Malware Analysis Report

2025-03-14 21:45

Sample ID 250202-q85f3svjcv
Target AimmyLauncher.exe
SHA256 f9b275cef715b35cd5357b881bf2e62a22a6ea01a46f917cd2c072cdd2b3a18c
Tags
google discovery phishing
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

f9b275cef715b35cd5357b881bf2e62a22a6ea01a46f917cd2c072cdd2b3a18c

Threat Level: Shows suspicious behavior

The file AimmyLauncher.exe was found to be: Shows suspicious behavior.

Malicious Activity Summary

google discovery phishing

Executes dropped EXE

Loads dropped DLL

Network Share Discovery

Legitimate hosting services abused for malware hosting/C2

Enumerates connected drives

Detected potential entity reuse from brand GOOGLE.

Drops file in Windows directory

Drops file in Program Files directory

Unsigned PE

System Location Discovery: System Language Discovery

Browser Information Discovery

Uses Volume Shadow Copy service COM API

Suspicious use of SendNotifyMessage

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: EnumeratesProcesses

Modifies registry class

NTFS ADS

Suspicious use of WriteProcessMemory

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies data under HKEY_USERS

Enumerates system info in registry

Checks SCSI registry key(s)

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2025-02-02 13:56

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2025-02-02 13:56

Reported

2025-02-02 14:04

Platform

win11-20241007-en

Max time kernel

438s

Max time network

443s

Command Line

"C:\Users\Admin\AppData\Local\Temp\AimmyLauncher.exe"

Signatures

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Program Files\JJSploit\JJSploit.exe N/A
N/A N/A C:\Program Files\JJSploit\JJSploit.exe N/A
N/A N/A C:\Program Files\JJSploit\JJSploit.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\G: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\O: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\L: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\X: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\T: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\V: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\V: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\E: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\H: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\K: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Q: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\U: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\N: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\B: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\G: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\A: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\B: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\N: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\A: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\O: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Q: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\T: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\L: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\S: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\H: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\S: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\W: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\J: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\K: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\J: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\W: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\X: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\E: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\U: C:\Windows\system32\msiexec.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Network Share Discovery

discovery

Detected potential entity reuse from brand GOOGLE.

phishing google
Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files\JJSploit\resources\luascripts\jailbreak\removewalls.lua C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\JJSploit\resources\luascripts\general\teleportto.lua C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\JJSploit\resources\luascripts\animations\dab.lua C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\JJSploit\Uninstall JJSploit.lnk C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\JJSploit\resources\luascripts\general\magnetizeto.lua C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\JJSploit\resources\luascripts\animations\energizegui.lua C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\JJSploit\resources\luascripts\jailbreak\policeesp.lua C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\JJSploit\resources\luascripts\general\infinitejump.lua C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\JJSploit\JJSploit.exe C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\JJSploit\resources\luascripts\general\aimbot.lua C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\JJSploit\resources\luascripts\jailbreak\walkspeed.lua C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\JJSploit\resources\luascripts\jailbreak\criminalesp.lua C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\JJSploit\resources\luascripts\animations\walkthrough.lua C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\JJSploit\resources\luascripts\animations\jumpland.lua C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\JJSploit\resources\luascripts\animations\levitate.lua C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\JJSploit\resources\luascripts\general\multidimensionalcharacter.lua C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\JJSploit\resources\luascripts\general\fly.lua C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\JJSploit\resources\luascripts\general\noclip.lua C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\JJSploit\resources\luascripts\general\god.lua C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\JJSploit\resources\luascripts\general\tptool.lua C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\JJSploit\resources\luascripts\beesim\autodig.lua C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\JJSploit\resources\luascripts\general\chattroll.lua C:\Windows\system32\msiexec.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\Installer\e5decc4.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\~DF72C866EF5A0116ED.TMP C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\SourceHash{D5EAF8D5-1AA2-46DB-BCF9-7729A2E48C4C} C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\~DFC15947BE818114CA.TMP C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\{D5EAF8D5-1AA2-46DB-BCF9-7729A2E48C4C}\ProductIcon C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\inprogressinstallinfo.ipi C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\{D5EAF8D5-1AA2-46DB-BCF9-7729A2E48C4C}\ProductIcon C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\e5decc6.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\ C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\~DF23C0CD4759961A56.TMP C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\e5decc4.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSIED70.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\~DFEE6E6FAC665993CC.TMP C:\Windows\system32\msiexec.exe N/A

Browser Information Discovery

discovery

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\syswow64\MsiExec.exe N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Set value (data) \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr\SnapshotDataCache = 534e41505041525401000000700000008ec7416a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 C:\Windows\system32\vssvc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters C:\Windows\system32\vssvc.exe N/A
Key queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters C:\Windows\system32\vssvc.exe N/A
Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr C:\Windows\system32\vssvc.exe N/A
Set value (data) \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr\PartitionTableCache = 00000000040000008e4795fcec2d58710000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000c01200000000ffffffff0000000027010100000800008e4795fc0000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d01200000000000020ed3a000000ffffffff0000000007000100006809008e4795fc000000000000d012000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0ff3a0000000000000005000000ffffffff000000000700010000f87f1d8e4795fc000000000000f0ff3a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000008e4795fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 C:\Windows\system32\vssvc.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key deleted \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\26\52C64B7E C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27 C:\Windows\system32\msiexec.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5D8FAE5D2AA1BD64CB9F77922A4EC8C4\Version = "134938626" C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5D8FAE5D2AA1BD64CB9F77922A4EC8C4\AdvertiseFlags = "388" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5D8FAE5D2AA1BD64CB9F77922A4EC8C4\ProductIcon = "C:\\Windows\\Installer\\{D5EAF8D5-1AA2-46DB-BCF9-7729A2E48C4C}\\ProductIcon" C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5D8FAE5D2AA1BD64CB9F77922A4EC8C4 C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5D8FAE5D2AA1BD64CB9F77922A4EC8C4\ProductName = "JJSploit" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5D8FAE5D2AA1BD64CB9F77922A4EC8C4\PackageCode = "D8F5CD73B2BBF70418033F826B1CBCB7" C:\Windows\system32\msiexec.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5D8FAE5D2AA1BD64CB9F77922A4EC8C4\Clients = 3a0000000000 C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5D8FAE5D2AA1BD64CB9F77922A4EC8C4\Environment = "MainProgram" C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5D8FAE5D2AA1BD64CB9F77922A4EC8C4 C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5D8FAE5D2AA1BD64CB9F77922A4EC8C4\InstanceType = "0" C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5D8FAE5D2AA1BD64CB9F77922A4EC8C4\SourceList C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5D8FAE5D2AA1BD64CB9F77922A4EC8C4\SourceList\LastUsedSource = "n;1;C:\\Users\\Admin\\Downloads\\" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5D8FAE5D2AA1BD64CB9F77922A4EC8C4\MainProgram C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5D8FAE5D2AA1BD64CB9F77922A4EC8C4\Language = "0" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\1B5BE67603097495AB20AEE6179D01CA\5D8FAE5D2AA1BD64CB9F77922A4EC8C4 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5D8FAE5D2AA1BD64CB9F77922A4EC8C4\SourceList\Media C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3870231897-2573482396-1083937135-1000\{87E9D56E-CF41-4F6E-995C-FD7F5D61D9D3} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\1B5BE67603097495AB20AEE6179D01CA C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5D8FAE5D2AA1BD64CB9F77922A4EC8C4\SourceList\PackageName = "JJSploit_8.11.2_x64_en-US.msi" C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3870231897-2573482396-1083937135-1000_Classes\Local Settings C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5D8FAE5D2AA1BD64CB9F77922A4EC8C4\Assignment = "1" C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5D8FAE5D2AA1BD64CB9F77922A4EC8C4\AuthorizedLUAApp = "0" C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5D8FAE5D2AA1BD64CB9F77922A4EC8C4\DeploymentFlags = "3" C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5D8FAE5D2AA1BD64CB9F77922A4EC8C4\SourceList\Net C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5D8FAE5D2AA1BD64CB9F77922A4EC8C4\External C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5D8FAE5D2AA1BD64CB9F77922A4EC8C4\SourceList\Media\1 = ";" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5D8FAE5D2AA1BD64CB9F77922A4EC8C4\ShortcutsFeature = "MainProgram" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5D8FAE5D2AA1BD64CB9F77922A4EC8C4\SourceList\Net\1 = "C:\\Users\\Admin\\Downloads\\" C:\Windows\system32\msiexec.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 587233.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\JJSploit_8.11.2_x64_en-US.msi:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeCreateTokenPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeAssignPrimaryTokenPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeLockMemoryPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeMachineAccountPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeTcbPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreatePermanentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeAuditPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeChangeNotifyPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSyncAgentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeEnableDelegationPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeImpersonatePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreateGlobalPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreateTokenPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeAssignPrimaryTokenPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeLockMemoryPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeMachineAccountPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeTcbPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreatePermanentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeAuditPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeChangeNotifyPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSyncAgentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeEnableDelegationPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeImpersonatePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreateGlobalPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreateTokenPrivilege N/A C:\Windows\System32\msiexec.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\System32\msiexec.exe N/A
N/A N/A C:\Windows\System32\msiexec.exe N/A
N/A N/A C:\Program Files\JJSploit\JJSploit.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A
N/A N/A C:\Program Files\JJSploit\JJSploit.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\JJSploit\JJSploit.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3480 wrote to memory of 3392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 3392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 4880 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Uses Volume Shadow Copy service COM API

ransomware

Processes

C:\Users\Admin\AppData\Local\Temp\AimmyLauncher.exe

"C:\Users\Admin\AppData\Local\Temp\AimmyLauncher.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fffdc373cb8,0x7fffdc373cc8,0x7fffdc373cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1912 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2288 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2536 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3720 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3704 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3532 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4796 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5528 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3780 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4588 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4640 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3532 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5692 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5384 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4632 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4000 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6528 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6464 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1700 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3812 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6272 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2748 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4020 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6900 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7092 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7060 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6024 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6996 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7064 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6720 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6660 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004D4 0x00000000000004CC

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6932 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6460 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6568 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7972 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7480 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7764 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4608 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6792 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3776 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6996 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6720 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3784 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7624 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1896,419264728018252580,11216577278776963658,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6544 /prefetch:8

C:\Windows\System32\msiexec.exe

"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\Downloads\JJSploit_8.11.2_x64_en-US.msi"

C:\Windows\system32\msiexec.exe

C:\Windows\system32\msiexec.exe /V

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding 57A19B5812D6A64C1E20D28A98043F2B C

C:\Windows\system32\vssvc.exe

C:\Windows\system32\vssvc.exe

C:\Windows\system32\srtasks.exe

C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:2

C:\Program Files\JJSploit\JJSploit.exe

"C:\Program Files\JJSploit\JJSploit.exe"

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=JJSploit.exe --webview-exe-version=8.11.2 --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --no-default-browser-check --disable-component-extensions-with-background-pages --no-first-run --disable-default-apps --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --disable-features=msWebOOUI,msPdfOOUI,msSmartScreenProtection --disable-popup-blocking --internet-explorer-integration=none --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --lang=en-US --mojo-named-platform-channel-pipe=4480.2948.12048028572897256814

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Crashpad --metrics-dir=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=90.0.818.66 --initial-client-data=0x104,0x108,0x10c,0xe0,0x1b4,0x7fffdc373cb8,0x7fffdc373cc8,0x7fffdc373cd8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1764,3500880250472884545,16365334842145517407,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.11.2 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1804 /prefetch:2

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1764,3500880250472884545,16365334842145517407,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.11.2 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2120 /prefetch:3

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1764,3500880250472884545,16365334842145517407,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.11.2 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2364 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=renderer --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --field-trial-handle=1764,3500880250472884545,16365334842145517407,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.11.2 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2968 /prefetch:1

C:\Program Files\JJSploit\JJSploit.exe

"C:\Program Files\JJSploit\JJSploit.exe"

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=JJSploit.exe --webview-exe-version=8.11.2 --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --no-default-browser-check --disable-component-extensions-with-background-pages --no-first-run --disable-default-apps --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --disable-features=msWebOOUI,msPdfOOUI,msSmartScreenProtection --disable-popup-blocking --internet-explorer-integration=none --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --lang=en-US --mojo-named-platform-channel-pipe=5176.5216.893375588208669843

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Crashpad --metrics-dir=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=90.0.818.66 --initial-client-data=0x124,0x128,0x12c,0x100,0x1d0,0x7fffdc373cb8,0x7fffdc373cc8,0x7fffdc373cd8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1792,12380860872417337229,3581171465165981913,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.11.2 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1808 /prefetch:2

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1792,12380860872417337229,3581171465165981913,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.11.2 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2008 /prefetch:3

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1792,12380860872417337229,3581171465165981913,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.11.2 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2408 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=renderer --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --field-trial-handle=1792,12380860872417337229,3581171465165981913,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.11.2 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2916 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\JJSploit\JJSploit.exe

"C:\Program Files\JJSploit\JJSploit.exe"

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=JJSploit.exe --webview-exe-version=8.11.2 --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --no-default-browser-check --disable-component-extensions-with-background-pages --no-first-run --disable-default-apps --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --disable-features=msWebOOUI,msPdfOOUI,msSmartScreenProtection --disable-popup-blocking --internet-explorer-integration=none --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --lang=en-US --mojo-named-platform-channel-pipe=5840.5728.2921410952810627081

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Crashpad --metrics-dir=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=90.0.818.66 --initial-client-data=0x108,0x10c,0x110,0xe4,0x1ac,0x7fffdc373cb8,0x7fffdc373cc8,0x7fffdc373cd8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1824,14564049199660022336,15935465854302156748,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.11.2 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1836 /prefetch:2

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1824,14564049199660022336,15935465854302156748,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.11.2 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=1884 /prefetch:3

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1824,14564049199660022336,15935465854302156748,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.11.2 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2480 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=renderer --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --field-trial-handle=1824,14564049199660022336,15935465854302156748,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.11.2 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2872 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

Network

Country Destination Domain Proto
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
GB 88.221.135.0:443 r.bing.com tcp
GB 88.221.135.0:443 r.bing.com tcp
N/A 224.0.0.251:5353 udp
GB 95.101.143.177:443 r.bing.com tcp
GB 88.221.135.50:443 r.bing.com tcp
GB 88.221.135.50:443 r.bing.com tcp
GB 95.101.143.177:443 r.bing.com tcp
NL 20.190.160.64:443 login.microsoftonline.com tcp
NL 193.150.70.84:443 getsolara.app tcp
NL 193.150.70.84:443 getsolara.app tcp
NL 193.150.70.84:443 getsolara.app tcp
NL 193.150.70.84:443 getsolara.app tcp
US 104.17.249.203:443 unpkg.com tcp
US 104.17.249.203:443 unpkg.com tcp
US 8.8.8.8:53 237.21.107.13.in-addr.arpa udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
IE 34.253.206.202:443 solara.dev tcp
IE 34.253.206.202:443 solara.dev tcp
US 16.182.34.0:443 s3.amazonaws.com tcp
FR 52.84.174.24:443 cdn-images.mailchimp.com tcp
US 216.239.34.36:443 region1.google-analytics.com tcp
IE 34.253.206.202:443 solara.dev tcp
US 216.239.34.36:443 region1.google-analytics.com udp
IE 34.253.206.202:443 solara.dev tcp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
GB 88.221.134.3:443 r.bing.com tcp
GB 2.19.252.146:443 aefd.nelreports.net tcp
US 8.8.8.8:53 symbols.cool udp
US 8.8.8.8:53 146.252.19.2.in-addr.arpa udp
US 104.26.2.79:443 symbols.cool tcp
US 104.26.2.79:443 symbols.cool tcp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 73.79.16.104.in-addr.arpa udp
US 8.8.8.8:53 226.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 98.201.58.216.in-addr.arpa udp
GB 172.217.169.66:443 ep1.adtrafficquality.google tcp
GB 142.250.180.1:443 ep2.adtrafficquality.google tcp
GB 142.250.180.1:443 ep2.adtrafficquality.google tcp
GB 142.250.180.1:443 ep2.adtrafficquality.google udp
GB 172.217.169.66:443 ep1.adtrafficquality.google udp
US 104.21.93.27:80 getsolara.dev tcp
US 104.21.93.27:80 getsolara.dev tcp
US 104.21.93.27:443 getsolara.dev tcp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
FR 13.249.9.89:443 events.framer.com tcp
FR 3.164.163.55:443 framerusercontent.com tcp
FR 3.164.163.55:443 framerusercontent.com tcp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
FR 3.164.163.55:443 framerusercontent.com tcp
FR 3.164.163.90:80 crt.rootg2.amazontrust.com tcp
FR 3.165.136.44:443 framer.com tcp
FR 3.165.136.44:443 framer.com tcp
FR 3.164.163.55:443 framerusercontent.com tcp
US 8.8.8.8:53 90.163.164.3.in-addr.arpa udp
US 8.8.8.8:53 44.136.165.3.in-addr.arpa udp
GB 172.217.169.14:443 www.youtube.com tcp
GB 172.217.169.14:443 www.youtube.com udp
US 104.21.112.1:443 link-hub.net tcp
US 104.21.112.1:443 link-hub.net tcp
US 104.18.0.75:443 linkvertise.com tcp
GB 88.221.135.26:443 th.bing.com tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
GB 216.58.212.206:443 www.youtube.com tcp
GB 216.58.212.206:443 www.youtube.com tcp
GB 172.217.169.78:443 consent.youtube.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 172.217.169.78:443 consent.youtube.com udp
GB 142.250.178.22:443 i.ytimg.com tcp
US 142.251.173.84:443 accounts.google.com tcp
US 142.251.173.84:443 accounts.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.178.22:443 i.ytimg.com udp
GB 142.250.178.1:443 yt3.googleusercontent.com tcp
GB 142.250.178.1:443 yt3.googleusercontent.com tcp
GB 142.250.178.1:443 yt3.googleusercontent.com tcp
GB 142.250.187.238:443 youtube.com tcp
GB 142.250.200.46:443 play.google.com tcp
GB 142.250.200.46:443 play.google.com tcp
GB 142.250.200.46:443 play.google.com udp
GB 216.58.212.234:443 jnn-pa.googleapis.com tcp
GB 216.58.212.234:443 jnn-pa.googleapis.com udp
GB 2.19.252.146:443 aefd.nelreports.net udp
GB 142.250.200.46:443 play.google.com udp
US 172.67.71.2:80 www.wearedevs.net tcp
US 172.67.71.2:80 www.wearedevs.net tcp
US 104.26.6.147:443 www.wearedevs.net tcp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
US 162.159.133.233:443 cdn.discordapp.com tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
BE 64.233.184.155:443 stats.g.doubleclick.net tcp
GB 142.250.187.227:443 www.google.co.uk tcp
GB 172.217.169.14:443 www.youtube.com udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 155.184.233.64.in-addr.arpa udp
US 8.8.8.8:53 227.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
GB 172.217.169.33:443 lh3.googleusercontent.com udp
GB 216.58.201.98:443 googleads.g.doubleclick.net udp
GB 172.217.169.66:443 ade.googlesyndication.com udp
GB 142.250.180.1:443 ep2.adtrafficquality.google udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.200.1:443 tpc.googlesyndication.com tcp
GB 142.250.200.1:443 tpc.googlesyndication.com tcp
GB 142.250.200.1:443 tpc.googlesyndication.com tcp
GB 142.250.200.1:443 tpc.googlesyndication.com tcp
GB 142.250.200.1:443 tpc.googlesyndication.com tcp
GB 142.250.200.1:443 tpc.googlesyndication.com tcp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.200.1:443 tpc.googlesyndication.com udp
US 216.239.32.36:443 region1.analytics.google.com udp
GB 142.250.187.198:443 s0.2mdn.net tcp
GB 142.250.178.2:443 googleads4.g.doubleclick.net tcp
GB 142.250.187.195:443 p4-dnhet7lupz4w6-dvw67j37uqu23k57-if-v6exp3-v4.metric.gstatic.com tcp
GB 142.250.187.195:443 p4-dnhet7lupz4w6-dvw67j37uqu23k57-if-v6exp3-v4.metric.gstatic.com udp
GB 142.250.178.2:443 googleads4.g.doubleclick.net udp
GB 142.250.187.198:443 s0.2mdn.net udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 185.199.111.133:443 raw.githubusercontent.com tcp
GB 172.217.169.66:443 ade.googlesyndication.com udp
GB 216.58.201.114:443 p4-dnhet7lupz4w6-dvw67j37uqu23k57-763938-i1-v6exp3.ds.metric.gstatic.com tcp
GB 142.250.180.18:443 p4-dnhet7lupz4w6-dvw67j37uqu23k57-763938-i2-v6exp3.v4.metric.gstatic.com tcp
GB 172.217.169.66:443 ade.googlesyndication.com tcp
GB 216.58.212.206:443 www.youtube.com udp
GB 2.19.252.146:443 aefd.nelreports.net udp
GB 172.217.169.66:443 ade.googlesyndication.com udp
GB 172.217.169.66:443 ade.googlesyndication.com udp
GB 216.58.212.206:443 www.youtube.com udp
US 216.239.32.36:443 region1.analytics.google.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 c03d23a8155753f5a936bd7195e475bc
SHA1 cdf47f410a3ec000e84be83a3216b54331679d63
SHA256 6f5f7996d9b0e131dc2fec84859b7a8597c11a67dd41bdb5a5ef21a46e1ae0ca
SHA512 6ea9a631b454d7e795ec6161e08dbe388699012dbbc9c8cfdf73175a0ecd51204d45cf28a6f1706c8d5f1780666d95e46e4bc27752da9a9d289304f1d97c2f41

\??\pipe\LOCAL\crashpad_3480_FCKSYEYHVJXISMER

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 3d68c7edc2a288ee58e6629398bb9f7c
SHA1 6c1909dea9321c55cae38b8f16bd9d67822e2e51
SHA256 dfd733ed3cf4fb59f2041f82fdf676973783ffa75b9acca095609c7d4f73587b
SHA512 0eda66a07ec4cdb46b0f27d6c8cc157415d803af610b7430adac19547e121f380b9c6a2840f90fe49eaea9b48fa16079d93833c2bcf4b85e3c401d90d464ad2f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1279687e94a48d7e0953fcbcd156bc20
SHA1 e66621f464ae591cd374c02b832abbb5918e618b
SHA256 b56bac252cb94c1ebfbb69f3b1ce3cdcdd70cbd7911d1848b7d2c33fffa99b89
SHA512 214fba07c079dd02ffb234df6387a91212211ac35a4270fd86e4ac64561838ecb14973124566d9ac08747176d701ca3f48f160f030503fdb5a4da85503717259

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 b7879aa31d46f8f4e059e70c2e358488
SHA1 815df3aac986078a401d9730c15e5d7e0df14ca7
SHA256 f8773b0ec5e72cd2aa5a233a02e9f45b040fc85a73ffd3c01cd26c865cef6b78
SHA512 4db4a838c4857c69f59b6b76e4c59c827375f851a8173eef52c852ee83149cd476db7f5ca49bb4585c9c879064f2d806ff89875621217333c32c3898258a0022

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8a66bfc6f522e7544640b02a710cdea5
SHA1 963351a37fb72bd61e68f190ea240316d238c05b
SHA256 5cb260ae621668bc4ee46a8a3d3d2a82acfffc96ef7e3880fc3d398053701a93
SHA512 10cda8be049ed8f533938b7927cae4db8b8adc4f08ab55fd8a052d4e864756d84a59a60f9d6f69afbb69bfc44dc4607289ed4b99cf09b064fa0fdaad1c9df995

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b2c721f41d735b375249e841372a31c8
SHA1 6d4ecc0e87b3ff796517fe59e86f2d3eb5595a49
SHA256 f13881a99f5e9d9038f07527eb36b1137c28a7adac194b275431ee0c75955285
SHA512 ed69507c682fe72b49f5318ba876b575b3693c50b293a92ff7fe990b476ef5809be1672f1ac8f95f1e710913747dde222fecdb8fd3ea4ca89429545ec56dbad1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0fc216f287deacb17fe463aab3646633
SHA1 509325ee75bd77fb4d0aa295dc06ad0d01e96086
SHA256 dae8851b9e1d067266a4f54a1a66477f32976c0fb4ec4edc46df44e70df4a435
SHA512 daf9d88347ab65a23895f7df4d184f66b1395019a45c94ac39aaf26e2080b9ff866bc8a7b55394e81a23aa6383598f0dae8e2c357a9549303c5b057a9d718a7b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 333626091b03ec66f2bcd688baaa348b
SHA1 d967f30cd3d5702f07802b3de804c0fce3985941
SHA256 f302807b4c56943d917f86ca01cc87fbfcf14ff43460bd7a78f6f72f330476e5
SHA512 8252e54c86da688625240745d08a28c25bfd8e001570e9e22e218641e0762c744cadb8ae0de0474b13db8cda82ed7a1bed389e1868c61b13bf486d5cf03e9f86

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 3b06aa689e8bf1aed00d923a55cfdd49
SHA1 ca186701396ba24d747438e6de95397ed5014361
SHA256 cd1569510154d7fa83732ccf69e41e833421f4e5ec7f70a5353ad07940ec445c
SHA512 0422b94ec68439a172281605264dede7b987804b3acfdeeb86ca7b12249e0bd90e8e625f9549a9635165034b089d59861260bedf7676f9fa68c5b332123035ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

MD5 2e86a72f4e82614cd4842950d2e0a716
SHA1 d7b4ee0c9af735d098bff474632fc2c0113e0b9c
SHA256 c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f
SHA512 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 56d57bc655526551f217536f19195495
SHA1 28b430886d1220855a805d78dc5d6414aeee6995
SHA256 f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4
SHA512 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

MD5 d6b36c7d4b06f140f860ddc91a4c659c
SHA1 ccf16571637b8d3e4c9423688c5bd06167bfb9e9
SHA256 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92
SHA512 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 56367213a06735fc36d99f45cfe8b829
SHA1 0c150891891c83d0c9376b829c9627dcb4c19c84
SHA256 a48ee722fb592f8d4ba4bf2fd8d7b5d68d904d727d2c82fb9df676a773a38119
SHA512 feb4068c07355f3bcb275749bfef20dac8da7b9825d1b46b8902537738c15588ac433f36f505783df87ace6b6d6396831652d78a1f68da6e746e701040a326a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58ee43.TMP

MD5 4b3ff339bd0d71bd6c7fc0689d8802d9
SHA1 40bf5a138703e47ddf9659fd31e5fbe7191f923a
SHA256 9ca6ef4925c727a04a9405916d85b022a5f2374e59747e69f5323c75505dd5f8
SHA512 8bcad8a3c324108a59beffe65aa68f46caf7e8ac1ec835841051d9a6633cf4e9cc64fb75dd0d14a84e678b065ae1eaa70d3f7b2b1c93b8cd516526dc6dcd8c54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a1dbb752e51e3ead67c94feb7e67a560
SHA1 7f89feab8d24223b65c75c7a9d661bbdad8a0b53
SHA256 8c3f67430c90674619df9e9d1c16a1c4e382cde5e608be8973847bc969b7278f
SHA512 fb6aee9880196cca4d49d0f42253091efec0b51b87c4f635834fdd0bf5c2e84134870c4abcb299b4afc32c27307768ab7c54aaa0c380b5c134ba834e756c34c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a6d9e054b3035a2961716a070a2971e1
SHA1 387ccdf69269517fa7fa05e46f62d0475d6c9e0c
SHA256 eba2c78cc7344557ec7ffb025f1ed4c478d4c2d5e3ab5118b82a96fcc17d0af9
SHA512 afd96d3b991e8c5bde0a1e72b1d6d6300bc7916656d25841a02c0e1a7eb00d015d2a278e57b2aa988b3ca5beecb795b3436de2d31090a5397349998f4add020b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

MD5 4e20ca6a2dce96d9506947cbe79c85af
SHA1 a4d8c11efd348a21e7b1151071347a0d469af437
SHA256 98b6cac0f8f8632d7f9cad342aca6312c264ef74cdfbbdbaf4c21d57bd502f79
SHA512 102fa8d041c9f7e6ca6b989065681432dc07c12472a15c3b7e2cf0c7f80e4721d86cef049da97e9f7fa78f1f19fedc930cc0198824527726b558826b685ec452

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 7c851069c3755a5bceda6ae9a3d297f9
SHA1 2aa3f36b07ec3b24108eb443494ca649e98f9af5
SHA256 37ce5d640770841381b2f1adb8f8c53de5505ff7d11d52395f972a0a4e18c309
SHA512 7a8a860b0f434bded3c3a97fca650433131e9d00d184d3d01a09bd9d819edcc4b681f1b4139d65542dfa8c1485074c0878c4f0623c918bf2e4de2d3821bf37b2

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 7737ea289615f31c75ca4a68fd7da75f
SHA1 7d1586ccfdf6081312a4c344af69289975dd62bd
SHA256 9c02b5debae8852cd36f8daabdd4a4f08589963fc1863bcaf460179df9b5119c
SHA512 4258ce25085b30627c0f9fc0e8dbf3101cc2572528687b0fdd4b8241c83c8d8d13ab44ff713e5250c291c4c59eeb40821a6d16dc0d3108502f26c98cbc5ac77b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 adfbb0d66d5631f4e4e06dd383e84df7
SHA1 166f5f6291a0a7383c883245952aa843ceace342
SHA256 cc5235fbb1ee333edc733243b1151799ae444142e23c7fb366bdb8af486bf535
SHA512 d1e2b6e1378486822a546be70402e0e639a7ccbf263094f8ee592756d6b2fd9bd999dd11c16d1905c0b1d04dc96328ea38d359c09a78332994a27ab8c0ca4111

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 517b7856e1b74186e071750befff22f9
SHA1 1e1a760e23b14f86373ab78c15342277f9b0848a
SHA256 b1a96fdcd5b858c3ad55c662657b0ca5df605061f302dd1b723b854981c36179
SHA512 ed990c987ee9a3e0308510aee74da46c0f5fb3cddca11afdfe5626b662bf98aee23280ea1fc1c980a70ba2aaa6d1ea9dd97dec065c5516f4a4516a4adc7a1108

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 468c5a8bbcd6a7be0d3c6ffab105b51f
SHA1 d5ecdde3c1427f9f7cfc252217dec0496ebb3716
SHA256 5cd0b84a3d8a51307e10492bd2039188d3e1cbd90ae4bb6871ff2ef1d25db8aa
SHA512 7ae7aebd0ecf9e94ef30336f76080fe0ecbd5a9dba00134fb9066825bb7a535b0cf39e23a20d4532da3ed8ddec32fd7dd7456a410c4459a1ce3c1cfd79051ae0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 df1d27ed34798e62c1b48fb4d5aa4904
SHA1 2e1052b9d649a404cbf8152c47b85c6bc5edc0c9
SHA256 c344508bd16c376f827cf568ef936ad2517174d72bf7154f8b781a621250cc86
SHA512 411311be9bfdf7a890adc15fe89e6f363bc083a186bb9bcb02be13afb60df7ebb545d484c597b5eecdbfb2f86cd246c21678209aa61be3631f983c60e5d5ca94

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 e580283a2015072bac6b880355fe117e
SHA1 0c0f3ca89e1a9da80cd5f536130ce5da3ad64bfe
SHA256 be8b1b612f207b673b1b031a7c67f8e2421d57a305bebf11d94f1c6e47d569ee
SHA512 65903ba8657d145cc3bbe37f5688b803ee03dd8ff8da23b587f64acaa793eaea52fcb6e8c0ec5032e0e3a2faacc917406ada179706182ce757d1c02979986dd6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 150431a2b16c2ad45da5989f2daa896a
SHA1 1501d8159a9bb8178ea677c53ceb310eb7a2caba
SHA256 8ef57a765ae1b667dc37247bfae627f024dcb4964300b56797e2410c2e77a418
SHA512 8c0707ef7a874f2cb4a59e3bb7d9720e3d456a0c4aa3c72079afc9c44884c6aa0eaaf96a0bb1e758c0cd1109d2d16dec9325438c2dda07f16223c50906b7f654

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 be61d311c745da6e8d69e21c1acf532d
SHA1 d2014999300d97f74712a72759f52081c6366894
SHA256 085ad3f0a467c9595a61271b80d1bfa89186c4159491bfd5623efcc26c5fcf9b
SHA512 90b0e1252362432e3111bf0cbe57cd1d6a19a84165687ad2b682cc42b8abe4940ee6038392e9344ede4a174f5c2885af5daa6c9c9b446057b509c3733923eb23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ad687077c6f768f654d1350316320cb9
SHA1 14d218493cacb0c11546b04eee11035971ebc912
SHA256 51e2b0fe6100bf0671357823fe98824c8ee2fdeb6285157661239473744fb539
SHA512 2513cf2ec49763e50c3daccb8068936808d523be098dfd81b8153a7a7f906e3c37ca39d673346a7b80c80e917d385fe83c5defaecfa51cfa5d7322948805df95

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b7736d369d16a17baddeaa66296d4d5e
SHA1 0e7641de69d2393995eec801e55e0c0f74e82196
SHA256 66046339b9ec2abee79f89239c2f505e1407922cb062296a2750f3e0a0bb7f57
SHA512 12f2363ddfbf7d5a89b5e6d6fd9217e3c72daf740097e5ad154233629db161064d5221d2bff0e158bb70e084055e61bf0fee312e1ddb29f06666a23d8c7f85c5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 25ce2f15e3c34f5a19af89cf3f10656c
SHA1 821fce8b1d462a81457422715aeaee5728e0a910
SHA256 9e94dd40f7fcf4784b84baee537c9b89eeb0aca348298c0b3df7b1da6bf5d3d7
SHA512 d5ca81e1ab4c0d5e1e956277f87f261a25a2c41d0330b521ff51d3021e78ae8ee1fa7663d5d306870544ae198c9abd9e6512d27e2bfda0469475669254203088

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2ccbf4d07299adcaf4c923656282bde3
SHA1 f532429677f453210402c27ce59d2d57d9616eac
SHA256 1a962c26ac913b655588eb3d7ebea8f92aed9a41fb1a3760c7973f6bd4c52c16
SHA512 437b7333af48f2a2fde3e3c168f48be509f4f788dda83d1018b4d003f436c7236a3ba3aedc276618beec3482a5559af46dbdad81e875602eb8f583ddd2e96152

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9a23f6e55e9963b4d349521d9854818e
SHA1 6b3f59ffb3a64f6a7a0bccb6d76e43320620920c
SHA256 56ced7e951deb3b4ecfc3c2f90300a101e9c78ec9718fde6d71367ec2eb6f82c
SHA512 17776c30d9c53450d518dafa528086100d07f438e2dc96fd13e4fe16d0b37916eb56259fb6c84f5213824a664fd524c8786a0999836707de4eb7753431a2475a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5946c37f1207ac7ddda9a8b67d6b09f4
SHA1 78e389e0f5c8e500a28a99921f52c7ff468fcc9e
SHA256 68d8c5ec5b6b085460f63004e451ee6452ac5ea3a4d15bde753a8983f57a2318
SHA512 23a22cbfdc4440e075f25a0a752bef39c7370943645d402b451935fc96efe17ade7ad832f1b2dddb665abacaa311226e95df7de2e4ba1c5d72f23320ed657e7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6f7c5bd36bfb3b2fc033f2b84907b3b7
SHA1 edea9e47c082d0ba56ec7c014f85281fdb547526
SHA256 bd8b4a0c8cb63ed7daa17bd04511aa297649916e726ea68902c4bceb239f8cf0
SHA512 b401b278142d792daa607ff6e37abc2ec0312d54c67d103df4e383a6349a92040b138032b51bc969ecacfc1310a66aa079076ab5697f2e6cd0130152ca4d71e4

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 658a6ceddc1666cf550fbeec5f4d13e9
SHA1 798b52cf62a88c34ed68ba0b8f5abbb781f85db2
SHA256 923d72b4c07d07c584760784c2b6f60ae31d69fe50c121b02b448515af58d494
SHA512 3e5694a5cf482db1377014f75a96b94a1e1fcc2b6b415215b5c01005eed9ea580ff8f737efca0e79d52b8271a85cf7ebb76dd68f1f24dc9eaf760281583cd28e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f2e2117cfd146c42d4ede60d21094fcd
SHA1 32ad1d813d8de978b300171390ca01f910fdb74d
SHA256 4b77bab46e681fc4ce9d3289df48fb337e5840166b8ea3874480a06094ddcd85
SHA512 b81aa456728770dc2f1ddf132e3a1218c0984b003cf8e8dacb7455481cc3941bfd566f761a3a9a5ccc1e9e37363a7b4b308f0abd0d3a1909aa378eb2b0911837

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 570621e6a31786fd48790eab0819365b
SHA1 304cd2e5b94749d75e145f5c9743e88910d3a351
SHA256 61743e818f41a40331cbe5df1b24deb68e2caf54f04587e70e287cdd7ee17b17
SHA512 a6d089d9eefc734ec3fb638a7548f195475ad51c857c6176011106e641611e6fdd482edbc63b84107e73a0aeb8b122de8cf62de5f2ecdad40572774a2d8aad5c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 63ea2c6e029ea5ada894650b01b4dfeb
SHA1 aa2f995754f0225987612f48094b570e6824aa69
SHA256 e7eb113c3bf0a97b00171ed2ae8842e7a8c88a6e7359a6db80e9a04746a5f51a
SHA512 06331a097ab9390ffe0801f2b30ea370f160e8411b5e8dc6d8f6da2891733f5d9ad9f963c6292599a61c05fbb6a625756937c7d16496565ef8f31f4a179bf3e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2692617678c042d9_0

MD5 d228325989bd65f2275bf68f3e7cde07
SHA1 e511612e5776d62cdc9b35433d1fbe381194e4e0
SHA256 cb29bc518f5b98828ab8d0f810c61348b3a0607c038600c38f185130f95cce48
SHA512 654ca8420bfabf273b04b7fbdcce441992da5708cd543155ef52d9d1306a3fdbd419be17e843b0a6706be063c0d0727ce859c1b4e0d29d8fdbf42da71a93dfbc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0

MD5 6e50b2005026827cec27112347a48af1
SHA1 6e0aabb2a2f717983f25bea3b54d67576c22ec2e
SHA256 497e4f333982f8009ed767a0550a9bbf10b8dc5a11be97fe2feff37fc42eb763
SHA512 e7a84f6067d44adc7a8f952b943145ae15aff117ee4b8e621e833311423fb08a784482adb89d7d471ed88aa1c13409ec6dacc28ee046c1f8e7d7284023b5f54b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0

MD5 3cd4a02834fea5276eb95f2fa0d7e4db
SHA1 ad44ff72b755fb51d690e50e88711797ec7a8d13
SHA256 9e3505482a7e4f92c7c9ed86867f0dde7ee150ae482abd8cc02fa8db4c2fbf90
SHA512 138d4daca64cba72839b68f079be8bb358786c0cfd8de9bfc93617962ab6fcf64671b288d99060922839e461b70b361dfcbb64446b61d7515b4a4b29bba42e47

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\be6d12311ce2b399_0

MD5 0f39a47521b5583e3336e263c6300dbb
SHA1 2da6dd6d6265ba74db5c3d4de759a59ae499d23c
SHA256 31e97fa1c207e091fd6a5d880a4e92ae0c729d88aaac4e2c6ad02fcdd304cd8f
SHA512 5cb5f57425fc225ebda18d01da265ab787a16b207d254144a6d2069d07a678dd5c1ea13515a5b89d2329cca7983e9aae8f03236e02c21bc77c52e1f9e5de2d3f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0

MD5 da8a4c9282f526ae99b89b04bd837b0e
SHA1 36d25bf91c6742d1d7ac4ec49329bdc64a25b2c0
SHA256 6c9183d1cad633c8689ffdf1292addf66a09e8df1f27879273e889f776dfb4a8
SHA512 b36432249094ac302430ae37b4924e950a7ff6a165f4127361f00692df88e59f23e1a1f693ddae752686232f68e4f62a5f9e6da986b97be37eba5e95bd9ec6b9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5dd1e579c9681f95_0

MD5 f3e2df2e379a5fde22c9f9c42e2acfb4
SHA1 7013cdcba1a7092ce01b6a5d465fa173af8869a7
SHA256 9d1a59052cd1c1a825ecc809443d6cdb2f10f9a5dda7cc9f2d5b8e948bdf4d96
SHA512 1eed3a0b7288ccc4298685491403d8002674a996835d689d9c179b9d8f6afe57556af730978b9bd97277d4ab0a80d9d9675e8a0f845b936497c49b1bdda79854

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8e5987d08f7b6e11_0

MD5 9952ea3630f63e358a7f559bad1e32ff
SHA1 e5a4b14b20e56a69e985f7f3932e74e5db83e106
SHA256 9163a0e8012d3b89c86ce763d7eba4ca5fb9a90af17294c6c9cb371a471c7a22
SHA512 70b6dbf55d96c8d1fb698783a27f6194f6d927f252d741fa65290514955aef5998d408f5c8ced70ac309934c9e2980d3ac3fa8e2aadc9376d6f1cb477638ed12

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\86b9cbd77d05d034_0

MD5 1255d3ac96ba581380fec577b33cd944
SHA1 968963ba5dc742a2af18bb9c125dbf510acbe4ae
SHA256 47831db7fbf052614da6f0d8bb1481a339c29eb789614099c6a4d058938541a8
SHA512 0ac1d430f3bcb089e49cc10b0fa95dadecce5d151d82415516928ca12c782035fe6a031cbe7a4f122378bb3bb7409ea993c02f8e39bb9d2192bb085529ab8f11

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 786a4b0829295a3c70c3536c967e103b
SHA1 6ae9057e72acf54f072ee37a75cb6109e419b042
SHA256 dbdc4062f51e751471a3dce9cb46b36ff0584bac32e244d301f3c0b17545f53b
SHA512 565c08897ed3a52d5be9de3cb0af2dc691f28b9e81d9f828f7cff7e5fcc4af0a4f61aa79905ed217040ceeca38c0549e23d0dd274926bac0c7219fecb92b77a3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0b319e56e051aa22a96fe97a3ed39b9c
SHA1 6bb6712fbb081216e76dc11b35bc59cdf72e55de
SHA256 6a8b5579f7dc89cb6388cf4ca39820fe9e239ea4e9c244c11d32d9b5e06eedd0
SHA512 8c3d064af2b1cab3f41c19ea652c4bd290a801335e5bbd6a7323d7994d9c6f23ddf152ffeb8b1e98fb22295f4c1464eda44ef81f121a3702c8db3594bc252067

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 042167fbb444f826bbb5de05cb7d7142
SHA1 098d842eed5166d18358f6e5d8af27c0a6598f35
SHA256 69b81b57a6ab72d20d22eeda27d10af7685ad24d5d1e98a4818fddeb203be7c7
SHA512 37910dc88e7f6e4307ff6066f143b38bab6dbf7d5ba0a574ddf52df4984475dc10496dd03034f4c8f34c9c4d51d20d7b95c180f2544f152e0c9cbc5dd02a6929

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 5087489b8d61d073c8759f34ab49d063
SHA1 062fba8c0d54aae2fcee9f4fe8a46320154c548c
SHA256 aca4046e3d7f8a6943aead6bbe32bee33de3c20881437877f4e15a7296f10b15
SHA512 3378d5cf2acde628c79b25448905390c2feae6d3026cf9ee629bd8983bc3284c4f2f322b11f28b3ff37dfe0df4323de037d6d5b259a611faadff56941298754a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 28534dab73acec75ccf59e87e380708b
SHA1 d1de2671c84f8de3afc40127b3a4c51d39b45cfb
SHA256 f26b8b0f59d1b089954b506863ecd0909efded3a6be36ad700412482e2b959d5
SHA512 2977440ba857f5c7c40ebd665a76bf867b7751be1fbec1f2e3554c4443e0b0ac804722923065792fcb5d7d740c629461bf21d53f9e87f99e4a66b0331a820a42

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Platform Notifications\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6fb98af0456a115ff0a1326de0c71569
SHA1 e6555cc72461d7c7d5106dd8e69f9ff0975ff764
SHA256 704a18cdcab2656ceec48f1b3f06df7d82dcc2d1b6b5d9efa77f4ba8475a48e9
SHA512 417bef59828effa5a3422981afd5151a1ab6971667356957642c7f0d1c543f4933c4c371e54412f133dc92a7ade938929ceb6de4324b93ed9ff871cabe506a09

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ef2a657e849f249ff2d08da7a451def6
SHA1 a7ed60447266d03514475cd47fb985d07f584e52
SHA256 166bc6ea17cbd3414e37024fa6cee1cd92658d68d2983992ab3322e0278972e1
SHA512 c2030f735b01a25e8d1148be84d7c5ba06edccd26a13fcdf25b9ddb1e71b491175fbff265f1fd6463ebd668a17e85df31b2039d8e07c9d946a536c00eb485cf4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 75cbf282bf2a2f1102c905bd9c10a8ca
SHA1 9c9c192799ee296001878a529444ec0f5f603425
SHA256 0a59a47e07102087301103faf8b6e457509bb14b5b16f0cd5b6ecac496b30583
SHA512 1f740ef242e6c864f325352a755a6e57099b77f9c1e23072d121d9b7f6c83c0fa896f4b4e6bc5a9b9d2def45037a21172d55c4fa3c409fb4d3c8aea458670a8c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5cad20.TMP

MD5 58a383aa868d9e991bf88fe7eb675e84
SHA1 100c2318245041d324358f64028efdd77298ab2b
SHA256 4c4e4fbfee108ed128e51047b02859e45400d305f1a149f06be5e0e7e9eb1aeb
SHA512 80a9aa501fd7c6661cbda1b052fc4429965bcc6a97b9295cb3c633e26a6012a801e8c7f4f7a1960a79a793c4a52513a508efb00a2c23f062d0f70b1bf2c09d43

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3f8da80d41e5a588_0

MD5 3d368c09b3bf79eacd4995105430f07b
SHA1 ff7869bd8167c1674c3aeae6e42f3ea3bf6f8fcd
SHA256 4d7cc9ffaae24f42a6ff1943b3e37233bc507f9dc16c3592585d3f071e4cd6dc
SHA512 2638330ff82add1e95276490515be06be9932fbad4db5bd011207b7f69d838186bb8660af62d7d7c5f0bedfc933102556dcb6857d919d5b968e7539a5ae348ad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f771ca084572f2d1_0

MD5 66f9283f894584d0f24142855b5ff90d
SHA1 e65bc1d07415cadb9c8f60400335686f31e29ceb
SHA256 8dd71ba552a0283f41406de007e0cfc7bd852c28f56d5c6d96cd80ff5b11a815
SHA512 021f9fd76cc027c90ae40ee6d97b8f09a7a077b880e6f27433501275ca888ddbbe863543b5d2a711a3551b3fcc26dc6727505f13d1b56402154b295812c9f7c6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cba97d08787ac96d_0

MD5 6e976d08a7c91b502b21f12af1be2b22
SHA1 fd700963ee014803403a1d29148c816c444c92da
SHA256 9be2e0501f8c9df15739342596cf796051e8a69d139dab0e5e428b524eb77b9b
SHA512 42c50e18e982c192b67fc117aa1849a3e278c27a6efdc2f871bd844c82a289c2c47db1d9265218097b4e97f151feff49550661571edce566bac7b5171fde4a73

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\61a0b4d20ae0e222_0

MD5 0e6036ab303102de2c0946400ea580dd
SHA1 e1c2d7e4653849ff7b225780941a04c966648614
SHA256 5ff042ab9d60a359d4cae0bc149acf71f94c50909b731c3eb2ee43f3a8bbcbd9
SHA512 77f8fb1defdeba983466a8d8da7fdd00c6b1ee4c818b6cddaffd4963a83b0f48a2ac59ea6bc155c5a9c7e3745917d0778825071b03d217a06af191c4789aba3a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0bbe00d9bf7b798e_0

MD5 12681c0dc227eaf5b0ea4831e5a55ba5
SHA1 d6c7a1c5d82c1e9b763d51fc2f771e108858be73
SHA256 aa073c93cd962cc52780f623433f8f8b4b8e6159e248124a5f522c950f08d00c
SHA512 d4e3988165135129723c1fa080e11ca48212bba318946358098993539e1d3c652c67cae6a66154758b7446cc9d30aab33a742ab28d747bda80efdb2bc73e4b9a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\02eb501c3aa65287_0

MD5 a11fc7b563ca1a38724bd3b9cf1f43ea
SHA1 6205a91bb20a3349baeccb7945d280d3c7c227fa
SHA256 71f27be313596338ed27b231aacfea26afb73f3a1f21b3a5ff1eb8de5e87f601
SHA512 349fc807376daaadeb3b92673c0729b9e1fd8a899456598d62ca0ed72372726cd2166ab7cbe72d8de051fbc5d41ebecfb5bd72894dc3ed28e1080833020fab07

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\90d7d7591a1b39bb_0

MD5 6e157c3c0a958c930db19f55b38b7c90
SHA1 45ea0408199d80094ec2dcc67f717662a78b55cd
SHA256 6cdb33b3377ab95d2f7b9053c61225cf96e92b4a5d0557077da2828cf20bca7a
SHA512 1967c91d786d0f167eec349146a7828d24363b98a8f63b8df080a5443bcfbcd1506e07a0a3e9477d73819a16d73388aa007198b8080f0a50a1a129f6cfb26ed0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\37afe38eb817b647_0

MD5 5720b81509cab262bc723e95f4161041
SHA1 5d4abf72392e82208f9ddb85becdc070e6f4520e
SHA256 914aefdfdf20ef916682e11ac6fc4280220285008d7ea3a619ba2c4619a3e638
SHA512 ac0b44a7d171034123073f01860faffd34a8fd7c1e3da1cf9a3ebebec8979431a76c493bb093c828bc4335321388bea46524eaf7914ba4a86e5954c7c16bbd97

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3a4259a0181983ba_0

MD5 935df47399a0e3de537b26f52b547408
SHA1 80d6f3a67cab81489d82f70786ac05422a39a3da
SHA256 7e774c02c61427deacc90377bda6973e81c12eccec5bd707f6f0789130b5d830
SHA512 af14b47e6f9d0a10b8180a0afd28acd662f684cd017a3ae71bd9194e4e80a2e67bed71cc7f838387697dceb5d5aed17e1a551203e977d129886d48ce64a55833

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\71d68e68ea4089fe_0

MD5 a5642b3c7ac0629d28790601db80e47a
SHA1 23a52ad2580b3ba2ebb81fc2258d925a0c4912e5
SHA256 82ab69a60501cce2054770c3f2bdbbf99bbf77cdb8f397d4056bf21bac8b057d
SHA512 d6944c390337ef42d9335a59023b157f9b186f9d62fb467c01e584c6923722e5ffba6c17b87833c42d6587bef387ebbe6cc6cfb72b8b22e0e8be3f869a05becf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0

MD5 3c8b86ffbe2f3bc71a24b7d592e976ff
SHA1 199f0c5047e58f5c33b28db8b7253115efdcb097
SHA256 bd77764f0fcb53af06d2b8d40b6a5478ded5cffc108abedd7556487a67b3ab82
SHA512 7445f627e9b4671972ee16e886b5c40298b9a3e82ff4a323e16a9c1784c2bb377f750a8245cbd30adc97affa7303c44284402feb70f41c8675a6211744aa32e4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2f4680e8f8f8a14f_0

MD5 c8e80bd2edc755db99e71c0c4c775899
SHA1 5b3b4bd9c1d0af52f8bd2284ef4491ebd0654af2
SHA256 8694d395adbfb59de1f61271d9dc2338a8f5b7e2c7ab527119e657af2c6cb8b2
SHA512 c63497faa03e075efb5ae8722fe0910cfdf079e212c1344f3cdb253f31bc12dec101c2b3d6d9c9aec2a49c4d8deb8f32666dcd57e49b572786c130afacc8e8ba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d79e0a2891fc014a_0

MD5 691dd4bd7f967c2377f962e9dbea2492
SHA1 7f1cbdc27375941b180feb7949b3b0828c523579
SHA256 dcb31bb9216a5444cdade7e335baafba3f112bf4628906839693cda8dbe33297
SHA512 f4d7866b1e76901f12cd90650684e8df54eecfc2362aa12040e6582c11bab830d6997ad12b689413e132bcd1f3bfec16b5bbf8e4f285b952c24b126ac7fa89a6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\20f0d22ff77a1df6_0

MD5 5387d000075ce585d412e7e580a0db44
SHA1 29923217c1629be0599f65bc10fd15680a497940
SHA256 dfeedc599eb162af7f84eb295cbaad51f22be5ca0978237ad56a69ed43dffe0c
SHA512 4cc532afcd77f4b4b1ae84febf98133e85eb19dfc977ba34363a84677ba308e5652b0613a68b88355bb30c4b521c015944faa8449ab6bdc33c5c637215a3e54d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e9c7e700cc3e33cf_0

MD5 438a5f371dd850703548f5e6cd9c320c
SHA1 2f5530a88f89de593e584f28ae50452f42f82eb5
SHA256 637ea2c636f6e54e72b346cfd43a04f48934592cc458777ce4717c41de4ebcfc
SHA512 8bcc96571e765fa8bec3fdd428a3c0a9340aff02dc3e4078d2ab05fdc99bb829ff1e49f5bbe4c48ceafc007a852e4b27f1c712e4176d83e662e0a3706f2f399d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\766094f4b47e839c_0

MD5 a53f40815b35a876e1f098c436db6012
SHA1 53066326d217bccaea3c0e427a9c15786ef529c5
SHA256 0f79d7f148aa2ec5c90b869a2d0f34d076d14144b1553973b848c24769beb5eb
SHA512 514ba6b2b83e6a8cb037a35937f7b843d22574d3b78976dc0671f0cc641ce2a488c784f9e3eea6c8eda0d85d4843c217d2fdc74305e45ae5213276b1e7f6c939

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9dbb949d27873cbc_0

MD5 9f932b3ae1089b4cd117fc787f18515c
SHA1 edbfdf717e0b24b8fd59b6d4887231693509c753
SHA256 d419a23f006ba5536bee3efc1b823d106f0455ea3131b252950e1291a399a3f8
SHA512 48ff5af04481f28aa223bce0afdf77a3e2166666587454180c14017dd89061ee0bfa4fdbbf8542290a88e53e407e78e7c9aa23b45e4ac3d09296f710c3ab5bd4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2076e2a98754e97_0

MD5 c4150f07c1c955f7a2440e961d64ce32
SHA1 cefab0316db7b01d75f09263311c5f5aee3bacc9
SHA256 58a1795e00eb8721cdae34c578d5a1a182a7732c2e92f71849bc661ffaadc5d0
SHA512 120a5f63197619017905d7e1321067f24cb0c7721710c4ceac918a095c055422c2c245bf1d725baa3248acc43b08c67656118a6a763c634af321276c2e0631a3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\624c9bd517fc9c91_0

MD5 b2e95e149d64dceffa70547b808c9981
SHA1 a151a98ae795a368a7528eee682dffe12bb22ab3
SHA256 b9e14578460eef9ca7141d204c07041d6c2963c90eb58ce7e9508dad3af36d9e
SHA512 8c73e97ad0f7222affcab8fd93b52e65e370c29968480b8be50ceb47726b4bebab0e1cfc77faaaf053faed2c2c4a48efb67d24136eb7606aa9832d0e69177dbf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e146fd968644d345_0

MD5 84f3fa1a74860f00b7186f7a7d043b49
SHA1 9d4122aff72aff224aee83e5e8b1ad3cf19da86f
SHA256 feb039b2c5ed0d9d47c25bd0f7a761fc6a1d1a8b4b3604ebd45fde9a2bd00336
SHA512 d1da0d3d79c6eed3a899672b771ddadf698b265e0c71a7eb47199b5bf91addb8f7852df4081cfacb7454c6c30d6bf2c30b5f0f0e49bdda4d1d18e9362f2ecdad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\96bc766215a93e35_0

MD5 79178e0e6feaa3f1bfb44f2595b12374
SHA1 e89e6862b3f90e65a4bf0d6eb46be5a7eb735271
SHA256 286f497473a2a4e2e6a47297263b8a38c198cdcce1bcd24f46fa8710140149f7
SHA512 aa429a08cb0e571c2c67d7c43dafda8ceb45c77fcb5bd2bcfd24a66cc27da088671d42b76d6cf7c83fbd54da4f68aab9bcf7d780e5f49bac919a2dd15da3ecda

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e8c8218aef51a783_0

MD5 d1b7a765444a286506a17235814075c2
SHA1 fd5755433bef99e266d86d8ce37d774b6c1d37e6
SHA256 b7c71bbe82a6fe18ba02a32f542fda2435f1788f8bd3413b527a8b742be1d9e8
SHA512 44ba58d7689b6a6b1f4b7870219db0a32bd7a25e4f362dcbc2637840ec0226b61bfb80012ede32f0333cfaa803cfe9ef06128d59e2cb716f0e5418d0013a70bc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\163cfbbbd670a71e_0

MD5 22cdb8719415b27783d087a4c55cd8f5
SHA1 be87284f1b4e9952f87c1c1a691973115d207347
SHA256 3b630dd2157efa640c49c3e4333a6553ceb93b7b25c78e04e661f793c87d51ab
SHA512 992655e9548039fe13b2cf27b64b1916e8edcf74ff12204181372913bdb4f685ef9740bc22a0c15c406a15f4e42f6edc3654b84c08b7fb54675eff948e719db5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4e9b18b0f66a7183_0

MD5 e4d756b6cbfc9ebd56440cce8a5e3fd1
SHA1 fb525e34fd5189e323a4765bdd2a33cdaebeaf2e
SHA256 d1426a5da32e719ce17a2c8e58a18bdae0db4359fac12cbbaff5ccb3a9f21300
SHA512 3b43994505ddfa61b3e1850eaa1bf753f18e1109eda34dba6df8a77d0a4e4d8ac344339e14352463fe05d8f2f1f4444306badf051e056c2eb39ed2f91b1f6978

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7edad62f11452e41_0

MD5 8116fb420e23b55f0c23edde756dc360
SHA1 47cf4b60ebceaf1b03aa192a7b30a16b11b45ceb
SHA256 e33ecf32888ff1580de8ff02a3e2258be4cf7f87caec3fbc2c74e06596df738a
SHA512 284b5f132a93fe1b9a03d0ac16405f45e7187910902b813273c2fe702ff6c83608342c47e2d3befd9e2ca51098d1b34b76e931c89d8fc88bb0293ee1b70f73f2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e18532de58fe3a53_0

MD5 67a9b2c0f38cea85a333ccbef735d678
SHA1 3113de2f141d146bf013854bc707c88ecad096e2
SHA256 7e163a23f01edca8f887b6b9107e9609ece2b572eaff0bcf74d84b7f1afdf67b
SHA512 2ba8bc1dc2439d07ac0448c02c56afb4fe29274ee2b639e526b13798f3b33dac2b9736aa8051bd8a4c101b3b28be11ebf5cabdee27927be4f654207f82912221

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ce003bafb7f85a78_0

MD5 7ba92b8317439611e7ae1dd77c132eb3
SHA1 3cae01b214c14cdcce26c14b44c513c17297aac5
SHA256 02b70f8da5d730c5eef179c2b40fae837fc45d7ee5b8b38acea14e24b83281ca
SHA512 10af3aa0e246ad80ed19cc5896c9fee0d5c1646a58deac13d5499378e28b79a028f97ba1acc4fa55548937501af5cec290bdecd98ff4cbf6e2cffbbd08073d5a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\42a6ffdd-c4b1-47ca-8c8a-38d8e1fb6945\index-dir\the-real-index~RFe5cb4e0.TMP

MD5 3f6825adebb9da81a4f40d6f49a888fd
SHA1 0ded56b5e7149b5269025ff926789133fe0c221c
SHA256 540c64898c1e5c37707cb3d6ebe91d21835cc22d3bf91a5e681136c600a3719c
SHA512 fb21ffbc5a05a4f47d070243cb89032cf1fb6c912b2495fdc9cb83b364f430dd988f199f601eb980884e36caeb038a5eb2d1fd80cf379f566499a542f0720c2d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\42a6ffdd-c4b1-47ca-8c8a-38d8e1fb6945\index-dir\the-real-index

MD5 604b48f3b6469d83198f812ea9889b0e
SHA1 d6c88ffd2afdb5032a7ee1f6e374cf9ba620a797
SHA256 3e15566373b53f0e11aa09cc1b128d4a97e6835248ef97a2c2acde91ebaf5d9b
SHA512 beb6526a73ffb6b0144d2c2bc625502b5c642c1ca93524029b3e2011ea961606843c77d7102c182e18801be0395bc21183e4f5cb1612db05baf9c1d8db917ff4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 799fe25f34c6ca58714eaaf8a0e69b49
SHA1 555a07cd1c566056dcfdb0c5ea7e4b2eeebe8ff2
SHA256 777d3b67f02fe4d9d248822e614cbc00c8064f099f4d467d643bddf1848c0e20
SHA512 26db4d492e0007abe907358237563f9cc471f5c48e210b8c1010f3c7f31b34a9f6ebee62208d907f63796343b9718858d589606719a9ee1901e379c83dedc965

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5ed84265c0fe5147749779d65bf1485c
SHA1 c03135e689c0313f5ce899a6714969a92034904b
SHA256 120e2982b550b91390ec863e4d855f156494eea35cc8761dcd009fe11496f030
SHA512 2ad90416cc71ff1a70541a8749bb62f6d76b972034fac73941f39f76c1ce5fa443ac48731d803a55eccea35e104df189499fb54129f9d1545d70b977711df8b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c1db5b1d98cd6fa87b66256e5853eed8
SHA1 3786c77760023577e54993a5ac072bb5cfa6449d
SHA256 f58b74c56940959aab5eafcd72e5508a3e077d096093abb27ac907bb61ef1f4b
SHA512 09a95a959c699ca9fb867542e5b7d4d020d67329e904664ba73d566093b1ae544f0797a839eab1af07492ae12de4e155703527bfea059c3cb1188f2269ac009f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 b1f68c88e39c47aa4a866f6ae35f499d
SHA1 9aa05666cc85402b9599e47430cfe482c32ea4c8
SHA256 4b047afdc6631f74d0a105a3d969461cca4a0a1649e307e3a1a0bcce887f01e9
SHA512 dc265fbacbc27f4352e46883dbf5fd26b7a13e4ad559c334ecfce08242bb4c0f1b77683569f183d43f3759cedaf63498e2a4d50ef028eda029e474e27f6622f2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 f65d875c7dec36d2a85371e907e79f43
SHA1 485c08099ad45da6c34cb04e5e108d24e2618de9
SHA256 3dac188237a045498e1d5afb60ea3ec2fc64c4bc242d2fba2ee627249c1c4754
SHA512 3e0786581217174587a53659b4732df251984466402c2333dbd39efe87ca9f8b2a83904b3c5ae4d27e4fa9188a6254500e826c19488500ac22c07462467d3bd1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 489aca8602a62cf6e5c915b87185ab9c
SHA1 4db775608b9563de7a2abf860bb92965b357ebca
SHA256 6ae1eb69d0786143995ea9ef3ddfc5bd729632c4e7afcf2dc919a5f4dcf503e0
SHA512 8163910ff51271fe7aeb01212a28c8bee235a77325ef27b4111c8155bd5068a1784da172cb750b67c85514264a88a87dc73591a4715296da22e7925b7ebba0d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000056

MD5 f53b6d474350dce73f4fdc90c7b04899
SHA1 b06ca246301a6aea038956d48b48e842d893c05a
SHA256 28442a56b016bfade0e368929138aaaadfc36156734e8ec7a6325b3e58fddc25
SHA512 7f275614052ebae8876ad28fc5d48e4f63ed9ebc610ed981f81377ea3ba4c49a2031ff771deb12adabcf33d4789ba35354c1e52524c067a9e7ce078703683f1e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005c

MD5 4c0e50267e16196f98c0817785a8c125
SHA1 23064de7af9d53d06a82fcfb4cb107731127c437
SHA256 5e5dd8d3d067b5a50d9284de24e90b9538b96938d56b024074ef602ae7d83584
SHA512 86ca6e9de22af6d21ac57a3775cdb4a287ee39c1cf656d9dffca64ed09f13dd54c30f324e2ee322014272d504e5a4c09297ba8b75a742f4ee67e314c80021e54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000066

MD5 9b26dbb4f2d9cfd75f214ade72f14bdf
SHA1 502fbd85fb8dd0bff689d93a285adbc3ebe01ecc
SHA256 40ea02a6a6fe75d802200c23c355a036f25f206e0d4c0103e33dfbd46f9a255a
SHA512 7df569979ec28ce731328459dc5aabc0527e4182f44f4b25eb91a4c31addf9eb09166e5e8bf985a00b3b8527ad8fbfd86466b398eae1bc8918f7959f6614be81

C:\Users\Admin\Downloads\Unconfirmed 587233.crdownload

MD5 a66fca48c491e7240058d45750a99adc
SHA1 6dd376bfcd40d6d66398159adde6cd28adfaee5e
SHA256 c12d33628c068b9e224355d64f118c1a0cd669ef0516ee9dde456f89d35ecd9c
SHA512 f32a0bf3e4cddc5104c960c91fc98a8f0afeb2336dc628d426cd30352cb8d5f305cbd88164e039146e97f56ec91bc350dbc160bd20c93946c4e4985c071fd151

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 41f90d4fd5db395ec0d92b49e7d5405b
SHA1 4db2001398a6afe107c10b27b6e3fb28c181c135
SHA256 8a79604053512abd923cc24297dc4d65266b2f04cf6ddb9c5ac079e67be9d718
SHA512 bf1f8d5f33bd35bb15a8d9a5b8f7b397de1f2a95460c937a6e3d05b48b4bae23e6097be8f1613a7cfd33eaff1ae2c643384e87fe8dd2a727a3df54fdc118e8a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8b63c556e071c58994811bb297bde0d6
SHA1 872557e4ac821294f6053a86363332181206752a
SHA256 a12bab274b771ce6907d84d97d3037a45add2ff02b4e6bd534b610ccf91a17c3
SHA512 2f2f9426814ef8c2a49e84bb1bf38f3838c9f406e58de615d37bd8b4b00413ad8bf8683a903b84ac27bcc978ab5cecd9ed7fc77f31e0315e3b189454304086ab

C:\Users\Admin\Downloads\JJSploit_8.11.2_x64_en-US.msi:Zone.Identifier

MD5 fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1 d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256 eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512 aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 1e9220e25273fa31c1915824354f5dab
SHA1 6ccfa1873002db0b23656d7998fa06a918931fda
SHA256 d4dfe072b6a413be5a5b1461f0232c4549213cf93ee9aef3ae8c54e119bd7e05
SHA512 abfdcba8d0214b60ac840add01822b00cfd79fe86f8e9ed78f0e5a9ae87dbcb2de1a40d520f038aac9003cbd3c581be224940fa92c13acfa609ac5b5e488ea92

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f60299a7674839db63f60baf6cf24e4e
SHA1 08ff6bc424072f6e70be27624e3ceca0f81e3829
SHA256 9287261161ed80b6990deb429bc0672c8bdd138cda3116efe403ea72e4c75c48
SHA512 2eae05eae3ea82a5fbdaad7c69c0f75a69164151caadc70fd09716a98db2cc57f64a97b44e477bb0cc793b3d29e31f9a504c3f012ba72e9dfe22cfe903db826a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 473257a9b2fc9df2c01ee30a4a5b81f4
SHA1 1d215a8fca611e3ebd3b5761eab36bfae993ec00
SHA256 e296a444f72a2cbef017d624bae409e309359fb66c29d32d05d3290c2dc1b669
SHA512 d20579f4372844c47e9f9a1a914624005c3483e498158a82e0a8b55305466f101cc3d6ea2007fbe8751e78088ef063b910996fb79a78159a34d47281c1b25767

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 550e4f461faa78529f670e321a235ccf
SHA1 124638d4da9134a569ab7aa3edb8126aab8c08dc
SHA256 4f392860632467067df3dadd4d26af0c4f54aa9ec9ae71f7ff01b52357e27990
SHA512 e7ba720de376088296ce1eb1a860af762b70222e210ff5e81779508f53876547708516a12409cfc8046a9647df9647f717b58793e17385284d2e6c83980c7adc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 cca34973009340e02f107f4ebf1d694a
SHA1 aff6b15eedbbade36a8e5ea87ed91dfbfd730121
SHA256 a70a492286d7717b728d40447ce704a4d48bef9ce76c2f2490d7d557152a1e12
SHA512 9d349a7289cc4dea873f6be21ba7ac23d87bf0e6dcd8b0eaeaa172e081af0ef02dc753bc0cd75e0ff0019df8ef9594fe9ca3d8ad4c7560a249b6b76e0f6cf276

C:\Users\Admin\AppData\Local\Temp\MSIBCDA.tmp

MD5 cfbb8568bd3711a97e6124c56fcfa8d9
SHA1 d7a098ae58bdd5e93a3c1b04b3d69a14234d5e57
SHA256 7f47d98ab25cfea9b3a2e898c3376cc9ba1cd893b4948b0c27caa530fd0e34cc
SHA512 860cbf3286ac4915580cefaf56a9c3d48938eb08e3f31b7f024c4339c037d7c8bdf16e766d08106505ba535be4922a87dc46bd029aae99a64ea2fc02cf3aec04

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JJSploit\JJSploit.lnk~RFe5deea8.TMP

MD5 e21b8aeb0ca538a58de3cb851824d10f
SHA1 71fff73e7c5661754a08834f55f253d037c5f0c3
SHA256 4ddadb8149e11f5eff3fcd88ee723fb05f8c4d08e570c213a7d3ae3b2f1870b7
SHA512 4909417cb232863d22fd279dd5f837c8adba83eccc30ad132eaef8cb136dbce2f0d257f1bff9a7ae4644de02285e457a4023fcfe64a3b2765f15292142b03ab1

C:\Program Files\JJSploit\JJSploit.exe

MD5 ac90656aa0e7a6c9740d42de9eb9067b
SHA1 7fc1cb3c443a74b1a225745983161371e69418a4
SHA256 0cb87057fe24e9139ce49dc5919c03dc67016c0ca740e4fe73751dd8f4881234
SHA512 6dfc03ceba3e27cb137d028a8ee7621b4a5c68a8de892e7527eae79941144b0799704a1b5595535e353e625b3795a1c8dca81a10ef5bd6e738f0b696a3a209fc

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JJSploit\JJSploit.lnk

MD5 26eee02ca3e50be2e920f29171a486c8
SHA1 8a8560ab0a34139cee52e877e620db5e702e2670
SHA256 66862f2626066ae3909610a2e7f9079a8dc26a7c3daf65525555b2ec216c219a
SHA512 8b382824d3473a6ad15eabf953b3948a87396fff47a36b0d62ef009d48c92d5d590ec0da9068cbd89999c53da2bc394704bb0cb58e4d349a214a1d8ef9032708

C:\Config.Msi\e5decc5.rbs

MD5 e4bffd5f95cabe24eb15d505b0c17897
SHA1 7dcd345f17fb14860873dc61113adf37fc0fa898
SHA256 5fa4bbf9b367a0b22a0b0b4399e37ae186f8112d09d213716be371c017adba7c
SHA512 184f4417d173eea1ee887c2f1971e9d0c6270089a2ad6cedacf325ae126ade4314a1da435a30694709ea2b5634ca91f632381f4bc220483d61503d9148ebdfd8

C:\Users\Admin\AppData\Local\Temp\MSIF793.tmp

MD5 8edc1557e9fc7f25f89ad384d01bcec4
SHA1 98e64d7f92b8254fe3f258e3238b9e0f033b5a9c
SHA256 78860e15e474cc2af7ad6e499a8971b6b8197afb8e49a1b9eaaa392e4378f3a5
SHA512 d26c9dce3c3d17583ffb5dbcd3989f93b096a7f64a37a2701a474c1bf4b8c8b1e922c352d33f24e411f1c793e1b4af11a3aec1de489087d481b1b636df2050cd

memory/5192-1942-0x00007FFFEAD30000-0x00007FFFEAD31000-memory.dmp

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Code Cache\js\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Crashpad\settings.dat

MD5 4a184f424eb541007edfb12757f2dbae
SHA1 5c87c947ff4d582cd53b82c023dd0b11a07b20b4
SHA256 c74bbc1998326db62c28d925f7199254f1265bfa0392ff3a03331cfd6486cc15
SHA512 0a16ea34b5eb2a524ed2c908e624e86cc0956fed3517713469c2277e99f3508740c82256a77885865e9ad3580153ed07bedc9f39b25eb44d49602e902f43dca0

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\GPUCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\GPUCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\GPUCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\f3982d10-8cc7-49b6-bcef-c0e0010eaf1e.tmp

MD5 e32fbb548322dd6d8fc30a761e99e967
SHA1 7a83c07ed1f57125df4e2f5eb6248f70bfb71a92
SHA256 3533c00e3a513b86cc37a3721ac5375452a7bf9acb07208f6ba539b1e5adcf72
SHA512 7c343d8db9447b83c6a01b50b9216b8347812ec7f886fdd61a3d6a96d605c4c1e2177756048579a60cd817473cdb98f8e8dd6a43e60172e665b20787bb4c23ee

memory/5640-2030-0x0000026DEF6F0000-0x0000026DEF75F000-memory.dmp

memory/5348-2087-0x000001E6EFA10000-0x000001E6EFA7F000-memory.dmp

memory/5192-2088-0x0000025BDFCE0000-0x0000025BDFD4F000-memory.dmp

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\62f3b25d-3fb2-45f6-ab3c-65789da16c1b.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

memory/5888-2118-0x0000020D6BB70000-0x0000020D6BBDF000-memory.dmp

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Local State

MD5 3bdcd920fbc2c3562963320d26e8eea1
SHA1 cc6519f9d9de9659d04530bb19f6b0e75d5f8be9
SHA256 2e67b2207407983b54bef0724dc4a1e166657b769cb514b42a2add73fd588762
SHA512 a834b1d678717749588307eafadebadfd25cc8a92e30e16108161f87758787f97edb3b05000f961c6dea23dc22f097ab60b8833caeea0d5f83b5d283aabb73b1

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Preferences

MD5 50ee39eb1f0cff2cec839a7cfe20842a
SHA1 7c5b0b5c684ce2a945232d7c356ea2e499686cf0
SHA256 407158c2b5f94599b22d8c30bf6c61365c01ddbf98ae19e6d304230b4b015722
SHA512 c9b7947ae13cb6cc92bb67c7393ccf0f7a7e09e862a68dfabe8953664b392f686b42c3580453c564541af95789cf30c6566792d581d89539a76819d5b0e2749e

memory/1416-2154-0x000001EAEFBC0000-0x000001EAEFC2F000-memory.dmp

memory/5596-2155-0x0000021C28120000-0x0000021C2818F000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 5ed675cb86ff8632aabcc9509678741f
SHA1 4914254c36dd415a1dec4624c8bc92b078860068
SHA256 44561b049f4abb79e8febde7c15b44be018788e921a145e2f94a6c27a87e1b5a
SHA512 937b370624062c86898e9c8cd18ffc723c38c064daef456d16ca6dde4bc75d21fde3b77e434243b11d6fed0abca25cef9ba2936a1b43539cb9aec3826ab31125

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 e3ed2ec5498c44b3a2b67d54fed5ca34
SHA1 282b1285d678e0a3c6c7de3dfd576c6d52457660
SHA256 5d04be53b84f39f9482aa2e9410f00eff4c3a0e84a71bb3603aac087dbb2cc76
SHA512 43ec754126cc8cb923867ae6f883c4e753b566a25809d2f3dc34ad8905192950bf39737e641f3efd7b09dfe21b3797e729c8f5608a236aa0923007d81e3636b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 975d8a6cbdc49a30b6e915b2a912212d
SHA1 06371fecf853d5f22394e1437188e7f8818ea695
SHA256 a28d2c97ca6b54a9dbabbf836a9637a0add3547d133430028b23524d8b2eaace
SHA512 2d32f29b1e995a6557e4ef42a2a6d93cd6edf3703230ac81a28a947014a5ae8a3c60acf3914258192c7f5e800a2c93ef4fc1f17c9c8fd7f599f2b5a52745ff4e

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Local State

MD5 82b3f7a5119e842520bbccb8040d0c53
SHA1 60da4d9235784042a900e49663b3ddfe31780c2c
SHA256 17ca9ada16bf4865a1f17909323671f1a00f3364e304dc0147fbc3eecad0e370
SHA512 64011cac9dacc8962f64efa8b5835392d1f8b7d306630a5bf0f5c40c701ea82b7c253d4091092340052f0f96cd8e47ee6666a72e6a5b2ef61a19c5a847c3fb03

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Preferences

MD5 37c0f4566caf8f15832e0f8f66725729
SHA1 55bf6dddef85a0bbeba4e96e936fbd6ec29ad055
SHA256 d25ee09bf07649eb8000747ae5053f057889c33781b59aaf5fd61c4c35e38fac
SHA512 a93ece2bf9909e24fbaf9fda7a73a8f58237339703411bcc41a1161f1effea771be7b6c08c3d01f93696794b09234c624cba5ae8cc329f402fa8a7e34b010638

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network Persistent State

MD5 4df4574bfbb7e0b0bc56c2c9b12b6c47
SHA1 81efcbd3e3da8221444a21f45305af6fa4b71907
SHA256 e1b77550222c2451772c958e44026abe518a2c8766862f331765788ddd196377
SHA512 78b14f60f2d80400fe50360cf303a961685396b7697775d078825a29b717081442d357c2039ad0984d4b622976b0314ede8f478cde320daec118da546cb0682a

memory/5420-2404-0x0000023C0A580000-0x0000023C0A5EF000-memory.dmp

memory/3120-2405-0x0000020405AD0000-0x0000020405B3F000-memory.dmp