Analysis Overview
Threat Level: Known bad
The file https://github.com/LavaGang/MelonLoader was found to be: Known bad.
Malicious Activity Summary
Detected google phishing page
Downloads MZ/PE file
Loads dropped DLL
Drops startup file
Executes dropped EXE
Checks computer location settings
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
Adds Run key to start application
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Enumerates connected drives
Detected potential entity reuse from brand STEAM.
Drops file in Program Files directory
Drops file in Windows directory
Browser Information Discovery
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Modifies system certificate store
Enumerates system info in registry
Modifies data under HKEY_USERS
NTFS ADS
Checks processor information in registry
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Modifies registry class
Suspicious use of AdjustPrivilegeToken
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2025-01-24 15:31
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-01-24 15:31
Reported
2025-01-24 15:40
Platform
win10v2004-20241007-en
Max time kernel
560s
Max time network
561s
Command Line
Signatures
Detected google phishing page
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Downloads MZ/PE file
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000\Control Panel\International\Geo\Nation | C:\Windows\Temp\{E2D10705-BFF7-4DE1-9984-37DA71C23EBD}\.cr\windowsdesktop-runtime-6.0.36-win-x64.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
Drops startup file
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DESKMATE.LNK | C:\Users\Admin\AppData\Local\Temp\WZSE01D.tmp\setup.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Steam = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -silent" | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\{0532b8f2-12d7-43de-95fc-7b87006758a8} = "\"C:\\ProgramData\\Package Cache\\{0532b8f2-12d7-43de-95fc-7b87006758a8}\\windowsdesktop-runtime-6.0.36-win-x64.exe\" /burn.runonce" | C:\Windows\Temp\{A36323ED-EE11-4298-BDAA-E5FE4A1E750F}\.be\windowsdesktop-runtime-6.0.36-win-x64.exe | N/A |
Checks installed software on the system
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\S: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\A: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\system32\msiexec.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Detected potential entity reuse from brand STEAM.
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Steam\package\tmp\steam\cached\fav_remove_ovr.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sc_dpad_swipe_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.36\cs\WindowsBase.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\filter_profanity_brazilian.txt.gz_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.36\zh-Hans\UIAutomationClient.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.36\fr\Microsoft.VisualBasic.Forms.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_040_act_0307.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_040_act_0338.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_touch_doubletap_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.36\System.Configuration.ConfigurationManager.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_100_target_0050.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_gyro_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File opened for modification | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.27\System.Xml.XPath.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sd_ltrackpad_left_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sd_rtrackpad_click.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.36\System.Runtime.InteropServices.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.27\System.Console.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps4_trackpad_right.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\localization\steam_controller_vietnamese.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps_outlined_button_square_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.36\api-ms-win-crt-environment-l1-1-0.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps_color_outlined_button_circle_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\icon_officerStar.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steam\cached\fav_addTo.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.36\System.Threading.Overlapped.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_045_move_0060.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_060_vehicle_0120.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\public\steamclean_romanian.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps5_trackpad_r_right_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\joyconpair_right_sr_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\shared_buttons_s_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\filter_banned_german.txt.gz_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\bins_win32.zip.vz.d295af0cc50f26efdce0bcf09becfcbd0e815f5e_28690411 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_045_move_0160.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\btnDisTopLeft.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\switchpro_sl_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_outlined_button_a_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\switchpro_r2_soft_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\icon_down_focus.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps5_r2_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\bin\cef\cef.win7x64\locales\ml.pak_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File opened for modification | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.27\tr\System.Windows.Forms.Primitives.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\chord_android.vdf_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sd_r5.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_lstick_up_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\switchpro_button_plus_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steam\cached\gameproperties_localfiles.res_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\6.0.36\Microsoft.VisualBasic.Forms.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sd_r2_half_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_touch_tap_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\shared_gyro.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\icon_up_default.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\switchpro_sr_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sd_rtrackpad_swipe_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File opened for modification | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.27\System.Runtime.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\sounds\deck_ui_out_of_game_detail.wav_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\voice_dialing.wav_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\icon_addgame.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_color_outlined_button_x_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_rstick_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sd_r5_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steam\cached\SubChangeContactEmailValidated.res_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\Installer\e5a8212.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI8D00.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9E96.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{A9E32B25-994B-4856-A12B-0EBED3050410} | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\e5a821c.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIC861.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\e5a8212.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIA1A5.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\$PatchCache$\Managed\79D2396D1F638B04C9CDAC38562B0100\48.144.23141\fileCoreHostExe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e5a8221.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIA96A.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIBA95.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIEB80.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIB5E.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI885B.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\ | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIAB7F.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e5a8227.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{61D4736B-3325-4D4A-BD41-8BD206C6A86E} | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIE718.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIE7B5.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e5a8216.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e5a821b.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIA62B.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\$PatchCache$\Managed\E39B69A3F3677E14587CF1C3CC73FE72\CacheSize.txt | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIA9F7.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\inprogressinstallinfo.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{C912E33F-956A-4921-9F55-CC11AE8F09AF} | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\e5a8217.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e5a821c.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{D6932D97-36F1-40B8-9CDC-CA8365B21000} | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\$PatchCache$\Managed\79D2396D1F638B04C9CDAC38562B0100\48.144.23141 | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\$PatchCache$\Managed\E39B69A3F3677E14587CF1C3CC73FE72\CacheSize.txt | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIE8B0.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e5a822b.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9A11.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e5a8217.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIA0AA.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIA4C3.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\$PatchCache$\Managed\79D2396D1F638B04C9CDAC38562B0100 | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIA8CC.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIADF1.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIF16C.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\$PatchCache$\Managed\79D2396D1F638B04C9CDAC38562B0100\48.144.23141\fileCoreHostExe | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\$PatchCache$\Managed\E39B69A3F3677E14587CF1C3CC73FE72\48.108.8828\fileCoreHostExe | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\e5a8227.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIAFB7.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSICCD7.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIE3DB.tmp | C:\Windows\system32\msiexec.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\ProgramData\Package Cache\{d87ae0f4-64a6-4b94-859a-530b9c313c27}\windowsdesktop-runtime-6.0.27-win-x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\oskasetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\DESKMATE\Deskmate.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\windowsdesktop-runtime-6.0.36-win-x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\DESKMATE\Deskmate.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\DESKMATE\Deskmate.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\ProgramData\Package Cache\{d87ae0f4-64a6-4b94-859a-530b9c313c27}\windowsdesktop-runtime-6.0.27-win-x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\WZSE01D.tmp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\DESKMATE\Deskmate.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\DESKMATE\Deskmate.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\DESKMATE\Deskmate.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\gldriverquery.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\Temp\{E2D10705-BFF7-4DE1-9984-37DA71C23EBD}\.cr\windowsdesktop-runtime-6.0.36-win-x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\Temp\{A36323ED-EE11-4298-BDAA-E5FE4A1E750F}\.be\windowsdesktop-runtime-6.0.36-win-x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\ProgramData\Package Cache\{d87ae0f4-64a6-4b94-859a-530b9c313c27}\windowsdesktop-runtime-6.0.27-win-x64.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\steam.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27 | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\28 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2a | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2e | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\26\52C64B7E | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\2C | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\29 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2b | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\2D | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\28 | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\27 | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\29 | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\2A | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\2B | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2c | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2d | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26 | C:\Windows\system32\msiexec.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\GroupByKey:PID = "0" | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\52B23E9AB49965841AB2E0EB3D504001\InstanceType = "0" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\79D2396D1F638B04C9CDAC38562B0100 | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\windowsdesktop_runtime_48.108.8836_x64\Dependents | C:\ProgramData\Package Cache\{d87ae0f4-64a6-4b94-859a-530b9c313c27}\windowsdesktop-runtime-6.0.27-win-x64.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202020202 | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\1\MRUListEx = ffffffff | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\{0532b8f2-12d7-43de-95fc-7b87006758a8}\Dependents\{0532b8f2-12d7-43de-95fc-7b87006758a8} | C:\Windows\Temp\{A36323ED-EE11-4298-BDAA-E5FE4A1E750F}\.be\windowsdesktop-runtime-6.0.36-win-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\52B23E9AB49965841AB2E0EB3D504001\SourceList\LastUsedSource = "n;1;C:\\ProgramData\\Package Cache\\{A9E32B25-994B-4856-A12B-0EBED3050410}v48.144.23141\\" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\094F9C7997352096B7082D27C35AD959 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\INSTALLER\DEPENDENCIES\DOTNET_CLI_SHAREDHOST_48.3.31210_X64\DEPENDENTS\{D87AE0F4-64A6-4B94-859A-530B9C313C27} | C:\ProgramData\Package Cache\{d87ae0f4-64a6-4b94-859a-530b9c313c27}\windowsdesktop-runtime-6.0.27-win-x64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\dotnet_runtime_48.108.8828_x64\Dependents | C:\ProgramData\Package Cache\{d87ae0f4-64a6-4b94-859a-530b9c313c27}\windowsdesktop-runtime-6.0.27-win-x64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6 | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\F33E219CA6591294F955CC11EAF890FA\MainFeature | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\dotnet_runtime_48.144.23141_x64\Dependents | C:\Windows\Temp\{A36323ED-EE11-4298-BDAA-E5FE4A1E750F}\.be\windowsdesktop-runtime-6.0.36-win-x64.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\{0532b8f2-12d7-43de-95fc-7b87006758a8}\Dependents | C:\Windows\Temp\{A36323ED-EE11-4298-BDAA-E5FE4A1E750F}\.be\windowsdesktop-runtime-6.0.36-win-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Dotnet_CLI_SharedHost_48.3.31210_x64\ = "{D6932D97-36F1-40B8-9CDC-CA8365B21000}" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "6" | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\F33E219CA6591294F955CC11EAF890FA\ProductName = "Microsoft .NET Runtime - 6.0.36 (x64)" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\79D2396D1F638B04C9CDAC38562B0100\SourceList\LastUsedSource = "n;1;C:\\ProgramData\\Package Cache\\{D6932D97-36F1-40B8-9CDC-CA8365B21000}v48.144.23141\\" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\34E9844CA4C526252F3E0750AD7D17A7\B6374D165233A4D4DB14B82D606C8AE6 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\windowsdesktop_runtime_48.144.23186_x64\Dependents | C:\Windows\Temp\{A36323ED-EE11-4298-BDAA-E5FE4A1E750F}\.be\windowsdesktop-runtime-6.0.36-win-x64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\ = "URL:steamlink protocol" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steam\Shell | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\F33E219CA6591294F955CC11EAF890FA\SourceList\PackageName = "dotnet-runtime-6.0.36-win-x64.msi" | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\INSTALLER\DEPENDENCIES\DOTNET_CLI_HOSTFXR_48.108.8828_X64\DEPENDENTS\{D87AE0F4-64A6-4B94-859A-530B9C313C27} | C:\ProgramData\Package Cache\{d87ae0f4-64a6-4b94-859a-530b9c313c27}\windowsdesktop-runtime-6.0.27-win-x64.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steam\DefaultIcon | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steam\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\52B23E9AB49965841AB2E0EB3D504001\SourceList | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\B6374D165233A4D4DB14B82D606C8AE6\SourceList\Media\1 = ";" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\F33E219CA6591294F955CC11EAF890FA\PackageCode = "577AC2DDD07ED8F4DAB1B20CB6D27084" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\AEE2A4D290F5E5F607E2670EECB7CC46\52B23E9AB49965841AB2E0EB3D504001 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\79D2396D1F638B04C9CDAC38562B0100\AuthorizedLUAApp = "0" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\FFlags = "1" | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\52B23E9AB49965841AB2E0EB3D504001\SourceList\Net | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\79D2396D1F638B04C9CDAC38562B0100\InstanceType = "0" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\2 = 14002e80d43aad2469a5304598e1ab02f9417aa80000 | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1 | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\52B23E9AB49965841AB2E0EB3D504001\Provider | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\79D2396D1F638B04C9CDAC38562B0100\Provider | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4" | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steamlink\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steam\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\52B23E9AB49965841AB2E0EB3D504001\SourceList\Media\1 = ";" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "48" | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202020202 | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\52B23E9AB49965841AB2E0EB3D504001\AdvertiseFlags = "388" | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\613F436E6BEB3BF46A217F01F2751656\SourceList\Net | C:\Windows\system32\msiexec.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob = 0f0000000100000020000000fde5f2d9ce2026e1e10064c0a468c9f355b90acf85baf5ce6f52d4016837fd94090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b06010505070308530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c07f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b0601050507030762000000010000002000000043df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f3390b000000010000001800000045006e00740072007500730074002e006e006500740000001400000001000000140000006a72267ad01eef7de73b6951d46c8d9f901266ab1d0000000100000010000000521b5f4582c1dcaae381b05e37ca2d347e000000010000000800000000c001b39667d6010300000001000000140000008cf427fd790c3ad166068de81e57efbb932272d42000000001000000420400003082043e30820326a00302010202044a538c28300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3039303730373137323535345a170d3330313230373137353535345a3081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100ba84b672db9e0c6be299e93001a776ea32b895411ac9da614e5872cffef68279bf7361060aa527d8b35fd3454e1c72d64e32f2728a0ff78319d06a808000451eb0c7e79abf1257271ca3682f0a87bd6a6b0e5e65f31c77d5d4858d7021b4b332e78ba2d5863902b1b8d247cee4c949c43ba7defb547d57bef0e86ec279b23a0b55e250981632135c2f7856c1c294b3f25ae4279a9f24d7c6ecd09b2582e3ccc2c445c58c977a066b2a119fa90a6e483b6fdbd4111942f78f07bff5535f9c3ef4172ce669ac4e324c6277eab7e8e5bb34bc198bae9c51e7b77eb553b13322e56dcf703c1afae29b67b683f48da5af624c4de058ac64341203f8b68d946324a4710203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b05000382010100799f1d96c6b6793f228d87d3870304606a6b9a2e59897311ac43d1f513ff8d392bc0f2bd4f708ca92fea17c40b549ed41b9698333ca8ad62a20076ab59696e061d7ec4b9448d98af12d461db0a194647f3ebf763c1400540a5d2b7f4b59a36bfa98876880455042b9c877f1a373c7e2da51ad8d4895ecabdac3d6cd86dafd5f3760fcd3b8838229d6c939ac43dbf821b653fa60f5daafce5b215cab5adc6bc3dd084e8ea0672b04d393278bf3e119c0ba49d9a21f3f09b0b3078dbc1dc8743febc639acac5c21cc9c78dff3b125808e6b63dec7a2c4efb8396ce0c3c69875473a473c293ff5110ac155401d8fc05b189a17f74839a49d7dc4e7b8a486f8b45f6 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4\Blob = 190000000100000010000000fa46ce7cbb85cfb4310075313a09ee050300000001000000140000008cf427fd790c3ad166068de81e57efbb932272d47e000000010000000800000000c001b39667d6011d0000000100000010000000521b5f4582c1dcaae381b05e37ca2d341400000001000000140000006a72267ad01eef7de73b6951d46c8d9f901266ab0b000000010000001800000045006e00740072007500730074002e006e0065007400000062000000010000002000000043df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f3397f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b06010505070307530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f0000000100000020000000fde5f2d9ce2026e1e10064c0a468c9f355b90acf85baf5ce6f52d4016837fd942000000001000000420400003082043e30820326a00302010202044a538c28300d06092a864886f70d01010b05003081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d204732301e170d3039303730373137323535345a170d3330313230373137353535345a3081be310b300906035504061302555331163014060355040a130d456e74727573742c20496e632e31283026060355040b131f536565207777772e656e74727573742e6e65742f6c6567616c2d7465726d7331393037060355040b1330286329203230303920456e74727573742c20496e632e202d20666f7220617574686f72697a656420757365206f6e6c793132303006035504031329456e747275737420526f6f742043657274696669636174696f6e20417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100ba84b672db9e0c6be299e93001a776ea32b895411ac9da614e5872cffef68279bf7361060aa527d8b35fd3454e1c72d64e32f2728a0ff78319d06a808000451eb0c7e79abf1257271ca3682f0a87bd6a6b0e5e65f31c77d5d4858d7021b4b332e78ba2d5863902b1b8d247cee4c949c43ba7defb547d57bef0e86ec279b23a0b55e250981632135c2f7856c1c294b3f25ae4279a9f24d7c6ecd09b2582e3ccc2c445c58c977a066b2a119fa90a6e483b6fdbd4111942f78f07bff5535f9c3ef4172ce669ac4e324c6277eab7e8e5bb34bc198bae9c51e7b77eb553b13322e56dcf703c1afae29b67b683f48da5af624c4de058ac64341203f8b68d946324a4710203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e041604146a72267ad01eef7de73b6951d46c8d9f901266ab300d06092a864886f70d01010b05000382010100799f1d96c6b6793f228d87d3870304606a6b9a2e59897311ac43d1f513ff8d392bc0f2bd4f708ca92fea17c40b549ed41b9698333ca8ad62a20076ab59696e061d7ec4b9448d98af12d461db0a194647f3ebf763c1400540a5d2b7f4b59a36bfa98876880455042b9c877f1a373c7e2da51ad8d4895ecabdac3d6cd86dafd5f3760fcd3b8838229d6c939ac43dbf821b653fa60f5daafce5b215cab5adc6bc3dd084e8ea0672b04d393278bf3e119c0ba49d9a21f3f09b0b3078dbc1dc8743febc639acac5c21cc9c78dff3b125808e6b63dec7a2c4efb8396ce0c3c69875473a473c293ff5110ac155401d8fc05b189a17f74839a49d7dc4e7b8a486f8b45f6 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8CF427FD790C3AD166068DE81E57EFBB932272D4 | C:\Program Files (x86)\Steam\steam.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 656060.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 937746.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 629706.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 34421.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Steam\steam.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\steam.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\WZSE01D.tmp\setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\WZSE01D.tmp\setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MelonLoader.Installer.exe | N/A |
| N/A | N/A | C:\DESKMATE\Deskmate.EXE | N/A |
| N/A | N/A | C:\DESKMATE\Deskmate.EXE | N/A |
| N/A | N/A | C:\DESKMATE\Deskmate.EXE | N/A |
| N/A | N/A | C:\DESKMATE\Deskmate.EXE | N/A |
| N/A | N/A | C:\DESKMATE\Deskmate.EXE | N/A |
| N/A | N/A | C:\DESKMATE\Deskmate.EXE | N/A |
| N/A | N/A | C:\DESKMATE\Deskmate.EXE | N/A |
| N/A | N/A | C:\DESKMATE\Deskmate.EXE | N/A |
| N/A | N/A | C:\DESKMATE\Deskmate.EXE | N/A |
| N/A | N/A | C:\DESKMATE\Deskmate.EXE | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://github.com/LavaGang/MelonLoader
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff963ee46f8,0x7ff963ee4708,0x7ff963ee4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2308 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2756 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5420 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5420 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5568 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5752 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4996 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6372 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6532 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6412 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7148 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x314 0x2ec
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6756 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6720 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4868 /prefetch:8
C:\Users\Admin\Downloads\SteamSetup.exe
"C:\Users\Admin\Downloads\SteamSetup.exe"
C:\Program Files (x86)\Steam\bin\steamservice.exe
"C:\Program Files (x86)\Steam\bin\steamservice.exe" /Install
C:\Program Files (x86)\Steam\steam.exe
"C:\Program Files (x86)\Steam\steam.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4420 /prefetch:1
C:\Program Files (x86)\Steam\steam.exe
"C:\Program Files (x86)\Steam\steam.exe" -- "steam://run/3301060"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2612 /prefetch:2
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\MelonLoader.Installer.exe
"C:\Users\Admin\Downloads\MelonLoader.Installer.exe"
C:\Users\Admin\Downloads\windowsdesktop-runtime-6.0.36-win-x64.exe
"C:\Users\Admin\Downloads\windowsdesktop-runtime-6.0.36-win-x64.exe"
C:\Windows\Temp\{E2D10705-BFF7-4DE1-9984-37DA71C23EBD}\.cr\windowsdesktop-runtime-6.0.36-win-x64.exe
"C:\Windows\Temp\{E2D10705-BFF7-4DE1-9984-37DA71C23EBD}\.cr\windowsdesktop-runtime-6.0.36-win-x64.exe" -burn.clean.room="C:\Users\Admin\Downloads\windowsdesktop-runtime-6.0.36-win-x64.exe" -burn.filehandle.attached=728 -burn.filehandle.self=620
C:\Windows\Temp\{A36323ED-EE11-4298-BDAA-E5FE4A1E750F}\.be\windowsdesktop-runtime-6.0.36-win-x64.exe
"C:\Windows\Temp\{A36323ED-EE11-4298-BDAA-E5FE4A1E750F}\.be\windowsdesktop-runtime-6.0.36-win-x64.exe" -q -burn.elevated BurnPipe.{AED62692-AF9A-4650-859C-279DC3D04667} {F88FAE15-B5B8-42CA-B949-E6715CD5B460} 4104
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 21C0C7184186C3F2C465C6A1E0F46C94
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 42C582CB6AD6E5F18B084C79ADE8CE29
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 423D538EA9498C5B8BE0C54A36FD57E4
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding B3E9ED2C2B198A02DF64F04CEAC05302
C:\ProgramData\Package Cache\{d87ae0f4-64a6-4b94-859a-530b9c313c27}\windowsdesktop-runtime-6.0.27-win-x64.exe
"C:\ProgramData\Package Cache\{d87ae0f4-64a6-4b94-859a-530b9c313c27}\windowsdesktop-runtime-6.0.27-win-x64.exe" -uninstall -quiet -burn.related.upgrade -burn.ancestors={0532b8f2-12d7-43de-95fc-7b87006758a8} -burn.filehandle.self=1088 -burn.embedded BurnPipe.{B53A3D78-AA67-42C9-B158-BCAFD58C07B3} {EB87A3B0-F8C1-4ACF-98CF-0397104E95F0} 1444
C:\ProgramData\Package Cache\{d87ae0f4-64a6-4b94-859a-530b9c313c27}\windowsdesktop-runtime-6.0.27-win-x64.exe
"C:\ProgramData\Package Cache\{d87ae0f4-64a6-4b94-859a-530b9c313c27}\windowsdesktop-runtime-6.0.27-win-x64.exe" -burn.clean.room="C:\ProgramData\Package Cache\{d87ae0f4-64a6-4b94-859a-530b9c313c27}\windowsdesktop-runtime-6.0.27-win-x64.exe" -burn.filehandle.attached=544 -burn.filehandle.self=564 -uninstall -quiet -burn.related.upgrade -burn.ancestors={0532b8f2-12d7-43de-95fc-7b87006758a8} -burn.filehandle.self=1088 -burn.embedded BurnPipe.{B53A3D78-AA67-42C9-B158-BCAFD58C07B3} {EB87A3B0-F8C1-4ACF-98CF-0397104E95F0} 1444
C:\ProgramData\Package Cache\{d87ae0f4-64a6-4b94-859a-530b9c313c27}\windowsdesktop-runtime-6.0.27-win-x64.exe
"C:\ProgramData\Package Cache\{d87ae0f4-64a6-4b94-859a-530b9c313c27}\windowsdesktop-runtime-6.0.27-win-x64.exe" -q -burn.elevated BurnPipe.{17978A9F-CD05-474F-9BA0-C5AE6AF0852A} {2C70D29A-4A19-4D7E-8CCD-330B2D9AB6AE} 5392
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 36B1371FC6444AF0A62BB85900A3DBD9
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding BB696E4079D947E9C8A088C3FAA5FC89
C:\Program Files (x86)\Steam\steam.exe
"C:\Program Files (x86)\Steam\steam.exe"
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 3043C5CF008FA0F7EC4B97041F9C3323
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" -nocrashdialog "-lang=en_US" "-cachedir=C:\Users\Admin\AppData\Local\Steam\htmlcache" "-steampid=6860" "-buildid=1737514353" "-steamid=0" "-logdir=C:\Program Files (x86)\Steam\logs" "-uimode=7" "-startcount=0" "-steamuniverse=Public" "-realm=Global" "-clientui=C:\Program Files (x86)\Steam\clientui" "-steampath=C:\Program Files (x86)\Steam\steam.exe" "-launcher=0" --valve-enable-site-isolation --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-quick-menu "--enable-features=PlatformHEVCDecoderSupport" "--disable-features=SpareRendererForSitePerProcess,DcheckIsFatal,ValveFFmpegAllowLowDelayHEVC"
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:4 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\Admin\AppData\Local\CEF\User Data" --url=https://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1737514353 --initial-client-data=0x278,0x280,0x284,0x27c,0x288,0x7ff94f2caf00,0x7ff94f2caf0c,0x7ff94f2caf18
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1737514353 --steamid=0 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1576,i,1047789630231171254,14395683616566188839,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=1580 --mojo-platform-channel-handle=1568 /prefetch:2
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1737514353 --steamid=0 --field-trial-handle=2228,i,1047789630231171254,14395683616566188839,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2232 --mojo-platform-channel-handle=2224 /prefetch:3
C:\Program Files (x86)\Steam\bin\gldriverquery64.exe
.\bin\gldriverquery64.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1737514353 --steamid=0 --field-trial-handle=2992,i,1047789630231171254,14395683616566188839,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2996 --mojo-platform-channel-handle=2988 /prefetch:8
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1737514353 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3304,i,1047789630231171254,14395683616566188839,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3308 --mojo-platform-channel-handle=3288 /prefetch:1
C:\Program Files (x86)\Steam\bin\gldriverquery.exe
.\bin\gldriverquery.exe
C:\Program Files (x86)\Steam\bin\vulkandriverquery64.exe
.\bin\vulkandriverquery64.exe
C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe
.\bin\vulkandriverquery.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1737514353 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=4040,i,1047789630231171254,14395683616566188839,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4044 --mojo-platform-channel-handle=4036 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1737514353 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4164,i,1047789630231171254,14395683616566188839,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4168 --mojo-platform-channel-handle=4140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3724 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1737514353 --steamid=0 --field-trial-handle=4416,i,1047789630231171254,14395683616566188839,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4436 --mojo-platform-channel-handle=4424 /prefetch:8
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1737514353 --steamid=0 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4444,i,1047789630231171254,14395683616566188839,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4440 --mojo-platform-channel-handle=4460 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5796 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4836 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3544 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6568 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8716 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9840 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7644 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9948 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10804 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10708 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10400 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5700 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6428 /prefetch:1
C:\Users\Admin\Downloads\oskasetup.exe
"C:\Users\Admin\Downloads\oskasetup.exe"
C:\Users\Admin\AppData\Local\Temp\WZSE01D.tmp\setup.exe
setup.exe
C:\DESKMATE\Deskmate.EXE
"C:\DESKMATE\Deskmate.EXE"
C:\DESKMATE\Deskmate.EXE
"C:\DESKMATE\Deskmate.EXE"
C:\DESKMATE\Deskmate.EXE
"C:\DESKMATE\Deskmate.EXE"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8016481967871917562,13444714757920459824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8676 /prefetch:1
C:\DESKMATE\Deskmate.EXE
"C:\DESKMATE\Deskmate.EXE"
C:\DESKMATE\Deskmate.EXE
"C:\DESKMATE\Deskmate.EXE"
C:\DESKMATE\Deskmate.EXE
"C:\DESKMATE\Deskmate.EXE"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | 13.153.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.173.78.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.109.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 185.199.109.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | camo.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.110.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.110.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 22.112.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 95.101.143.35:443 | www.bing.com | tcp |
| GB | 95.101.143.35:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 35.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | melonwiki.xyz | udp |
| US | 185.199.111.153:80 | melonwiki.xyz | tcp |
| US | 185.199.111.153:80 | melonwiki.xyz | tcp |
| US | 185.199.111.153:443 | melonwiki.xyz | tcp |
| US | 8.8.8.8:53 | unpkg.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.17.249.203:443 | unpkg.com | tcp |
| US | 8.8.8.8:53 | 153.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.249.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.130.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | img.shields.io | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | udp |
| US | 172.67.173.89:443 | img.shields.io | tcp |
| US | 172.67.173.89:443 | img.shields.io | tcp |
| US | 8.8.8.8:53 | 89.173.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 8.8.8.8:53 | dotnet.microsoft.com | udp |
| US | 13.107.246.64:443 | dotnet.microsoft.com | tcp |
| US | 13.107.246.64:443 | dotnet.microsoft.com | tcp |
| US | 8.8.8.8:53 | js.monitor.azure.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 13.107.246.64:443 | js.monitor.azure.com | tcp |
| IT | 2.20.157.251:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | target.microsoft.com | udp |
| US | 8.8.8.8:53 | microsoftmscompoc.tt.omtrdc.net | udp |
| IT | 2.20.157.251:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | 251.157.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | w.usabilla.com | udp |
| IE | 52.16.127.123:443 | w.usabilla.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| NL | 18.239.83.100:80 | crt.rootg2.amazontrust.com | tcp |
| US | 8.8.8.8:53 | westus2-0.in.applicationinsights.azure.com | udp |
| US | 8.8.8.8:53 | 123.127.16.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.83.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.39.65.18.in-addr.arpa | udp |
| US | 20.9.155.148:443 | westus2-0.in.applicationinsights.azure.com | tcp |
| US | 8.8.8.8:53 | d6tizftlrpuof.cloudfront.net | udp |
| NL | 18.239.15.219:443 | d6tizftlrpuof.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 148.155.9.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 219.15.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 20.42.73.28:443 | browser.events.data.microsoft.com | tcp |
| US | 20.42.73.28:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 28.73.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | download.visualstudio.microsoft.com | udp |
| IT | 95.101.180.17:443 | download.visualstudio.microsoft.com | tcp |
| IT | 95.101.180.17:443 | download.visualstudio.microsoft.com | tcp |
| US | 8.8.8.8:53 | 17.180.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 95.101.143.177:443 | r.bing.com | tcp |
| GB | 95.101.143.177:443 | r.bing.com | tcp |
| GB | 95.101.143.185:443 | th.bing.com | tcp |
| GB | 95.101.143.185:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 177.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 20.190.160.22:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 22.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| GB | 95.100.245.51:443 | store.steampowered.com | tcp |
| GB | 95.100.245.51:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | store.fastly.steamstatic.com | udp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | store.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 51.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.fastly.steamstatic.com | udp |
| US | 151.101.67.52:443 | cdn.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | shared.fastly.steamstatic.com | udp |
| US | 151.101.67.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 52.67.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.131.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | video.fastly.steamstatic.com | udp |
| US | 151.101.195.52:443 | video.fastly.steamstatic.com | tcp |
| N/A | 127.0.0.1:27060 | tcp | |
| US | 8.8.8.8:53 | 52.195.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 219.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.steamstatic.com | udp |
| GB | 95.100.245.51:443 | store.steampowered.com | tcp |
| N/A | 127.0.0.1:27060 | tcp | |
| US | 151.101.131.52:443 | cdn.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 55.81.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r11.o.lencr.org | udp |
| GB | 88.221.135.105:80 | r11.o.lencr.org | tcp |
| US | 151.101.131.52:443 | cdn.steamstatic.com | tcp |
| US | 151.101.131.52:443 | cdn.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 105.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 23.214.143.155:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | 155.143.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | test.steampowered.com | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| US | 8.8.8.8:53 | ipv6check-udp.steamserver.net | udp |
| GB | 88.221.134.170:80 | test.steampowered.com | tcp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | 170.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.124.170.33:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | 33.170.124.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:53 | ext1-waw1.steamserver.net | udp |
| US | 8.8.8.8:53 | ext2-waw1.steamserver.net | udp |
| PL | 155.133.230.34:27028 | ext1-waw1.steamserver.net | tcp |
| PL | 155.133.230.50:27031 | ext2-waw1.steamserver.net | tcp |
| PL | 155.133.230.34:443 | ext1-waw1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-fra2.steamserver.net | udp |
| DE | 155.133.229.20:27019 | cmp2-fra2.steamserver.net | tcp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.230.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.229.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | e5.o.lencr.org | udp |
| GB | 88.221.134.137:80 | e5.o.lencr.org | tcp |
| US | 8.8.8.8:53 | cmp2-fra1.steamserver.net | udp |
| US | 8.8.8.8:53 | cmp1-fra1.steamserver.net | udp |
| DE | 155.133.250.20:27020 | cmp2-fra1.steamserver.net | tcp |
| DE | 155.133.250.4:27022 | cmp1-fra1.steamserver.net | tcp |
| DE | 155.133.229.20:27023 | cmp2-fra2.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp1-sto1.steamserver.net | udp |
| SE | 162.254.198.68:27022 | cmp1-sto1.steamserver.net | tcp |
| US | 8.8.8.8:53 | e6.o.lencr.org | udp |
| GB | 88.221.134.89:80 | e6.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 137.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.250.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.250.133.155.in-addr.arpa | udp |
| SE | 162.254.198.68:443 | cmp1-sto1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp1-sto2.steamserver.net | udp |
| SE | 155.133.252.68:27020 | cmp1-sto2.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-sto2.steamserver.net | udp |
| SE | 155.133.252.69:443 | cmp2-sto2.steamserver.net | tcp |
| SE | 155.133.252.69:27018 | cmp2-sto2.steamserver.net | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| IT | 2.20.156.107:443 | tcp | |
| US | 8.8.8.8:53 | 68.198.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.252.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.252.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.156.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p2p-fra1.discovery.steamserver.net | udp |
| US | 151.101.67.52:443 | cdn.steamstatic.com | tcp |
| US | 151.101.67.52:443 | cdn.steamstatic.com | tcp |
| US | 151.101.67.52:443 | cdn.steamstatic.com | tcp |
| US | 104.19.229.21:443 | udp | |
| US | 151.101.67.52:443 | cdn.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 21.229.19.104.in-addr.arpa | udp |
| GB | 88.221.135.41:443 | www.bing.com | tcp |
| GB | 88.221.135.41:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 95.101.143.193:443 | r.bing.com | tcp |
| GB | 95.101.143.193:443 | r.bing.com | tcp |
| GB | 88.221.135.51:443 | th.bing.com | tcp |
| GB | 88.221.135.51:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 41.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.135.221.88.in-addr.arpa | udp |
| N/A | 127.0.0.1:54529 | tcp | |
| N/A | 127.0.0.1:54513 | tcp | |
| US | 8.8.8.8:53 | mail.google.com | udp |
| GB | 172.217.169.69:80 | mail.google.com | tcp |
| GB | 172.217.169.69:80 | mail.google.com | tcp |
| GB | 172.217.169.69:443 | mail.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 142.251.173.84:443 | accounts.google.com | tcp |
| US | 142.251.173.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 69.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.173.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.212.206:443 | play.google.com | tcp |
| GB | 216.58.212.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 216.58.212.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 228.179.250.142.in-addr.arpa | udp |
| GB | 216.58.212.206:443 | play.google.com | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 142.250.200.35:443 | tcp | |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.35.104.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p2p-fra1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.18.190.216:443 | aefd.nelreports.net | tcp |
| US | 8.8.8.8:53 | 216.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| US | 8.8.8.8:53 | ipv6check-udp.steamserver.net | udp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| GB | 142.250.200.35:443 | udp | |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.124.170.33:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | cmp1-hkg1.steamserver.net | udp |
| HK | 103.28.54.100:27019 | cmp1-hkg1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-hkg1.steamserver.net | udp |
| HK | 103.28.54.101:27023 | cmp2-hkg1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-sgp1.steamserver.net | udp |
| HK | 103.28.54.100:443 | cmp1-hkg1.steamserver.net | tcp |
| SG | 103.10.124.5:27018 | cmp2-sgp1.steamserver.net | tcp |
| US | 8.8.8.8:53 | e5.o.lencr.org | udp |
| GB | 88.221.134.137:80 | e5.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 100.54.28.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.54.28.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.124.10.103.in-addr.arpa | udp |
| SG | 103.10.124.5:27019 | cmp2-sgp1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp1-tyo3.steamserver.net | udp |
| JP | 45.121.184.100:27020 | cmp1-tyo3.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-tyo3.steamserver.net | udp |
| JP | 45.121.184.101:27018 | cmp2-tyo3.steamserver.net | tcp |
| JP | 45.121.184.101:443 | cmp2-tyo3.steamserver.net | tcp |
| US | 8.8.8.8:53 | e6.o.lencr.org | udp |
| GB | 88.221.135.105:80 | e6.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 101.184.121.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.184.121.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cmp1-sgp1.steamserver.net | udp |
| SG | 103.10.124.4:443 | cmp1-sgp1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp1-lax1.steamserver.net | udp |
| US | 8.8.8.8:53 | cmp1-ord1.steamserver.net | udp |
| US | 162.254.195.69:443 | cmp1-lax1.steamserver.net | tcp |
| US | 162.254.193.103:27018 | cmp1-ord1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-dfw1.steamserver.net | udp |
| US | 155.133.253.52:443 | cmp2-dfw1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 103.193.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.195.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.124.10.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.253.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p2p-dfw1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 142.250.178.3:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.179.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | client-update.steamstatic.com | udp |
| US | 151.101.131.52:443 | client-update.steamstatic.com | tcp |
| US | 8.8.8.8:53 | r10.o.lencr.org | udp |
| GB | 88.221.135.105:80 | r10.o.lencr.org | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 88.221.134.3:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 3.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | p2p-dfw1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| US | 8.8.8.8:53 | ipv6check-udp.steamserver.net | udp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| GB | 88.221.134.3:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 23.214.143.155:443 | api.steampowered.com | tcp |
| DE | 155.133.229.20:27020 | cmp2-fra2.steamserver.net | tcp |
| DE | 155.133.250.4:27024 | cmp1-fra1.steamserver.net | tcp |
| DE | 155.133.250.4:27020 | cmp1-fra1.steamserver.net | tcp |
| DE | 155.133.229.4:27023 | cmp1-fra2.steamserver.net | tcp |
| US | 8.8.8.8:53 | e5.o.lencr.org | udp |
| US | 8.8.8.8:53 | 4.229.133.155.in-addr.arpa | udp |
| GB | 88.221.134.91:80 | e5.o.lencr.org | tcp |
| SE | 162.254.198.68:27020 | cmp1-sto1.steamserver.net | tcp |
| DE | 155.133.250.20:443 | cmp2-fra1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-sto1.steamserver.net | udp |
| SE | 162.254.198.69:27020 | cmp2-sto1.steamserver.net | tcp |
| SE | 162.254.198.68:27018 | cmp1-sto1.steamserver.net | tcp |
| SE | 155.133.252.69:27019 | cmp2-sto2.steamserver.net | tcp |
| SE | 162.254.198.69:443 | cmp2-sto1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp1-vie1.steamserver.net | udp |
| AT | 146.66.155.84:443 | cmp1-vie1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext1-par1.steamserver.net | udp |
| US | 8.8.8.8:53 | 69.198.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.134.221.88.in-addr.arpa | udp |
| FR | 185.25.182.20:27034 | ext1-par1.steamserver.net | tcp |
| US | 8.8.8.8:53 | e6.o.lencr.org | udp |
| GB | 88.221.135.115:80 | e6.o.lencr.org | tcp |
| US | 8.8.8.8:53 | p2p-fra2.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | 84.155.66.146.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.182.25.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | melonloader.net | udp |
| US | 172.67.167.97:443 | melonloader.net | tcp |
| US | 172.67.167.97:443 | melonloader.net | tcp |
| US | 8.8.8.8:53 | 97.167.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | tcp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 142.250.187.226:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.200.33:443 | ep2.adtrafficquality.google | tcp |
| GB | 142.250.200.33:443 | ep2.adtrafficquality.google | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | dclk-match.dotomi.com | udp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | ads.travelaudience.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| DE | 51.89.9.254:443 | onetag-sys.com | tcp |
| US | 35.190.0.66:443 | ads.travelaudience.com | tcp |
| DE | 91.228.74.159:443 | cms.quantserve.com | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 63.215.202.172:443 | dclk-match.dotomi.com | tcp |
| GB | 142.250.180.2:443 | cm.g.doubleclick.net | tcp |
| GB | 142.250.187.226:443 | ep1.adtrafficquality.google | udp |
| GB | 142.250.180.2:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 66.0.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 254.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.74.228.91.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 88.221.135.32:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 32.135.221.88.in-addr.arpa | udp |
| GB | 88.221.135.32:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | oska-desktop-mate.en.softonic.com | udp |
| US | 151.101.65.91:443 | oska-desktop-mate.en.softonic.com | tcp |
| US | 151.101.65.91:443 | oska-desktop-mate.en.softonic.com | tcp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 8.8.8.8:53 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | rv-assets.softonic.com | udp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 151.101.65.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.65.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.65.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.65.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.65.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.65.91:443 | rv-assets.softonic.com | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 151.101.65.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.65.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.65.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.1.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.1.91:443 | rv-assets.softonic.com | tcp |
| US | 151.101.65.91:443 | rv-assets.softonic.com | tcp |
| US | 150.171.27.10:443 | bat.bing.com | tcp |
| IE | 3.162.140.120:443 | sdk.privacy-center.org | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| GB | 142.250.187.194:443 | securepubads.g.doubleclick.net | tcp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| US | 151.101.65.91:443 | rv-assets.softonic.com | udp |
| US | 151.101.65.91:443 | rv-assets.softonic.com | udp |
| US | 8.8.8.8:53 | 91.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 135.70.239.18.in-addr.arpa | udp |
| GB | 142.250.187.194:443 | securepubads.g.doubleclick.net | udp |
| US | 151.101.65.91:443 | rv-assets.softonic.com | udp |
| NL | 18.239.70.135:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | u.clarity.ms | udp |
| US | 8.8.8.8:53 | storage.googleapis.com | udp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| US | 8.8.8.8:53 | di-images.sftcdn.net | udp |
| GB | 142.250.200.27:443 | storage.googleapis.com | tcp |
| US | 8.8.8.8:53 | bt.dns-finder.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 104.21.64.1:443 | bt.dns-finder.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| NL | 18.238.243.122:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| US | 8.8.8.8:53 | 27.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.249.227.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.41.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.243.238.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | cdn.btmessage.com | udp |
| US | 8.8.8.8:53 | 5471782.fls.doubleclick.net | udp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.26.7.141:443 | cdn.btmessage.com | tcp |
| GB | 172.217.16.230:443 | 5471782.fls.doubleclick.net | tcp |
| US | 8.8.8.8:53 | api.btmessage.com | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| US | 8.8.8.8:53 | notix.io | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| NL | 139.45.197.103:443 | notix.io | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 13.107.21.237:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | 86.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.7.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.129.74.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.197.45.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.privacy-center.org | udp |
| IE | 13.224.68.116:443 | api.privacy-center.org | tcp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | shb.richaudience.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| IE | 34.252.22.131:443 | ap.lijit.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| US | 104.18.26.193:443 | htlb.casalemedia.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 18.239.86.180:443 | aax.amazon-adsystem.com | tcp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 176.9.112.177:443 | shb.richaudience.com | tcp |
| DE | 176.9.112.177:443 | shb.richaudience.com | tcp |
| DE | 176.9.112.177:443 | shb.richaudience.com | tcp |
| IE | 52.30.134.176:443 | id.crwdcntrl.net | tcp |
| US | 104.18.29.101:443 | cdn-ima.33across.com | tcp |
| IE | 63.34.72.32:443 | ad.360yield.com | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 216.58.201.99:443 | www.google.co.uk | tcp |
| GB | 216.58.201.99:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ampcid.google.com | udp |
| BE | 64.233.184.155:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | lexicon.33across.com | udp |
| GB | 216.58.201.110:443 | ampcid.google.com | tcp |
| US | 35.244.193.51:443 | lexicon.33across.com | tcp |
| US | 8.8.8.8:53 | 116.68.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.22.252.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.26.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.86.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.29.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.33.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.134.30.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 177.112.9.176.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.72.34.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.184.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | efbfbadfb536481a957aa2dbb8beb6cd.safeframe.googlesyndication.com | udp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| GB | 142.250.187.226:443 | ep1.adtrafficquality.google | udp |
| GB | 216.58.201.97:443 | efbfbadfb536481a957aa2dbb8beb6cd.safeframe.googlesyndication.com | tcp |
| BE | 64.233.184.155:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| GB | 142.250.200.33:443 | ep2.adtrafficquality.google | udp |
| US | 104.26.7.141:443 | api.btmessage.com | tcp |
| IE | 54.239.38.253:443 | aax-eu.amazon-adsystem.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.193.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.38.239.54.in-addr.arpa | udp |
| GB | 142.250.187.194:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.187.226:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 104.18.25.18:443 | js-sec.indexww.com | tcp |
| IT | 184.87.212.214:443 | ads.pubmatic.com | tcp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| DE | 148.251.40.153:443 | sync.richaudience.com | tcp |
| GB | 95.100.244.20:443 | contextual.media.net | tcp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| IE | 63.32.176.50:443 | ce.lijit.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| IT | 92.123.101.186:443 | player.aniview.com | tcp |
| US | 67.202.105.22:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 18.204.162.170:443 | cs-server-s2s.yellowblue.io | tcp |
| DE | 51.89.9.254:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| FR | 5.196.111.68:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| NL | 185.89.210.153:443 | secure.adnxs.com | tcp |
| NL | 185.89.210.153:443 | secure.adnxs.com | tcp |
| NL | 185.89.210.153:443 | secure.adnxs.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 18.233.217.172:443 | api-2-0.spot.im | tcp |
| NL | 34.1.237.230:443 | csync.loopme.me | tcp |
| US | 35.153.85.19:443 | sync.srv.stackadapt.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| IE | 52.212.93.241:443 | jadserve.postrelease.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| DE | 51.89.9.254:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | 18.25.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.244.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.212.87.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.40.251.148.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.176.32.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.101.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.162.204.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.111.196.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.237.1.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.136.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.93.212.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.217.233.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.85.153.35.in-addr.arpa | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 8.8.8.8:53 | sync-service.net | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 172.240.45.96:443 | sync.aniview.com | tcp |
| US | 8.8.8.8:53 | tracker.open-adsyield.com | udp |
| US | 204.62.12.209:443 | sync-service.net | tcp |
| US | 8.8.8.8:53 | bc-sync.com | udp |
| FR | 217.182.178.233:443 | rtb-csync.smartadserver.com | tcp |
| FR | 217.182.178.233:443 | rtb-csync.smartadserver.com | tcp |
| NL | 18.239.94.61:443 | s.ad.smaato.net | tcp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| DE | 18.184.206.66:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 172.111.38.111:443 | tracker.open-adsyield.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 192.132.33.67:443 | bttrack.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| GB | 142.250.180.2:443 | cm.g.doubleclick.net | udp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| US | 80.77.87.166:443 | cs.admanmedia.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| FR | 154.54.250.81:443 | ads.stickyadstv.com | tcp |
| NL | 89.149.193.100:443 | ssbsync-global.smartadserver.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| DE | 18.184.206.66:443 | match.sharethrough.com | tcp |
| DE | 18.184.206.66:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| DK | 37.157.5.84:443 | c1.adform.net | tcp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| GB | 23.215.239.190:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 98.82.154.76:443 | s.amazon-adsystem.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | 233.178.182.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.94.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.12.62.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.38.111.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.173.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.250.54.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.206.184.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.5.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.239.215.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.154.82.98.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 151.101.65.91:443 | en.softonic.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| ES | 157.240.243.2:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| GB | 172.217.16.238:443 | syndicatedsearch.goog | tcp |
| US | 8.8.8.8:53 | p2p-fra2.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | d28099785904463d9d7e87397fb293ad.safeframe.googlesyndication.com | udp |
| GB | 172.217.16.238:443 | syndicatedsearch.goog | udp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | js.adscale.de | udp |
| GB | 216.58.204.66:443 | partner.googleadservices.com | tcp |
| NL | 18.239.50.126:443 | js.adscale.de | tcp |
| US | 8.8.8.8:53 | 2.243.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.50.239.18.in-addr.arpa | udp |
| GB | 216.58.201.99:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | ih.adscale.de | udp |
| US | 35.244.193.51:443 | lexicon.33across.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 52.29.248.234:443 | ih.adscale.de | tcp |
| US | 8.8.8.8:53 | push-sdk.com | udp |
| DE | 157.90.33.72:443 | push-sdk.com | tcp |
| US | 8.8.8.8:53 | uidsync.net | udp |
| DE | 157.90.33.122:443 | uidsync.net | tcp |
| DE | 157.90.33.122:443 | uidsync.net | tcp |
| US | 8.8.8.8:53 | 35.221.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.248.29.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.33.90.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.33.90.157.in-addr.arpa | udp |
| NL | 139.45.197.103:443 | notix.io | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| NL | 34.1.237.230:443 | csync.loopme.me | tcp |
| US | 35.153.85.19:443 | sync.srv.stackadapt.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | gsf-fl.softonic.com | udp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | udp |
| US | 80.77.87.166:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | ipv6check-udp.steamserver.net | udp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | equativ-match.dotomi.com | udp |
| NL | 64.158.223.137:443 | equativ-match.dotomi.com | tcp |
| IE | 52.50.172.136:443 | match.prod.bidr.io | tcp |
| IE | 52.50.172.136:443 | match.prod.bidr.io | tcp |
| NL | 64.158.223.137:443 | equativ-match.dotomi.com | tcp |
| US | 8.8.8.8:53 | 136.172.50.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.223.158.64.in-addr.arpa | udp |
| US | 104.21.64.1:443 | bt.dns-finder.com | tcp |
| US | 8.8.8.8:53 | 78d68bfcf26c2104adec0fd351dd6282.safeframe.googlesyndication.com | udp |
| NL | 139.45.197.103:443 | notix.io | tcp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 34.1.237.230:443 | csync.loopme.me | tcp |
| US | 35.153.85.19:443 | sync.srv.stackadapt.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| IE | 52.50.172.136:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| DE | 18.184.206.66:443 | match.sharethrough.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 8.8.8.8:53 | a.sportradarserving.com | udp |
| NL | 35.214.183.184:443 | a.sportradarserving.com | tcp |
| NL | 35.214.183.184:443 | a.sportradarserving.com | udp |
| US | 8.8.8.8:53 | 184.183.214.35.in-addr.arpa | udp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.124.170.33:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | cmp1-gru1.steamserver.net | udp |
| BR | 155.133.227.42:27020 | cmp1-gru1.steamserver.net | tcp |
| BR | 155.133.227.42:27019 | cmp1-gru1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-gru1.steamserver.net | udp |
| BR | 155.133.227.58:443 | cmp2-gru1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext1-eze1.steamserver.net | udp |
| AR | 155.133.255.100:27033 | ext1-eze1.steamserver.net | tcp |
| US | 8.8.8.8:53 | e6.o.lencr.org | udp |
| GB | 88.221.135.105:80 | e6.o.lencr.org | tcp |
| US | 8.8.8.8:53 | e5.o.lencr.org | udp |
| GB | 2.23.210.75:80 | e5.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 58.227.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.227.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.255.133.155.in-addr.arpa | udp |
| AR | 155.133.255.100:27023 | ext1-eze1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext1-scl1.steamserver.net | udp |
| CL | 155.133.249.180:27022 | ext1-scl1.steamserver.net | tcp |
| CL | 155.133.249.180:27028 | ext1-scl1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext2-eze1.steamserver.net | udp |
| AR | 155.133.255.164:443 | ext2-eze1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 75.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.249.133.155.in-addr.arpa | udp |
| CL | 155.133.249.180:443 | ext1-scl1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext2-lim1.steamserver.net | udp |
| PE | 155.133.244.50:27028 | ext2-lim1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp1-sea1.steamserver.net | udp |
| US | 205.196.6.132:443 | cmp1-sea1.steamserver.net | tcp |
| FR | 185.25.182.20:27024 | ext1-par1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 50.244.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.255.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.6.196.205.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p2p-par1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | u.clarity.ms | udp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| IE | 52.30.137.178:443 | ad.360yield.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | 178.137.30.52.in-addr.arpa | udp |
| GB | 2.19.117.148:443 | aefd.nelreports.net | udp |
| GB | 142.250.187.194:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | s.richaudience.com | udp |
| DE | 157.90.0.38:443 | s.richaudience.com | tcp |
| DE | 157.90.0.38:443 | s.richaudience.com | tcp |
| US | 8.8.8.8:53 | oska-desktop-mate.en.softonic.com | udp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.194:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 148.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.0.90.157.in-addr.arpa | udp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 443a627d539ca4eab732bad0cbe7332b |
| SHA1 | 86b18b906a1acd2a22f4b2c78ac3564c394a9569 |
| SHA256 | 1e1ad9dce141f5f17ea07c7e9c2a65e707c9943f172b9134b0daf9eef25f0dc9 |
| SHA512 | 923b86d75a565c91250110162ce13dd3ef3f6bdde1a83f7af235ed302d4a96b8c9ed722e2152781e699dfcb26bb98afc73f5adb298f8fd673f14c9f28b5f764d |
\??\pipe\LOCAL\crashpad_4016_HZWTVZYNNHQIHCAQ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 99afa4934d1e3c56bbce114b356e8a99 |
| SHA1 | 3f0e7a1a28d9d9c06b6663df5d83a65c84d52581 |
| SHA256 | 08e098bb97fd91d815469cdfd5568607a3feca61f18b6b5b9c11b531fde206c8 |
| SHA512 | 76686f30ed68144cf943b80ac10b52c74eee84f197cee3c24ef7845ef44bdb5586b6e530824543deeed59417205ac0e2559808bcb46450504106ac8f4c95b9da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b98c145dd16d8311e99e9e713e5b05be |
| SHA1 | c6ac92f4715b1154b811387799a7ebf70bb488aa |
| SHA256 | cf1bf988ced526007ed069674955e57af0a3bb6c69115083295355565189ee09 |
| SHA512 | 490f94f8f21709303e72101ca446dc012a0024845df63f0c5d16c1957b0ce93bc0408bc818d3ce39c536085b333604b4ea7a0b9e896b5c8099d54880f8a99591 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b037d8b87f74f301cafa6dafd468c779 |
| SHA1 | fa1c8c498e7631266406703c3c2ba7230c5879b2 |
| SHA256 | 60a70092b312e31c2a9aefc826bd9c55ff928d6dac07ad972e26f2b1d963bb81 |
| SHA512 | 9af33ce2fe56ee0324ba8aadb95c89e134f54fc8c6dded02ee65834bd44a963c546f243ebd9c616d3872ae7a0c77a556f9fcdccdd6cfd12cf07fbe07d90ffc20 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 97aa406c6178d5d9c82ca63990d0ded9 |
| SHA1 | 22f036a07dfa696694dff366edebc4a6bcecfc12 |
| SHA256 | 332d19d1f053a14a59533c0a179fa67fbf7d950ef850c8f778ab585e4fd2df9b |
| SHA512 | de5821af1a8a0d445ba2e44e3210f150ac1f1c79cca8649481dfd1906042af73265d764b13fdea38a46eb39153216ebb350b700523506d3c8ef9db30c3189ac2 |
C:\Users\Admin\Downloads\Unconfirmed 656060.crdownload
| MD5 | fa6e6f8538a820b802884e713f80a677 |
| SHA1 | ed7f96d61b80cdc96d1a6afe30dac4907210dff7 |
| SHA256 | a32f508050dbda03f7de9f1f3dd1ae400135e9ddf03956edb9af3464ceed3f8f |
| SHA512 | ec2414b34855fe6f5294bcf49e4b2981592c0d4257abce7c073360a240da1d7ec070f36d9f8747223fdb8cacf2dfbd556bc59a563111152732685c2e8004b364 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ab2528ddd5a061a1ae53628109ed4e67 |
| SHA1 | c2b348dc2b05412d78b9bc0aa6db96e3f65ffa03 |
| SHA256 | 08563d652e52750dd7a24cb77d7283ec73b5d14f0b1ca97c4128390df789dc18 |
| SHA512 | 6ee242d6ef4a7ab3898e74b6d2606150e8cf00c08db724818bb95228f4d6f69b5010d28e91a8b4be2c2fe0b93c54efaaf9602f0b1ba4e53fb6e27950a01b9aa2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 88c7d1acd9206f3d79c9ceff16a72368 |
| SHA1 | 4e3a05ef143750390dbfb90b732013f984e5f875 |
| SHA256 | b95fd413b83484b6c01420508f60ee62efa57745b880a8e90fdc3dd590f9f25c |
| SHA512 | 37452572f07f698382bbeb510b07b1fdbea26ea4d10fd66da05a6e96bdb9ae1e913d9dcd5c1007901fa888f4622366c0ce9a5d94e0b4af621e4bf2712df3d794 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58078d.TMP
| MD5 | 9a432772557b52cd415708d8419831d1 |
| SHA1 | b6676687292bfb037c8fecf8a8b51a43222af29a |
| SHA256 | f8f5e8335da598ab46ca68a303dca4ba2acacd06c94d6b31fca361c3e1cd2376 |
| SHA512 | 987561ba09ddf13bb766059feb848968293caf1cbc79c3f6b96510b5f271621f23017a38b556ccd5d509685e6cdfc16f574465b81fa1d8063e4f71eab450bfa0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2142474426af55822e7dd7abbf966fdf |
| SHA1 | 9cc91e3be539439d9df0b50b7261776f87173e52 |
| SHA256 | cdaf586f3c69b867a7361ca95a3f85658d844285530e018e7b72c966f86d3d3c |
| SHA512 | c38599da07caf682e8972203e2eff1c0f23d7191e9c30dba309854dacb10785a41c08a95401334245cbe06b8e8cf5106b2b04c6011ffac4f0c1c43351abeb200 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3c35d8477874be53260e4ab7384a8341 |
| SHA1 | 14eba79cc6ab3da227c9ea33f82abf6494479581 |
| SHA256 | f12a4516f9fb3898b5f0954f8b3920347633e9c01e1a6dbf88f3f909bb46c3cd |
| SHA512 | acc35308eef4d827e5e2c3644e8184fb828a8bd4df506ae263ecad8706daa0723dbcfe7612b5745a04ccd833404bdaa3c6a96893f379aa6e8cacfc9dd67b2a94 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | af3f499b46fd251d06f39ee67a14be91 |
| SHA1 | 7b477a7c7b9efdc1d41507096b3d10598c69c07a |
| SHA256 | fd7cc64fb8863b6327e005661c367d89d978221dc4ea3b76e8a876c02e1f9be8 |
| SHA512 | 614eab08763fa39d2647b571bd57a8b83c8e1630f120191fa8ba25d229cd46d8b1aaa07e81245e6e254d6a9925b2876d3b9fe4e9b49254b9117feecd12a5cc39 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 59b46c4b9aa6551e0ebe29bbf6ea8ddd |
| SHA1 | 2544a1a6b26e78b8cba91596f8cd49a3450c59a5 |
| SHA256 | ed99c8570cc0283e80a2ad6d14cca17b0ae740a638fa28b39408cdf65ed80e4a |
| SHA512 | 8c9b1c760240224363339c823570797cb807d8419aeea72f9d9fd6a467cd07cb8567183a319d2f1625ee20bc215e4edfee98512654b7fdfd2c703be491373885 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | acb260edcb53619a333776f34de39d1d |
| SHA1 | 5a8c1713c663b792a193e0b0f86c5d9d1051b4b7 |
| SHA256 | fabed9b71386b1336814310d7ef43204262d84fc38cec8b7fa31d85770dedccb |
| SHA512 | 82fb7c818cde7bd413ddc2e9c0524a3079dbffa7ce1c0f39b7be9462ff40d4d25728791ce41dc9bdd81e7f16cc2d554109c44c337ce9bacf5dcc0f11f551d386 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 55f7c7f34dd80d7020322ac0237e88ea |
| SHA1 | 4ac8d7f8b794b2a7fb31d8aaf5cc80e5bcab7060 |
| SHA256 | 7996ce7934c3b83e73c931a2634e5dfa4c38a0baef43fc5ffae04f198b23bf8e |
| SHA512 | fffe411110b9dcb80b33acd490ce32c63a0e59dfb7c83bcca435a565fe065a43cd306a209ef028325da742c89da67a8c2368e68aa15658bb4e733425a44c5a67 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\39ad99b4-951d-40f9-8cb8-a11863427100.tmp
| MD5 | 539b729b8b1645372cf28d8fe69c7578 |
| SHA1 | 46fa95d17983895a5d22f43c9ddf7e5e0bf628c0 |
| SHA256 | 09bf698877e2daedab0282db92c888a67adf37e5be9f0deb9f63171a498f6f24 |
| SHA512 | abca22c02a98c8b777fc46acc85da47c6b415cfbb63e86e8818f1c27096bdb2f85e0c486c789d51928ec83711109d84f315ca2675a2d9d1deef37057fd47da09 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 06aa5d362707bb5f1bcd4121df4b6f65 |
| SHA1 | e909a12cfcd6c5bb6525f3030a03b8d512563b17 |
| SHA256 | 038e245b10d88a84cfaa861a1b7ddfd1c045e22bc8d97c3cda3b29fcb9f36d6b |
| SHA512 | 7cea516d30a358821aaca2eb185e7b2040a06f36a0cb72add3da78bda072210f02ed88bb6bd3bc3b0f6b5fd120c87aac8562e8f221ae6f86a85fa707ba83bcb0 |
C:\Users\Admin\Downloads\Unconfirmed 629706.crdownload
| MD5 | 1b54b70beef8eb240db31718e8f7eb5d |
| SHA1 | da5995070737ec655824c92622333c489eb6bce4 |
| SHA256 | 7d3654531c32d941b8cae81c4137fc542172bfa9635f169cb392f245a0a12bcb |
| SHA512 | fda935694d0652dab3f1017faaf95781a300b420739e0f9d46b53ce07d592a4cfa536524989e2fc9f83602d315259817638a89c4e27da709aada5d1360b717eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 34a45821a41d1995b3fd8639bee8500c |
| SHA1 | 8c4b86b358e3a1710e64c34cf88b7352715a5fb0 |
| SHA256 | a20d4c8a100344a8bf2747efad2403d705555ce0442c81d71abe754e89fd7bce |
| SHA512 | 7628e0776472edd230ce596ea527accc616ccc8976b82545cbee723406de5207dee31a91f8d08d5f2ced60f6c039b12bde06e79efe3a593d5e09fb38ebc61d40 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cbb2e20a1418f85f781737a205c9f60f |
| SHA1 | 329e12f69d2423650388897f40b14d10b0ece370 |
| SHA256 | 6f9cb4eb6c3eb7e96c5c2dcc636799830708fccd63869f1660752a844df13f61 |
| SHA512 | dbe023ec759f864ddcb1d57dfc86ea8584d8acd858f7cf81dade56090ce1f85f6901664eb5359839eed81c439084957965dce6840693961b59cf9b091d00a02d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7cc40a751326b274688ae11849c86459 |
| SHA1 | 1c3c877f5c2f84bb7af46c7ea5ee4e386e9f3f41 |
| SHA256 | 89834b3f2d9916bd11983bcf6ff94b31bdeb9937a9197d64d44d369a178838c8 |
| SHA512 | 8a997aeda4ac9595d45d9240df831c02e0a059fca62860e355914494c2350f00ccf69699a5f96e757730dd9b1212528aacdc0800e5e36a0d64fa2412a77c0565 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 964990bb0d87a30d74cd8c71da6e6f60 |
| SHA1 | 8816d47d4014c5bb11fa38c783d0b9c413f720b3 |
| SHA256 | cc8beb1cabe558b8d15ab7ca2df1e9c72f89cf95f8ee32f02eaf3bae2b6f0f96 |
| SHA512 | 19a912104e97175b19939386ee057f2a322cf67221fd9e7de079487c157b8ef024d25a737660b5806294d92c39a0a824b140213e37672e1023cbc9113ad60e2e |
C:\Users\Admin\AppData\Local\Temp\nsm14D8.tmp\System.dll
| MD5 | a36fbe922ffac9cd85a845d7a813f391 |
| SHA1 | f656a613a723cc1b449034d73551b4fcdf0dcf1a |
| SHA256 | fa367ae36bfbe7c989c24c7abbb13482fc20bc35e7812dc377aa1c281ee14cc0 |
| SHA512 | 1d1b95a285536ddc2a89a9b3be4bb5151b1d4c018ea8e521de838498f62e8f29bb7b3b0250df73e327e8e65e2c80b4a2d9a781276bf2a51d10e7099bacb2e50b |
C:\Users\Admin\AppData\Local\Temp\nsm14D8.tmp\nsDialogs.dll
| MD5 | 4e5bc4458afa770636f2806ee0a1e999 |
| SHA1 | 76dcc64af867526f776ab9225e7f4fe076487765 |
| SHA256 | 91a484dc79be64dd11bf5acb62c893e57505fcd8809483aa92b04f10d81f9de0 |
| SHA512 | b6f529073a943bddbcb30a57d62216c78fcc9a09424b51ac0824ebfb9cac6cae4211bda26522d6923bd228f244ed8c41656c38284c71867f65d425727dd70162 |
C:\Users\Admin\AppData\Local\Temp\nsm14D8.tmp\nsProcess.dll
| MD5 | 08072dc900ca0626e8c079b2c5bcfcf3 |
| SHA1 | 35f2bfa0b1b2a65b9475fb91af31f7b02aee4e37 |
| SHA256 | bb6ce83ddaad4f530a66a1048fac868dfc3b86f5e7b8e240d84d1633e385aee8 |
| SHA512 | 8981da7f225eb78c414e9fb3c63af0c4daae4a78b4f3033df11cce43c3a22fdbf3853425fe3024f68c73d57ffb128cba4d0db63eda1402212d1c7e0ac022353c |
C:\Program Files (x86)\Steam\Steam.exe
| MD5 | 33bcb1c8975a4063a134a72803e0ca16 |
| SHA1 | ed7a4e6e66511bb8b3e32cbfb5557ebcb4082b65 |
| SHA256 | 12222b0908eb69581985f7e04aa6240e928fb08aa5a3ec36acae3440633c9eb1 |
| SHA512 | 13f3a7d6215bb4837ea0a1a9c5ba06a985e0c80979c25cfb526a390d71a15d1737c0290a899f4705c2749982c9f6c9007c1751fef1a97b12db529b2f33c97b49 |
C:\Users\Admin\AppData\Local\Temp\nsm14D8.tmp\nsExec.dll
| MD5 | 2095af18c696968208315d4328a2b7fe |
| SHA1 | b1b0e70c03724b2941e92c5098cc1fc0f2b51568 |
| SHA256 | 3e2399ae5ce16dd69f7e2c71d928cf54a1024afced8155f1fd663a3e123d9226 |
| SHA512 | 60105dfb1cd60b4048bd7b367969f36ed6bd29f92488ba8cfa862e31942fd529cbc58e8b0c738d91d8bef07c5902ce334e36c66eae1bfe104b44a159b5615ae5 |
C:\Program Files (x86)\Steam\bin\SteamService.exe
| MD5 | ba0ea9249da4ab8f62432617489ae5a6 |
| SHA1 | d8873c5dcb6e128c39cf0c423b502821343659a7 |
| SHA256 | ce177dc8cf42513ff819c7b8597c7be290f9e98632a34ecd868dc76003421f0d |
| SHA512 | 52958d55b03e1ddc69afc2f1a02f7813199e4b3bf114514c438ab4d10d5ca83b865ba6090550951c0a43b666c6728304009572212444a27a3f5184663f4b0b8b |
C:\Program Files (x86)\Steam\public\steambootstrapper_romanian.txt
| MD5 | 6367f43ea3780c4ee166454f5936b1a8 |
| SHA1 | 027a2c24c8320458c49cd78053f586cb4d94ee6f |
| SHA256 | f8d1972e75a320344e3c834ba0a3a6a86edb39e20ef706bda9b7965d440d1998 |
| SHA512 | 31aab33e0d272cb43a8c160b3d37256716a683e5052192fd0e4d3cdaf30a10a9afa9d26d5d14ad216ee455627c32892a711d2bc137ee7a7df9a297f001a19e32 |
C:\Program Files (x86)\Steam\public\steambootstrapper_portuguese.txt
| MD5 | eb8926608c5933f05a3f0090e551b15d |
| SHA1 | a1012904d440c0e74dad336eac8793ac110f78f8 |
| SHA256 | 2ed2b0d654d60e0a82b0968a91d568b775144e9d92f2b077b6da75f85ad12d04 |
| SHA512 | 9113c42c38836f71ff0cc7019aff8c873845f47fbf1ab97e981cb038f4d8495b6df784402b1ee9666e8e567ae866b0284c81e6a16efb47131d5ef88569c4843a |
C:\Program Files (x86)\Steam\public\steambootstrapper_polish.txt
| MD5 | 9b0b0e82f753cc115d87c7199885ad1b |
| SHA1 | 5743a4ab58684c1f154f84895d87f000b4e98021 |
| SHA256 | 0bdeee9fa28d54d384e06ea646fbcfe3f06698a31dfdc1a50703ffe83ad78d32 |
| SHA512 | b7780b82fbe705bc8e5a527c011eb685c99ef0b2eb810617b9f82b891341af95ef1c2f46dce9e458c0c4dcc3e7a0d21db6c77f03419cd1c4b521a9b72f9017df |
C:\Program Files (x86)\Steam\public\steambootstrapper_norwegian.txt
| MD5 | 58e0fcbee3cca4ef61b97928cfe89535 |
| SHA1 | 1297e3af3ca9e4fe3cc5db78ebbfa642e8a2c57b |
| SHA256 | c084a68b65d507eb831831aa2ab9afb9536cb99a840d248cc155ff87fad18425 |
| SHA512 | 99aff0c481e34cd0e4fcbb2af471afb56d91aa11be664462b08e17ae169ca03ef77e7063b4ecd0f38ca7b2f6dc0bf2e316c7b31dffbbcfc763cd8fae27dc78d2 |
C:\Program Files (x86)\Steam\public\steambootstrapper_latam.txt
| MD5 | 7913f3f33839e3af9e10455df69866c2 |
| SHA1 | 15fa957d0a6a2717027f5b35f4dbe5e0ab8ece25 |
| SHA256 | 05bc1f4973c6d36002ac1b37ce46b1f941fcb4338282e0ec1ec83fb558d1a88c |
| SHA512 | 534e541757d19ee157a268bf7ea358b48015f400542fcfa49cdb547cd652926160f015fe2cf026d9c4996e56ab90ca3899dfd457997d915bf6bc9d7bb00ba804 |
C:\Program Files (x86)\Steam\public\steambootstrapper_brazilian.txt
| MD5 | 0340d1a0bbdb8f3017d2326f4e351e0a |
| SHA1 | 90d078e9f732794db5b0ffeb781a1f2ed2966139 |
| SHA256 | 0fcd7ae491b467858f2a8745c5ecdd55451399778c2119517ee686d1f264b544 |
| SHA512 | 9d23e020875ed35825169a6542512ec2ffdb349472a12eb1e59ddc635e57c8fd65fa919873821e35c755aa7d027c9a62d3d0fa617340449d7b2c4cf8dd707e93 |
C:\Program Files (x86)\Steam\public\steambootstrapper_koreana.txt
| MD5 | 202b825d0ef72096b82db255c4e747fa |
| SHA1 | 3a3265e5bbaa1d1b774195a3858f29cea75c9e75 |
| SHA256 | 3d1399f5323a3ece1b1a8b3b31f8fd7f50c3bd319ab3f1c38c6e347452c95314 |
| SHA512 | e8fc7cc09f431301d22a07b238179ee053505090e3c4db30ead061513fe7159f1fe8b80efc93f4597fe00f01087bbe0bb2231e13693d72c8def138657cb91566 |
C:\Program Files (x86)\Steam\public\steambootstrapper_japanese.txt
| MD5 | 7e1d15fc9ba66a868c5c6cb1c2822f83 |
| SHA1 | bfe9a25fdc8721d7b76cecb9527a9ba7823dc3d7 |
| SHA256 | fc74e26a8baabbe4851109512d85173b75dbf7293d41eb3b92a1957a773c8265 |
| SHA512 | 0892be14a858cc860766afb1c996b2c355108a7e50971ea3ec00d15069e919a6eb05a61fa839bea3938492c391e274144c5e248f4c204a602bf36adf27e5b406 |
C:\Program Files (x86)\Steam\public\steambootstrapper_italian.txt
| MD5 | 8958371646901eac40807eeb2f346382 |
| SHA1 | 55fb07b48a3e354f7556d7edb75144635a850903 |
| SHA256 | b01ec64d75fd1fbd00fbeb45a3fb39244911a8b22bb43de4e0c03f205184f585 |
| SHA512 | 14c5dbb017822336f22bf6779ccd4a66604ddc5f2c3caa24271e96f739fef007754d96844efa422d6682cbcd2d3bc902c36f0f6acb3eb87ed8d7b3f885973554 |
C:\Program Files (x86)\Steam\public\steambootstrapper_indonesian.txt
| MD5 | 1514d082b672b372cdfb8dd85c3437f1 |
| SHA1 | 336a01192edb76ae6501d6974b3b6f0c05ea223a |
| SHA256 | 3b3c5c615fd82070cc951ab482d3de8cb12df0b3df59fbd11f9d3271fa2fbca4 |
| SHA512 | 4d41c945ce7c94746875b0dbceb14811d4966de4e97fe047406a304162fde7e1e2a16367fc2e43978e2e5aa66749f036b4444aa2312673c2cc3af296e8b77f55 |
C:\Program Files (x86)\Steam\public\steambootstrapper_hungarian.txt
| MD5 | 18aaaf5ffcdd21b1b34291e812d83063 |
| SHA1 | aa9c7ae8d51e947582db493f0fd1d9941880429f |
| SHA256 | 1f45bb7bdfa01424f9237eec60eba35dc7f0dc4e8c2e193fe768fe96d3ff76d5 |
| SHA512 | 4f3e56d1abe26b56d3f805dc85baaca450c0c7bec57ebcf8a6bb6ebb8588307dad130c83bf792bac76694909a14fd6a4d7d1e9b31e32fba11256343b9fc18154 |
C:\Program Files (x86)\Steam\public\steambootstrapper_greek.txt
| MD5 | 189ba063d1481528cbd6e0c4afc3abaa |
| SHA1 | 40bdd169fcc59928c69eea74fd7e057096b33092 |
| SHA256 | c0a7a1df442ac080668762df795c72aa322e9d415c41bd0a4c676a4dc0551695 |
| SHA512 | ce59ad9b17bab4de1254e92ce4fe7d8c8242832f62ab382e8f54199a9932cd11b5800cc33895441426373d5210cc74104e0271b721a7e26ed400b716ae4d5903 |
C:\Program Files (x86)\Steam\public\steambootstrapper_german.txt
| MD5 | 5c026fd6072a7c5cf31c75818cddedec |
| SHA1 | 341aa1df1d034e6f0a7dff88d37c9f11a716cae6 |
| SHA256 | 0828572e4fa00c186dbf1d9072a6154d65cb499c6a37e338f3305f77a2fee382 |
| SHA512 | f9d28714b2a05f8d9025f1692e4d7e8baa6daf6176353f65646a38814a242ef2adededa44419edd69f10cf96ffba506dab7cb6e52111457bf69cffef12174b12 |
C:\Program Files (x86)\Steam\public\steambootstrapper_french.txt
| MD5 | 10c429eb58b4274af6b6ef08f376d46c |
| SHA1 | af1e049ddb9f875c609b0f9a38651fc1867b50d3 |
| SHA256 | a1f6ba57ee41e009d904905c0ce5e75a59ee6790e08542561303109e1faafa13 |
| SHA512 | d8760f61760bffd8671b727d386ae220e7e6e68829a01553cfd5eb60ef8bd1d7c1b25e7b17a6db5bd17ba6712ef44999726764459318e784843c73bc4facaf46 |
C:\Program Files (x86)\Steam\public\steambootstrapper_finnish.txt
| MD5 | 9e62fc923c65bfc3f40aaf6ec4fd1010 |
| SHA1 | 8f76faff18bd64696683c2a7a04d16aac1ef7e61 |
| SHA256 | 8ff0f3cbdf28102ff037b9cda90590e4b66e1e654b90f9aea2cd5364494d02b7 |
| SHA512 | c8ff15373b37e848e6239a82424569e77c82a5fc557d17e7d2ed1d0d2b2f7d026cc1e2bc98cb5ee945c02cfefb82803c23fa6a26f48ff0adcf762f94cd5dd035 |
C:\Program Files (x86)\Steam\public\steambootstrapper_english.txt
| MD5 | da6cd2483ad8a21e8356e63d036df55b |
| SHA1 | 0e808a400facec559e6fbab960a7bdfaab4c6b04 |
| SHA256 | ebececd3f691ac20e5b73e5c81861a01531203df3cf2baa9e1b6d004733a42a6 |
| SHA512 | 06145861eb4803c9813a88cd715769a4baa0bab0e87b28f59aa242d4369817789f4c85114e8d0ceb502e080ec3ec03400385924ec7537e7b04f724ba7f17b925 |
C:\Program Files (x86)\Steam\public\steambootstrapper_dutch.txt
| MD5 | 31a29061e51e245f74bb26d103c666ad |
| SHA1 | 271e26240db3ba0dcffc10866ccfcfa1c33cf1cc |
| SHA256 | 56c8a86fa95eab0d8f34f498e079b5516b96d2a2f1ad9c2a888555e50e47f192 |
| SHA512 | f85865c1e9ab45e5586d3dd2b45d15265193e8a3c34b6bb1ac7e415a1ea878cfb044e8e01012e917e4f00bb9e0a422f56253f328df1bac99a145e19433354cf8 |
C:\Program Files (x86)\Steam\public\steambootstrapper_danish.txt
| MD5 | 03b664bd98485425c21cdf83bc358703 |
| SHA1 | 0a31dcfeb1957e0b00b87c2305400d004a9a5bdb |
| SHA256 | fdf7b42b3b027a12e1b79cb10ab9e6e34c668b04eb9e8a907d8611ba46473115 |
| SHA512 | 4a8cdd4b98432ba9d9b36bc64aab9a2eab31a074d1cbdfab3d35a14216c60752b5580c41bbb70104993420043685d3bd47eb6637b8fcbb3f42f76a15e4be041d |
C:\Program Files (x86)\Steam\public\steambootstrapper_czech.txt
| MD5 | 2158881817b9163bf0fd4724d549aed4 |
| SHA1 | c500f2e8f47a11129114ee4f19524aee8fecc502 |
| SHA256 | 650a265dffdc5dc50200bb82d56f416a3a423eecc08c962cfd1ba2d40a1ff3f7 |
| SHA512 | f3594aad9d6c50254f690c903f078a5b7a58c33bd418abdad711ebb74cfbdb5564679593e08fb2d4378faaf4160d45e3d276ba1aa8a174ed77a5791bcac46f28 |
C:\Program Files (x86)\Steam\public\steambootstrapper_bulgarian.txt
| MD5 | 4c81277a127e3d65fb5065f518ffe9c2 |
| SHA1 | 253264b9b56e5bac0714d5be6cade09ae74c2a3a |
| SHA256 | 76a6bd74194efd819d33802decdfddaae893069d7000e44944dda05022cfa6d9 |
| SHA512 | be077b61f3b6d56a1f4d24957deaf18d2dff699bda6569604aac4f1edb57c3cfd0abc5e2a67809f72e31a90b4aed0813536c153886da2099376964c60e56001a |
C:\Users\Admin\AppData\Local\Temp\nsm14D8.tmp\modern-wizard.bmp
| MD5 | 3614a4be6b610f1daf6c801574f161fe |
| SHA1 | 6edee98c0084a94caa1fe0124b4c19f42b4e7de6 |
| SHA256 | 16e0edc9f47e6e95a9bcad15adbdc46be774fbcd045dd526fc16fc38fdc8d49b |
| SHA512 | 06e0eff28dfd9a428b31147b242f989ce3e92474a3f391ba62ac8d0d05f1a48f4cf82fd27171658acbd667eaffb94cb4e1baf17040dc3b6e8b27f39b843ca281 |
C:\Users\Admin\AppData\Local\Temp\nsm14D8.tmp\StdUtils.dll
| MD5 | db11ab4828b429a987e7682e495c1810 |
| SHA1 | 29c2c2069c4975c90789dc6d3677b4b650196561 |
| SHA256 | c602c44a4d4088dbf5a659f36ba1c3a9d81f8367577de0cb940c0b8afee5c376 |
| SHA512 | 460d1ccfc0d7180eae4e6f1a326d175fec78a7d6014447a9a79b6df501fa05cd4bd90f8f7a85b7b6a4610e2fa7059e30ae6e17bc828d370e5750de9b40b9ae88 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d
| MD5 | 24c1ac9e5814fdba1876bd70e65b55d1 |
| SHA1 | 440f8a4de77e05a029ae06d4f500c72308285d6e |
| SHA256 | 7cf9b84f3812c9377c20ff7b0826eda7092f11f33dd4af560413a6773f3fca43 |
| SHA512 | bc848fd4ccce7a1705b2b14b2ba1a1503a6a306096ac8460480bc653a2d9d4744fe21a0a39db573d7363b3c1252c6db1b594f029c04beeee9ccb5714c80af7cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c
| MD5 | 99af5da82ee74e7d9502225446604614 |
| SHA1 | 7deff05853fbf1528875f9c358b8a6a31d6dee5e |
| SHA256 | 031fe7ea42e0a823949190f13ab143f1d9d26fb0b22d863b582593a37cbcda9d |
| SHA512 | 7d2cec0882df88edbb4789fc14c7721f6dca5681c85919ee1f033d5cb2324f9c1305707bbc4c534e0019a2b163291edf4bd65c374e843d75174589e7148aab07 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035
| MD5 | a470afc683c0884e0eecbf5dc4145f75 |
| SHA1 | fca0247e27d464bfef50a7bc751c06a41e65cbd4 |
| SHA256 | 510940a8bea63e45e47699ea55eac22bf4af4e8cba3b6f20a4948d21d8934553 |
| SHA512 | d8ab0bd333c9f809ebb384d53d82c7451a03178cf443c15b903f110b7bd8631dea11cfc0b479028f11105b7de623ec48793d8925c3ce268244c644c71b5072b4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038
| MD5 | 78009b0bcd5f695070babef7964ce279 |
| SHA1 | 817fb69778754c2d5976909a48525ea46136992a |
| SHA256 | a179f5a994b7974aec4a54c2af8d07d1d0d9d2cfc66c81246e1299a5a0b1ad19 |
| SHA512 | 922be73fde8d54afead642c60b480f7c2d54fda6c840cb6976b02f10d12d67df749b5af21b7e441342c2007a17287b1ed55a9dc894638ff8fe21454be171b42d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000046
| MD5 | c9c9e7a0321c20a8faea53cb744f62a5 |
| SHA1 | a4f7964d6df916c63bc019879e15dfd8a010c9e8 |
| SHA256 | 9dc45a4308a94cc765a3fe2409e6998871eadf786e01bd0fdcbc5e354ced331d |
| SHA512 | 12bfb41ca0dffe67448d2ca50e44432d60f150b588e168efcebe37ce4f030da3161936d443735587b9833eaf506d6448bce92985c16456caa6b2b94b48b7896e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000045
| MD5 | e93e966d21aba85448fbad862ebbcbe3 |
| SHA1 | 0bd6beb5ba0bee448204e60d3c40450b1bfa2f0e |
| SHA256 | 9cf8953f31921ac3c2c115ba667b1f2c6c7fd9996dfc01a988b4f708435b4678 |
| SHA512 | 0c33f82e4e442d02505388f2824a4bba9fd509ab259104eb98ca7f482c2e92b88a15939826b3cbf833cb9c43d76cdbd4dcbf6dcced03499aa26f6f37855d45ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000042
| MD5 | 100655c23b1e2cbdadf8919bf6f14f50 |
| SHA1 | 1b535aa013148bcf8dbae70f31064ed03380f97b |
| SHA256 | 9de4c1063286a2bcfe2c2b232e45bd8947e70d941f4685a50fd9d99cc6b74fe9 |
| SHA512 | 9904ae2ea00d092f4d2cad4969d26e08b1840373e6869b358f11686d109b09eebe25fbb6a45671a918e1be53130a4ca20cb5e217348a855811cc4fdc32808f67 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044
| MD5 | 9d53309ac2415ed6efe77b43a5a2b2b6 |
| SHA1 | 31d26e32f551242c037116da7fe1f039bd1c4b41 |
| SHA256 | 31e667f7d809056c4199b4204f46dbc6cd118a97530308229bbb9d450c42f89f |
| SHA512 | 25510c4cd3ac3388a1c91b5011e12a34c409f272d8f7fbec1a89cbff45f2553f7061c1f63d1a2c06f8773b885bcabd9c96501434b8905778132fffef80989476 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a32f49695ec205c295a97cf803dc8cd6 |
| SHA1 | 258a1efed9d96c71edd9f601c9700ea0b64d3093 |
| SHA256 | 75a743ed25812d6b5fedf9f53df032abde33f93914f13f51deb2ecbdc8f48626 |
| SHA512 | 3e1e22dd9c71e5fe31367f8267559537e1da4328979fd495b77e99fbd46d874fd461ddfaf107e53f6cec55aa1055e6151f66cb13bd2918ec3945d761ffebfc42 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006d
| MD5 | 2416806c2825c70cdc7e77aa82007808 |
| SHA1 | b24105e0dc283be9360cc390d4d2073a4fca44ff |
| SHA256 | 1ef6f9317682ca5f22e7917550955686c896d59bb2126c677e5ca1831d46ea56 |
| SHA512 | 59616a672402c14c18dd1b42c9827a1d4028b1fc4e836cb357f4a7192b915b1e0834c916134368938312098ec0506b24552da854990260726949d1e4365d9dff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 316ea22fad379b5e37e7061cbc5d302c |
| SHA1 | d9ca482b88ad3088a57db2051ebcfffbcdfb8ccd |
| SHA256 | 8cee7962a7c2138e9fcf355a354a5f07954642e71b1415cf4ebb476077f7cdc9 |
| SHA512 | 0912f5a154473bcf2fa03cc11f7473702fa08f96190436fe2c07013e72dbbd35b0b48fb62281c20b6a53de47bbdc9cc0e75721e6af7942f89abd7825a56f9ba9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 412273543052441fc069e02689843477 |
| SHA1 | 5842954d818b5120b478d5a26acf7387c51da89b |
| SHA256 | d98684ce9dc13d4428bbe43d47cdbb19ad9631f45649a4b9103d8bcc713de7f0 |
| SHA512 | dc5e9cd75b5a3e0233454bb2b2e913ed76a85ea7147f658a29b50e86cc6ca16d6776d17470546f9491318604d4017525bdacba0e8b5119d49da5fde24fccb3f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c31a6c8019534055f9d83c08a1d8d08e |
| SHA1 | 11ce1286ca1f4e68eaeaa32a1385002ab7eb2317 |
| SHA256 | 9c1b666a8a2862b88605abfefc7b16b743e21f07fcc675c4ecf700556499a245 |
| SHA512 | 7af9337b5bac862dee183a175f68dcc50d5b53d8e9c4d10e9c4dbe1ad30a6da324888afd91917ef1b9e0f48f1eb796fb8c03199ef2a233f16c0481b1100166a8 |
C:\Windows\Temp\{A36323ED-EE11-4298-BDAA-E5FE4A1E750F}\.ba\bg.png
| MD5 | 9eb0320dfbf2bd541e6a55c01ddc9f20 |
| SHA1 | eb282a66d29594346531b1ff886d455e1dcd6d99 |
| SHA256 | 9095bf7b6baa0107b40a4a6d727215be077133a190f4ca9bd89a176842141e79 |
| SHA512 | 9ada3a1757a493fbb004bd767fab8f77430af69d71479f340b8b8ede904cc94cd733700db593a4a2d2e1184c0081fd0648318d867128e1cb461021314990931d |
C:\Windows\Temp\{A36323ED-EE11-4298-BDAA-E5FE4A1E750F}\.be\windowsdesktop-runtime-6.0.36-win-x64.exe
| MD5 | d73468bae3dee29164dd9f7fb0ed49cd |
| SHA1 | a1eb8fbe9916008d3948ec64b407600b40cc958c |
| SHA256 | 9b8b7390579a87b3f6a1370a31c92ebdcbbf0d43a4007ee6f66f3c1887681b15 |
| SHA512 | 05c74c09489ac104b9c8e35e339561a0c09687f1b57caceea23c4dc4d199f9bc2e3941e9530a0b8ce0d9ed131892d86a48dbefce6841748d110f2745ac3341c7 |
C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_
| MD5 | 577b7286c7b05cecde9bea0a0d39740e |
| SHA1 | 144d97afe83738177a2dbe43994f14ec11e44b53 |
| SHA256 | 983aa3928f15f5154266be7063a75e1fce87238bbe81a910219dea01d5376824 |
| SHA512 | 8cd55264a6e973bb6683c6f376672b74a263b48b087240df8296735fd7ae6274ee688fdb16d7febad14288a866ea47e78b114c357a9b03471b1e72df053ebcb0 |
C:\Program Files (x86)\Steam\package\tmp\graphics\icon_button_news_mousedown.tga_
| MD5 | 00bf35778a90f9dfa68ce0d1a032d9b5 |
| SHA1 | de6a3d102de9a186e1585be14b49390dcb9605d6 |
| SHA256 | cab3a68b64d8bf22c44080f12d7eab5b281102a8761f804224074ab1f6130fe2 |
| SHA512 | 342c9732ef4185dee691c9c8657a56f577f9c90fc43a4330bdc173536750cee1c40af4adac4f47ac5aca6b80ab347ebe2d31d38ea540245b38ab72ee8718a041 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b531bf277184bf716e14df9289235192 |
| SHA1 | aac10f8609a8aec79a5d2682be4a6fa0df528da7 |
| SHA256 | da1e56cf635981d56965f0c60df9de1e63f091c279f55a3b4a2388631e484fff |
| SHA512 | 243826397730192b4b17e158ff069042dfdad654faa2405200d3f157fb27c065af69ea36e82d43894864b4eb7d851b1e4d268967a46a1714e7f354106f1f24cc |
C:\Windows\Installer\e5a8216.msi
| MD5 | ce601053890199872aee8f17e6149527 |
| SHA1 | 04a99a97045d95f7814608e66ea735f19dda4420 |
| SHA256 | db92e057f649d4804d3a758aedade71a3b63991ca318077d4340e47c4bdba8e7 |
| SHA512 | 6d352a77eeac9bb01d19a115951f9c11ab2285f18739c3861c941353bb63b9f4c418e590eed81762de39c5f1d634dbad274a778fd53df90e29ea919d5fa5bef9 |
C:\Config.Msi\e5a8215.rbs
| MD5 | f0c3b00638e5188b24bef62696828e95 |
| SHA1 | f87ce76f89b780b099043582a34399b0cf7c54cb |
| SHA256 | af946b2ad09f7af01b73fd1ab63b0d9afd1af079f7a9f6e7eb0bf98847f21858 |
| SHA512 | 12e1e731d3da26cee547353aa3022c6b010ef17ade0eb25cfa036f869f859c89bc1cdf089eae5e91d5778da557502b718b6e21b6fe9e4d86c36442431b3af784 |
C:\Windows\Installer\MSI9E96.tmp
| MD5 | 928f4b0fc68501395f93ad524a36148c |
| SHA1 | 084590b18957ca45b4a0d4576d1cc72966c3ea10 |
| SHA256 | 2bf33a9b9980e44d21d48f04cc6ac4eed4c68f207bd5990b7d3254a310b944ae |
| SHA512 | 7f2163f651693f9b73a67e90b5c820af060a23502667a5c32c3beb2d6b043f5459f22d61072a744089d622c05502d80f7485e0f86eb6d565ff711d5680512372 |
C:\Windows\Installer\e5a8217.msi
| MD5 | 9e06a7a66690f89aa724369b851904ec |
| SHA1 | e5e2441fd0a95fc6fa80ec2e2d4bcb451a9eacb6 |
| SHA256 | ccb99abeb554c877236697168ad75bf6fb905c986ddbdb463a8e16cf430a1c0d |
| SHA512 | a9d9c7f4146ce5940b237462ef574c58edfc4ca8d4da6079df7cfe7738c869c48ec6619ba45d5275ad45d204be58e40976dbd28a4759058424d14711442e6f1b |
C:\Config.Msi\e5a821a.rbs
| MD5 | de67b220339af320eab0c3cb7c8f77f6 |
| SHA1 | 56d95d9cb56516e5a28f24d2b349140afd27ff0f |
| SHA256 | af6460b9e960a7d34f2783bfbe2f4b2ddd174527930c61a786e0e78cf3d89e52 |
| SHA512 | da66d72fde1f5a75aea5a6ace178baad3329289c3cd1e492a35295a1d8a232ef53ab36fae9f2b6c30876ff1f4705a3f3fed881e1e762334e16a2abf7a4d81dde |
C:\Program Files (x86)\Steam\package\tmp\resource\filter_clean_bulgarian.txt.gz_
| MD5 | 836dd6b25a8902af48cd52738b675e4b |
| SHA1 | 449347c06a872bedf311046bca8d316bfba3830b |
| SHA256 | 6feb83ca306745d634903cf09274b7baf0ac38e43c6b3fab1a608be344c3ef64 |
| SHA512 | 6ab1e4a7fa9da6d33cee104344ba2ccb3e85cd2d013ba3e4c6790fd7fd482c85f5f76e9ae38c5190cdbbe246a48dae775501f7414bec4f6682a05685994e6b80 |
C:\Program Files\dotnet\ThirdPartyNotices.txt
| MD5 | f77a4aecfaf4640d801eb6dcdfddc478 |
| SHA1 | 7424710f255f6205ef559e4d7e281a3b701183bb |
| SHA256 | d5db0ed54363e40717ae09e746dec99ad5b09223cc1273bb870703176dd226b7 |
| SHA512 | 1b729dfa561899980ba8b15128ea39bc1e609fe07b30b283001fd9cf9da62885d78c18082d0085edd81f09203f878549b48f7f888a8486a2a526b134c849fd6b |
memory/4156-7576-0x0000018EE5770000-0x0000018EE6231000-memory.dmp
C:\Config.Msi\e5a8226.rbf
| MD5 | 21438ef4b9ad4fc266b6129a2f60de29 |
| SHA1 | 5eb8e2242eeb4f5432beeec8b873f1ab0a6b71fd |
| SHA256 | 13bf7b3039c63bf5a50491fa3cfd8eb4e699d1ba1436315aef9cbe5711530354 |
| SHA512 | 37436ced85e5cd638973e716d6713257d692f9dd2e1975d5511ae3856a7b3b9f0d9e497315a058b516ab31d652ea9950938c77c1ad435ea8d4b49d73427d1237 |
C:\Config.Msi\e5a821f.rbs
| MD5 | 65c3fffe6726587bea837a956c39d9df |
| SHA1 | d2e244c3dbb691df4f65518cdb496fca1650689c |
| SHA256 | c1b488fbfb14ba259aab949f826c8c02208ef71511f3947e8d01c8f88ed68f76 |
| SHA512 | 1f4f42e71878a9bd96b4e138f3a17667d8559b0f7817365414c970853d73c66ff6f95d98b3aed27922c917d7b2c18b8707ce98a465d29c2cabff82a097950064 |
C:\Config.Msi\e5a8224.rbs
| MD5 | 958cff825cc192a54c3a5e6c5e818a64 |
| SHA1 | b46ea21a6a18a65cb3953371ede86ac82d53ff9e |
| SHA256 | 3b6b396bf8cb55b9d7c9453a7e03d5186285da06ed6d5d639175d69b666fdb87 |
| SHA512 | 6f4be0e8daf19674ad71e0d03bcbfe63d9a2a4ec416de52948a1ec8f4c970ebb11675be8938d0f2a7014f39bbbcf88a0d371e2cafc9c18e0982fcf2388cabf7b |
C:\Windows\Installer\e5a822b.msi
| MD5 | 344ffd985baf47c368a9c9b56f9625fd |
| SHA1 | 1855382370544728829c5a87e690dc3a674b1df7 |
| SHA256 | c463d23e60c2169da0e10d1cfb097d2ae27f25102ac55d4589069bbe2c4a2276 |
| SHA512 | c086fedc2bffb94a3cc68ec70bcda8a2ba528c19f394f002ef7b2a49529407915c0e405a70527b63671b89dfe74ba53e8129739d74009d66143da8bda75e852a |
C:\Config.Msi\e5a822a.rbs
| MD5 | 6f5fd025acc18ac36a22fa729efef5a0 |
| SHA1 | 20fef78b15ef60502675c54bf666279d5716d426 |
| SHA256 | 18c5f0681919d8c73951983ff653c4045753e29bdd8a25bc49b57962b18803e8 |
| SHA512 | a7bbb5ec7fff95dcdea08525292df227cc16f67d5b667e5162b95c544d21f200b592018f62a88af95b619adc1dd77c132ba2bc9b30dd9483938e48a031097515 |
C:\Windows\Temp\{B56EAED1-9659-4615-9940-A5466F936C01}\.ba\1033\thm.wxl
| MD5 | d5070cb3387a0a22b7046ae5ab53f371 |
| SHA1 | bc9da146a42bbf9496de059ac576869004702a97 |
| SHA256 | 81a68046b06e09385be8449373e7ceb9e79f7724c3cf11f0b18a4489a8d4926a |
| SHA512 | 8fcf621fb9ce74725c3712e06e5b37b619145078491e828c6069e153359de3bd5486663b1fa6f3bcf1c994d5c556b9964ea1a1355100a634a6c700ef37d381e3 |
C:\Windows\Installer\MSIC861.tmp
| MD5 | d711da8a6487aea301e05003f327879f |
| SHA1 | 548d3779ed3ab7309328f174bfb18d7768d27747 |
| SHA256 | 3d855b58ce7da9f24f1bef8d0673ba4a97105a7fd88433de7fb4e156b4306283 |
| SHA512 | c6d1c938e8a0acf080dcab1276d78237e342a98772e23ac887b87a346878c376fb0af8364e52a36c5b949005aa3218308bc6193f8b580f622ef39d9955c7c681 |
memory/4156-9475-0x0000018EE5770000-0x0000018EE6231000-memory.dmp
C:\Config.Msi\e5a822e.rbs
| MD5 | 9d28a3ea0563d80229ffd2d4913987b0 |
| SHA1 | 8c553034e567057d630a253c160e3836c21ee7c9 |
| SHA256 | 1fc4a14a665b17145ef5493151afe2fe0958f1da0e584840e694e861386b33e3 |
| SHA512 | 169d4a69856f43f89f6437781301761f57863a2323ec821f4dc5e77d4354a2fb2b7eabcec54fb57bea1365264d47818635643c79baaeb70cee00f42fe9ce1510 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006c
| MD5 | b642b8fb500f88557b31afbf2bd90ec3 |
| SHA1 | fe5abda9ace9d41028444fded9fc8883acbf0ccb |
| SHA256 | dc6adf741a88a1ae37313a57eb50bec7d7e4398ab5621db89c537eae1957ffe6 |
| SHA512 | 5106c46a1e42379116232d2b267fde1b511a1af5e6e4680e9a450bfc642e44e2be672b31ffdb0a21a426d4647873728b8406acd8f054b90d2683a2fb2bdbfb57 |
C:\Config.Msi\e5a834b.rbs
| MD5 | 6f72432dd1cce748948ed2f654929f90 |
| SHA1 | aa4dc5c30846a6a2c306a50f35a1a23d4a2a8e8a |
| SHA256 | efde71fbfb4a7b19f1f472ba3551137535e948cd774d2a34bc4c83939674a04b |
| SHA512 | dbc109d0d0c2f4faf50ecdaef4658b7125bdb70e5635f04d7bd3475076b33670edee35ef0b7ad59b5e314804623930d2df65d845c23d2089b8ad8e1f8dc36048 |
memory/3424-14160-0x0000000000410000-0x00000000008C2000-memory.dmp
memory/4156-14167-0x0000018EE5770000-0x0000018EE6231000-memory.dmp
memory/5940-14206-0x00007FF972E30000-0x00007FF972E31000-memory.dmp
memory/5940-14207-0x00007FF972E90000-0x00007FF972E91000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_1
| MD5 | d0d388f3865d0523e451d6ba0be34cc4 |
| SHA1 | 8571c6a52aacc2747c048e3419e5657b74612995 |
| SHA256 | 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b |
| SHA512 | 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Local Storage\leveldb\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Program Files (x86)\Steam\config\config.vdf~RFe5afa8e.TMP
| MD5 | b46cdf246adb25dd32b81a328e154f53 |
| SHA1 | 181a1ead2bf44bfafa67339153c4e446863b450f |
| SHA256 | a3d8a2cba6e356e02c0f33b50e3a9e61d2f9dfb6a26b5983e30e7786da95dba7 |
| SHA512 | 9230a9ca314bc2ab9dfffbf2ff069e7fb7ab9f57f130cb20e44776b7a82060fb0c2f93359b91d7be95f50ddfedc203a58a623cafbb07170c5822dd06f8a549d3 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 6e6a2b18264504cc084caa3ad0bfc6ae |
| SHA1 | b177d719bd3c1bc547d5c97937a584b8b7d57196 |
| SHA256 | f3847b5e4a40d9cf76df35398bb555117dfe3626c00a91f2babdedb619d6ad53 |
| SHA512 | 74199ff275400b451642cde0a13b56709735676959d65da11ac76dd645ab11dac5de048ff7ede0cb8adb3a3056b3ecbeb3dc7481bac3768d02051e564c74b679 |
C:\Program Files (x86)\Steam\config\config.vdf.async6860.tmp
| MD5 | a2ec2e91c3ef8c42e22c4887d032b333 |
| SHA1 | e2c738a2e9400535b74e2263c7e7d1ecefe575f2 |
| SHA256 | 8f9f970835f133258a7f740126012439385bbaa5a1d6a9d0d967a390977441c3 |
| SHA512 | b069d241efb19e09ec8b5e60ef6c43e00d5cc0f774b9340127c2180356dd1964ac625c1afdfaee5f99e72b26f56046fc329aadbbc365b403af765a55e9c9aab3 |
C:\Config.Msi\e5a834f.rbs
| MD5 | eebcb0f57c520e35da64b22ccebb1718 |
| SHA1 | 8084d7d0f6a59ea6377a9d265518d7798cf5f52c |
| SHA256 | 6a0a495eded20e6ed561e002588131de3820b1fbce195cb84505cbb16e78f266 |
| SHA512 | 22a82c79a0d7a37831040a0d65f366657b357a64c20bba0d1bf87ad329a5523b6fb718388d61c69821e90149c10b8331d67e810f2838e938a1d1265da4f47806 |
memory/5280-14312-0x00000000000A0000-0x0000000000116000-memory.dmp
memory/5392-14337-0x00000000000A0000-0x0000000000116000-memory.dmp
memory/6016-14338-0x00000000000A0000-0x0000000000116000-memory.dmp
memory/6860-14358-0x000000006D060000-0x000000006E3B3000-memory.dmp
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | c67a89954ad2d98deecaf09a16f0c15c |
| SHA1 | ef3ea2f5b527898806f4152a9e235039746d0e67 |
| SHA256 | 57e0ca694a3d28e297a17c90d9ad120e74d0a28fa1d52041d5d4a691d46d1492 |
| SHA512 | 013ed7d844c533b0f4daf32a4688f45c0950542a412889334eb2652b8726ab584ddd2f31c3adaf29164a6ec7c45d8282f72aabe2806573e4da33c4c3d72d580f |
memory/7012-14381-0x00000154DA480000-0x00000154DA488000-memory.dmp
memory/6052-14447-0x0000029A32FD0000-0x0000029A32FD8000-memory.dmp
memory/5652-14488-0x000002BEB6690000-0x000002BEB6698000-memory.dmp
memory/5940-14487-0x0000026FA0320000-0x0000026FA0328000-memory.dmp
memory/3108-14489-0x000001CC48AF0000-0x000001CC48AF1000-memory.dmp
memory/3108-14491-0x000001CC48AF0000-0x000001CC48AF1000-memory.dmp
memory/3108-14490-0x000001CC48AF0000-0x000001CC48AF1000-memory.dmp
memory/3108-14493-0x000001CC48AF0000-0x000001CC48AF1000-memory.dmp
memory/3108-14498-0x000001CC48AF0000-0x000001CC48AF1000-memory.dmp
memory/3108-14497-0x000001CC48AF0000-0x000001CC48AF1000-memory.dmp
memory/3108-14496-0x000001CC48AF0000-0x000001CC48AF1000-memory.dmp
memory/3108-14495-0x000001CC48AF0000-0x000001CC48AF1000-memory.dmp
memory/3108-14494-0x000001CC48AF0000-0x000001CC48AF1000-memory.dmp
memory/3108-14492-0x000001CC48AF0000-0x000001CC48AF1000-memory.dmp
memory/6312-14504-0x0000021C7D4B0000-0x0000021C7D4B8000-memory.dmp
memory/6860-14503-0x000000006D060000-0x000000006E3B3000-memory.dmp
memory/6816-14510-0x0000023C753B0000-0x0000023C753B8000-memory.dmp
memory/6860-14511-0x000000006D060000-0x000000006E3B3000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index~RFe5b7099.TMP
| MD5 | 251b1b29c004fae20a1dfd2e5dc52c40 |
| SHA1 | 2e0b7f0dd103daec3ea60071d143cffbd40d1c32 |
| SHA256 | bad578011db07ce647f8f5eb3fbed3c8d12817a2ba0ec5c47fc0924bb4a9f694 |
| SHA512 | e3b7451686e2e952f63068b4fb53d0cc0fddce929e7c5a12ec9926be5ac94ef809a65b5fe60226afdd91540d8d220bbb987499b31093b7102f1d2aea8fa28a01 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index
| MD5 | da1d73d59777b7c0be47ebd9328a465a |
| SHA1 | dfe4722f16866db4ac6d4e8e937804a9ae4575d4 |
| SHA256 | 84794463d14033531960d5c1ae2d70555355f209ad0a2d846314cf83a8160cdc |
| SHA512 | 889690972b528c09dbbe963c0a6241ef41ec328048d93921aadfe3f5a72ad791a124b1a6f771ab6b769f8e27e455989b09c24e883c5be99e6292e8a994299466 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029
| MD5 | 2e86a72f4e82614cd4842950d2e0a716 |
| SHA1 | d7b4ee0c9af735d098bff474632fc2c0113e0b9c |
| SHA256 | c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f |
| SHA512 | 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028
| MD5 | 226541550a51911c375216f718493f65 |
| SHA1 | f6e608468401f9384cabdef45ca19e2afacc84bd |
| SHA256 | caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5 |
| SHA512 | 2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026
| MD5 | 69df804d05f8b29a88278b7d582dd279 |
| SHA1 | d9560905612cf656d5dd0e741172fb4cd9c60688 |
| SHA256 | b885987a52236f56ce7a5ca18b18533e64f62ab64eb14050ede93c93b5bd5608 |
| SHA512 | 0ef49eeeeb463da832f7d5b11f6418baa65963de62c00e71d847183e0035be03e63c097103d30329582fe806d246e3c0e3ecab8b2498799abbb21d8b7febdc0e |
memory/6860-14686-0x000000006D060000-0x000000006E3B3000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1cd5b79b289b961077c13ad23442c1d6 |
| SHA1 | 6dde7bac6475c435ba242c0248959c58b53dc7ab |
| SHA256 | 061d0e9682496f64bb458d94a7ffa72faffd46b3fa32f30fc08298436881913a |
| SHA512 | 3a6c56e0ecfbaa103bc58cd97c9a74899a4dc22a6d20f1a11329d5acdaf34f64014428381e77e56dbecb32f8384e867c8b5defa3b6ea0e3d61d21022a17b54b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 00caf3f2610c358b7832cb107079ce7b |
| SHA1 | 606f524e806c1e935beb20d92ec37b63201d6442 |
| SHA256 | da4d62ecbc2ffba9bb6f91d9033b718a1aeebf911fd5d2be85e3d62a9ae398cb |
| SHA512 | cc33f55dfed546ede99e1a50389a7b9409c493f365cddf74789f53b369038c590ada57839e7e2f58d7b6a8212069eac70194a239b3b96e84c6c5d550837f6847 |
memory/6860-14733-0x000000006D060000-0x000000006E3B3000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3d6ebce09c8b087e9e580d2cbff26587 |
| SHA1 | 8cf5a72b93ae8be80ed60a4042a0c6aa85b79d18 |
| SHA256 | 46f7f5a3e926222acd792bfb71241add928331693ae48c2f3667a463f555508e |
| SHA512 | 4c481180d05f950badbe711021dc41e89c9d3729d7117c374608150c2a4552b7a634a39ae2a321d3dd6064e940331f7b118b22cbf806a458ceb0f743d3172f5a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8857be8c47de45d04b9387a7c6546fba |
| SHA1 | b004ebac8bfd2b6adca4cb7624c43d90db5125db |
| SHA256 | f494c542ebcc583e99951ee764934b29840aad07e626edae6f3ee744a55b20be |
| SHA512 | 28326c1cf733d7b22c89892d4d4e1a621786c1bb7139ed7b9eea2ff4e47087face587bd539d6447b646356affe84bf70cb5d289318da2712eac4045015c9f348 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json
| MD5 | f0ffe03534650eb21a88442b1b975fb2 |
| SHA1 | d0e952d1f37785e27cedc159732243ca6c26c47f |
| SHA256 | 473cb72c2d9ee37dbebcfb1b49714c7ed832662762c1271e025c5e4148f92810 |
| SHA512 | b859e4d1133b045d736e548c9d5b8f16c6fa21fd6656c1b3a1f0fd66d439bf9eebf27bbaa1087a8eb620cc0beaf210b35066a6da6e0ca7cb6021779ba8f9046a |
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json~RFe5c0de2.TMP
| MD5 | dfb4a0013e8063856930e6fce65703d3 |
| SHA1 | 1ad4e118c1520a3c37341c5e2b849474b2779ee6 |
| SHA256 | a1c2b95267bf33e96a9a246a3ca10455ee8aa8007c2543bb47a29af561abb67f |
| SHA512 | 16aa53d9832ab71adad388bb743aabd457d664f6254cc31c597fe3da2c06abeaad3d73e4dd53c110e65b7431a43e09278507e62af3ac7ed56ab3a9f2e52c4f30 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State~RFe5c1c69.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State
| MD5 | 95da092897e5ea4b5df1315a01717419 |
| SHA1 | 0941b45092f85c38a45f952c5cdd527f278579ae |
| SHA256 | b9470ca51e7904ed784a72d16f496a26e28b62ed279b94739ebf8ae218507d92 |
| SHA512 | 3c43e835a5d9c6b76926471d8cbb201dc0882709ae3908b8534f07ac38d7fbedaa2227ac3122d4769ea47b3bd3a2716cabe579146d868b518842db204f7b8eb6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7fc990a65d5bae6d77cb31895591e2c5 |
| SHA1 | dee427ae6ae89644717c3936be3b3b2e136fb731 |
| SHA256 | 41e82880bde8f71daa8b8fce7d6c33a6129e62421b30af011df0b62de0236ab8 |
| SHA512 | 2ca620051fa7dfa06c2bbbebc08bc4e8f114ce9b3e5027071ec523c65ba2dc0cef8fcb0e0d47bf1dc7b75d9bc9531a7163ab8baa9402153bda968b39b34e71cc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d20185a5567ef6d2ee0596438c64d9a7 |
| SHA1 | bdf2b57948ae7c74f71bc0ef9cb5dc7696d7ba4b |
| SHA256 | 20fc27c4300b84b4c44a96df3a27f5d08662e8c5c380fd8a7c86e52184fa0591 |
| SHA512 | 996b1553eb29bac1ea827fed1ae5ed9a5ac882997573f36737157865e379580b6b11a5f2a6d882673286c791ce5c122f68b257f31f7eefc6b26f869483e51840 |
C:\Program Files\chrome_Unpacker_BeginUnzipping7012_585417881\manifest.json
| MD5 | 2ff237adbc218a4934a8b361bcd3428e |
| SHA1 | efad279269d9372dcf9c65b8527792e2e9e6ca7d |
| SHA256 | 25a702dd5389cc7b077c6b4e06c1fad9bdea74a9c37453388986d093c277d827 |
| SHA512 | bafd91699019ab756adf13633b825d9d9bae374ca146e8c05abc70c931d491d421268a6e6549a8d284782898bc6eb99e3017fbe3a98e09cd3dfecad19f95e542 |
C:\Program Files\chrome_Unpacker_BeginUnzipping7012_585417881\LICENSE
| MD5 | f6719687bed7403612eaed0b191eb4a9 |
| SHA1 | dd03919750e45507743bd089a659e8efcefa7af1 |
| SHA256 | afb514e4269594234b32c873ba2cd3cc8892e836861137b531a40a1232820c59 |
| SHA512 | dd14a7eae05d90f35a055a5098d09cd2233d784f6ac228b5927925241689bff828e573b7a90a5196bfdd7aaeecf00f5c94486ad9e3910cfb07475fcfbb7f0d56 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6733ffe0584b7c2ae49c9cb746cf22fc |
| SHA1 | 8f8ff9b8e67688d7479ac4f5586fa2b986389b61 |
| SHA256 | aa80612f94d1ef4a70cdf210c8f93646c698ce4984f3cbea5ba54eda9941af92 |
| SHA512 | 718d03ff113f09ae81e907a951a1b20284c3e570e386bed61e316cf80900126a1928ac1351edf812eb5811521180b0656a81edbd77c04eb09921b0c5a869a206 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 1663713aad2b4f8e1e6be379ec0d77a5 |
| SHA1 | 02d793a7f367b8a443a6b4fe4f037464f50a68b6 |
| SHA256 | a24c2915871569190e344413d5aeb20037a89deb60094637bea4408630fc7d91 |
| SHA512 | 1dfb4b6d286a1964952b096b9dd5438872e51d6c825c6bfd05e53f5a4784ce75c7673fbf5a279190e6b14d1cfedb79bf8fc18922bd12bd882cc928b37c147306 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 9015e75108757791deb2db2baf91b0e4 |
| SHA1 | 47bf0354410b3c5986c540eba87623305b3b97a3 |
| SHA256 | d3dfd970ad766f5234e135e21641812cf8e37a5c2c1e93d9574afa8957e1799a |
| SHA512 | 2725aff9dad1383f66678c443549632dc13bae25b5fb6b9341e23b81ee550c909bf257e8d6845a3fe90dc0273c63fc788be65b584fd9fe99e09b23d661465a9b |
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json
| MD5 | b3d2f2b891e8bf01bf4ec6a16d3c12b3 |
| SHA1 | db17640d21b954c873cd096e2ee54b23841df64e |
| SHA256 | 0972e9437b6ad1c9643b6560d72e1faf9908471532fa3c3c207d4c8e7c9f2611 |
| SHA512 | 84640468d0955b8820a39eb73cf0608b3f884f1a6bc263a2adc5405dbef09635300a2d21126feb95f4189757d9a8e39b712f01d4c0344c4795d91b56b8bbe10d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | caa73d61a9bc6a82e214b1477b4934a9 |
| SHA1 | 47be74728b5df92b3f5bdaa7f095fd36dc47b23b |
| SHA256 | 96876a6f0ca3e1912495fc64ca8382acf123cac25975d5f59fc8917ccf77380e |
| SHA512 | 588768762f06e3d77e23a38ca99a25c42f26c23dd97a8372833691ee5d80f2a32e163f6b6eeeb10de0f79da4381f779f2b8e03a2ec321ce132eb8b7bb94313e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d2ec8bd0a718d02d3b76264997846493 |
| SHA1 | 6fddbedad85f82c5dad791165b450615dbbd3edd |
| SHA256 | 4fc7df943abeefb9efc06126850d52d55dd992fbbdab87b3ad11216fa95b7b02 |
| SHA512 | 34bb58dcd90cbef22777c1e84ea9c1567142e07e1b4fcaf4b3e29876edf23622e9cf02b5b1070b1021be0d638b11cbcb540101a7e33d155b083342cde740c95f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9882e68dd16e816801ec1ae96b1d3509 |
| SHA1 | d45baf9e6b20f496f09c67d5bebbbf3333561480 |
| SHA256 | 8b640471398320ab46bd4c997ca733dae4a5a63e06052aec5d8f69a7eca64d1d |
| SHA512 | 93d4a0c6665a0e7f590cf10f6b714aa3a23253a76a263327f0a31d3cd51e13c7b8044152506f8d901f052bd84934b223a1cdf090f28acc6ecd82fe7cc2707a51 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cb35bcafb9c6a7f277ae4e4eded5a92c |
| SHA1 | 5b113037a72cac0f9764d095d2ed7a9cb7ea370f |
| SHA256 | 105e8cf6dff67c57b141c377c77071db8fedae1cf8688c053433bffef20bf215 |
| SHA512 | 489332f9d97fc8dafea14e56d61dc56436c7e6decae7c15210c3228779d9d68154fc4c729ed32253e4ff58e93d88cff8fd936d8ace6aeeab6d63648514ba8140 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025
| MD5 | 0d89f546ebdd5c3eaa275ff1f898174a |
| SHA1 | 339ab928a1a5699b3b0c74087baa3ea08ecd59f5 |
| SHA256 | 939eb90252495d3af66d9ec34c799a5f1b0fc10422a150cf57fc0cd302865a3e |
| SHA512 | 26edc1659325b1c5cf6e3f3cd9a38cd696f67c4a7c2d91a5839e8dcbb64c4f8e9ce3222e0f69d860d088c4be01b69da676bdc4517de141f8b551774909c30690 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a
| MD5 | 8ce06435dd74849daee31c8ab278ce07 |
| SHA1 | a8e754c3a39e0f1056044cbdb743a144bdf25564 |
| SHA256 | 303074dab603456b6ed26e7e6e667d52c89ab16e6db5e6a9339205ce1f6c1709 |
| SHA512 | 49e99bffcdf02cfe8cef0e8ef4b121c75d365ab0bbc67c3a3af4cf199cc46e27ab2a9fdf32590697b15b0a58ee2b7a433fe962455cf91f9a404e891e73a26f59 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 06121ba9232acb8272de540d7896aea7 |
| SHA1 | 2d4c8be93137ed98abc9a11f374e29c5b941f8bd |
| SHA256 | c7f94f34956cd84eb06c7e38cda54a2a3a0b9a786a134592c5c1790f960c49d8 |
| SHA512 | 68e91d7539777a53b6d167c7735c16fc27fc1d339b20f78de354d699f19b60593621492912ae984d697360eeb56f5d140d9d638d5f34d8368cf3ef6a839dfb43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 561e1102314b8cc43387cabd671a21b7 |
| SHA1 | acbdd93c44dfd489ff619939eecd793dfa5a79ac |
| SHA256 | 961e9b020ee6834c7b5859e4b2f8d22c8af24376f2eac2923f102ef4370cb34d |
| SHA512 | a50dbd31b3ebd920a5453d32c6c20aed942580a3683f98f778ce12ca95a3fd4a9c4c152510517e5c4b58ef2b21da09ac248dc2fa20d437d0950be310a821de67 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d9f27cd4afbca4f879f085f615c82c2c |
| SHA1 | 3ef758d9b53c8ed3ef1add6e5775b63462951280 |
| SHA256 | 488f15547d00a4b723aa17f40cbedcf6782f164c84c7b59b3c1c39a6e53b3c93 |
| SHA512 | 942609e5318b6360c56b68720ee19b6c1ce99baaa17dea07fdd37753831679b5d852aa65358d87993a9bbb1cc5fc9162f84f46f4dd65f39e9f6d794e65bd3d96 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f0af71d77a2f27e3839c254c6dd96c9c |
| SHA1 | 03d215a20ac02c54e627def28f43fe10a997f68b |
| SHA256 | a2f212771be2ecc05d879688a865f169beda00dcc8d9eaff22ec85bf00d14cf5 |
| SHA512 | d00e5ba97025e33c85e65ca1ed5ba823f6ed0b02b0d9bc3cc6456069e45c71d35eaf30428bb0ad5f3604cb8f9246ac52d9f9f8467ceefb35159b3e4231e7e7d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 07e7d7e7c8b9a04bd55d3ca1538a70c9 |
| SHA1 | 06852074224f7a60826f727e115fcb1cae9e74b8 |
| SHA256 | 0165e872d5a4973b29e3c30583b062e6829048e5dd84fe0f01be495d3747d4fc |
| SHA512 | 5a4e8a9292e6153b968334bd662bee091add21678a1ae0169ada74e7e6e54bfd959e9b79d79f7f1b14e8d5a2502ea34dc3ad7f677d65bc9d0fd6ba6ca8d0df7e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e1c91e451c2ac32a01ed6a5f7450e74b |
| SHA1 | b65a7498ce9a2245241c044fe50adcf16afe9ea7 |
| SHA256 | 325193a365aea43cea315b5542686276d0ea95898d61d82bfcd8feb0b34c60fd |
| SHA512 | 95706900626c9ee87a6ba4e9259f5b337173a32356fdbe7b8d8baf3839c0086b2d8ccd2e0b04aa2b7b941a17c16758b69d4c0e8731b79054a344323aa305cb8d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9aa66d0cffa4c2b865dff9a8ea170478 |
| SHA1 | b1011cb7966d1fadcf0caf0b01dcebca4fe2bebc |
| SHA256 | 58850aa6505d12d0b2c3a2ca1f7db085ec879bb6be10b620f63c6ad51a92317e |
| SHA512 | 60d9cf8c38787cfb502ef7d88098eea208bf3546b54ff3b36793e6cd0fbae36c70342b8246b6b8d2bdde862dc9863cc3f6101852866fe63f94e3b1f0dbdebba3 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 76464ed11e22ff2a74e765f6e984d9cb |
| SHA1 | 0f94174b0809ff204a23b3b4c0c1519004834757 |
| SHA256 | 7eac47e5c1eb497fd1a5d234ee80a9ffa2eefdb4a92e3107658f33242eb2a12c |
| SHA512 | 485af012cf46bfc504c63b819a7d3f3dfff7416da7c8521e767e8c7edce873eab633e29b923d62e1c9daee62c22c20ac412b5cf80aaaaf7131bc1cbe5aaaebf3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 78d345a017a32a6c6dac0387d9a93cbf |
| SHA1 | e18f65c5cf2f12ac41c4fe5fcf84b97322c3c5ed |
| SHA256 | d4df68227369e195c11139c143e8748cae39530eb7d5b9346611c46081107e3f |
| SHA512 | e3f733615a08a9926ffb0456952f74a23cb3651138624aa65e4ae3710f08e07098bfa6680f4bf97faf0b257d6807aff941b5d9156e25ea9247c551d5b2ab30c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 337c7a10f531ab6250f6d926af20541f |
| SHA1 | e4d4874bd64075532d0271dab54f506bec16b18d |
| SHA256 | 235633d2ebdd0a79abde79c5032fc0dd233043a71a52aafb56e84fd12a351ff9 |
| SHA512 | e259e99de34229c490d97ad3a5b07c812f15ff5bb4d275ec557687b195daf6c4308264c9ddd70127d35eb49065605dc0574534e759f74336308d33dd3a227338 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\61a0b4d20ae0e222_0
| MD5 | 1117489fa8bebb68f95406e89ca2dae9 |
| SHA1 | c0821cb8c7d6acf2e7039d5595e1c63a12cefbfd |
| SHA256 | 224e781e23674ebf6f3dd02cc076dc4ffeab478580abe9123069a1db196efa37 |
| SHA512 | 59bfa97fb5eefd2f1009d04d6c481269e8807da278ac85c3c9bff7d0242b26b09eb26c69fed5911c674b28e01d24da03351df8ed23f16a8d6f8913087d64502b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0
| MD5 | 63e9bee09db35456a141d54ceb66ca74 |
| SHA1 | 7e79d8277788fd79acb7739bb2f64c871ba162cb |
| SHA256 | 6acbe16d3c0a41a1bafe80f1c6188e3625b2271fa362ed8955c00917aa5f2b94 |
| SHA512 | 5648bd2eba2c9ed2429919106293cb909f047a15df74a40097f184cbc5a320122286f89df377ba2808a9bf04bd0ff3ea04febafd2b6466df83ceea8e1e25d2ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0
| MD5 | a345bb5c214755c78cd942bfa640d16b |
| SHA1 | bc4f97a790002209f15fda3b6e01088953a7f97e |
| SHA256 | cd6a12d5cc952f87f47448cff43b84e3113e59f5c73f178e230e3cd20812e8e4 |
| SHA512 | 29ebceae09e80d9ab815d0bec9ad526e0459292377accb7cbeaec27ee9bf251849ba42d83a4eb409834c34d1e1e421412fc9a30a70535bfc35150f3fce43a4a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\be6d12311ce2b399_0
| MD5 | 79480a36b5783815df2efea18c89b1dc |
| SHA1 | c2bd24d11bf2d3d50a69d750079b15dae16a1523 |
| SHA256 | a8494d77fd0ad2b424bf819b865fedcbe87c18a11d6e0302129872838f247e6e |
| SHA512 | 3358039dd96128e540f0974ee5cd464cef3352147d9b2949d215f7cf72c6f087e875747e3b7a0de5641c350d8ff949fe38f993c7dd707ec07b0b5248dac645d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5dd1e579c9681f95_0
| MD5 | 58a198d4d3bcf4f7b823a1dced18a788 |
| SHA1 | d3f37f7940264c966f6492b17a5091f13c690850 |
| SHA256 | f2c5c27d3ade3e4a441130b038db70d805cea90239256c2bc75a03ed4fa949e2 |
| SHA512 | 3a1cd6dfb614e4629d77e8b1dc5591af52f3e97ef8212817b66ca83533e1166b69eab0239489981c8562673a87a8dce1e89ea1438855b145a8f3b9dd271ef7a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0
| MD5 | 09b2843d291af1279630c5aec637b127 |
| SHA1 | 448ea1fb15c6905e209f12e6ef004687e976a3eb |
| SHA256 | 7f94287ce13dc912e0cb1727f2949c6a0954361656df76c3a5d4f129341d8014 |
| SHA512 | e7aa40750ecd000cd06462587cfa74ec48c4b0996b1c41ce157b676c9d3066f946009a65a359956385cde690e28a0e31f68ac0668116051c1e1ff581c06b5577 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e146fd968644d345_0
| MD5 | 17a76ad358da6d06dd084d650169a570 |
| SHA1 | c8df2bd456c9ee207e58b16d3dff6de21323be62 |
| SHA256 | f2f422f774a24284e44c982c1221b81be94ab9559ecfcb4dfcac3af41998f347 |
| SHA512 | 02e9e4f6b631f63c4f27f81682b4333307575268c0d2e3b07d8372b0ad4da7e66c95b743d987fe2d709415832d02d2df7db9ffb0005b38d936595bbdb2bada7b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000089
| MD5 | 68f0a51fa86985999964ee43de12cdd5 |
| SHA1 | bbfc7666be00c560b7394fa0b82b864237a99d8c |
| SHA256 | f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f |
| SHA512 | 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000088
| MD5 | 3051c1e179d84292d3f84a1a0a112c80 |
| SHA1 | c11a63236373abfe574f2935a0e7024688b71ccb |
| SHA256 | 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3 |
| SHA512 | df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5a7951b9ac2d509aa2232e0e2cd9425c |
| SHA1 | 343c51cc8fee7f592e1317c25a062663563ef296 |
| SHA256 | d9f4eef2d0f16a3392a38628e9e61715d23ce6549eb2c67612829dc538279143 |
| SHA512 | fa72f16e9c125756820ed2486e361c86dfb028166a8d1d838067496e9a65125334f508a5414d3c2cb1766be0d462243299eced0557cb9628310a73d1f52af48f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 36a649560766ca164e02cf38fc2cadc8 |
| SHA1 | f50faa86acbca75dc2e679125203c30ac9431ceb |
| SHA256 | 9c781f84da2f0de0c7989660485fe5f5dca8206cf7df43be7d4bf6305d6ab3d4 |
| SHA512 | d24ac52c309133a658aa9f805240f68cfa638655282fba1e11730529742fc02a364ffd61aec519bea4ce04bdfdb4bfe640a35035e825b1ad17ddc9df23ca752e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e749d8ac0a5e2ed4_0
| MD5 | b6ece415e128f91a6e7a2e61dee27e95 |
| SHA1 | 30506d08036e43e961869bb5ac0cc2ea54c40fd5 |
| SHA256 | 626c11da198328133692f8772a4f1694b467fe9a1133a80c31db7825db41212b |
| SHA512 | 50a063d0126b37d468cb008489a3ee37fafe1e1a8ccfbd9dd5fa7b1029b8211221e9253eeb03bd12055d536f40bcf537eadadd65d923cda58d9ab72ce5c80abc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d73ba13cd7ad8c95_0
| MD5 | 1838568337f6591fe4292bac4cd87edf |
| SHA1 | b86a5b6444181a5e973a97477d1114bbdab338c0 |
| SHA256 | 73fb28ca1dc0a1dfb1dc01beef233d731660061d0e5a649d95d56f684fe23a5f |
| SHA512 | 7f66468dd03ca38cabafc1b739ba6a4f1da187bcedb6587e3e479821c11ecb907be1c705b107e95a15d99bf24ae85b4d4d1e9c562d32526990152610c1d695f5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9074fa73311f910c_0
| MD5 | 6f4b23ba938ed1d05c1ae3ac46db89d6 |
| SHA1 | 49294edcfd3a97b528e24e4b4d64eb6daf9f55d3 |
| SHA256 | 006ea2df17336a8de5e6546927d65c1d5e673dd278a0cfa9ed2e05dee4cbfb96 |
| SHA512 | 1eaa481a94ebfd6be1fb57f2e007cadddcea8bff5f50cd7c01ad5393dae97ef5e80e8ba799de18f175b3401adc7fd79361da13389513809be1560ffb218f0b8c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1a914eb5fc51fb84_0
| MD5 | 451cf9c495d4ea4707e87f41c39f01fa |
| SHA1 | 933726486d1199431b3996492ebb3eb4153fcd59 |
| SHA256 | b66bd0230d4be570305db5b6926809c72d2410ed36786619a7e3d0631e62eb3e |
| SHA512 | c682dd02b6566bcf3e6bcbb85844cc5d97d7f45711b0d6f451adda6c21647e639297576bac70f3d4939a735c3fc1793b9bdf199244418e3f06f143f29dbc315e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3a664b67dc903cf4_0
| MD5 | 441b7086e5f2cbe8d6147170372ff553 |
| SHA1 | 4fd8bf62b4bb28261dc3c06a9a58240c2a9c7d42 |
| SHA256 | 6ebbcd7fee0b235b82a46b568eab6627faf7d3aea4d6825e64daa576018f996b |
| SHA512 | 93d8f23025fe9c5dc40490aea31ec32646578f07b389e1763398f182867a890fb5492504d79697d8087eb77dd4949b353b6306719275ca18f8739a483cc3f4e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0bbe00d9bf7b798e_0
| MD5 | 4b0474187609f3793cb60e0f3e52bd22 |
| SHA1 | 5c83b17410318f6f422174f9e440e7d9cdd72c2c |
| SHA256 | c982e3fa137e3e7bc8a5ecb9fa2f958965e43151343358061aafb3858ec794bf |
| SHA512 | 41d2197f6985189e38b287a218c28df31b1aef61210bc37f1dcb38a8724d6336674b853d523085f7064f7125c4edf9fc13acb8b4ac76b5881c83ee7c44515ef8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\77553c2a47f1a2d4_0
| MD5 | e9bff5b8fd116294496d3f345549ee76 |
| SHA1 | 8395376b49279520b7f9caeb9f5c436a0ca6a9df |
| SHA256 | 7f8e6d950867a510f10ee0af12404faa1678a723c8bc3d72ec1a165087fba514 |
| SHA512 | b4c43dbb8fecd10d3abbb5fd69b63250c0f9885b99b26c67dc41a9dfd1c2e3c81662261f95f42d0e5cdd900b9af118a4276bcc336386fb5f54338794c5bf920b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\17d0b316cb6b961d_0
| MD5 | 0edfa4bba9489ba23d5a895f36dafd96 |
| SHA1 | eb275a58a6e62c9da4ff2f68b37182dc8503e48d |
| SHA256 | 0533141fafb2598b68ed46f6f23a3d9e98e6f2efc487e6f53ce74ecd3f13e02a |
| SHA512 | 2b9249e1f65ed807d299a776ce7e59832cd66ffe6d2ddb212abba940f0eb266677610698b36c68733184ef02dd82346072a8530b7c7ebee2a3a91d8f0bcb63d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\90d7d7591a1b39bb_0
| MD5 | c9a4e3172bc984397dcadaf906cc81cd |
| SHA1 | 31e1b017c3009b937fc585801894710f931a2468 |
| SHA256 | 92dd1a3dec6996f49aa544d9872b836566b0711258c4d503091096c261654f2d |
| SHA512 | cab7885af495c0902063050435e8a9cf9bd1b27fcf5fea60538c34a671c9f3497c11e81ee06117a01f3d4d7e6f415ab56b702b9ea5c75fc62f9f2d45649937b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3a4259a0181983ba_0
| MD5 | cd9ff546b40c8486a8e76f94c41c29d1 |
| SHA1 | e9f9b15b30e522ffb779ccaa3fa4a0add0e223b8 |
| SHA256 | 7bc33c7958a7158bca0248f31bd89bfdb96a9640bc340fc6797f16769c8ae56d |
| SHA512 | e6f7dc40b4c6672872ec82b1b8c5288993957320cbc93aad711c07b25d43025b986918cb49c65bc0882c1c14a7078ded0837b13bcfdbd7108f8728eda9f177e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\37afe38eb817b647_0
| MD5 | fcbc36eb8fd815db431c42c9ae8499a6 |
| SHA1 | 3790f08060accd6d5bb19a847d60ebf079b3c78d |
| SHA256 | 6c229100b57376cb93de807c051f1b88f553fa81eee6bcad77e595347f2f389f |
| SHA512 | 76bae4459b5a80a334c84966c5ba1c8823a1c571dfc50b73dbdc94a2bb5b086cda60fc9cf9ba4f9f9eb6519d3eb74e2fbe30169add004cbca2c4ea8f46a6495d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0
| MD5 | 88aa8410db323acb9d531760ee936e29 |
| SHA1 | bfba59b7cc411c67caa39dca4016797453aa5124 |
| SHA256 | 1f0b72a27ae3282e72d09854b367e6e2552a78edcf91138d935aebaaefcc2a71 |
| SHA512 | 04c6b581e721df5c1ab4ce1edd2de9357b7fa5ef97b2d1484c0f02d51ac5f64ebbbd92cb5d7c239aae4c7f31e1fc3bda9b9b0ebf2809f6352772399875ae2174 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0
| MD5 | 1bc73f8d5e36136d84d374ab213b21e4 |
| SHA1 | d8ce90ab058e8998edd72cc949f60610675d3a21 |
| SHA256 | 68607afdc72f1947f050d41d52ee4fd2f36a9a1075d1918725b4544369bd24b2 |
| SHA512 | 88563c3e000ec556fa223a60a1f5ad555235374f4c23057ab3e95d715e37e27c7053e1842abda3ebedab0cd53ae738e9f4d9eebc41df500fe353c182a72dfa48 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2692617678c042d9_0
| MD5 | fa136e456e2f5d2ef05e2657b8595fad |
| SHA1 | d31a4e03e8f9173e35969b5bb037f461ceab80f2 |
| SHA256 | f8d6b956a7ae82d3117272fc7f65957758736686246f1dc2246c26802846e4a7 |
| SHA512 | 806dba4272074cf8853304e978ceaea51afd4f841b1562f29ec1b61f59a6f7ff22e31472e3c0009fcc7455e9542f5d9921131b54db51e9c80ae86e87facd9ca5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\71d68e68ea4089fe_0
| MD5 | 2b61a9af3a6355aa845567aeafdfe488 |
| SHA1 | dc80c860754d9dab61bb2eda08503ad51d8addd7 |
| SHA256 | 36e4eab3feeec33456bb281db578b60c4fafd59a359d78ec3f967b9700316eee |
| SHA512 | a12e5e9e2069ce9a06541669d64b216494f6d504867bfa72add9e883d358679a8f545d945d8a773a71fbb10eba4fbdcbc94349d1cdc696e75819dc79ce8923f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2f4680e8f8f8a14f_0
| MD5 | e6094e8dd613905141e03c8502133181 |
| SHA1 | 3a97389bacfd8ac28341304c8ad2d046643c920c |
| SHA256 | 9178651c0a9f00549632f16dba75ccc6401b13521adbaea82dfcf21e6df6f079 |
| SHA512 | 7ee2505ef3c2b4904ecb5dc953329c031f418df0d2669c59afeefe18eb4ce8b77c31a03ae943863b8a5872cd7e7272ae9fd46c551b99274ed6bf3386b1d9377f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9eb573735b5f6d03_0
| MD5 | 167debaba721c4ba486a36fe95204bb7 |
| SHA1 | 7bcc0b8a207db47013b86e4650d747cad5f30d8d |
| SHA256 | 3999fff4d9d289ab277d9e85f7a7ec21d2b47caa424920a0b9c06d8516987648 |
| SHA512 | d0ddb527e90d8318dc3c82aa1ceb46e5d1f4df2226ba2a94475d5f86562b94457878ee95a9bfa0285a8369e44d30c35108eeaa8af71c4453194138bde4de4624 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e9c7e700cc3e33cf_0
| MD5 | 2768041591002fbd1c310784348d032c |
| SHA1 | bd4bbe1679e71ff817924449ebc5bb6d5ad79132 |
| SHA256 | a5e8f6e316d62a1c7168fadc06506f780c9896f6b5397d296638064952d54f99 |
| SHA512 | 51eaf423fcfc9b587e1b66bcaaa5617d1d18b2a80a22b22afa8783740a8fe119505719c2ed472180aca69b9cf996bc196241bd5aa792e58062c70d35fc1a8f92 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\766094f4b47e839c_0
| MD5 | 4134a63731ab52970c0694fbbce93a13 |
| SHA1 | 799d2ce3b29bceb8a331b540e6fb439356df6a60 |
| SHA256 | 1d24ad0c803746cac3f5569e8d242422c7437572d4bfc0b11e2ac11b98d5e3a8 |
| SHA512 | 4772171566cd4f9d01fbab42a417ce990d684683d2f40164bd72fc7e13eb5cd29d2c249e40777433e31bcaaac245c27283dc2638779c1a3688fdbfba247ca4b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9dbb949d27873cbc_0
| MD5 | e2422c0bd7c8c8e8b4c4be1df4fc35dc |
| SHA1 | 31949c7754d2b97ac96a7f20f99bb01219d2fa1a |
| SHA256 | 3294673a62679aeaa9f76225fbb998a63fec3d67f4ba2473976f0aa046785363 |
| SHA512 | fb82f058b5d134b1d10e5b70c2f9f9b8ad23e2c760e9a307162ba45b11220733fa66b58f7bc3fdfa59daccab87ccefb2ef229460ac5a54fcc51ff3ec3a94e441 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\14ff8116b518ca2d_0
| MD5 | fbbdbd0f9df601020479512585690df0 |
| SHA1 | f8fd5f3c9b8018ab7bf8b510e0d03654aa371b3b |
| SHA256 | 49bf46e68d01797f6330c77203eaebd35956aa1a9069e3de6ccd431f46d696fd |
| SHA512 | a3f6ffba934ee97a08bcbf11ebb581fff47a26df82fa298c1bfc56ee0df116ff6ebcdb92de484142c9c2d80536fe07607a39702d4f5abff143075486b4b68c01 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d79e0a2891fc014a_0
| MD5 | 5ce6087556325daa874324425bfccce9 |
| SHA1 | 8b4f25ce0aff3535bfdb4bf64c0834b64987f506 |
| SHA256 | b73a8ed77ae6de3137396c177fde0b78ca2ba2e833f5d1b2b87f221f561692d3 |
| SHA512 | 065ca1b680e15930ed956a692253a6cb7315943cb8561c8f3b60c4156aa7a39f1230b64de3750341c1a03540d912f38d434b8eceb88ecc44eb4ff27c04dd6f1a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2076e2a98754e97_0
| MD5 | a43eb695ced1ebbe6dee89984bd46322 |
| SHA1 | 50fe83d7a6a2673d76ae8f5451c33e2ed05e7364 |
| SHA256 | 8900f48a4b0599cc381f45f1b86c8e6c8a050f561737d3a8a694eda9fa5b4c24 |
| SHA512 | 25ff71b1cb1bddf684862718ba5a8b5202c3c6a25c798599568acd200c8d2a16074673bd57be6cd78a7e213702d0384ab0303a17a05fbe3bdf2702703690abae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8e5987d08f7b6e11_0
| MD5 | d38d72bd6d41e23c2b9e44c9bc38e160 |
| SHA1 | fa1180fd41a09cd11a255d1b5c1c9956308bca10 |
| SHA256 | c9576d606ae606a2e01fe7b514ec03f620c3d1584d4f78d82937fc03d87d215d |
| SHA512 | 410f304ef2dad3a7f7ad5b2dfde625410985112d9a1842aa73c01797bdd326c0b87da32a2763ec420c15ae0e9f8830a7bd2e4be6723ca7b91d2b556a2e868b92 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\86b9cbd77d05d034_0
| MD5 | e5ca95eca7687e1204a71c56456456df |
| SHA1 | e5c28849cf45344f9bee1a3b95074ae87816872d |
| SHA256 | 8937367a30de309f45b3ef38e32fdf4ae5bf5a0436a6dadf58a7ecc2e538d326 |
| SHA512 | 4da2c36b79d4e9495f1a5b3552a374ab1f289ae4700347dd4931f2337c0e427aea332060aba54211cd5b3a9d6cb9cda0bcd3869aac439706481a73e07ad69e17 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\96bc766215a93e35_0
| MD5 | 19953a5acb6fba05f6d6c021844328ea |
| SHA1 | d4fb33909da448475460da831ddc11d5e6cb53fa |
| SHA256 | 5509c131fbf09ba84278d134e748305c6b396ca90af3590533206e528fd7b104 |
| SHA512 | e0d9ec6f5f15c432b2846359e90e4bbe39f9a99ac2d1b77ed16969fad960820113b084cef5307f2efa04a74331632987f384e84afa15e2cb567b9db2f50c2936 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\03eef0e77feb64d4_0
| MD5 | 7ef560755133248805d02a9c08a901c2 |
| SHA1 | be6618b16c293aa6a6b96825ab47240cd59b7e4a |
| SHA256 | 3da456089a74821644b32e4535f8f0baa60cc1a6f4260c9ae1de045de9615b60 |
| SHA512 | b9a8f26c78b02aca7f6543fa3bbc22f9bf37a74eaaed6bc07bbe82360e05a7f86c7b944098081516a3f20ffd34e278d447c002bef4ee2f41e7c2aefdd1c03d2a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\82af833e9b5cc26e_0
| MD5 | 52adfd1fad36cd8c2e1e4013172a984a |
| SHA1 | 08ea27475fd9d4abe7f37f2dfc79706dc915b88f |
| SHA256 | 9e3ce15d9687a40f3987c406fac0a95ea06fe8fb22c12c4cf9c05628a040f3a5 |
| SHA512 | c70a70cdaa57bee14c40b8ef7ddeecf52304531824aeddb6cd356e400b51388b636c2a30525936f685291e7df506fd8e78e3ead7fb54a572b84652df9fce59e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\635e64b37935c888_0
| MD5 | 054afa4909f74d38232279efc42f9eb2 |
| SHA1 | 2a46600bdb26f767d246d512473b63c351ba0473 |
| SHA256 | fd282648f235cff07f424829e1f4ca62e0c09c4c0af046da1a6eaccb76bb54ba |
| SHA512 | 80cf574b5f6081d48c1eecc7f76110cae12afaa4d68f3e2bf8f8a944ab56723b6db676643c85c87b04e650299fb798d40c311b62f11f17e17f3b0d8e65482130 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a28b766f2e67bd61_0
| MD5 | 2008021870b504375b79470f83666531 |
| SHA1 | 2cfeb3c62b3781af4bb0ea1df709d51b155a403b |
| SHA256 | fec710e0fe1b0b4f42b55d17a21510d4e5ae71e940633a14decb5e5db31322ef |
| SHA512 | 90ecfd3131d20e37e1b98cd0f1421b92a73393e27044dbccbff949400027d3cf7b49313f054541332df68ce13994a6caaa99f1978b216e8f249938ffdfc1e93b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d45aae6d8d9c9ff2_0
| MD5 | 944a17aa787fc210e51201c1978acda6 |
| SHA1 | a771b3987f39d142f8a278475868a8bb98e4cac1 |
| SHA256 | 75d1cf0de93d1a905a6de3f34178d34cddcb633e0d96147ef6d7d8e4f79f6018 |
| SHA512 | d91e9022ba51575a6970870f688c9b76ae9bd8a7f6391ae0f61c127bde61356fb3d12e1859cb4f28a354f0bd294fc4feceedd8677e1260f462199e064b266ebb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c211c9dc68f4bf01_0
| MD5 | 9d7f778d62e0ed4a46a2e2c8dcfea276 |
| SHA1 | a3265656b4a2f76a8ce5e8037f606c2db5c3dec1 |
| SHA256 | 0e0d5737a13cc7fdf295aaa4d3f3ed88b4f944b38c737f08ae0f41f17c464323 |
| SHA512 | 0cf7003d0ca957557373538dff3588e9361950daa3e33d91a27509c056642a489e049f41641a901cd0972b1edebae3a454bd7af4fc42d689bb4da662aa9e867f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9f608f61e011c420_0
| MD5 | ffe86862fbbc97f53f91d6b49b4d3a85 |
| SHA1 | d171446f7b36be3404cb619859721c123812cc56 |
| SHA256 | 983844c70fc5af1f890f3a4da458234db875d62fd8223f6c11624a0119d9f5df |
| SHA512 | 00af1c84516b337103d03da75ad7e0fe8dc55d653a7baf9178a9ac929e6950af03d8328a72b3db2af37e41b8b0133cbd111b63fe7c4bbd28a06f82793427c835 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6aa9a2943612cce1_0
| MD5 | 9185ca0bbd87685669516b16f8fe0898 |
| SHA1 | c4ed5ff3abe26febb12c6913ec215878f37deeda |
| SHA256 | a8c14bf131c0429a25debb465f1a6a5c4e82bda7f45d394a255e508ca2fea0fa |
| SHA512 | 790a349a06c7499828e038ed1e74450003fce3fe38629f4b29d23f43b99e10d31883692503f047ad4ef388d5459f7631e357f40160a28b8d455b28fefb464425 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\78bc646c0524ce58_0
| MD5 | 2207b8d89e3aed7eb1fd55e8afa8405f |
| SHA1 | 1be80d5e62e7befd4ef84e5bd530cc42bb767187 |
| SHA256 | f5f2cb614a572fe020550055c5b2d226336b7151c9d525c16ba9726092c5b49e |
| SHA512 | aa0434cb5ca5608aed21eb2d294a29944c0ab6c23af4fbb567735dd92ad34cb097c7d6fc285026285edc9ff0fbefe04005ffa811223fe920a07b98cb3b19874b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4e9b18b0f66a7183_0
| MD5 | 3cdf84f2586c356ad7cf001c7ba48a97 |
| SHA1 | c60cc15da28ba19d3bbda89d251792cfd769d232 |
| SHA256 | 425e365ff4d8d8fc4d05d0251cfbef299c6bfdcef1439611b7051a3a94509e79 |
| SHA512 | c7232e31bf8481eb413fb2698aa5976a0a8c2266ebe11fc83d0d739b5052515602af1529fdd1c6f934ec68b7e64889a0623b2afda7946a19f9a4816274018dca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ab38c7b2c8042af4_0
| MD5 | ff83ccb9c4b969bc027e9512eb291eda |
| SHA1 | 31e12bf5d86c8ab10bcb6751e0fb9e0d32babc6a |
| SHA256 | 5e7ebbabd0631a10c36b69f6b7ae6c1fd4d0852e734a18720529374a666e7742 |
| SHA512 | 527e9571c073b7616700616ee4f4601cb03bd93f1829da41121c01cd1753936de93dc18aa68f4e2fe9c2fd87071f377917881b1aed79ad13e07eef9701af53bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6a5e8bb53a565b9f_0
| MD5 | 176591f17ef80680664e726306994da6 |
| SHA1 | 830d0a42b545e7b28ce74a610c527b5e44d9b221 |
| SHA256 | f3a9d02e2defcdf070cf1ad0e2bec31dd25b1826944f5126ee0123aad1e9a7ca |
| SHA512 | db5c2cfdc16ece06358d4df2058581755ba0407920863c848c6608bd7acfa3b9ccc1cd080f39f7d9901c52737144efb91a77bc285f4952e0dba0b78f6578f4b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fb5e8e068de0429a_0
| MD5 | c186893e6cab5474caa4e501826b8dbf |
| SHA1 | 9edf5e0d821b5ab097ceb3154c51fbf6d221266a |
| SHA256 | 86884423fb7c264e5e25eb059614664244cb8418b3a8730a151a36aceca127f1 |
| SHA512 | bd32952d203706d3d8160db2aec582de0322a79fb003279adbc2526721581f2e6aff9d19e5be970914b3f197f6cc64e78341a246a119cfde31f112d099d838d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\19d2d5cdde0945fe_0
| MD5 | 7496a67a08e6abfd10c623b15a199ce2 |
| SHA1 | 03b706c7723c18e4a722e3ec5d343ef61778f9e3 |
| SHA256 | 5ab1f9b2fd87efb45ae004ba4a6f81bb2c4599c1d57a330f630c3b270a74d225 |
| SHA512 | 16e16fa59d266e57019245da6caec03c4869c3ca63d716d40fff73d337e84f9842c14200dea324275a5a2b3c287e64509cc05ee3315d16c32eb7ee884da0ab88 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2706d8cdbf00fd1a_0
| MD5 | 3c5181e97a6a0994698790e3b9c478c0 |
| SHA1 | 52d03bdd6183858c8ce31ed2ec295b7a0760d13e |
| SHA256 | f7e3a5d10b3b5f22d6379d1c317705a11a8b1d7b2110c36d3b0a5f66a00cd851 |
| SHA512 | 61e60a7a1e3887744e3cbf8173d25a2c5d9d03fdd0658c693bd0cdd11b588f54c5bfe0d358fa60aceb6837ff1e6de158cc6d9f722a00170cf973ddf9f4a4ada7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f4b95a1e43d59c66_0
| MD5 | 74a30677045d5e755b83ce6c8109d59e |
| SHA1 | 1c6a822c88a8d64e342c6a47d267a2b6d107a294 |
| SHA256 | 4e71cd033ac6f9cc23e363dfac7441683ccdc1af21825448f36b5503ad270c7a |
| SHA512 | 25a819cbf3ede24ad821349700535130cf607d7508a8ff5b121ee1568030b42f0484041802e73d4f93e78aa8a079eb66ec9faf3eb6d1648f6f5c767edabc15ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | eb21a30dee30fe5c0767469bae9a464f |
| SHA1 | eae09c11c2546821b53a4e984570e817b8617cad |
| SHA256 | 87b181d95161b9d2403b087f14d266145797542eee980356dc8a0b5b566f596f |
| SHA512 | 361bc702db1b4620ea63fc267bef508a404ac50dbd76336191fb75c3b750fd712550ec0121ebb12f7ccc25b77fa5959219e8576aa9a73b504d7f2d58e5dfc306 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cf6e7f88848a1159791f2edcabcb568e |
| SHA1 | 6fda653cbd7efe2c8ede5478652d65692d5254ea |
| SHA256 | d076b0e9efb0769051c676dd77745437bfb696fa8f9dceda0281bdeacfb9d2de |
| SHA512 | 04f5b901d358e06533566c6ae252c350232d247a07bb3587c0b74484da2f975b53e636ba9eb925ea0230b85e92c7635e09c54752db022c5ea56fc484023bb960 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | decb7ac65f957ee1278d9e5c8b827017 |
| SHA1 | 79f1b70930c96bbab0df1f7b0f50eab43b2060fd |
| SHA256 | 5c80794dae93a6519233c30f8be834d445ff9a1e57ca637f53a21d649d0f9485 |
| SHA512 | 7d51d6b1e9802629e58352a8e69e0baf66f45443843c93f8a9abf13bdcae1bc18b90ac53dd3d0fe8194c7327586e381106960acb423e118f779e01b20d7ca828 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000cf
| MD5 | f53b6d474350dce73f4fdc90c7b04899 |
| SHA1 | b06ca246301a6aea038956d48b48e842d893c05a |
| SHA256 | 28442a56b016bfade0e368929138aaaadfc36156734e8ec7a6325b3e58fddc25 |
| SHA512 | 7f275614052ebae8876ad28fc5d48e4f63ed9ebc610ed981f81377ea3ba4c49a2031ff771deb12adabcf33d4789ba35354c1e52524c067a9e7ce078703683f1e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e3c1d014ba87367366677cb1716cba0b |
| SHA1 | 78b16863188a36309b437f454b02a30db9caffc1 |
| SHA256 | 827a92aac80f4bd48ab06add2cb03f9496a7e0616cae7ad3096be2683385419a |
| SHA512 | 4bbea61fcae843c880af40a4fd8531a622a4320242590c0160dddc19c398e520a7b9ce9617042a168a02bbbb72e776c1353912f89441421e11588b302b4831bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9af58bcfcc052c7bb117ad2a010719f2 |
| SHA1 | 929a3f05b77716fe8b963ffd1f7374a193e06483 |
| SHA256 | 49a063e78c2a1c8e92f1d2cb9200b7000689fe9467916613fe72607643e97f24 |
| SHA512 | 580810199c708edf1ef4763f8be509a0ffbe78a86bd7d15cf469192b2eecaa244ec05568c6656c5a4501b0c0c628aca83b881667285f442eed8a8905f7a2c516 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000dc
| MD5 | 7b49e7ed72d5c3ab75ea4aa12182314a |
| SHA1 | 1338fc8f099438e5465615ace45c245450f98c84 |
| SHA256 | 747c584047f6a46912d5c5354b6186e04ea24cf61246a89c57077faf96679db6 |
| SHA512 | 6edf4594e2b850f3ede5a68738e6482dd6e9a5312bffa61b053312aa383df787641f6747ac91fa71bb80c51ed52a0c23cc911f063cd6e322d9a1210aea64e985 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000cc
| MD5 | d8ff006363de5d28efc4bc41cddd6c7a |
| SHA1 | b4950449bfcfde423c8fecc368257dcf2a346258 |
| SHA256 | 0f2f2c4216f85517ab2f608010108f32416a23607fbaaf4e2294379073fae161 |
| SHA512 | 11ad965b3eb86c073d96c808eb4b4fae5f6eafcf9ff0bccb74cf1aec7fc47154bdc16b2cd436a3c8ae069502b37ee24af78176344af0b6aa7b8de4e8896aa045 |
C:\Users\Admin\Downloads\Unconfirmed 34421.crdownload
| MD5 | 0123de13b2bcc8bbe90ca7eb972c94e5 |
| SHA1 | 6638459f9088bd46c1fb644c57b9d759c57a6719 |
| SHA256 | f7a84f2aac76137287918adb3e4a6a722e89869d0747a5b89286c864e8c2a024 |
| SHA512 | d4a2e8d7d08fb9b744e1e0bbcd07107476aa537ae3001a9e709877b10c9659c9998140e8d35d5104659e31e1cb8e490ab78605ba4c56ebbfc13e8eb91468a2e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b2
| MD5 | 11825cf6da869d7589201092299231bf |
| SHA1 | b650151674a230700dc66352a0f002ad5db6d195 |
| SHA256 | 2f315c341e2ff775fceede3d1b5dc2f8124a866a382a2c30b760ac6c2abe7bdd |
| SHA512 | e5902c14769efb05fa457dcaf62d4b0d126cf3b71aa9be596e3609e1b63f83d6bc2ab3d1aed9a077a6fbec3e7f6a633b3d0b1a8b77d7d0161af60ed7d260a6b3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b6
| MD5 | bd17d16b6e95e4eb8911300c70d546f7 |
| SHA1 | 847036a00e4e390b67f5c22bf7b531179be344d7 |
| SHA256 | 9f9613a0569536593e3e2f944d220ce9c0f3b5cab393b2785a12d2354227c352 |
| SHA512 | f9647d2d7452ce30cf100aeb753e32203a18a1aaef7b45a4bc558397b2a38f63bfcfe174e26300317b7df176155ae4ebaee6bdf0d4289061860eff68236fe1bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b9
| MD5 | c12602b8ebdfd5ea5113f42ee978d526 |
| SHA1 | 1159db5c354e5c9a73b2e072b3c0c5d02f3ff07b |
| SHA256 | 412aad14e7b55e51c4c56a88949c8f5ac81e06bd1d9b23da4378b1d9711a0794 |
| SHA512 | 00ba76a1f0f08c969a96f4418c158d482eba611fa5984cec234ded9c7a1aa2e9e4dc2a69816c2940783289767212ac729cb7b3ae4cd002f772a5dc5d45bce3db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b7
| MD5 | 53c586a5a2e0e782493c4a650f725ad9 |
| SHA1 | 432613a19a1f59b003a88d9818a6f16183ae5f14 |
| SHA256 | 2139c9382afa8175a5fa0fe7bb616b8efacc4a2dc948d929ee17e482f765deab |
| SHA512 | dec372f1e592f5d4e63498fab90fb059b2802de9938f2d00fcb42d28d24a2cd506ed274fb74e4a4d42179d4ce075f97d14935643f0e66f3c514f44ecad17ae0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b5
| MD5 | 29b8ae1d50ef8543dcebf4e9f53089ef |
| SHA1 | 90297279de99683b3903534459bc9962924d79fa |
| SHA256 | 2dcbd24e8f78b008251a1a0499c981a79be59fdf154ff9938a28ecb7e64cf12d |
| SHA512 | 6de295089b62bd50ff955c2e381be6bb0e59b1f0776946c5d3b5109fffb84ee2a673f49d2d5a56e5600d3b09fd8e9cecbcd0e677234a6f96c1194dd1e1c27c94 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b8
| MD5 | 207b6c49e8d02b5a9e3ef3f65b643d7f |
| SHA1 | 67436620580f604dc361411a5b05cfa13b9dc954 |
| SHA256 | 6a7c9b1ee13a49c8ae870590e7261be0b1eeda048b524f960ba1fc762387aa32 |
| SHA512 | 3353fc99c446aa29ff74b84becfbff99826ee907ca45b1ed8fe1cffa055ae08bbea761ed714249da3b80b76264b5bb2f8dc82e7097cd4b1e70ec3426e2b707de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000bc
| MD5 | 69b461004d34c45867226a26ef4fd66f |
| SHA1 | f7ae47de0b9dca20ca22bb4d1d9430103e2e7ca6 |
| SHA256 | 6bcb2bb625949ff0f77cee8219c85455e05f608404fc9de77d27961c7c6e0281 |
| SHA512 | dbcfcf4f2881402b198b7f90da8d076612a5bd4333bb875e136f4bfe464765ad1dd8e1eea7d50f540ec3ec28c91e2e96a7b64c37f1ee154908fe573052182d63 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000bd
| MD5 | 6dc0ed4c318d200e37e7eb8595f7cc04 |
| SHA1 | 582dfd002533541d298d1ea32132d8c0adda6f3a |
| SHA256 | 65a0b847cef349986eb5145c95dd8b53fbb4a22da78669e91ed4d40e2c60fa5b |
| SHA512 | 46974ea638fcc377df32e08e4c92abd086e77225972b31123c4bb6ca8293635eb6eb9216bd9ef6426d7346ce0a8ef463b20976fbdff3ae57dc2ce67cb918281e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b4
| MD5 | 23d5f558755a9d58eef69b2bfc9a5d99 |
| SHA1 | fa43092cb330dff8dc6c572cb8703b92286219f6 |
| SHA256 | 6e5bec69b1c6424972a7f5481ac57049811f0f196535b707613126c11292c5cf |
| SHA512 | 9c56c94d059a27dab9f69c9dfd718382a8eb192b8c0ce91cd6db6ec0769b8756acf9c0956a35561474b87d6278b13fbe88a6e4df6260c278b1ae06e9be55dd6d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000bb
| MD5 | 9546d2b26304639c837ec18fdce96065 |
| SHA1 | 4e4e208d4cfaf1af907efd6422ceb940f48d07dc |
| SHA256 | 1e80349d0a8fa40e918cff71aa43e7a4f7737e0ad8ea6d9e79f4a0083923417d |
| SHA512 | 0226970da1f4ec087953637b890604560112291fad53f08911673fc504b785682583cec21b1bb40b9cf7753e834e3c9ec6de63ad7f76be449e9cb13fb0cff01d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c1
| MD5 | eddb5c145aae9077fc75d4cdf108de65 |
| SHA1 | a47cdcca48c57f0591eb7bd2268999736b7a72d8 |
| SHA256 | f1bd58ce8b4191d93e23bd138a5b7859f721947f5296d7d83ee130dcb29fdd62 |
| SHA512 | 91c201f88391ba2d1dfe96519d5b34edef662d04cfc0f9e78f8dda203b99d46b23f06149225ff634233a05093824096fb5a7d9db64241fa7e90cd1cebf5f6517 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c2
| MD5 | 4fa4a1470f4a10eb676159a80b35c6dd |
| SHA1 | c57215d5559df94ef93c2b17d13a8f7a228d0346 |
| SHA256 | 272c170a45adf2cd06b46cdf5881aa177970c2cea8271ba2a224f1cbae63656b |
| SHA512 | ae8cce20dec345781315fac8f53aef69a17f814a8f41482ab0c615dbd5c47685d45b1351514b8d17f4a5cddf8d630be756086e69b73c26ebeb51e690a1443474 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c0
| MD5 | 8fec5c1ce50e6b10d729ea3fae0c7d22 |
| SHA1 | d65bbac8eeb01325256c825fb7574a272bb16fd0 |
| SHA256 | 22de69531f1b687d5f7b846ec21f98d49c8ef7d35f162235dc61a61630a91489 |
| SHA512 | 801341021d457087c4ac689848c21867bde61b89cc6e5a96dd6e755413610bee2016f796baa53a2b9fe996d1e4ac0ffa56bf2f358f1ed37daa196010336c19ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000bf
| MD5 | 1752326ce45c039f4c5e81ea24c27c35 |
| SHA1 | 4a22a9151c3c94d170cd3d23659e8e1a5a6f0070 |
| SHA256 | 13dac981c708b9d1c6d7be7666ab5ff34718fe7d1362428217e88c75530774ad |
| SHA512 | 7ca5eb8b11184b97b7ecfed373420f7b9926839edcd36ea6bcc37a09190478175c49d7cfdb6dcbf1ecc8f2570feec9a0ac8aae08442fddef7986330043ff2d08 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c4
| MD5 | c6d34670a08fac08392000a27491618e |
| SHA1 | e2bfa2cde408a216eeb6bb95b8583e315945cca5 |
| SHA256 | f5b1263429bff9d18af502f7d33427ef1b613f1ad742b56bd1fd7e044c24cfee |
| SHA512 | 1201e9b58f889ff1840c48b0c70aa78e3fc77b643c0b072f01230f6f02ea51a84cf456cde684c979063dfb3f22dc13f3ca51cf057579bc5f81c4fd3a3467589b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c3
| MD5 | 4b3c8a677d27a20916835bdc941bef00 |
| SHA1 | 9c569a54565f4b7680361e129ca63b984a9653a0 |
| SHA256 | 652c875ee10d9d71cbdc78b09ccd11bcb6fdab9990d208fd973b9f6ad32094c8 |
| SHA512 | cba3f4e31599ae7d7d06da96e89a83c6757559df4e828008baa8c32e691e606dab6da2bb7244caa0b0f6feb3750ba0f048c90966a4b61333c64f1d1352866c1a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c6
| MD5 | 4f85eccd10763231120fd5579d98ef10 |
| SHA1 | 43b28614d10fcc1d93f4e9ce8dc6d517423f4db1 |
| SHA256 | b9b0af8dfacd64a5b0d16edae2829ef602ea033a3d87654b1f0f3e7b09237b85 |
| SHA512 | 245612a97b7dc134edcf0998aba1265a76af3d8592575d6a4c09413662359260a078fdadc6154e72162c80a9a3dce04a9eff0b193c04123449e2fa1ebccf62da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c9
| MD5 | 5232f3465d5d8a7e80898f6cb574a787 |
| SHA1 | 4ea4daeb9a4c932b4a0e6b2848acff21db36e006 |
| SHA256 | e910a13055160681437ccc50f9c76750ad1b1da1588fe95e7135166d51ec4ea9 |
| SHA512 | b8cad1b838da3c3a3ea9766f8a15224d9e0abfcc1d2efd0ef8110bedcabb954300b791af04003dad3bf60f0f3047cbacd5a1e80ae988e2557279799428809b7c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c7
| MD5 | 1000240d3a968d372faab8220b6dab31 |
| SHA1 | 1048ff8e5d77521a4193f8119b618306bae6c5c8 |
| SHA256 | 8f032d37b87be339a2cf623978cb09f3b7d808c71cafd9748af0d0e540192444 |
| SHA512 | 88c50c08f7f916719790a3990bd9622bc841fe15f9ce969fe3d5f5e2a9a8c48f6b4f5de8476b0e9ca4116130a5021a9084c7d60ab3548cda06a3c478c059ac5e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ca
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c8
| MD5 | 31a2fb03fda5128f277eb054f6e33165 |
| SHA1 | ecfa1072af26f42629ff96770af1a322dbd3075c |
| SHA256 | 333dd1d27c0fe34ee781418c1a916f0ee052b7429548a198af724d272c943a42 |
| SHA512 | f346c9c90bd4b40f72dff9b89c6b2887d977f25087d66533d259e4f8475c677fec8a272c8c94bf3a9b866c5b1c98bd392f4703b91902d87a96a1ab1e554bd012 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5fccaa2a5fc2b29c_0
| MD5 | 1ea9de0ca95ec6f27646ca968adbd3ba |
| SHA1 | fef4d275acfca850c60f2ba6e66ff5f355d1980b |
| SHA256 | 20b271e59390a400d6e613ea6e74202950c83fa1a0eea875152c3fe22a787719 |
| SHA512 | 91b4d6ae8d89d204b7dcb0e622988f6d622dbbb6e5447275daee49f1923e6da57104e9a15c43d108fc1ed657dfd1141046f138621fe64ba7b12d8e453a85f56c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d782f305bb50c377_0
| MD5 | 92b0da5b0217cebe4549ccac9ca2ad60 |
| SHA1 | 342e8c45dee4dfe58ad3cade379db1818ffdf52f |
| SHA256 | 125b77ad7441adf8930b733ef175ab3d2dcacf38f4d880228517ae75fbc7be36 |
| SHA512 | 5e72072b66ad9d21849295732f5b893addbc2b9f2f97ab2082f3703209b229db38946b00af5701b43507a14261a84de2c8c544bc6c1f694e42e7906b47e83236 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2023c838235d4dcb_0
| MD5 | eb2184d8de03de6b109b9de7ef6ec22e |
| SHA1 | 438f4ce64b0134711561551defffc460ee1460dd |
| SHA256 | 227b668de74e40fc8e393ca84639a1dee84383afd90e0c319fccd5e30076b639 |
| SHA512 | 35222e22ae6e2da23ae0d30d62c4063a8aa8a84cedfd97fd527579c40befd28986eb643350edde99fad535d4a05199ccd0f340501c97f186bfb4f13529840e29 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e53dd60d45f3bdd4_0
| MD5 | 9303c7b79c1f4a805638a1e400e89998 |
| SHA1 | f8f62f4a4b69b2cc0306a1cfed74944a989d4b07 |
| SHA256 | fa12bead8d8380901303564bce5a87cb7c02bdfe64a5ca2fdc02bc52a31b9e33 |
| SHA512 | 40b820573f0b7d6c49d0c209badf97bd6646c6b2895c48da06771aa92ff876440fae500526bc67f847b8648c35478aab5c3d7beec88bcb3eeafb21bcb8e4b55f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9ca84ea73cf087eeb23a6c738413e79d |
| SHA1 | 0a97511d7379e93752b326e7429e3bf5bf984f16 |
| SHA256 | 4b339e874f9eb0826124f0c6a79a56fa7e46ae5dcf97bb28407f486750dd85a7 |
| SHA512 | ebc0925108ecd197883bf55f82638d014840436a53627aa5b3d176a781942c7522bc174eb8a0882f2b4f963792e59badc90a423469e6d0f11375b1823a30e56f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5d47d0c37a626f281574ebcf97ac470f |
| SHA1 | 067c50e65bb78b7e0a85e508ca7095bb0e99b72e |
| SHA256 | ea7faf1191aadbb54af8691b99b6960856e5819cb724747a4cc3638cbe77e30d |
| SHA512 | 195ae925cb14886a864c482d5079dc65ea07c4eb245570144c78833e36951e627325d2da75f783768b8ec276e972ae8a74e37f8bccf65177927934be96616dfc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 90beeb94727425091e057bf6a53a783e |
| SHA1 | 502ce736e3fa761fb52366f6605543374bbf48bb |
| SHA256 | 81cfbafbbf07342cd57b453e9e8dc958e15580ac54d7a6c98bd30ce84d3e4d83 |
| SHA512 | eb1a9ba0d3633abc07374fb337f4e24b5d897555c25cd4d5554127936495230f31df66c3a8a2fec408a5bf84f426081f586ddb576347898b268c035a2886d31f |
C:\DESKMATE\Deskmate.EXE
| MD5 | 012f4557c43e0abea2315687aec0c5b7 |
| SHA1 | 6612c5d620f3f0f31a0c5dc4292379ee34ba9399 |
| SHA256 | e8a4364fd0e237542f771ee000bc4d35a87f49db2b070360706a57605ebaf816 |
| SHA512 | df494ee9b7ddf10e837d59290b22edaa2bd37e27a64057628a2bbf68ffc1c8f6f88c724b719a534cd03885de9a9e730aba03760068534761ce1bea21414d98ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5eff3e.TMP
| MD5 | f135cd3b22e26e56594df90f364e6bf9 |
| SHA1 | f548640707f6cb588678eb208384a470c4eaab74 |
| SHA256 | 43641217667418e9db5b8b6389f7cf495c739b3077f63dc6d7ea98b3bfa0e0e2 |
| SHA512 | 95a152fa026a6d3ba12ef54a65f191bfd1d27a0455b9983d58e0ccb7f9c22ebee26b6e27d8ec83cef0375841d3dbf6d09a0f0514b512b8b08c6dcafad9cea9d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 7d1679965da421bd8aa2a2b513c9ebb8 |
| SHA1 | 4b0a4bae4e97359379ee346620c8424ae77cb3c4 |
| SHA256 | b1d01c681187d74323177b1426c6d0847714e8974ea5547078312f9c344aff6f |
| SHA512 | 5faa9bfc48b4e44cf17cb7032ba3843977c2c0f07702deff51b783181109ba069cb303aab1111437896344bd85125e4455eb861117019786fb06b29b047d9534 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 514e139455a9ec8b4b8af49ef97aeefd |
| SHA1 | cb65836ff63b248dffbca915dccbe35f26126996 |
| SHA256 | 50c8cb0b0c9810e5986a7bf9dc4ffdd09672bf5b3adee39ce02f3ab38121a970 |
| SHA512 | 8c45ce29f0bb3a25274da34fcb14eae57ef1e0ba905a9ea8d76e428bd9afff4c76aaf520955b8e96e0ee95ba4403b9f038a6b473b0d385b7a4d359e1004344b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2decfc51efa6f4986e62bc64b35f55b7 |
| SHA1 | f2d2829aa7b528112d6a50cf99d68cab8642dce3 |
| SHA256 | f988432ca6633a3675cb0b151f39d3656e539a0285c8a8bc69c8f7feea7d27ae |
| SHA512 | cd14f8aed2c227309e8d24450c9e2a534ffadf5241cd16173ae98331986f19146fb79c50f915cd7f83408d07666c248271cf3be10e4dd1999c0f30c29010678c |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db
| MD5 | 54ce3b5b65de06197d318e80d0650356 |
| SHA1 | c5bfe29370ab6ea3ac80d859b65721e58017e092 |
| SHA256 | 812e7a64a5eb18c96a5f75a67462f58bb83707de26f4eec65ce4ba5fe771f115 |
| SHA512 | 2b4163022674ffe630ffb2d89cf873c6b5b59f78f5ca2c34362ab954a179d4ff0f6ebc461397e2f5d4270e3bd237d53dee0023c4107bbd9617e26dc354ae6da9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2726f8b9c83d5c49f96faf05105d9a34 |
| SHA1 | 9df0811c722bf4ab372f0b537056fa3c3e1030ad |
| SHA256 | d841705cbec79accbe82d960c8051f41f69c7dfdec2ebb808ee3cae80c986a5b |
| SHA512 | bf91558af097b90efde4299749427b99b488967fec9a8f5fdaf8161cb5dbcebd1e947cc7be32060785d2f762d1ed733dc6c6e0e9b8a7a3fdbcbb691b31fab13e |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 21bc7fb33b502d69ae47a2cd9cc58900 |
| SHA1 | 93639d4d58dd942e21e52bf583998e17407d1011 |
| SHA256 | b7e401f53a34976e7d319e2f653fde50b51ca600fac1adde278f99369bcd6ae6 |
| SHA512 | acbdcad7296693c06ab614c36ee3b0da9d28527c939f2268b739055f78325fe5d290999b94a99fab7e79d32a2ae6b617c6c943bf011fd5608d5364da1bc7b072 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 85f377df40368eb0c61ab1961bafaab3 |
| SHA1 | 8d90c0f0a8ef0c24658f6ceaa807ec245a287761 |
| SHA256 | ded09c504bea63f69d7e197200fc305229fad25f4e68f24512dd920613db401c |
| SHA512 | 3986e3a2afd2c37e586ea9d3d13f44c2a2c8656d5758959757d5f3fa6b0a2e7283fcfde8e206fa2fea3bf66f29c2961e851127a7fd69a1a938d6001671647997 |