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\GoogleDrivePresets\360%20Degree%20640p.dat
| MD5 | 41e5a77270cfd293ce853d78d67ae920 |
| SHA1 | dbb8fa0f7ac06da9c40bc852b7c0f0edaddd11b6 |
| SHA256 | eacd72d169d6630054613f0891a0321c3053ed401cb2e9e0c9fe3442f42e465c |
| SHA512 | ebdcb730d2483bd563cd8fe873c0479d4abd2b730d079b95ff324f1f397e19dbf9fe3d6d3394ab4dfb6f6dd0a32234fd355e39720ff76044e469e92e27f5bcc5 |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\GoogleDrivePresets\360%20Degree%20720p.dat
| MD5 | 03ca735c7b72f2547e11581a3de6784e |
| SHA1 | 466bf2d282ca6b3f215b949098f831c9c862d4e4 |
| SHA256 | e8c9247f73aa74687daaffd7cd3f9150cee8d13878b53ce42eb33c7102c2695a |
| SHA512 | 1d6982c85e11e8dedf30e2eeeacb7367ef5451cb6cb2beba4a337fb1865ea5f5e303bf9637ad2eb9226f48f2281902a59f3a8e722df50bf38782e213de960f91 |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\GoogleDrivePresets\360%20Degree%20960p.dat
| MD5 | 49d48113e4b23dc8405b097d58e34555 |
| SHA1 | ebd3c807dc52fb6b8cd8be99b969459767712e04 |
| SHA256 | 161f198f65d0036d1a5b6549e9a7a04453c65b3d115d09b8182611718eea7545 |
| SHA512 | 518098b483c2cb6622e9b74820dd8328ac054a8bb12f33fe2a46ab828aaddb7927cba5cf9b487dc67717937209d27e5eb63b0aa4d1cba40f7b4d75f38abaecca |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\GoogleDrivePresets\360%20Degree%201280p.dat
| MD5 | df3564ade53c0159603e7b11f34bae46 |
| SHA1 | 8a8f0dfc8727a5c5ed805ab6d713c1acc1f041ef |
| SHA256 | 4fc4a88a73176fd19057491b29c1b4e315366125703ed79740d0ee0c34c68905 |
| SHA512 | b5c3b56ea22c1c99fc2c5905f76e880975206ee230760e25c6774aa62bcce4398356ccd16469cf661021944df36cac28171e66ba9ac85e0427b93e02705593c7 |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\GoogleDrivePresets\360%20Degree%201920p.dat
| MD5 | 40e5a2d7305715d2809cbcb72255a865 |
| SHA1 | 12043073d170c00e8d810035fb4001ddbbe2e130 |
| SHA256 | 152703990738f6f700f4151e07f01ccacaf1dbef51f9ec7b3712abb96e45a474 |
| SHA512 | fab167f32118ea90fc3f914cfd80dea8578bbf0fcd67af432c636e5f877f8b0d367bf74430e975e6721347ca91f7dbfdf35c0e070f5ca3b79c3c2323317eda9a |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\GoogleDrivePresets\Twitter%20MP4.dat
| MD5 | f26e6a1f86f44e3e0fbb8f0703cd49c2 |
| SHA1 | fa1345c08155dbeac4058475cb3ed59d7e69c2c8 |
| SHA256 | 9cb4f1ab44fae1ff467d88be05069afbd605e5a2dce42f40d0cf03b9d761693d |
| SHA512 | 02e716e56f72e1461a3d4d6c1cba9086581009b5f658c74cb51a0a2bda49e58d436b13beb6cec4c6652ac33fd09accbdf0a7b4523303c1028e9336a0fff02664 |
C:\Users\Admin\AppData\Roaming\NCH Software\ExpressAnimate\GoogleDrivePresets\Vimeo%20MP4.dat
| MD5 | c8aa019395c5da3d66aad9b42010dfa4 |
| SHA1 | 710f8a238807960b7e9b144333129260db52b545 |
| SHA256 | b2852e173472c68d093341dbc0757505d54a6ee0ec6cc4ec7c89f7f1e1b32d23 |
| SHA512 | 27b0bdd33b57507bf30076385c806f1ab1c489daf1883d748674a5cd39a73e91a431f30c908047f48d97c85a5461135e7cbdf499078ca0fd14e1bbea42b72127 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000092
| MD5 | 2ebfdbd309ee762211b4a2ac39708c4d |
| SHA1 | b002922c672dbe1dd4caa02af24d0b1e7da616af |
| SHA256 | 54ae97d445b166859fe3ba6241b97abbac0aa0d158c72352b774d60ba3e81797 |
| SHA512 | d1687b7a6da07a72963c96a1e85661046d3d3c96f88445302afa09721fbe211a5fb8881ff14b346b0ebe8a20f5ced21979e9f58e256427e57b85d565bef17720 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e6cfe9823b3eea21b4d8232293d88f5f |
| SHA1 | d365be81c62a240ff3cc3202893b74e5451a50e8 |
| SHA256 | 0c7751bc6c4e708794773b228f0402104d45b40e765a5f861e90b881629e762d |
| SHA512 | 0df5b6e9a08932b6942369278fff6e24896f0b181f36189f4d8e71a10b2352fb57db3e4cf2c3dcf77dd19c527c2484630d8e8a0cb0c395bdd0e2aefdc1a99b24 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a281f1469566b78e4002fa936a0c8fe1 |
| SHA1 | 657208c0295d91ff00a967738859f6a49aeedf2a |
| SHA256 | 5effac554de161401f9542ad1ec0c14f0d81522a4c9d1ab03daa79a9d65429e9 |
| SHA512 | 6ab05a3d5eb929f2c8f466d73519a247079bc5cee940a1e16f15915fb91780562cd29363226593456ce7f3f3afcff72781ca2296df929b785b5d6959d3d7c324 |
C:\Users\Admin\AppData\Local\Temp\2044-2920-17.tmp
| MD5 | 4de70fc245a8cfbd819cbe9f9425020e |
| SHA1 | fa2c5f1c59c70b4dd7b2811130488548b4a9ffc7 |
| SHA256 | 2c431a7a1df025f0f9b6925df38a66c7490750ed218c206c88711b1bdd11a179 |
| SHA512 | 80b8fed9450e9df00da009f3e4cacb8664422e5fdffd78a7b6b249cc3fa9a530ace5b56aac6dcc36c68c8c0b793281860bc4367065e8866bd94f4ced408eaa8c |