Malware Analysis Report

2025-03-14 21:48

Sample ID 250203-3smbsayrdm
Target https://sites.google.com/view/pachimon/home
Tags
google defense_evasion discovery persistence phishing privilege_escalation spyware stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file https://sites.google.com/view/pachimon/home was found to be: Likely malicious.

Malicious Activity Summary

google defense_evasion discovery persistence phishing privilege_escalation spyware stealer trojan

Boot or Logon Autostart Execution: Active Setup

Executes dropped EXE

Loads dropped DLL

Reads user/profile data of web browsers

Event Triggered Execution: Component Object Model Hijacking

Checks whether UAC is enabled

Legitimate hosting services abused for malware hosting/C2

Checks installed software on the system

Checks system information in the registry

Drops file in System32 directory

Detected potential entity reuse from brand GOOGLE.

Drops file in Program Files directory

Subvert Trust Controls: Mark-of-the-Web Bypass

Drops file in Windows directory

Browser Information Discovery

System Location Discovery: System Language Discovery

System Network Configuration Discovery: Internet Connection Discovery

Enumerates physical storage devices

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Enumerates system info in registry

Suspicious use of WriteProcessMemory

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies data under HKEY_USERS

Suspicious behavior: EnumeratesProcesses

Modifies registry class

NTFS ADS

Suspicious use of SendNotifyMessage

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2025-02-03 23:46

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2025-02-03 23:46

Reported

2025-02-04 00:17

Platform

win11-20241007-en

Max time kernel

1800s

Max time network

1685s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://sites.google.com/view/pachimon/home

Signatures

Boot or Logon Autostart Execution: Active Setup

persistence
Description Indicator Process Target
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\IsInstalled = "1" C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Version = "43,0,0,0" C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\ = "Google Chrome" C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\StubPath = "\"C:\\Program Files\\Google\\Chrome\\Application\\132.0.6834.160\\Installer\\chrmstp.exe\" --configure-user-settings --verbose-logging --system-level --channel=stable" C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Localized Name = "Google Chrome" C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A

Event Triggered Execution: Component Object Model Hijacking

persistence privilege_escalation

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\ChromeSetup.exe N/A
N/A N/A C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe N/A
N/A N/A C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\132.0.6834.160_chrome_installer.exe N/A
N/A N/A C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
N/A N/A C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
N/A N/A C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
N/A N/A C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\132.0.6834.160\elevation_service.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Reads user/profile data of web browsers

spyware stealer

Checks installed software on the system

discovery

Checks whether UAC is enabled

defense_evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A sites.google.com N/A N/A
N/A drive.google.com N/A N/A
N/A drive.google.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A sites.google.com N/A N/A
N/A drive.google.com N/A N/A
N/A sites.google.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Detected potential entity reuse from brand GOOGLE.

phishing google
Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\ar.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\vi.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\vk_swiftshader.dll C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\updater.log C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\fi.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\pt-PT.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\ro.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\sw.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\PrivacySandboxAttestationsPreloaded\privacy-sandbox-attestations.dat C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\dxcompiler.dll C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\Crashpad\settings.dat C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
File created C:\Program Files (x86)\Google\GoogleUpdater\9582e583-25b7-4fa7-a1a0-1faec479d36c.tmp C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\fa.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\it.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\chrome_pwa_launcher.exe C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File opened for modification C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\GoogleUpdater\3497674c-a01b-43c2-827c-8fa11086bed0.tmp C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
File created C:\Program Files (x86)\Google\GoogleUpdater\db2eafe4-3e15-4b1e-b5a7-0b2b24a9d438.tmp C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\prefs.json C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\Crashpad\settings.dat C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\el.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\hr.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\hu.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\kn.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\nb.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\te.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\Crashpad\settings.dat C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\Crashpad\settings.dat C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\updater.log.old C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\vulkan-1.dll C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\Crashpad\settings.dat C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\fr.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\libGLESv2.dll C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\os_update_handler.exe C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\updater.log C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\prefs.json C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\et.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\updater.log C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\am.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\ms.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\sr.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\Crashpad\metadata C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\updater.log.old C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\ko.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\ta.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\VisualElements\LogoBeta.png C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\WidevineCdm\LICENSE C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\GoogleUpdater\a2aa9883-2c66-4628-93f2-6383e93b243e.tmp C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\a2aa9883-2c66-4628-93f2-6383e93b243e.tmp C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\updater.log.old C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
File created C:\Program Files (x86)\Google\GoogleUpdater\prefs.json~RFe5eca53.TMP C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
File created C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\Crashpad\settings.dat C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\icudtl.dat C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\en-GB.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\resources.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\VisualElements\Logo.png C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\VisualElements\LogoCanary.png C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Application\chrome_proxy.exe C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\chrome_200_percent.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\GoogleUpdater\38467341-e7df-4765-a71a-ee5704938ddd.tmp C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\pl.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source3272_768756471\Chrome-bin\132.0.6834.160\Locales\zh-CN.pak C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Application\132.0.6834.160\Installer\chrmstp.exe C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\zh_TW\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\iw\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\ms\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\manifest.fingerprint C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\lo\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\hr\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\132.0.6834.160_chrome_installer.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\km\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\zh_HK\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\71ca2af2-fb19-4eb4-99a5-5ad03ac0058b.tmp C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\hi\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\ta\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\offscreendocument_main.js C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\ro\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\id\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\kk\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\ur\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\SystemTemp\Crashpad\metadata C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\si\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\no\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\ne\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\lt\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\es\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\SystemTemp\Crashpad\settings.dat C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\service_worker_bin_prod.js C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_2014983279\manifest.fingerprint C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\de\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\offscreendocument.html C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\uk\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\ar\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1468611666\manifest.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\gu\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\pt_BR\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\lv\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\manifest.json C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\te\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_url_fetcher_3868_1944614867\GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_86_1_0.crx C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\da\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\132.0.6834.160_chrome_installer.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\zh_CN\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe C:\Users\Admin\Downloads\ChromeSetup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\_metadata\verified_contents.json C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_2014983279\LICENSE.txt C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\az\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\ml\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\hu\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\ko\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\tr\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\hy\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\bg\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\es_419\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\sv\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\mn\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\eu\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\be\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\mr\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\zu\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\it\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1468611666\LICENSE C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\cs\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\fil\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1160604959\_locales\cy\messages.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Subvert Trust Controls: Mark-of-the-Web Bypass

defense_evasion
Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\ChromeSetup.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\ChromeSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A

System Network Configuration Discovery: Internet Connection Discovery

discovery
Description Indicator Process Target
N/A N/A C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
N/A N/A C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\132.0.6834.160_chrome_installer.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Google\Chrome C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Google C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Google\Chrome\InstallerPinned = "0" C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133831002460863535" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F258BE54-7C5F-44A0-AAE0-730620A31D23}\1.0\0\win64\ = "C:\\Program Files (x86)\\Google\\GoogleUpdater\\134.0.6985.0\\updater.exe\\6" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{DD42475D-6D46-496A-924E-BD5630B4CBBA}\1.0\0\win64\ = "C:\\Program Files (x86)\\Google\\GoogleUpdater\\134.0.6985.0\\updater.exe\\6" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{0CD01D1E-4A1C-489D-93B9-9B6672877C57}\ProxyStubClsid32 C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{247954F9-9EDC-4E68-8CC3-150C2B89EADF}\1.0\0\win32\ = "C:\\Program Files (x86)\\Google\\GoogleUpdater\\134.0.6985.0\\updater.exe\\6" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{494B20CF-282E-4BDD-9F5D-B70CB09D351E}\1.0\0\win32 C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface\{7B34C2B2-E363-5042-B6A7-752B2DCBE41A}\ProxyStubClsid32 C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{534F5323-3569-4F42-919D-1E1CF93E5BF6}\ServiceParameters = "--com-service" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface\{F258BE54-7C5F-44A0-AAE0-730620A31D23}\ProxyStubClsid32 C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B7FD5390-D593-5A8B-9AE2-23CE39822FD4}\TypeLib\Version = "1.0" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\ChromePDF\DefaultIcon C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\ChromeHTML\Application\ApplicationIcon = "C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe,0" C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface\{E9CD91E3-A00C-4B9E-BD63-7F34EB815D98}\TypeLib C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{27634814-8E41-4C35-8577-980134A96544}\1.0\0 C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\ChromeHTML\DefaultIcon C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{F4FE76BC-62B9-49FC-972F-C81FC3A926DB}\1.0\0\win64 C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{DD42475D-6D46-496A-924E-BD5630B4CBBA}\1.0 C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface\{F63F6F8B-ACD5-413C-A44B-0409136D26CB}\ProxyStubClsid32 C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{34527502-D3DB-4205-A69B-789B27EE0414}\ProxyStubClsid32 C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{27634814-8E41-4C35-8577-980134A96544}\1.0\0\win32\ = "C:\\Program Files (x86)\\Google\\GoogleUpdater\\134.0.6985.0\\updater.exe\\6" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B16B5A0E-3B72-5223-8DF0-9117CD64DE77}\TypeLib\Version = "1.0" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{699F07AD-304C-5F71-A2DA-ABD765965B54}\1.0 C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F4334319-8210-469B-8262-DD03623FEB5B}\TypeLib\ = "{F4334319-8210-469B-8262-DD03623FEB5B}" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\.xht\OpenWithProgids C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\GoogleUpdate.Update3WebMachine\CurVer C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{85AE4AE3-8530-516B-8BE4-A456BF2637D3} C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{513BC7DA-6B8D-45F7-90A0-2E9F66CEF962}\ProxyStubClsid32 C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{ACAB122B-29C0-56A9-8145-AFA2F82A547C}\1.0\0\win64 C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{1F1289FD-DD10-4579-81F6-1C59AAF2E1A9}\1.0 C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\ChromeHTML\Application\ApplicationDescription = "Access the Internet" C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F4FE76BC-62B9-49FC-972F-C81FC3A926DB}\TypeLib\Version = "1.0" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\AppID C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{B16B5A0E-3B72-5223-8DF0-9117CD64DE77}\1.0\0\win64\ = "C:\\Program Files (x86)\\Google\\GoogleUpdater\\134.0.6985.0\\updater.exe\\4" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B685B009-DBC4-4F24-9542-A162C3793E77}\ = "IPolicyStatusSystem" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{D576ED7F-31DA-4EE1-98CE-1F882FB3047A}\1.0 C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface\{128C2DA6-2BC0-44C0-B3F6-4EC22E647964} C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{521FDB42-7130-4806-822A-FC5163FAD983}\ProgID C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{699F07AD-304C-5F71-A2DA-ABD765965B54}\1.0\0\win32\ = "C:\\Program Files (x86)\\Google\\GoogleUpdater\\134.0.6985.0\\updater.exe\\4" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{E9CD91E3-A00C-4B9E-BD63-7F34EB815D98}\1.0\0\win32\ = "C:\\Program Files (x86)\\Google\\GoogleUpdater\\134.0.6985.0\\updater.exe\\6" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{18D0F672-18B4-48E6-AD36-6E6BF01DBBC4}\1.0\0\win32 C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{0486745C-8D9B-5377-A54C-A61FFAA0BBE4}\1.0\0\win64 C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{513BC7DA-6B8D-45F7-90A0-2E9F66CEF962} C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D106AB5F-A70E-400E-A21B-96208C1D8DBB}\ = "IProcessLauncher2" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface\{34527502-D3DB-4205-A69B-789B27EE0414}\TypeLib C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B34C2B2-E363-5042-B6A7-752B2DCBE41A}\ = "IUpdaterInternalCallbackSystem" C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D39AC5FB-3662-521F-B4DA-149AA6CB515E}\TypeLib\Version = "1.0" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F258BE54-7C5F-44A0-AAE0-730620A31D23}\ = "IAppVersionWebSystem" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{247954F9-9EDC-4E68-8CC3-150C2B89EADF}\1.0\ = "GoogleUpdater TypeLib for ICurrentState" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\ChromeHTML\Application\AppUserModelId = "Chrome" C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{1588C1A8-27D9-563E-9641-8D20767FB258}\1.0\0\win32 C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F258BE54-7C5F-44A0-AAE0-730620A31D23}\TypeLib\ = "{F258BE54-7C5F-44A0-AAE0-730620A31D23}" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{18D0F672-18B4-48E6-AD36-6E6BF01DBBC4}\1.0\0\win32\ = "C:\\Program Files (x86)\\Google\\GoogleUpdater\\134.0.6985.0\\updater.exe\\6" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{E9CD91E3-A00C-4B9E-BD63-7F34EB815D98} C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface\{1F1289FD-DD10-4579-81F6-1C59AAF2E1A9}\ProxyStubClsid32 C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{F4FE76BC-62B9-49FC-972F-C81FC3A926DB}\1.0 C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8476CE12-AE1F-4198-805C-BA0F9B783F57}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0CD01D1E-4A1C-489D-93B9-9B6672877C57}\ = "IAppVersionWeb" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B7FD5390-D593-5A8B-9AE2-23CE39822FD4}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B7FD5390-D593-5A8B-9AE2-23CE39822FD4}\TypeLib\Version = "1.0" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{699F07AD-304C-5F71-A2DA-ABD765965B54}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\WOW6432Node\CLSID\{521FDB42-7130-4806-822A-FC5163FAD983} C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface\{F4334319-8210-469B-8262-DD03623FEB5B} C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{6430040A-5EBD-4E63-A56F-C71D5990F827}\1.0\0 C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface\{1588C1A8-27D9-563E-9641-8D20767FB258}\TypeLib C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface\{F966A529-43C6-4710-8FF4-0B456324C8F4} C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 385263.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\ChromeSetup.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe N/A
N/A N/A C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe N/A
N/A N/A C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe N/A
N/A N/A C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe N/A
N/A N/A C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe N/A
N/A N/A C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe N/A
N/A N/A C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: 33 N/A C:\Users\Admin\Downloads\ChromeSetup.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Users\Admin\Downloads\ChromeSetup.exe N/A
Token: 33 N/A C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\132.0.6834.160_chrome_installer.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\132.0.6834.160_chrome_installer.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3756 wrote to memory of 3804 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 3804 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 5000 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 1660 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 1660 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 4336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 4336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 4336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 4336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 4336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 4336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 4336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 4336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 4336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 4336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 4336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 4336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 4336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 4336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 4336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 4336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 4336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 4336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 4336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3756 wrote to memory of 4336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://sites.google.com/view/pachimon/home

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe1d1f3cb8,0x7ffe1d1f3cc8,0x7ffe1d1f3cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1924 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2688 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5028 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5128 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5496 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3804 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4848 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5708 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5448 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6124 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004DC 0x00000000000004C8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6532 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6288 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6520 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6480 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6980 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6848 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7208 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7144 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4680 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7472 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7560 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7484 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7480 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7548 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=8292 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8280 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8272 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6284 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7640 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8708 /prefetch:8

C:\Users\Admin\Downloads\ChromeSetup.exe

"C:\Users\Admin\Downloads\ChromeSetup.exe"

C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe

"C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe" --install=appguid={8A69D345-D564-463C-AFF1-A69D9E530F96}&iid={E8BA590F-A9C9-A88D-C50B-0ACE1E376FD1}&lang=en&browser=5&usagestats=1&appname=Google%20Chrome&needsadmin=prefers&ap=x64-statsdef_1&brand=GGRF&installdataindex=empty --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/enterprise_companion/*=2,*/chrome/updater/*=2

C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe

C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=134.0.6985.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x2b0,0x2b4,0x2b8,0x28c,0x2bc,0x127c460,0x127c46c,0x127c478

C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe" --system --windows-service --service=update-internal

C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=134.0.6985.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x294,0x298,0x29c,0x270,0x2a0,0x10dc460,0x10dc46c,0x10dc478

C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe" --system --windows-service --service=update

C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=134.0.6985.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x294,0x298,0x29c,0x270,0x2a0,0x10dc460,0x10dc46c,0x10dc478

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\132.0.6834.160_chrome_installer.exe

"C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\132.0.6834.160_chrome_installer.exe" --verbose-logging --do-not-launch-chrome --channel=stable --installerdata="C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\71ca2af2-fb19-4eb4-99a5-5ad03ac0058b.tmp"

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe

"C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe" --install-archive="C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\CHROME.PACKED.7Z" --verbose-logging --do-not-launch-chrome --channel=stable --installerdata="C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\71ca2af2-fb19-4eb4-99a5-5ad03ac0058b.tmp"

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=132.0.6834.160 --initial-client-data=0x260,0x264,0x268,0x23c,0x26c,0x7ff6da29bd98,0x7ff6da29bda4,0x7ff6da29bdb0

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe

"C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe" --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1168_2070189022\CR_5D4B1.tmp\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=132.0.6834.160 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff6da29bd98,0x7ff6da29bda4,0x7ff6da29bdb0

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --from-installer

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=132.0.6834.160 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffe09e4dcf8,0x7ffe09e4dd04,0x7ffe09e4dd10

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1924,i,9095131604123980130,4184482345133667196,262144 --variations-seed-version --mojo-platform-channel-handle=1920 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=2196,i,9095131604123980130,4184482345133667196,262144 --variations-seed-version --mojo-platform-channel-handle=2200 /prefetch:11

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2340,i,9095131604123980130,4184482345133667196,262144 --variations-seed-version --mojo-platform-channel-handle=2512 /prefetch:13

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3232,i,9095131604123980130,4184482345133667196,262144 --variations-seed-version --mojo-platform-channel-handle=3272 /prefetch:1

C:\Program Files\Google\Chrome\Application\132.0.6834.160\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\132.0.6834.160\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3240,i,9095131604123980130,4184482345133667196,262144 --variations-seed-version --mojo-platform-channel-handle=3636 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4008,i,9095131604123980130,4184482345133667196,262144 --variations-seed-version --mojo-platform-channel-handle=3880 /prefetch:9

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4468,i,9095131604123980130,4184482345133667196,262144 --variations-seed-version --mojo-platform-channel-handle=4624 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4832,i,9095131604123980130,4184482345133667196,262144 --variations-seed-version --mojo-platform-channel-handle=4932 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5516,i,9095131604123980130,4184482345133667196,262144 --variations-seed-version --mojo-platform-channel-handle=5524 /prefetch:14

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5576,i,9095131604123980130,4184482345133667196,262144 --variations-seed-version --mojo-platform-channel-handle=5600 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5628,i,9095131604123980130,4184482345133667196,262144 --variations-seed-version --mojo-platform-channel-handle=5584 /prefetch:1

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5528,i,9095131604123980130,4184482345133667196,262144 --variations-seed-version --mojo-platform-channel-handle=5964 /prefetch:14

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5524,i,9095131604123980130,4184482345133667196,262144 --variations-seed-version --mojo-platform-channel-handle=4996 /prefetch:14

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5660,i,9095131604123980130,4184482345133667196,262144 --variations-seed-version --mojo-platform-channel-handle=5716 /prefetch:9

C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe" --system --windows-service --service=update

C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=134.0.6985.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x274,0x278,0x29c,0x270,0x2a0,0x10dc460,0x10dc46c,0x10dc478

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=244,i,9095131604123980130,4184482345133667196,262144 --variations-seed-version --mojo-platform-channel-handle=3292 /prefetch:14

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=4564,i,9095131604123980130,4184482345133667196,262144 --variations-seed-version --mojo-platform-channel-handle=4544 /prefetch:14

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=4560,i,9095131604123980130,4184482345133667196,262144 --variations-seed-version --mojo-platform-channel-handle=4300 /prefetch:14

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=3292,i,9095131604123980130,4184482345133667196,262144 --variations-seed-version --mojo-platform-channel-handle=3624 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8808 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7740 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8148 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=3440,i,9095131604123980130,4184482345133667196,262144 --variations-seed-version --mojo-platform-channel-handle=3748 /prefetch:14

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=3672,i,9095131604123980130,4184482345133667196,262144 --variations-seed-version --mojo-platform-channel-handle=4456 /prefetch:14

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=3444,i,9095131604123980130,4184482345133667196,262144 --variations-seed-version --mojo-platform-channel-handle=4024 /prefetch:10

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8576 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8488 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8504 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8964 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8968 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4860 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9304 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8824 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9888 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2984 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=on_device_model.mojom.OnDeviceModelService --lang=en-US --service-sandbox-type=on_device_model_execution --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5976,i,9095131604123980130,4184482345133667196,262144 --variations-seed-version --mojo-platform-channel-handle=5020 /prefetch:14

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004DC 0x00000000000004C8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9012 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10068 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8556 /prefetch:1

C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe" --wake --system

C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=134.0.6985.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x294,0x298,0x29c,0x270,0x2a0,0x10dc460,0x10dc46c,0x10dc478

C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe" --system --windows-service --service=update-internal

C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=134.0.6985.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x294,0x298,0x29c,0x270,0x2a0,0x10dc460,0x10dc46c,0x10dc478

C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe" --system --windows-service --service=update

C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=134.0.6985.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x2a0,0x2a4,0x2a8,0x27c,0x2ac,0x10dc460,0x10dc46c,0x10dc478

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9520 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9028 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10052 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9236 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9520 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8876 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9484 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6932 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9616 /prefetch:1

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9744 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10752 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,9361874569668547020,16150426099388410619,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6932 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 2.159.190.20.in-addr.arpa udp
DE 172.217.18.14:443 sites.google.com tcp
DE 142.250.186.46:443 fundingchoicesmessages.google.com tcp
US 8.8.8.8:53 46.186.250.142.in-addr.arpa udp
US 8.8.8.8:53 74.206.58.216.in-addr.arpa udp
US 8.8.8.8:53 227.181.250.142.in-addr.arpa udp
DE 142.250.186.46:443 fundingchoicesmessages.google.com udp
DE 142.250.186.97:443 1820244392-atari-embeds.googleusercontent.com tcp
DE 172.217.18.14:443 sites.google.com udp
DE 142.250.185.110:443 play.google.com tcp
DE 142.250.185.110:443 play.google.com udp
DE 142.250.186.97:443 1820244392-atari-embeds.googleusercontent.com udp
N/A 224.0.0.251:5353 udp
DE 142.250.185.110:443 play.google.com tcp
US 185.199.109.153:443 pachimonedu.github.io tcp
US 185.199.109.153:443 pachimonedu.github.io tcp
GB 95.101.143.219:443 th.bing.com tcp
GB 95.101.143.219:443 th.bing.com tcp
US 104.22.28.82:80 neal.fun tcp
US 104.22.28.82:80 neal.fun tcp
US 104.22.28.82:443 neal.fun tcp
US 216.58.206.66:443 googleads.g.doubleclick.net tcp
US 216.239.32.36:443 region1.google-analytics.com tcp
DE 142.250.186.46:443 fundingchoicesmessages.google.com tcp
DE 142.250.186.46:443 fundingchoicesmessages.google.com udp
DE 142.250.186.66:443 ep1.adtrafficquality.google tcp
DE 142.250.184.225:443 ep2.adtrafficquality.google tcp
DE 142.250.184.225:443 ep2.adtrafficquality.google udp
DE 142.250.185.228:443 www.google.com tcp
DE 142.250.186.66:443 ep1.adtrafficquality.google udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 216.58.206.66:443 googleads.g.doubleclick.net udp
DE 142.250.185.161:443 tpc.googlesyndication.com tcp
DE 142.250.185.161:443 tpc.googlesyndication.com tcp
DE 142.250.185.161:443 tpc.googlesyndication.com tcp
DE 142.250.185.161:443 tpc.googlesyndication.com tcp
DE 142.250.185.161:443 tpc.googlesyndication.com tcp
DE 142.250.185.228:443 www.google.com udp
GB 95.101.143.201:443 th.bing.com tcp
GB 95.101.143.201:443 th.bing.com tcp
GB 95.101.143.201:443 th.bing.com tcp
GB 95.101.143.201:443 th.bing.com tcp
NL 40.126.32.138:443 login.microsoftonline.com tcp
GB 2.19.117.171:443 t.ssl.ak.tiles.virtualearth.net tcp
GB 2.19.117.171:443 t.ssl.ak.tiles.virtualearth.net tcp
GB 2.19.117.171:443 t.ssl.ak.tiles.virtualearth.net tcp
GB 2.19.117.171:443 t.ssl.ak.tiles.virtualearth.net tcp
GB 2.19.117.171:443 t.ssl.ak.tiles.virtualearth.net tcp
GB 2.19.117.171:443 t.ssl.ak.tiles.virtualearth.net tcp
GB 2.19.117.171:443 t.ssl.ak.tiles.virtualearth.net udp
US 13.107.246.64:443 landmark3dweb-ehcfanaganhqcnhp.z01.azurefd.net tcp
US 13.107.246.64:443 landmark3dweb-ehcfanaganhqcnhp.z01.azurefd.net tcp
US 165.140.156.93:443 blocksi.net tcp
US 165.140.156.93:443 blocksi.net tcp
US 104.17.248.203:443 unpkg.com tcp
US 104.16.137.209:443 js-na1.hs-scripts.com tcp
US 104.16.139.209:443 js-na1.hs-scripts.com tcp
US 8.8.8.8:53 js.hscollectedforms.net udp
US 8.8.8.8:53 js.hs-analytics.net udp
US 104.17.175.201:443 js.hs-analytics.net tcp
US 104.17.223.152:443 js.hsadspixel.net tcp
US 172.64.147.16:443 js.hs-banner.com tcp
US 104.16.107.254:443 forms.hscollectedforms.net tcp
US 104.16.78.142:443 js.usemessages.com tcp
DE 142.250.185.228:443 www.google.com udp
DE 142.250.186.130:443 googleads.g.doubleclick.net udp
BE 64.233.184.156:443 stats.g.doubleclick.net tcp
US 216.58.206.35:443 www.google.co.uk tcp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 104.16.117.116:443 forms.hubspot.com tcp
US 104.18.241.108:443 api.hubapi.com tcp
US 104.16.117.116:443 forms.hubspot.com tcp
US 216.58.206.35:443 www.google.co.uk tcp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 35.206.58.216.in-addr.arpa udp
US 104.19.175.188:443 forms-na1.hsforms.com tcp
US 216.58.206.35:443 www.google.co.uk udp
US 104.17.176.91:443 static.hsappstatic.net tcp
US 104.17.176.91:443 static.hsappstatic.net tcp
US 104.17.176.91:443 static.hsappstatic.net tcp
US 104.17.176.91:443 static.hsappstatic.net tcp
US 216.239.34.36:443 region1.google-analytics.com udp
US 104.18.141.119:443 js.hsforms.net tcp
GB 184.28.198.210:443 consent.cookiebot.com tcp
US 104.19.175.188:443 forms-na1.hsforms.com tcp
US 104.19.175.188:443 forms-na1.hsforms.com tcp
US 104.19.175.188:443 forms-na1.hsforms.com tcp
GB 23.213.253.199:443 consentcdn.cookiebot.com tcp
GB 23.213.253.199:443 consentcdn.cookiebot.com tcp
US 151.101.65.140:443 w3-reporting.reddit.com tcp
GB 151.101.188.157:443 static.ads-twitter.com tcp
GB 2.19.117.135:443 p16-sign-va.tiktokcdn.com tcp
US 151.101.65.140:443 w3-reporting.reddit.com tcp
US 104.244.42.195:443 analytics.twitter.com tcp
US 151.101.65.140:443 w3-reporting.reddit.com tcp
US 13.107.42.14:443 px.ads.linkedin.com tcp
US 13.107.42.14:443 px.ads.linkedin.com tcp
US 151.101.1.140:443 w3-reporting.reddit.com tcp
DE 142.250.185.228:443 www.google.com udp
US 172.66.0.227:443 t.co tcp
US 104.18.80.204:443 forms-na1.hsforms.com tcp
US 104.18.80.204:443 forms-na1.hsforms.com tcp
GB 95.101.143.201:443 www.bing.com tcp
US 142.250.181.238:443 www.youtube.com tcp
US 142.250.181.238:443 www.youtube.com tcp
DE 142.250.186.97:443 lh6.googleusercontent.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
DE 142.250.186.46:443 www.youtube.com udp
DE 142.250.185.74:443 chromewebstore.googleapis.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
DE 142.250.185.74:443 chromewebstore.googleapis.com udp
DE 142.250.185.110:443 www.youtube.com udp
DE 142.250.186.131:443 ssl.gstatic.com tcp
DE 142.250.185.110:443 www.youtube.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
DE 142.250.185.74:443 chromewebstore.googleapis.com tcp
DE 142.250.186.131:443 ssl.gstatic.com udp
DE 142.250.185.74:443 chromewebstore.googleapis.com udp
US 142.250.181.238:443 www.youtube.com udp
DE 172.217.18.14:443 www.youtube.com tcp
DE 142.250.184.238:443 tools.google.com tcp
DE 142.250.184.206:443 s.ytimg.com tcp
DE 142.250.186.130:443 ade.googlesyndication.com tcp
DE 142.250.186.130:443 ade.googlesyndication.com udp
DE 142.250.184.238:443 tools.google.com udp
US 216.58.206.67:443 update.googleapis.com tcp
DE 142.250.186.67:80 o.pki.goog tcp
DE 142.250.186.67:80 o.pki.goog tcp
DE 142.250.185.228:443 www.google.com tcp
DE 142.250.185.228:443 www.google.com tcp
DE 142.250.185.228:443 www.google.com tcp
US 142.251.173.84:443 accounts.google.com tcp
DE 142.250.185.228:443 www.google.com udp
US 216.58.206.67:443 update.googleapis.com tcp
DE 142.250.186.97:443 lh6.googleusercontent.com tcp
US 216.58.206.67:443 update.googleapis.com udp
DE 216.58.212.138:443 content-autofill.googleapis.com tcp
US 216.58.206.67:443 update.googleapis.com tcp
GB 95.101.143.201:443 www.bing.com tcp
US 216.58.206.67:443 update.googleapis.com udp
DE 142.250.186.130:443 ade.googlesyndication.com udp
GB 95.101.143.219:443 www.bing.com tcp
GB 95.101.143.219:443 www.bing.com tcp
GB 95.101.143.201:443 www.bing.com tcp
GB 95.101.143.201:443 www.bing.com tcp
DE 142.250.186.46:443 www.youtube.com udp
DE 172.217.18.14:443 www.youtube.com udp
DE 142.250.186.97:443 lh6.googleusercontent.com udp
DE 142.250.186.97:443 lh6.googleusercontent.com udp
DE 142.250.186.97:443 lh6.googleusercontent.com tcp
DE 142.250.185.110:443 www.youtube.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 172.67.209.162:443 hitwebcounter.com tcp
GB 2.19.117.143:443 p16-sign-va.tiktokcdn.com tcp
DE 142.250.185.228:443 www.google.com udp
US 172.66.47.199:443 playblockpost.pages.dev tcp
US 172.66.47.199:443 playblockpost.pages.dev tcp
DE 172.217.18.14:443 www.youtube.com tcp
DE 172.217.18.14:443 www.youtube.com tcp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
DE 142.250.184.194:443 googleads.g.doubleclick.net udp
DE 172.217.16.214:443 i.ytimg.com tcp
DE 142.250.184.194:443 googleads.g.doubleclick.net udp
DE 142.250.185.161:443 tpc.googlesyndication.com udp
DE 142.250.181.230:443 static.doubleclick.net tcp
DE 142.250.181.234:443 chromewebstore.googleapis.com tcp
DE 142.250.181.234:443 chromewebstore.googleapis.com tcp
DE 172.217.16.193:443 yt3.ggpht.com tcp
DE 142.250.181.234:443 chromewebstore.googleapis.com udp
DE 142.250.185.110:443 www.youtube.com udp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
DE 172.217.23.98:443 ep1.adtrafficquality.google udp
DE 142.250.184.225:443 ep2.adtrafficquality.google udp
DE 172.217.23.98:443 ep1.adtrafficquality.google udp
DE 142.250.186.97:443 lh6.googleusercontent.com udp
US 172.67.209.162:443 hitwebcounter.com tcp
GB 95.101.143.201:443 www.bing.com tcp
GB 95.101.143.201:443 www.bing.com tcp
GB 95.101.143.201:443 www.bing.com tcp
GB 95.101.143.201:443 www.bing.com tcp
GB 95.101.143.201:443 www.bing.com tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
DE 142.250.185.110:443 www.youtube.com udp
GB 2.19.117.143:443 p16-sign-va.tiktokcdn.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.108.133:443 camo.githubusercontent.com tcp
US 185.199.110.133:443 camo.githubusercontent.com tcp
US 185.199.110.133:443 camo.githubusercontent.com tcp
US 185.199.110.133:443 camo.githubusercontent.com tcp
US 185.199.110.133:443 camo.githubusercontent.com tcp
US 185.199.110.133:443 camo.githubusercontent.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 140.82.112.21:443 collector.github.com tcp
US 140.82.112.21:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 216.58.206.67:443 update.googleapis.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 140.82.112.21:443 collector.github.com tcp
GB 95.101.143.219:443 www.bing.com tcp
GB 95.101.143.219:443 www.bing.com tcp
GB 95.101.143.219:443 www.bing.com tcp
GB 95.101.143.219:443 www.bing.com tcp
GB 95.101.143.219:443 www.bing.com tcp
GB 95.101.143.219:443 www.bing.com tcp
GB 2.19.117.146:443 aefd.nelreports.net udp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 216.198.79.1:443 interstellarai.vercel.app tcp
US 216.198.79.1:443 interstellarai.vercel.app tcp
US 142.250.181.238:443 www.youtube.com udp
DE 172.217.16.130:443 googleads.g.doubleclick.net udp
US 142.250.181.238:443 www.youtube.com tcp
US 142.250.114.94:443 beacons.gcp.gvt2.com tcp
GB 95.101.143.219:443 www.bing.com tcp
GB 95.101.143.219:443 www.bing.com tcp
GB 95.101.143.219:443 www.bing.com tcp
GB 95.101.143.219:443 www.bing.com tcp
GB 95.101.143.219:443 www.bing.com tcp
GB 95.101.143.219:443 www.bing.com tcp
GB 2.19.252.206:443 www.tiktok.com tcp
GB 2.19.252.206:443 www.tiktok.com tcp
GB 2.19.117.147:443 p16-sign-useast2a.tiktokcdn.com tcp
GB 2.19.117.147:443 p16-sign-useast2a.tiktokcdn.com tcp
GB 2.19.117.147:443 p16-sign-useast2a.tiktokcdn.com tcp
GB 2.19.117.147:443 p16-sign-useast2a.tiktokcdn.com tcp
GB 2.19.117.147:443 p16-sign-useast2a.tiktokcdn.com tcp
GB 2.19.117.147:443 p16-sign-useast2a.tiktokcdn.com tcp
GB 2.19.117.147:443 p16-sign-useast2a.tiktokcdn.com tcp
GB 88.221.134.56:443 libraweb-ttp2.tiktokw.eu tcp
GB 88.221.134.66:443 mcs16-normal-no1a.tiktokw.eu tcp
GB 88.221.134.66:443 mcs16-normal-no1a.tiktokw.eu tcp
GB 139.177.227.225:443 mon-i18n.tiktokv.com tcp
GB 88.221.135.90:443 mon16-normal-no1a.tiktokv.eu tcp
DE 172.217.18.123:443 storage.googleapis.com tcp
GB 88.221.135.90:443 mon16-normal-no1a.tiktokv.eu tcp
DE 172.217.18.123:443 storage.googleapis.com tcp
GB 88.221.134.66:443 mcs16-normal-no1a.tiktokw.eu tcp
DE 172.217.18.123:443 storage.googleapis.com udp
GB 2.19.252.206:443 www.tiktok.com tcp
GB 88.221.135.90:443 mon16-normal-no1a.tiktokv.eu tcp
GB 88.221.134.59:443 webmssdk16-normal-no1a.tiktokw.eu tcp
US 74.125.250.129:19302 stun.l.google.com udp
GB 2.19.117.166:443 sf16-sg.tiktokcdn.com tcp
GB 88.221.134.208:443 lf16-tiktok-common.ibytedtos.com tcp
GB 88.221.134.208:443 lf16-tiktok-common.ibytedtos.com tcp
GB 88.221.134.208:443 lf16-tiktok-common.ibytedtos.com tcp
GB 88.221.134.187:443 m.tiktok.com tcp
GB 2.19.117.170:443 p16-sign-va.tiktokcdn.com tcp
US 74.125.250.129:19302 stun.l.google.com udp
GB 88.221.134.160:443 v16-webapp-prime.tiktok.com tcp
GB 88.221.134.160:443 v16-webapp-prime.tiktok.com tcp
GB 88.221.134.187:443 m.tiktok.com tcp
GB 92.123.26.195:443 webcast.tiktok.com tcp
GB 92.123.26.195:443 webcast.tiktok.com tcp
GB 2.19.117.146:443 aefd.nelreports.net udp
GB 92.123.26.195:443 webcast.tiktok.com tcp
GB 92.123.26.195:443 webcast.tiktok.com tcp
GB 88.221.134.75:443 starling-ttp2.tiktokv.eu tcp
GB 84.17.50.59:443 p77-sign-va.tiktokcdn.com tcp
GB 88.221.135.81:443 mcs-ie2.tiktokw.eu tcp
GB 139.177.227.225:443 mon-i18n.tiktokv.com tcp
GB 139.177.227.225:443 mon-i18n.tiktokv.com tcp
GB 88.221.134.160:443 v16-webapp-prime.tiktok.com tcp
GB 2.19.252.206:443 www.tiktok.com tcp
GB 88.221.135.81:443 mcs-ie2.tiktokw.eu tcp
GB 88.221.134.66:443 mcs16-normal-no1a.tiktokw.eu tcp
GB 88.221.134.66:443 mcs16-normal-no1a.tiktokw.eu tcp
GB 88.221.134.59:443 webmssdk16-normal-no1a.tiktokw.eu tcp
GB 88.221.135.90:443 mon16-normal-no1a.tiktokv.eu tcp
GB 139.177.227.225:443 mon-i18n.tiktokv.com tcp
GB 2.19.117.170:443 p16-sign-va.tiktokcdn.com tcp
GB 88.221.134.66:443 mcs16-normal-no1a.tiktokw.eu tcp
GB 84.17.50.59:443 p77-sign-va.tiktokcdn.com tcp
GB 88.221.134.66:443 mcs16-normal-no1a.tiktokw.eu tcp
GB 88.221.134.242:443 p16-pu-sign-no.tiktokcdn-eu.com tcp
GB 2.19.252.206:443 www.tiktok.com tcp
GB 2.19.117.142:443 p16-sign-useast2a.tiktokcdn.com tcp
US 142.250.181.238:443 www.youtube.com udp
GB 88.221.134.160:443 v16-webapp-prime.tiktok.com tcp
GB 88.221.134.160:443 v16-webapp-prime.tiktok.com tcp
GB 88.221.135.90:443 mon16-normal-no1a.tiktokv.eu tcp
GB 139.177.227.225:443 mon-i18n.tiktokv.com tcp
GB 88.221.134.66:443 mcs16-normal-no1a.tiktokw.eu tcp
GB 88.221.134.186:443 m.tiktok.com tcp
GB 88.221.134.66:443 mcs16-normal-no1a.tiktokw.eu tcp
GB 95.101.143.219:443 www.bing.com tcp
GB 95.101.143.219:443 www.bing.com tcp
GB 95.101.143.219:443 www.bing.com tcp
GB 95.101.143.219:443 www.bing.com tcp
GB 95.101.143.219:443 www.bing.com tcp
GB 95.101.143.219:443 www.bing.com tcp
US 151.101.193.140:443 w3-reporting.reddit.com tcp
US 151.101.193.140:443 w3-reporting.reddit.com tcp
US 151.101.65.140:443 w3-reporting.reddit.com tcp
US 151.101.65.140:443 w3-reporting.reddit.com tcp
US 151.101.65.140:443 w3-reporting.reddit.com tcp
US 151.101.65.140:443 w3-reporting.reddit.com tcp
US 151.101.65.140:443 w3-reporting.reddit.com tcp
US 151.101.65.140:443 w3-reporting.reddit.com tcp
US 151.101.65.140:443 w3-reporting.reddit.com tcp
US 151.101.65.140:443 w3-reporting.reddit.com tcp
US 151.101.65.140:443 w3-reporting.reddit.com tcp
US 151.101.65.140:443 w3-reporting.reddit.com tcp
US 151.101.65.140:443 w3-reporting.reddit.com tcp
US 151.101.65.140:443 w3-reporting.reddit.com tcp
US 151.101.65.140:443 w3-reporting.reddit.com tcp
US 151.101.193.140:443 w3-reporting.reddit.com tcp
US 151.101.193.140:443 w3-reporting.reddit.com tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 151.101.193.140:443 w3-reporting.reddit.com tcp
DE 142.250.185.228:443 www.google.com udp
US 142.251.173.84:443 accounts.google.com tcp
US 142.251.173.84:443 accounts.google.com udp
GB 95.101.143.219:443 www.bing.com tcp
US 151.101.193.140:443 w3-reporting.reddit.com tcp
US 151.101.193.140:443 w3-reporting.reddit.com tcp
GB 2.19.117.146:443 aefd.nelreports.net udp
GB 95.101.143.219:443 www.bing.com tcp
US 151.101.193.140:443 w3-reporting.reddit.com tcp
US 151.101.193.140:443 w3-reporting.reddit.com tcp
GB 95.101.143.219:443 www.bing.com tcp
GB 95.101.143.219:443 www.bing.com tcp
DE 216.58.212.170:443 chromewebstore.googleapis.com tcp
US 142.250.114.94:443 beacons.gcp.gvt2.com udp
GB 95.101.143.219:443 www.bing.com tcp
GB 2.19.117.146:443 aefd.nelreports.net udp
GB 2.19.117.146:443 aefd.nelreports.net udp
GB 2.19.117.146:443 aefd.nelreports.net udp
DE 142.250.185.110:443 www.youtube.com udp
GB 2.19.117.146:443 aefd.nelreports.net udp
GB 88.221.135.33:443 www.bing.com tcp
GB 88.221.135.33:443 www.bing.com tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 46e6ad711a84b5dc7b30b75297d64875
SHA1 8ca343bfab1e2c04e67b9b16b8e06ba463b4f485
SHA256 77b51492a40a511e57e7a7ecf76715a2fd46533c0f0d0d5a758f0224e201c77f
SHA512 8472710b638b0aeee4678f41ed2dff72b39b929b2802716c0c9f96db24c63096b94c9969575e4698f16e412f82668b5c9b5cb747e8a2219429dbb476a31d297e

\??\pipe\LOCAL\crashpad_3756_NGZAKFRCTJLTBWBL

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 fdee96b970080ef7f5bfa5964075575e
SHA1 2c821998dc2674d291bfa83a4df46814f0c29ab4
SHA256 a241023f360b300e56b2b0e1205b651e1244b222e1f55245ca2d06d3162a62f0
SHA512 20875c3002323f5a9b1b71917d6bd4e4c718c9ca325c90335bd475ddcb25eac94cb3f29795fa6476d6d6e757622b8b0577f008eec2c739c2eec71d2e8b372cff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c712d6adf5c181776a9aa926e14f3a84
SHA1 5f6c8dedc48fbbfe65f21ebf31ed44e6381b3553
SHA256 9f571e4e789dad4f9a454d2dd931115f3476d00e1147c437077a355a35ddf2ca
SHA512 cb1c60b8614fd225af43c9883fc02e9e0aad429733ac396e8743e53c7af7ab6844e7ea86520498ddaafc94f73b8623615ce1ce9cb55b08f339677bf4f1f51ac9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 268ff07542f3dc0b107cd3c8a54b573e
SHA1 ca0872adc31a9cd1075616aa4784877714f30d4b
SHA256 29eaf4b8165bfa1d86153e04b38586dfcaeba49248ba47b5419cf8764c75476d
SHA512 a2d08a168be6beb5b3d8d04e53d2bd14c4ac6d353777a0f7df7014bca7fbc040617c62e2b8e3f2fed89e5eeb7562f4dff1eb9c0b66f397fef71c2cde9a1472ec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 baded6e9a19bd5af3a4b73ab32143734
SHA1 18585664cc680c4ac9062f984a5a4430edeb8bc1
SHA256 cd6c850de4568bcb86ac50b03b0d0f2d4a3ac0a4b9575b2730a6585729723ec9
SHA512 720c8f22c4be785fedf371d3afbc7ca383a25a4daddcb3356a37ebc494ff47a51257cfe917b31585bc298ff87a668137e87122c59a971e4c61e410aa043cce02

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

MD5 a75c0771ad920b3126e8c7fa5259c627
SHA1 066aac8689e0c8d6885b58272671c189e56c2542
SHA256 a92973e47e5b9ce381fcb05f91a8ce8c3e331c7ec766dc58602f4958c9a34f60
SHA512 9f371cd9538ecf948cc1b414ea66a38a9771ea4382b4824ea840c22303220514e8e0201cbf2ff2b863423d79795ff9720c156e3106044616c4c54ce21e7192c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e5c59adbe4c4222b249d04792473d441
SHA1 4d6921d439e10922e7d092927441c79560bf60ea
SHA256 42e13d4c79e685b67d911755b3107ca67a539449a8d88e4d2231fa150464cce0
SHA512 15a51cc0d215ba226901b914e86d5f97d8a60cdfb1c644e6e8c9b17c699063f414aeaf69114821cba5b5e94316a3bf2b6de6b13aa86ae5a673291a0d728441b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8d1e73a1cc1a8d0c44956a1cf91704e6
SHA1 cd737b9f1bd31e73edb4f1e29bebe07f6ef952a7
SHA256 3684be30e937e3ca33c7b6888b3eff859906b231a30473f4481ee819c1bc0927
SHA512 7e2a5389bc6713e1330b639595bcd3f4d1bf1ef6d49c6f5e61e0dd7e44320b83b89042432343e97fd9a2202f1c0a113e9efca21055a8c4d43a94ff7db43adb54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e0ab.TMP

MD5 80681728bd94f3862c5622b917e00490
SHA1 cfd62a4b5bcd8d977ddd19441c8078c031474bcc
SHA256 2522e54e7e87d8d272db2c4e1143af88bab23dedf9a15e24cb2896a93afbdb9d
SHA512 4429142ed6e0ec08ce4528464eb2d4eee1ec3dbba915492e284ef6fb51f12844f22c4ff2563b490e0d95576a689cbbc60799af63a169abac6ceac492365492e4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6df9f2cfc7c215a991848c700315b204
SHA1 31a576d6b6b55650b8bbd89a4d6097acaf5c1a4f
SHA256 a298460af481752d0572c2bbf8484b500133ff04fb0475d08e12e001c16ad2dc
SHA512 b3ac6df45a4614068234473034d15282430ea3b72315736416998a60528fbb99ca05bb5d252dd926d829a3e6fac7acfc3ad53725c1cb9457c42cd5d794418eb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b44276182c52ba19fd7634a73759f5ff
SHA1 05eeb21d53ee2edfb6a68b768377e3adc85439af
SHA256 893e3395e7fa3ff29126058c6773a454d2e7d2ab3d7511ddae6077458004a7a9
SHA512 cbf15b9e2b504fd98357b618678787dfc21281cd1b84557eb103aea2df954d6322d0d75b739525e655d5436feb31fad5226f726692cfdd705cd376fd1095431c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 79499653f682685f6ff979331c31a75d
SHA1 b52a52f2303bbb6d1608d8e7bbc49b4e9abcd8be
SHA256 803f6ae8bf2079e742f6f6a4c4f6dddab194f57e6825b87017488eb7d373cea5
SHA512 cc704143aae5d9f07cf2909fa7d397c57feb6825fc1d63a87f2ba9bbb61ccf474e1e7e3fe9f6bce5768af0969a426f777e50c7de337b07593edd622159df62b5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e7e71267a35042e03c13b8fa94605935
SHA1 1484148864be4c48867b93db8044b4b0bfee66ce
SHA256 1b6e39141952f9271aefc5d5d8c35ff0e25404fd2d094d045a4049e81cd1e0c2
SHA512 2c2435a1ae3d1fe55dca79fb399efbc19d54f78f46dcf0f29999419ce6d419724e0af946eefd5d936ebc555c7e1dc188fbee64667dd6b9e862cd346eb3c7fd47

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d6f12a2129104f4abc28be8c0cb9a33f
SHA1 cfa43217ba3aa4ae47bf01bcdb023ba15612fcd3
SHA256 fd1834111873eb35056b46dcef78c4b04f160c09803c70369d9bcad5a7d800b6
SHA512 c12ebea94a219960ea1e7dfa25335e72c2839a79ae8a8202d12fdc7cef01bd8f1f339a8b22c429bf418daf7f9af111726febe0c78bf787fe0f38ce3ae675bd83

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 439d6684319dafefeaef090970bee0a7
SHA1 7194c84446a1fed40a9b5605db8b1c49e05f3b57
SHA256 b9527eb89143364ebb45899b6c865ae57ca3544366f48fb8ce788aa42479922c
SHA512 d51936267b9f9033fb3dd1d1d663130582463b5e14eed20926b7f76efe4bbcbdeab7b8e31f9f0ed6224b2c8046cbdfd59014749fbb276380736f6c41e90c0c10

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a31f1a49583cfd9ffe4316be392a7390
SHA1 fceab4ff19b5ecad4ff884e2ffe5d68ea26188ed
SHA256 c051420ccc9ed8d73fcdccf99e9c5c3f6a8f0ea089ea916519f50ee9636082d0
SHA512 a8e8c8ff1d4b0d32936ac13c75c16ebcd592df86c99df09c0df73c3afb2ac150b372da267c3f43be475aa4e700581ef0ead0d07687323d46b383b7b0e23e207b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 eeb425ab54dacb91aebd05ffd81d9797
SHA1 a3a038533755a31a20f3a697b389f8327ccb6ed4
SHA256 0897f87df562607298e807ae549c023d95dcf8009e7000640bc9556ab3740402
SHA512 b1c9e4591171d8b5e250e30db00e209450a2a3a111faccb646988ddf3e8b0c676eccc7386a3f74ab8d6f5bb1a71a76d828d64d24256f95c538709685cd183c6f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 075f0bb655d43518bda6a1a7ed0d9db3
SHA1 e5a22ad957754b9294f489952be13e3736297602
SHA256 15d447b1d52ecc4d3280ffe13267a0c32bde043500e34841a5a4ae3572c817e8
SHA512 29a92482e630248be8de2493edba0d4855d5fb9c7f950777db09332bc81d559c392167df8ad3e8946c3bad7cc024cc774482421df8cf45bee26627b07780718a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 2150133bb90671cbf229e88c500a2c6a
SHA1 4993b71160652a61191047a81c224bedfae6904f
SHA256 95da1ba2a67a039a2e3363a7225877dd4b2659a6a600378294b4f944596ad25b
SHA512 4feb35f37472605f562ef16d5ebcd0cc5f118fc159a75d0049c04ccb2c6ee6f33997b924f63700a991cd30e84eaeec332ba476eecc66a4602775d5e222f2ae7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a24a4679f9f9e22548f32f4ccf00a8f1
SHA1 1bec0d06b6e69c8827cfce78280999242b28f8db
SHA256 918310cf760a4f9f58a132aa0a6fb628bd75a7e509137f98d4cf7cd8dc8c7538
SHA512 469877492d8faecc140896fcdad924045af1bd16193cbdbacd76d4c43d4af9dd0e9a16cfb363620e8013a974512d76ab20ac60477e80b8febe8f08e7c3be759c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6573155cea827734eb97b8dd2df49d02
SHA1 4ca4cf7428d04face79ee2df64961001af805642
SHA256 3f4d836872039354bb503c34a5caf805ae362df94fc607d8382bfe122b129f6b
SHA512 935c246efc53cdad59e15aa4df30007178f7d327abd494d8bb3f86d016a76bcde1aaa330a658e0bbf72b1f6f51e36811d8e4d545848578b289674d66dd43e1cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000062

MD5 b9e2dee0cca2aeda06a3e3b83117f299
SHA1 73d5a528c4a2b55c69204860c59af63a2ce537bf
SHA256 0ebcba9bf436b05afd44a51a431455ae7aea46fcde992bcbc63f824be63344a3
SHA512 9f5547271ef88ab643ad0fd053ad705bc434969a08b24654ba21f849bb91c03047f49692176e97e3d8a31f400edffa57249f7e0c552e0ab067b91f5c955c378b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006b

MD5 ba958dfa97ba4abe328dce19c50cd19c
SHA1 122405a9536dd824adcc446c3f0f3a971c94f1b1
SHA256 3124365e9e20791892ee21f47763d3df116763da0270796ca42fd63ecc23c607
SHA512 aad22e93babe3255a7e78d9a9e24c1cda167d449e5383bb740125445e7c7ddd8df53a0e53705f4262a49a307dc54ceb40c66bab61bec206fbe59918110af70bf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037

MD5 69df804d05f8b29a88278b7d582dd279
SHA1 d9560905612cf656d5dd0e741172fb4cd9c60688
SHA256 b885987a52236f56ce7a5ca18b18533e64f62ab64eb14050ede93c93b5bd5608
SHA512 0ef49eeeeb463da832f7d5b11f6418baa65963de62c00e71d847183e0035be03e63c097103d30329582fe806d246e3c0e3ecab8b2498799abbb21d8b7febdc0e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038

MD5 1bd4ae71ef8e69ad4b5ffd8dc7d2dcb5
SHA1 6dd8803e59949c985d6a9df2f26c833041a5178c
SHA256 af18b3681e8e2a1e8dc34c2aa60530dc8d8a9258c4d562cbe20c898d5de98725
SHA512 b3ff083b669aca75549396250e05344ba2f1c021468589f2bd6f1b977b7f11df00f958bbbd22f07708b5d30d0260f39d8de57e75382b3ab8e78a2c41ef428863

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036

MD5 d6b36c7d4b06f140f860ddc91a4c659c
SHA1 ccf16571637b8d3e4c9423688c5bd06167bfb9e9
SHA256 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92
SHA512 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039

MD5 226541550a51911c375216f718493f65
SHA1 f6e608468401f9384cabdef45ca19e2afacc84bd
SHA256 caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5
SHA512 2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 73e2ae8c45fde7e13bb543f230219274
SHA1 38e71f900e426003d6dbaca8c1e2398c6b4b1e5c
SHA256 132365a0e033c51341baa5930b021bfbde67ce34f31df5f77517fd06a45cd1e4
SHA512 7d6186358a6e9a139807a6659d3ae6d4f838fada4fa0ffffcaadc667b112a73fdabee10da02edf5e674cfd4aac9badf5f9af0038024086f4b5cc6c165a0f4f40

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e1fe1a3056e4132991b89c1055cf0aab
SHA1 87cebf430b072d93e87fe708b3299d0ee8f8dba5
SHA256 aefaa6a7d8aa7b1fa1c8098626543420ef26917376114cba27e33a9453045e70
SHA512 d2121fccda6c7a59960d4cc1067cf5853a2d7b2b8744ef580e9d7959e94659881832c02ecb0d93954c81e0954789f407225e5d9e6f63749687e7f304936ba981

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 142fc4d0f64bae9293cdfff220846a8c
SHA1 d7be3147c18d3862c5418a0bc1cb14d11a9ecfdf
SHA256 fc55944a2dd5aab85d9e790dc6850bff1f79259efa84613fa52a311d50224284
SHA512 b89b5c12879d17c81f38c34db950e6a83286e155f6284ee65cbf15af0b6afd670c60e850467798a3e00fa6e40bea2b93c88297f64e26b6f4b7f220689e745cc4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

MD5 141b0e051acb4d7f9df8a5a940d15d74
SHA1 b59f84f40e812462bedc505e281c9ee14a5fc8e0
SHA256 af23ae6145cf7937d9ba56e1da69ff2400136175debea1cb6314b99b1f8ce13f
SHA512 f7e94c8aa1fd723e5bf6521445ecd9c2fdbe14416980b6df63e9bda52997cc1354ff586b11a5f19042ea82c428d76cfb7c311f3e9dcfdd0aceccda52ccc9138a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 ffb581ada34d40be46cb1c4d7676893c
SHA1 03af6a6dd55d312af00554d29a881e038bcf23ab
SHA256 99994ed69f9589686d3d0922b91f13fbb9f334673eb745ccb75f0e8cd1950970
SHA512 a4788df8d03330eab36e686df36891d6a0ea9f84abffdbfe7b7e1e9d522437d6ae1768a95624d69fa208988210ac45b1812737478ae3fe1c311e8cfece37b3e3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe596ce9.TMP

MD5 703a7444eacb9950a7137d972c6d8618
SHA1 855d9f808efe81576acd52150448d61c1c810213
SHA256 8a2596bbb3b0352a7f4411ad7216ef8ec2bc0061e20c21886d94296e38d855ed
SHA512 c2e1a1c38724f442a86b2ff3791dbee352bdcbf098676c4eeb3508a3ea76c924746600f53ad23019969ea3403f04bcc8d7cee74327343cdf4d5a8ca5689d8482

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d978670e2c9b809528253f94b30de140
SHA1 e040ba91f0b2dbab073942f08271d8dede6b301d
SHA256 8b014c3b6ba3e3aadb7ab8d3782d608753eb704c86c31816a155549f7199b961
SHA512 120a4c9fc3f99a4e5d54618a98b53438419fe044fff338173b5cdb0b02e0d1be1e51b19efbe0000c485dc06dbe0a9f03ec8d2ca662efca8073d80e807dd63285

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007a

MD5 a2edb5c7eb3c7ef98d0eb329c6fb268f
SHA1 5f3037dc517afd44b644c712c5966bfe3289354c
SHA256 ba191bf3b5c39a50676e4ecae47adff7f404f9481890530cdbf64252fbb1a57e
SHA512 cc5644caf32302521ca5d6fd3c8cc81a6bbf0c44a56c00f0a19996610d65cf40d5bae6446610f05a601f63dea343a9000e76f93a0680cfbf1e4cf15a3563a62c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8b5269ceb1d4dee5bc60b186f21b192c
SHA1 cba9cf3a14deaf3cf5f18ebe9ac8fe8ebfc87be7
SHA256 8371b2641c94dd66f9b217e4266212d277e36dc85fc9f4216d7b46a201c1a8ba
SHA512 60e167b75a25f2d1d09e72f1836f414eaadf5f2e8ee64fe5c69db4a618853f9373f10f5212c49bcda0fe927ef985b32deda7e9909958f3fd229a273faaec2a1c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 c1d7f7199c78eb2256a4f921fc3668a9
SHA1 d64837bc339c30e77eb0d41dacefc977e9faaa31
SHA256 f7055abfea2e302fb697338d2f33bac5ce158dcfea006fea239fca976fe5c3ed
SHA512 cd2b4f0ed659338227111291c49785ae27a3cedfd18349a8a8b50be47eb8185d661d94b1a55f6851bc0e5a37b547907a712e3ae960a86284049af319997c2433

C:\Users\Admin\Downloads\Unconfirmed 385263.crdownload

MD5 e91a61dedfd2079109c64b85195dcb82
SHA1 65e6eb825f8491e02b5b79a239a909f2715c0458
SHA256 0015334691daea38b124486b163843e15372828cee49af248a85bc65ea4ef2ca
SHA512 06e8b20786d7afe1893b0e0595752e135697e2a215f2e9a0c38e41110cda13949a761a3b039cddb5ac601704783c066610c01c0175b6ae2bab1d9754036cd8a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 91d700abd29124bbcc24a961b8b5412f
SHA1 b09a8e9bf13e6762fcefb25f25d0768fc14319a4
SHA256 087f5603e7b442eb867f466a6bf251999b63972615ae8b4394f45e5464ad0532
SHA512 500cdd8e61f9009dfe651fc3f82ef69141795383477ce6c1f05d18dc719e0b577523ff2056d9be820c078096cdfa43be751c117f4ed3e7e5852785d10cab5db1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f294e397d54d31d1f21f311fcc33617e
SHA1 8fc2be4a3432971fc3929309f659d2055f470deb
SHA256 a8e93fab0e5cf1f8ed3502604994d6e4aa32926cb882946a8f47d8b82a829fa5
SHA512 933f06e2639fab165a9406827e83bd55eed660ecfc0fe99881663369c7cecf26b183e2434313d39efe81fae70a6304db1b6d8674ba220215b31ad4190a7ef009

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 aef96ea6f42ea798371638fd176b8dc1
SHA1 4c027f68f1877cff7c23ae4790d531289b72b3f2
SHA256 d86dca7cd717853626ae60e04333293fcdaf3de24701a2df06e169205a5dde8c
SHA512 f25dc78afe8215aa50382e3061b56bd41c7816b684bd4fa9040f0a6bff2afbefc4fc816d0381f0542624f557238776026eec1516eb2be65d54750b4de9841bf3

C:\Users\Admin\Downloads\ChromeSetup.exe:Zone.Identifier

MD5 fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1 d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256 eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512 aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c7c16fcc94d364e7df6a778f11b7e511
SHA1 563e8835f0c406f7520781044e4b09e09cd9b21b
SHA256 7e0f31d6605004663d8b3f0c3800ab860de4587cf7f1310bd87d5b46fd85129c
SHA512 1dc094bde1b75a9eb7292ec6a46e52fc7633fe5d1d7d230ec8635e2e92b7c86f61d1cda73bf84b7cfe98778727c05a7072d3132823bda3a2e7449a738697325a

C:\Windows\SystemTemp\Google4032_1522021772\bin\updater.exe

MD5 fc6bec2fd20110cf75394784819949d6
SHA1 f146751785d8a37a6a74d702ed9be720045bf289
SHA256 323c097defb278f09a20aaca7b05aea20a1c859414cca9caea263fa5a627a1ae
SHA512 878466dd83810ba43b421e5669cf5c6f3a05574032215a1dd7a384c4f18e7533c41b9cca4cc65b5d58e4f14a99a8ba71b3987808b7bb995170bdc72bbb7f5870

C:\Program Files (x86)\Google\GoogleUpdater\updater.log

MD5 6d4f8a87e918673b4e68c46595db7e51
SHA1 709f204ea51b7a3b811d3bb8cfe6700e4cf3cacb
SHA256 07d12274706e20d25725027eac7c16112afdf4a7f78ef0453fe891f4b3bfb16b
SHA512 4042aeb106281e618391aca23d9162c3fca58ef44ab67c380a9a55537ac3eaf3c83b32f8da1aa0782d26839f2f76fc9401641e463467fe8fa61345fc05e837c0

C:\Program Files (x86)\Google\GoogleUpdater\updater.log

MD5 ee01e60be73e8cb2f78afd27de6ad2fa
SHA1 332b8f82d872fee0e8a353782b81505ee7ccd7a9
SHA256 0a8755257e079bb915b806e3a0c9aa3e06fd6383fe9bdf024df30c8763e15b49
SHA512 6c6bda6c5c7e632f61698d9669d294444b57ca668f1cb3a8e33e024eba481de1dc4f0a61962cc185e531d9c388779f9cd865ec34c3ba13a4b00232b784362cf4

C:\Program Files (x86)\Google\GoogleUpdater\updater.log

MD5 b55840e8c6f64453e204b92530651ad3
SHA1 6cc6c4281b7c5cb5728844572911df3cdb4b56ca
SHA256 b599d8b734c8ca0a58eef4aef37e7064fdfce87ed07b3dd6ed5c1557c9c810fb
SHA512 429495171e2afefd7476c2e195e73b2658207a00fd7d3efc988c901937150611a018585218ef55a17d13012ae68c431b9a6f1995e3af7f638afab5ff00e26ce5

C:\Program Files (x86)\Google\GoogleUpdater\updater.log

MD5 b0f3db65bc97336906f96612f8b7472e
SHA1 68d38a2a8badd87c285bfbdd9c6014d7a18ee919
SHA256 62e7041b1f4152eadcf5ea80cf93a669e3b83902bd6f49f0a93cff81b93c8de0
SHA512 f388bd08c1fcd3cd1477777e3f36e9149b50aecc53151335b2602309921a140763dd6844eeffd3cbd09b83d6f6fbd841d7976b14127e7711169ca4a323159c03

C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\Crashpad\settings.dat

MD5 f87392c085de4066a47de7d35c055541
SHA1 30cc0f68178fbde266579a6f77b322645ad7b831
SHA256 c9b727299ba3b92a03da45ac2f8d18e667caba60841287f00833d26cb7a404b0
SHA512 3d67a65f4df2aed73802e14ea25ec5eb54047f00e838f007524638c22fd592f7aebedbc358dcde23b75550fcda0772924ec48376efe9d03be3745b0e84294c1f

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

MD5 d03fb25630a92535094995864fda3162
SHA1 0d72ea7ba8a364a64ef2819a6aea0f9f06bafbdc
SHA256 402b0099a38ff1c682745e74fcf2ceae0caca7a262fe0790bdbc2c34e5fe8730
SHA512 b1aece4ab2a0f6e9fa71fbc366faadaf47854c077323549558aa40f9e280b22a69ab47a7047a5d501336590dfdee0fbcebf9641744fb7eb72f6d1ea8d0491d98

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

MD5 4f7c8770506148354392c55a6d8d2918
SHA1 889876f3e536851bef8a715602bbbe32a8025273
SHA256 73bb64f134b8f32b97f195b9744bac8c6ce27033d1fc37a763d7735f57d6c1e8
SHA512 b8fe22ec05481bed0255618ebc13840fc56c3dbc54821f9d3608fe532ee6630f08bb5cf5b10aaa5c47a559d713141f6b40f6efdb7b4d2f5b09dda398c8b7a35b

C:\Program Files (x86)\Google\GoogleUpdater\updater.log

MD5 4d613ee9bbdbc024e60614d7f570bbcc
SHA1 ac30666973c1b85aaab08a8716c034589922d9f6
SHA256 b91fb7cf03f0fdb188ba9461a4b479a7f472ac0d0c501098dbec749119186a77
SHA512 ffa4fd84b00133e4bad0c273881718e425084568c44f7b204a1c772bd03266b2565e9a78ee2096447da19ddd06c85e8100842ed8a557a0ac05e52a5b51b2a882

C:\Program Files (x86)\Google\GoogleUpdater\updater.log

MD5 ae5724d544b434429a0bab9f658db596
SHA1 e1163b08aa19ad6f1e8fee8f9205eae340c44ef9
SHA256 afc3e996ed3bd8df5d49b00ac233445467ea88c1e99d99dd6955f688b08851d4
SHA512 324fbf50eb4804fdf3435cd4ae7d6e868b39f23c6d19054a1c60eb915393f2a0e3a8b410cbb963b80c86ce8a1f27f46b3b12b084d58584fd4929d7425fb50912

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c9367efb123fa7b16d3d5149d8579a5a
SHA1 3ca2b21e04b7c0d7d11e481af5096c4ae83d7019
SHA256 e6aa0b1a8a60f04eba09303df79593b1e6c54985eaabe5e34993afb155062831
SHA512 d231f6df676704b7845911f61202a19e5e86fc9fe823246336589a9cbb39517f72588a3f4f3a9892ab2e37250d375512abb108a851654e2915cec545934f589e

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

MD5 188f0671f7ef3efb34bc7821bb3b17b2
SHA1 4b9b900477dc568b9a87f0bf95b09fe5c8d7053f
SHA256 cb4102071677f245030dcad44d3053492952c13e8e2725a409b92b8fa6b0864b
SHA512 665772b65479856a0e93cf61a4c4b25e3e238f85d90dd563edd9e95f3fd98a8d5e31ae2daef5b3968b4f82707f04945de4fd8ce4041970c7681326b312f0c71b

C:\Program Files\Google\Chrome\Application\132.0.6834.160\Installer\setup.exe

MD5 fc93ffd2f9d10076ffe82ff4401e48d1
SHA1 6365e1700750bd968c3955b99c2bbb77d15a80bf
SHA256 8abf0f03f23bdef08255aed1ec08c2ab49b7ef9c779f7afc1572a0527d21604d
SHA512 96f5214f6493409c6383e70eea3400fffd892cff13163c0c6c07f71f718629d7aec5c76f1746e9b7802ba5bd7df8b9a8c5432fb02d5bfbc007a67625fdd7eea5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 ec4701a5b0e44f525df588fe6d946529
SHA1 a6e77714016994359925fe60dbb603798136bdf2
SHA256 608782d8b5e8530391d3b3f1f8bf73a8f31570439b258456867d01a8d32bdcc2
SHA512 40683fd41efebcf9071d8c31116e1d0e9e72e00d0d48c7231cfa2ad43f99e4a0816d648363c661e3c6b626056e880d5deff8136424a3dcb630c12e510b900911

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

MD5 5bb2ec105d55e0b8a39d5ca375916c16
SHA1 eb504acc76addc2f6144c4c4d5c7d36ce9974662
SHA256 8b3e3c14d70522ad3eea0f0c9278bf7464d22841b3ab1b0268b55c3932de5a2e
SHA512 2784ae8879c134f3c57394c11c90387988ebd497aaaeed7c68a910a7b7e4665d74a83a461ebad124af79edfba029808974baa9d295b5a6913fe7f1a9fca39be9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a0bd4285ebab16d00a1e41180434af39
SHA1 fc5456b492a65e07478c5c7bbff7a296f8ec146e
SHA256 fca82c4b86a7fa8993e53bae282b45d4a6be72fbb279170c740233a02094eb9f
SHA512 726dd6c03bed8e08eb2bcc10528e01bdb83ad9d73ae95939134386b71d0c48620f388058a0f95d0e9b24b0f3a63c543ad8f6693386c6c44698661a1400dd4b9e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 987bd0ada28c577f26ee0961ed27139b
SHA1 dd99e853f5c8c18939ec06d4e35cafd01b135e63
SHA256 6ad98695c809de1f47bfaaef0c52885331f1f86a5f69d8b857eb3a24163d4254
SHA512 0339b96bd69d11043b2cf7ae5fd23f2ad26c1a2c59cbec7fce4eeecfc713cf80414874e319d7ddb31ea95ac4a7719ae58edaa9757a0007b392086268a73fda57

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico

MD5 505a174e740b3c0e7065c45a78b5cf42
SHA1 38911944f14a8b5717245c8e6bd1d48e58c7df12
SHA256 024ae694ba44ccd2e0914c5e8ee140e6cc7d25b3428d6380102ba09254b0857d
SHA512 7891e12c5ec14b16979f94da0c27ac4629bae45e31d9d1f58be300c4b2bbaee6c77585e534be531367f16826ecbaf8ec70fc13a02beaf36473c448248e4eb911

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\trusted_vault.pb

MD5 3433ccf3e03fc35b634cd0627833b0ad
SHA1 789a43382e88905d6eb739ada3a8ba8c479ede02
SHA256 f7d5893372edaa08377cb270a99842a9c758b447b7b57c52a7b1158c0c202e6d
SHA512 21a29f0ef89fec310701dcad191ea4ab670edc0fc161496f7542f707b5b9ce619eb8b709a52073052b0f705d657e03a45be7560c80909e92ae7d5939ce688e9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\extensions_crx_cache\ghbmnnjooekpmoecnnnilnnbdlolhkhi_1.1f0388d23a4d8492e2f9839392b22a6957deae8750b60ff860ee939811594295

MD5 240cd355e89ec1f3566bb2ef1f361dad
SHA1 2ade60eb20f0fb16657a4fb024d207a931dc927f
SHA256 1f0388d23a4d8492e2f9839392b22a6957deae8750b60ff860ee939811594295
SHA512 961fe2017949d185761d8491ab4f7f2ec3b0562cfb6fef202c34d685a87f2ea032f53d653e4c1d492dff1fb43d738e7727985738c1a956a1a18aae77a3d7f3b6

C:\Users\Admin\AppData\Local\Temp\33fd8da7-d92a-4fc5-88ba-d2234333780a.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Temp\scoped_dir3868_952507109\CRX_INSTALL\_locales\en_CA\messages.json

MD5 558659936250e03cc14b60ebf648aa09
SHA1 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825
SHA256 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b
SHA512 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.86.1_0\dasherSettingSchema.json

MD5 4ec1df2da46182103d2ffc3b92d20ca5
SHA1 fb9d1ba3710cf31a87165317c6edc110e98994ce
SHA256 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6
SHA512 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.86.1_0\_locales\en_CA\messages.json

MD5 07ffbe5f24ca348723ff8c6c488abfb8
SHA1 6dc2851e39b2ee38f88cf5c35a90171dbea5b690
SHA256 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c
SHA512 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 065c102d359de74b3f485bf9c92c2a17
SHA1 c03a66aa50516d77ebf35f0fba63443e85ed62b6
SHA256 023075e2f14c45958f4592f4c74ecf9805d9290461e1cdfc1b5391680ffd4386
SHA512 ad2efd2c7390f9d7bd02be710411f2baa95c014b297281fa5dbc4c92ddeaf8a510edecb1770ac236e3603ab6091073090e1186a68630cf313fd4a4f376592d5b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 cd9928d7ff9e885a864bb5f016299010
SHA1 73d44e7926112d3bbf412d6b071b774454d100de
SHA256 ce37df18b432266056db625471c39ccae3e8e8972268f6042e02f644ed50adc5
SHA512 7689824d9d650685f1ff73946cdd05a9c3d99d4e90f21b8f7ab63821f81214ba72d238bc5b84f5e840fb08fdb2fae9fed60968a98beb0a80c644ae4ebcc9e49a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dbd6a9ad32fb4fdfbe29c9a3d820f47d
SHA1 4bd397f4583a27ded1de9ab6b9dee1895a1f2cf7
SHA256 198645e353742db1da65d5a223857a140e6242fd461cf8337c0ddfe2b5046480
SHA512 a58e78404c1247d15a50650da7b9a68a4ef9d5bd7238c5fb265b5563b4cef35b8b01c8d2d514e43fc3262d5124e7afc1afb0c1d16d57cb6df8c1e61d579a2426

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 6eeaaf86f36bbb8032ae8bbe61af355c
SHA1 b1fac45ce95be1a893f1e74d46471a2f5f968842
SHA256 ccc41f92d106e5cd7ad95ee25458bc6f4ab668a14de6034967681b6def913df1
SHA512 a591dc599169e908e6cffb706dc39b78249614d3cc23696722d909493311930ea7326e351531e0b2491a6ac76194d6fdd8a7e97ec6fd806a75d338d44825c917

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1e14e19ef6fee79683052a00e8d004c2
SHA1 62ac00260ee150844badc14c7a74658edb54a5d4
SHA256 aaf127d2e53532bc5841b3d4c82b2693eb4e925a2ea2377fd5231cfd5ed10ebc
SHA512 e0ca4d2de24b05e4ec1a26e5909fdeb9d701ea0d9c43aa1aee797b6ac04449280da4235c6570cbb29028d9f467df12cb7556ed7334b32e92004627212716f1a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 671adbcb265fb887762996c0f43246df
SHA1 287ddefc2233b71e790f2440c9e8c5262834558c
SHA256 54397f89b8a2de642b67de5af9315fb0c48c87c05581329879677d43bac11bf1
SHA512 4f63bbc2271bbbee849f59072d3802204fc6a3b916482e8844946df11055fb681817a733446729f71bf1f7a9fb8fe6fa0bf0861550dadf834d4b0cd9d284c969

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

MD5 d87dde41193a34d53f55b3e123cbf4bb
SHA1 7a5d9d7b51cb9ddc76e0a2b0a5d12d0506864c31
SHA256 898d946e9be645a97950df0d74b954e1560fd2639bd1e38c2d9d21903fcaa755
SHA512 c6e79e8bc9fc83b578a4de902b831c5b36496d1bf6432a1dc4840f63f80582580b4376d000123112caa36a2898ab643c7948c53f18052de0b5dabdd3d5176962

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 96c358a9dd25b05e4b3fe745d56dcb53
SHA1 098c22586120789606046af25cf2491e49f142f1
SHA256 27838311f772e56a99eb99e954413d25fc38e9569815dcb9d901d3ffa5c13e2f
SHA512 2808393b2e8b02b66a0b7bcf623159a89498c01f64dc43a4af781e56582035b4996a502f4f217d8163ad97781e6e8f6233698b03d9700f9fc19c14210bf6926f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 1b0a9efd5fb878c0b7395973db0f133e
SHA1 b936b8e3b1a93d636c512c24966ac42d95cfd10b
SHA256 2ed856488fd04da4e988082919755edd77c71d2b81b6592d5ab6aa1553d3b860
SHA512 e1f2da5081ab8988b65946d82082d1a55207d0f4e06035c5babac59eda3535b3423c8488ab30103681bd90108e69ed598c9883fca669a07ef7b6301d88b26037

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 301a6dfd88129647cd582d2fe82cd63e
SHA1 2b5e4c46625a76fd46e38e22874c81f5ff520458
SHA256 ebe96277d7f54700458e5b9bee0e158e8b411dc60e47c45f64882907c1038fdd
SHA512 e5dc001fe07bec5d4aff5ef2f7d1600fda828cfeb4eaaded831f046d14aca9e106dc40862a73682dc26c0b201992d9b1b40213da8dd2dae577694d047c70636b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dae6ee725035edaf0b9ca983886308ed
SHA1 61483ddcbe73ac5842c4e4529e4f3523e01a18e3
SHA256 737380b4168eed7c09b26fb9b5ff9f554c28a78b6e4e83d1da80241e48141356
SHA512 6505304f955631b94622b1fc742221377483dd0443d3252b5a5b902cd38a11e216606e1b3ce8ea94bdf3a32e84b8a1e43ce8a94c8df04126c3a74f4257c8e76e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4b48be0e9cac62522336e5b3baa9abfa
SHA1 003a5f9f157833968f9c56f2f0f2c6df04f60f96
SHA256 4396aa9f906633a34ce96d8fa182dc798bf74dab064082eba69b04d34bb4c25e
SHA512 a1198092fa7ab8ccdcfaa7d9fbb51363121485568eb34d5eee3905a451ba0030386887d70c90f3fb5d35ec98f3afd0001946453b31dea67e3254b3fdc5509e86

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 74ba70f96dd8e039b6f62688e6f775b7
SHA1 a27012007070781ec1806856bec37d0ab53607b1
SHA256 b90ab00603ea052d783cebc922ad38baf6aae0ad598f4a8bbba0e8908d3b5f87
SHA512 a8f8499c1c15de1d44c35fe0ffb171e54c6ee83f44ed707c39f9920f46c064cfc8d8f40d28a89c8558762755f99ddf108bc3ed967f585a0bc288978fd66fb04d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4d07836fe6b94b9f580095d696f60cdd
SHA1 76ab26cd0ca51906205310b230d4f1321ac31c91
SHA256 fa6badf65b71c5a3901f47f3463badeda9030a02d95677ab8305b2349d2dec2e
SHA512 8c9fc607519159d8bf3c521fb0ef5ccb7622a37852d231d15bb83fd82ff11953188ae146ca990768e8dbf80de1f433f8a04b96e157d141c548108e5674cd8aff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 203cf95df0411dc8e9ea54f3827c65c3
SHA1 45dca2f32d54ac7188eb8a3e309bdad3c2aa5344
SHA256 09cf77a8861245352de700b1627a520c1f1a71635394112232a1baf52ec5cf8f
SHA512 e293b48aa8885f8b1da53a968fd9c97cdad8a0f87e02a737b21643058272dd2f9d75f30cf7f99a90b048d813a45079bad9e7753b0a1a7bf159375118865554d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9fa210863ae48a79c3e28235abc3f149
SHA1 00866fb2794c5401a98dbf589f15c310475bddc2
SHA256 974feeb312b5ac85d2c7df1319c0c62efed095b9050a904205ae4eff18ad81ea
SHA512 5af4641c36795a790b82803dc42b45a405ed7b77513f9abee259a1af6a3043774911767c0e19379ca3fe3b6ad5b1621c2f2f8ade8d36eff0a6bb43166caf3fd9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 8e48f3a822ada4a7865a8c337767a774
SHA1 2ad1a7408c809249c4637691f2aae60b9f032c26
SHA256 ed8c4bda513a72bed18b069d45c9a18fb1eaec721aa4a4b4496a5a5db6bd69c0
SHA512 374c3ce707631897ffd52ee00c35ab4855aa79303497855251cc072016532e701550bdc6b1cc5bb3e2bd1fce47e93e06c3fae5d8485ec642ca414cf4df89fd91

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1468611666\crl-set

MD5 e11e1ec8ea943e5a1e6bde2ab3dadf78
SHA1 4290da480f4218475d38009c18d75e9d65a699c0
SHA256 0821b55ebaf2aff6de7736438d59087de3a903ee1fbf01b6c4ae1e030411ff84
SHA512 04bd06772aa54805a706fb5c1961a91ccdd3886b9bbeecd657f0179e76b7cf481d22f964ee37b697e1d452b98ed01567e8fce244801f4a144612646e32d928c1

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_1468611666\manifest.json

MD5 8a5caee3cf2dcebacfd4529c4b8ed18b
SHA1 1e40472aeaebbc5611b114928f74b356b6caa370
SHA256 6007eadef66696b2e17439ff3ae28ba7077dea9d5ae6abaf608d2e82d68d0765
SHA512 d6977554e7642b7fc65ac582b96ee3c8fd2bbaea1d23fbe43106ee0123c46c1b1f752a68d33e77debbaf0d0f0553c27f6df098ba198964b320ad4a1b7860a89e

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3868_2014983279\manifest.json

MD5 01c878f43569459b9671819276fc381a
SHA1 c04140758f7fd681cc55acf2b02d988f13aef25c
SHA256 6000afa1b02202ed4821c24bbdd88cea539c2cb4d0ef7033bd5d3e6b4ddee430
SHA512 f80b39516cedd3108676e4c41c19fb7a6d05f2a92ffcbb4ea595f111dfd5e4d14dc7de5c3c871e0fe5d90d40c6c45a8c646c324329ad7aa8fd37c1d4d0810e8f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Subresource Filter\Unindexed Rules\9.54.0\Filtering Rules

MD5 7c91e14b081c346267e1b1761c029f1c
SHA1 40d2665fd0042a5aaa3b8c7c451813d6c7005ead
SHA256 fd3ade759bd847f845fe201167de1f53e53a2275631303952f1ac4d7ab5b19dc
SHA512 89a269667034fc15e7ecdc3aec70375949c1ae65a944cb3d762909152c8db1c4b163aa2162698a0345889154e248b5a70b7c93182f5a853529eefd889926233d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 06e32a5d1e2d387ce562ee7aede8192d
SHA1 67f9d64c29663f6865d0d134db189938a92503cb
SHA256 46ec4156584d2cfcd0ea2dd2eed85a0545ddf4e30a8c20c26b2ff3fc7c065317
SHA512 0d1de74efa671be757ac49d1b864ed89cca90bd56114d79432ab91407ef5987d4f4573ef3f2e307b32601ab335a43f8cd1860954f986dd5d887a02ae37ea0717

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a

MD5 e580283a2015072bac6b880355fe117e
SHA1 0c0f3ca89e1a9da80cd5f536130ce5da3ad64bfe
SHA256 be8b1b612f207b673b1b031a7c67f8e2421d57a305bebf11d94f1c6e47d569ee
SHA512 65903ba8657d145cc3bbe37f5688b803ee03dd8ff8da23b587f64acaa793eaea52fcb6e8c0ec5032e0e3a2faacc917406ada179706182ce757d1c02979986dd6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e863dce96d89fe59dfd47fbef06c1395
SHA1 b4f8552896a45b21b0bb21e5a99b39a6a4800f5a
SHA256 c3e344b14331bd773ab6b639cf01ece3c004ace71446155d89843a10226df968
SHA512 9181cbbb6aeee31658d86a86b2f84d093eaac85b212ae658c9ca11b53fd2f051e2be37faf87454419fb1d7f3a6a450e0588d5d9c72879f33628e8fd150bc5b58

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5e70017e1445d055b2253d3019515237
SHA1 9ac09d39d76623be1e4bc8fce892560f8371a94d
SHA256 83e8df5c0a914a69f0eb3a113a089840c4f0358fc542173e1c4f7e7a86d74a57
SHA512 bf0b1ba3f116c508360777ecc2b21c366748aa30ee66d27efd4967f47ee1e0378e680950f04af92dfea3e21bf585dfc97064906f3c1a0d353072cbde91eb5c62

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b5

MD5 231913fdebabcbe65f4b0052372bde56
SHA1 553909d080e4f210b64dc73292f3a111d5a0781f
SHA256 9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad
SHA512 7b11b709968c5a52b9b60189fb534f5df56912417243820e9d1c00c97f4bd6d0835f2cdf574d0c36ecb32dbbf5fc397324df54f7fdf9e1b062b5dbda2c02e919

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 587082dd43a43fff941bbaf6134508ed
SHA1 cd3dd8be9cb272b491ade4ad1571889b93e1e2d9
SHA256 e6fbd986c4560fa97f6431e26c5de0236452b6bc0568933af0c29c786958c70a
SHA512 cf4a09689243e689564bf64fcf3c3dbfb862cde2446cf6a4fb4a541cc7a62065565e25b1d42f674a2fc01a82c37cbd5340b60edc62a747503a1c0904ea3b002c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

MD5 a43025efef2655092746bbbe7b2f80a2
SHA1 5046726528b252039985bf1dbe667a5104aa608f
SHA256 fb5ca7fde998e487a6488daf273d9833e4ea214cb77da751124fe936e2e8d191
SHA512 f3efba42f7aae67500cd817ebe3854280837d7c2d040d57a58c3b145b0f51c0e9714299ad0c80ec6566216b963f87820f870228c6246a428e3fa7b3f0768f3ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 7c702451150c376ff54a34249bceb819
SHA1 3ab4dc2f57c0fd141456c1cbe24f112adf3710e2
SHA256 77d21084014dcb10980c296e583371786b3886f5814d8357127f36f8c6045583
SHA512 9f1a79e93775dc5bd4aa9749387d5fa8ef55037ccda425039fe68a5634bb682656a9ed4b6940e15226f370e0111878ecd6ec357d55c4720f97a97e58ece78d59

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ccceae302d30127e8219495ced97d86f
SHA1 3e1a8d6ab46949ab135e18e75c79e184e125f380
SHA256 f13604e0ef6e8385e8e9df9294ddbd7e377d9cf6af3b29e86e88a555f1ac364e
SHA512 9319754e2280541106552aea58bfa9612f61a87d67757b5ac2f68c2e6e5c58aa719b5ce84f0bcb28cb315b8f0ab217871360a6e66d2f3bf530f4789c72e2aba7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5fde13e4c4a44e7c53d28b84de216a96
SHA1 5875dee2a7676b5a47e534c8cf1cc9163fb89819
SHA256 5dda00603eb739bc20006ffddd3b5a4710f63aafbf06bc22df044b4198db30c7
SHA512 57014cbe267f63614a94208fc9f89610f9003477e1a0a466d39a872e8cfe1ad9e9d1ca7dea1cf0e3409bcecacab037bad268b84436998b03ddf267f3fcedb8d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ba

MD5 747e891a3c70bcb3aeb2f6acf63c2600
SHA1 42f632c60a17753eb0ee20f048730d0d2482aa90
SHA256 5ffb83386a264c45fc2946e88d2cad1ed598b14733b48ee45bb7dea1ff6461d5
SHA512 c4e53b64b6d0b15d24c600b938bde6943a1f0516d9a4eeefad0989f1f589af6086045c6fb62f76e3eae7909dd5b8fb4546d6478e59a8be7c2990569d023b13d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

MD5 15c58741d5984ec8ae89c7b27d5e38f4
SHA1 250ed4f00bed9168e188c90e20da57579f9d0d40
SHA256 2dc39cd7d6feec04587773e3aa7ce753deef0824f53d95af4e67807c628d04d8
SHA512 899d8d758c6e09acdd8eb38b82863032cd8fbfa161b0066157ebad00e984b5d1e319b6dcb8ca14f4e4f4378aaaa5d31711b57ccae7e18e1fcd707b423a0f4869

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f7d014b097153b02_0

MD5 01a772465d4f6d2a5108ad3a8cfa617c
SHA1 0dc7746652482a887860727eacc5d680e691d7c0
SHA256 35b86b096666d76e3c2317e9132241d26a9c8b542ae8357c17f8902fd1555349
SHA512 336047d67627929663224d1f9fbc71faff043c4ce4e2d585b60a61d77ee2fe07050c6ebb8c0fc5d773a2d50136d4467b1379d4dd6d5f78891b1d2813ea44c51c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c94a6737068d94107ba851ec503b39c3
SHA1 db3062c3c1e50501bd174bf9b9d86ccd17de2996
SHA256 d5d969ffae0af4b52edc7eda183fb45c686204e109488b7cc2c138cda8082538
SHA512 ecf6d3be944fdc1361f3216cd1b265f3b1947e6275864aefc636cd138df61da9305d8b0c7e7507e9ca5a16735f07452764ffc70ef0cbed90353686cc2a2de060

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 274dfcaccdfc9b3637efaabc1338c385
SHA1 6215b341a2c382bd2841d8b09730d4e0ea147ead
SHA256 97b44f673f1bd15e2f420a0c7035a71c6d696653746896fc43814735a5762ecc
SHA512 8e8823cb5ed8d769e0796372f5e2fe7a1a860d3882b8160366ab0c38eb9770893dcdda945ffdba6ae24c735aee64b30cfca138019ad4d05d71a71969e288f7d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 2892eee3e20e19a9ba77be6913508a54
SHA1 7c4ef82faa28393c739c517d706ac6919a8ffc49
SHA256 4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2
SHA512 b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5d6593.TMP

MD5 8a2f4c87b6be9472835ee56a0aba0b97
SHA1 52619a54f630ec47d8b25fb7f33e6df52d740e73
SHA256 84d3737f59c7b06337f9cb9650494b1ed17403cae34d1e1732dbb1a4c43d1d85
SHA512 6f12c345047368a0b98e361c3ff6fbe82934afcbf81f08679e4d9b573e87fbb056386553779ff57352743b3a4558e9248517f4ba9eb60357fcd8e4e5955cf9a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ad2208ab0b38a184b3982bd244a2fcbf
SHA1 81a4bed3e4711d6d2c19d8806cd884748c3f1605
SHA256 3552ffa50ebb93d4b68852561c1da76988da135e2b796e751262d868439ee2cc
SHA512 1dd1af406fb71aee25b09e33fcd349a8939d5629d593eb241c1ae9e59400dab254ae7bde920f8ff779343e9266d2936d38767c16fe9dc3b6783625b334accc4b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ae0d29abe151a256e852c08152f9bed1
SHA1 7808cba5747f782aa142128ab9ad4bc69f21a8d5
SHA256 23d78cf65d84c9b404250cc6574aced3954900fad32c5a823406e2185c1c0264
SHA512 ac5d6d12cc7dbfaceda94f095593d82b23fdc2358933ecc02512496ae07cad6b648a9f4a71051cc0ee92a4c466145eed50cf9be435d6080748bc98a30c49fa3c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 7e9142e46e959ad92d927aa38e204cb8
SHA1 6d7d5fce2ef0a9fac20a359a8e56a3922bede8ab
SHA256 be4ba1e404120eb1a11ced120d4677a3ef46ed66b22bbecd163431d58e993323
SHA512 908644384fdc658899ee0c1862371758b6f6c19f44450881bd5ab14c37518a05a301dba3e7aea46b96498a5f4cbb8d3f8dd5c9ffeeb326dca36d032c75c6740f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b7

MD5 d1c3b7642700f6315fa17ab466de1ab6
SHA1 caa179139fb4b936e0e108c4a7cbc3dbc3025cdf
SHA256 3c1a38a1cd4c6caed7ff08d42b638a41e4dd21b912e8b9e8c020182eda0542ee
SHA512 6e82c80e337109611cc322ac9fba6de60d3b49361d449e86e36f23ed14129c3dba95b1ac888d3af44205aec84998b79a81b7dbd6b90dca46dcb22759453ae00c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b8535474bcf9319d_0

MD5 1ebcbc0c34fdc2e8e47f3914700873b6
SHA1 4758dee6690ae694f261189e3c87d4c7e6c902f0
SHA256 98c656f666eaa0743f44eccf55cbf3c65ccef2f1a35ed3cf1fdc0824fabab3bb
SHA512 a68a472240cdbd63b093ab4cc2159b05dd04c10080c2eba9d79ed4400c695e01701b7747c54ffe075141fb910ee5b7fee1433a4033ab47b9ca9de02afd1082cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\affc578cb5d6b907_0

MD5 b8e251e135ae52395efc59476cfbc56d
SHA1 814bffb799c767199b8991fbbd32c4d9f31e8726
SHA256 ba121df8019da9f7046d937f8b5144b8d0511ebafb1e8a8edb7c44b93d693aa7
SHA512 3e0939a7fd29fb1c3894d895bfe66be2eb2dc30a03aa7cd7c50a26ed760070a91a56f52299d5cee82f0a6f80ac05ebf452dd8f691264e3dcc4b934c99a146316

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\157ac5dc69855318_0

MD5 25583467b1cbfd3b8d7124f7908c990e
SHA1 2d2a34616872936c377aa5162c076525153b5861
SHA256 7f41bd87cdca9fff4fec67c4660cac4396096a354a4ca579c05f3a9fd92c8aaa
SHA512 617d09f71964f9f8b1c1ce488bc010ce8118eb374dc39ce854a046d259dedcb1e5db9f08e688e3718b16cc0ead7edf5cd202d3b1d350c3c6c7a7b4888c09c0a5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\027ecde8d1341e65_0

MD5 ae8ba7e9f6258a1c834b0fbca1b9a6b7
SHA1 5f35ff1f44739e0d57ead14c799a8f2bb500467b
SHA256 16bfd1f72b6d1aa39974a31d60ac9936bdff0a0720923d77d7fe6b4fb232dd79
SHA512 a83cf68b1359aa09198494440ea3c9a5fc33c7eb1371e8c6495a13587baba3371a051e7d9fc8ef4672ee9e74315f45f7af94468dd93184911e8dd7963ab59e36

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bd9e99c9423b61ae_0

MD5 c38b0f127b6e9c57eaf02d2b3db07e5d
SHA1 019b9f00acb0627234f444ccfde071b1f956a193
SHA256 75c1805716ec8a880f141d1480ab69e0a0b3ca1ce90a743da96cf88ad474f779
SHA512 6c5aa4d1f99e8603e83ca1f4293bf200f5f5af0057b23e1e3893e8145f665055ef0f82f964794d64d1b0e0a9ed6b9946f30175e8dcac2c77875bd742f2067077

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5dd1e579c9681f95_0

MD5 0df0c4aa0d6aa1ed9cd1a63cdbd02cd9
SHA1 c2e736637005802e94ce99a397d22c148119fdad
SHA256 8cb0b610daa6e691d486c6b5486ae124143d93594370ea4f34ec4284939b5dd0
SHA512 ceafa1785fa25c156792722e56bc0a6e8de48332be9d0b68007c9ef5c1fd52b55db36c18638ddb3fdd1f43dac51974acef4dd0e7075baff356381bb40dd127e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 f60bea04aed3ce9b5d21130d20882a01
SHA1 d981b83f26e2e10a768f3e5e525009bfd5ee031e
SHA256 993272c949876e5be0adb0697bf6d2f9bfcff09472bd42f184cf6e24f4df2b22
SHA512 388622570bd226ea17d4627be9cd51947623a5f2d9acc520d78b4ef94de32287018de9035f79223814c1a4817705c0f552aa1a08a5bf1e404ddeaefff6b597c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9e21adcd1f1ac97c88957de5e1adeb68
SHA1 1640f685e2fb7376c949aa5bd8a28068fe75219f
SHA256 363049809ef08f59f68ec2385bab45ae9499a8f90320084853e214098b8b0d36
SHA512 222593f3cee2395360b65055cb2d05c4a535ba0152609b035151dec309d04c8ebefb59ee4208110473be80b0110f3ff162d3f2d0641bbb98a496d68fa1347d13

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f654ce9b2a80dd63b8a55152f70fbcbe
SHA1 1e22793938817f31d639291e5598c4166781c2bb
SHA256 78628cb0d59143b136fd06e916356d409b07982da211ed24a5425de7d40fbbb1
SHA512 50dadbcf5664f24266394b5d5f0a27290d4439c33ba34465ad9b76b9dbf1f8e3dacf8a68543e62ff455dfb031fc1aa88c91246c42e08ec82ec000cf8582d767d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7e5c9418cc1f7b4d_0

MD5 ba19e516d8fc4b44278919c6de81de4d
SHA1 0eeb0d90c41297bd23bddb152c6f5e32e354d776
SHA256 bf2a7d9d9b911104499d66d9ab9c4356d37121d075cb2365719070489da151e1
SHA512 68369e9f1564e88889c0259ee94233584a201d89bc7d90f4a4b80a7812fed63b8c1096a529c56df7b104b5a9660eca06875f507e4225c999fce48d3b134be739

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d9875f4e92689106_0

MD5 fddc2882cf32d39f8d1d723f5b423682
SHA1 01cc5bf74f7fcc24cf4e2800cb00a5772b520420
SHA256 400b1414d6f6e51317739da340b65c73c997fe4c9e4259fb1ccbc240fcf50ff7
SHA512 78e5d613ab0c90bcb77ebaf4eeed71221c7a7ea8957d345eb7fadc242a347921fd81ffffd232bf8d917b56f9e560b45895e39082357d1b7faa1da50be170d837

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1a914eb5fc51fb84_0

MD5 666b5255cfb3da5619287ffe480f6b3e
SHA1 83a535c9099c2459063397ba16644e958160c3f2
SHA256 628911bdc5e0fd284a24f367157d9e29d4984085343efa1f169c74ef7d07bc1f
SHA512 0cd29f21a31cf513c3cc507fed4a5cc82be95359a064164a72277f6066016777e5fcf24fd13f7457e9f17b451082a893e2ff768bdeb29cd744cd13f8cf304472

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\61a0b4d20ae0e222_0

MD5 0386b60308d7cf0d88ebe310bd3302c5
SHA1 0bd5eb764d959bcf9f0ffe45d1e295135e33149b
SHA256 8c095650de5537f7dfa364fdd062adaffe09d01c636ed97bf789e7fb411d3bf1
SHA512 26c4c7fdce03c1be543449c22dd14854542298c7062c328a588ef0ef92bc92f4984c53bf58d61737c852f72758631e4e2c0d099059d1a5032e1fc4668b3883b5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0bbe00d9bf7b798e_0

MD5 f6870229892065bb1f5d4d2f1d031a88
SHA1 d330ab53b0edb0c959d5e7c11fdea8740b6f7e33
SHA256 3ef2f2b205463eede729eaae6f41217f014d0b4efef22a5d722b705929d78e4e
SHA512 5ae1a7635c7dfbabe943012346a8333ee349a8d4887a08690fa0ea05e0859e2623a7b2877f3ab34f45a454c4a72a234858205dcee1cc5b855aa57a129a95bb94

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3a4259a0181983ba_0

MD5 21f2d3c29671cc044e6a64182b6e01b3
SHA1 4e9f85d1c018ce24cf384d0f17c4003569d22094
SHA256 c5b36fceb072869332db8ef8b704cdff429e30687a9db1807035897d3e04c338
SHA512 e7bf711aa20e04d0ea187a3efe611d17dfc1117605535986d525c2396231ca9d2931fc33bae961f1ae9ec3654fa17b33b0e55853eea686d04da768b1a3409c6f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\89741a2feca5ae54_0

MD5 62bb8b87cc94921d0403cb78db60f514
SHA1 2abd1c268289294acdd88290634d904a914df6fb
SHA256 513ddddb9c873a2231c87485d8d56ae50f9849faacf29f150eff00cce80e70ab
SHA512 63d912c176f1d7fcb15e6365b4bb0b7e1cdab489fc25a1ecbebd56133a1c5a7a7bffeb29e2694bfc104310db561126fa478fd4506c607a748dabf7f2deaea439

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\90d7d7591a1b39bb_0

MD5 e6a2845eb14042abc5f565778c70694f
SHA1 f341e36a8de6a9ec9f7fc1904aeac0ea08b28fbb
SHA256 3445a462695a331bd09c9ecbbd862ff030b4ce333f8d6e3d7cb53c9b8d5ba166
SHA512 0506a7f309634feabae389a27e7c96ccbb1adde95a3f0ee3e0b8a2aaa6b0614e9da562366b76e22d388f5968d515b2b65443208beec27a08c2047b0e3efb9a57

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\37afe38eb817b647_0

MD5 356fb97474e283b3832d96f035abe0db
SHA1 528b1cefd1a441534e6a6e9c46e0af783da11b8b
SHA256 c140d52887db8125b3a9fac744068d46b33b55f432397d3ca4713f5861ae16b0
SHA512 b7427b1915781f5691828de94c04834919b1b448b1acd83cbcc2d8fbe4c9cb0058f5ff3412bd6e87e320ec160429ac18153d83fac828906b8fbb2d5589a1c8be

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0

MD5 8d2cf5757d1d6e50164695ce7e41b9c8
SHA1 ba541568d487fd4a36885330f7d2ad45f0bd346d
SHA256 a1255175c01e8431a78ff315021bac1867746ff27eb312c78ba72503203a2895
SHA512 fafac61bc09e27a471f9790a99a186563850fc0616bbbc53b4ef812a3c8cf226e3590439217258c9a32b93160dc9ba994092023785cfde3d6ec179aa33cc90ca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\be6d12311ce2b399_0

MD5 fcef8df1eaf709fc6a344277d50ca4fc
SHA1 4691fb6e973ff1e8a9dae76704ebab6963fa82d5
SHA256 2e38c9921b95015c8b7c99f13f4af5a09d7e0a4cdcc94fc974c4a80f3709b6eb
SHA512 8ff1be7b1f4460d2cb7ba0679ad65bbdacdeb41b258aa36394d193172d06f98fd565ae5e2c73c05e33e8f95b4cac840ba0f4a50566b7cad6fb0d296a6ba7754c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0

MD5 40db0fdfde65445b242c0a824c1bead6
SHA1 63c06527fe633f424397230fa0548ef3fbb7fa44
SHA256 48d20e782d1cbbb1dd5da7577ea64cd789a9883c657664c21e108e089d3885ae
SHA512 6d029bfcf75d8170a8d580bfb7bc90839db19144c55a1f12c541995a0190c58ddb08963966795265ab43ab8059e8d875e42d5ae03d3ed55c9691bd596509c24d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0

MD5 dc0787eaa319537472321cfec89527d3
SHA1 09e48f07d57eb387b95be1cbea3b97d75ba6e560
SHA256 0ecfc3730389152e278c692e4d7a4b305b2fde22e502d67130161898e4667bf7
SHA512 013aa657f2286544c48bb75a4a37d70c542e0a7ca22bd24f2da28053c9f3f5f331802165d06a787f323d6e018403cd4d06b60847ead01d26eca50557653a70e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2692617678c042d9_0

MD5 bd0277b8f9c014962742936c49ccf6a0
SHA1 f87d30f348d57057bee155ad0245818794591e2a
SHA256 fcf4be72e5a8b0c0b8543dd06cda991de7e40b4e7204fdb65e3f75edb99d9299
SHA512 087197f0524ed2d4df0866d7d16b3199f48992a9ecdf4ab59f09d4aef620f0414f04d887532ec738f0140540442f0a9029ad1027f30afa33091f4070303243f5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0

MD5 653b288038e885134e3c89757a1698f9
SHA1 b3ac47d3711ac4170ffb3765887fc87d3b503ab5
SHA256 c1b4ee88131318c3f38164792eadb6ec3ad658557bd8c44dab29cb9c79238763
SHA512 f15f4620a691000cff4b9cac74372892b2d4850d1e9c26bcf05c3b32647c7ce3455e5be0db33f6792eb2a132fbe1d4d37410edf3ac79330d8484bdaf00b878b5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e9c7e700cc3e33cf_0

MD5 13eb83c232e5d10df2db3bd89e177040
SHA1 ba5246e35f688dfc7cd5829d18407131de5b257b
SHA256 b49fef70f70db4c7bb054263f593022d560045982c0f67d616c7405a450b40a0
SHA512 3814b3b1de237ff7c9e4b1f6dc10b41d36926679df23e35354213d3212e86d55a09affe64834d0f81f18b7bd62db1534ee92162771a18cbcc206bda77162ec23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b61170ac04cde9ab_0

MD5 5d754ff29c1d55d1bb7422384d142790
SHA1 a24f946da858d5dcccc7740d4c69b721dd978bac
SHA256 05da16b826ae8442dfd0265aa27c1a7399711436c2bf23b3a3df12d5f3afe989
SHA512 5e8b28a9978081df333ac0c5013b515f8910fd6e21b4a56090bda2fc3d44dc6be4f8106e8d863943e91cbb84455a16bb24244bb2530e1d6269517ce0089a8c23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d79e0a2891fc014a_0

MD5 f544b3ad705e0e5ec73d8b85e5422567
SHA1 70781d424bc154e3b8d806a75ea7cb1e06eefbaa
SHA256 705648fa65d10d221b8d8b1ff6152efc866972621fbbe4153db9449c85e4387c
SHA512 8b2c5287548e6439e63f43a8126a17e41f58653677e6291b42fb60696f40058c09d58f25d1465009de4bdff6d20eaef8bf9923b5e8b492792a471df86068bf6f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2f4680e8f8f8a14f_0

MD5 8bfc0a272bfe8d9fd3b39e37dff789b6
SHA1 2099a99be5eecc84d5d8957eabce065216f3eac8
SHA256 50c7f1a7a5a04fb24e7ac302fd0aee3f7c3db2183201b324901500229287d163
SHA512 bfe7a488adab84c7f3a1b6108e962b3bf183672f40a82e75a7c52039c81083c7cdf138ac68165585cb098e5205577276301fdd74a358c766f5d3db3dc06f7410

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\71d68e68ea4089fe_0

MD5 6f72b18c3f2279e6559ce7054c06fea9
SHA1 e2f1c26c1705d2803431a5c89289bdb84ecaf4f8
SHA256 f0a855fa30fbc3c6009e4f376732d133727ec534f03cde21650fd98c429367d0
SHA512 270adeee021a3a48bde5300b64b7bba96205bf6c9ef0284a8c0ecf64887c9790be7a9b8606c7fd1a9d39c3fe543fe0f4b84b79ac718418f3bf7eec537605efbb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\766094f4b47e839c_0

MD5 db125f510049531a51494d56def7644c
SHA1 f1dd7732e6dbdf203fd55186371da5f9aecf346c
SHA256 132f2a3ffa59db8c161dfb1d1b9442db413115e2f29ae81b551645961a4bb9c9
SHA512 5ea30e12696b282b8bab4319a750ad2a9f8008caf591ded67e214f4a0ccb93fb0a582a67aeedf896c574c6bdd169626dfc51059d55b1e2e0c709453a01462ad6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\14ff8116b518ca2d_0

MD5 c41a36197e9612a7ab99b8893d37970c
SHA1 0fa2e6bbfb16ffd6c9260982b0a50875e14fb4f7
SHA256 eff0c852ca9d1eb50545a06fd56dca578662e0f9807ff5329c847f79a504b26e
SHA512 88f0d88d9620686cbe3fd21c21204a6cdd062c9fc0ca42af5a8c3b6273e89467756ea1c7b2aa6baa8fc236bf78df92d19f7589cbf35fbc0c7031fea666ff6af3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e146fd968644d345_0

MD5 5997b39a5f4dcf0236a2fc405f36ca51
SHA1 f8db6663741d7686c5a1779c042de8699c35d16a
SHA256 bc51fbba2eac85414d0eb2be37f09e1f580b00f670e8b3e9bef0119c0abd2532
SHA512 215c735338e1b9ef190b5bc59f82d29b7ec460fa9d0976e715657a6bc9bd11c6c372325302a16340ea0cff26bd28e7d1e82c5efe414c8c74a8b6fa2d496cfbbe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9dbb949d27873cbc_0

MD5 5879979577def8479a2c5ccf37792183
SHA1 725ad7f8d41a20e6f9d85c9551d0824f5e7dc2f9
SHA256 a1287a7a5236d50fc813f4c0eb5bc6619b582dc29212be1f751b5fb3971d8889
SHA512 570043186b132ccee397dd674981c28995067b7509e148b7ce6cdcc42289e92fe8584bde156bd37b5e34304744f0b6375a658506ebf7a7a0dd80fb30ce1f7b98

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bdd8a4f7267aaf50_0

MD5 b274d124e3f3a88ceb7585ab929d1a1e
SHA1 cbbd388038b18cc9f8023fc2df3dece4269dc355
SHA256 b6d72a4e643f0cf81d555665c94631fc2bcb190ebbca85fddb56a6b70f2d769a
SHA512 a898189345ec90b2403c54d00f8153fc01b25886de7993d5fa1f58afa279575118c0cf1689f9504f6c5ea62f25221b9897ac62fc4433f95b2502954908e865e0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7cf9843337c39c04_0

MD5 9948004b70ad4b11c80c5e5fb6c1a37b
SHA1 617863916903d69c60f4c7558d5f3269a57a5263
SHA256 5958d595eb11a607d5277c7987e904a5fdb7f5ec0feeb16a8a45e2f63bc5513c
SHA512 11e7aa6fc6400743c69aa4ee3f161b877a60ae2448dbb19efd2ecdcd3300e14f8c0bc93aedab7faea751f47ddcee614617ba77789c0b5285d88180bfe87b2ec2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\03eef0e77feb64d4_0

MD5 5ccec907745e3cd34d0e3855f1094436
SHA1 a3ec1bdb04603c206218c6a173d9fa5b1a77e706
SHA256 a6b1214bb50c76ce550f09abd35e2fcefaaf170a7581edb7202d533c05dc367d
SHA512 c5d7a9076143e0f2bfdef3f03e622a916f4c57d8214a68d8aa3a945cf347b55014c0153e7fc53132a05c49ae4c706fae99c27d8a7bd0d51f761fe96405554ccc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\82af833e9b5cc26e_0

MD5 b9607f5c8bedfa890a8cce5456a39ffe
SHA1 2e18c4d0451e30e0ae4e11fe60224658d2e6bae5
SHA256 515db60397bfd9cddb03061ba687f86a5b9f66989a1e918f01d7c54d863233fa
SHA512 cd00bfd6691a340f837698563a993380a468d96be8f79ee319dc52c2eee36a1b856e13766a475048f00c6abd5eeebcddc30058de951971ab23b8e012daf9b755

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\635e64b37935c888_0

MD5 542c75d3e6235bf14c07251033e7ba1c
SHA1 b5bd22ce34940445e3f084e2488228d94f61705c
SHA256 9469838717b727ce217786e1b0ce43e7ee09198008cb1a68e5e56353526f440f
SHA512 82f155ac8f93950877e3ba6e29de079a32923cec876812301362b7724e920b10b0aaeead7146d4242dbc74934f37cf322dead1c2deca739960f717eec1b41be7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a28b766f2e67bd61_0

MD5 7cb5b564ff238b17d79d1facfa33a543
SHA1 f9d5d9033436892e456b07eaf809acfed2723621
SHA256 066fa96fc8ba5cd98bde1364aa2d02145681adcf7a7e40ad9029c15fd9425104
SHA512 6fda4115e52c82e93d431a3c1e203dbd66707ce64520bc1f4c8d03a3cadfb6128f3b0a9b761a701fb51cac3bb479e57a47527f7e180e269a5199f83f6a8e17ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d45aae6d8d9c9ff2_0

MD5 d5ff90a1bb92cbbc2c92d416111c56a3
SHA1 b0bfaf01c68dbfc47434cd11430f6198b04981cf
SHA256 0b1d30d7acfe93928247d6fc929f14f3146faa73d1986c6b2b6e842fb53e213e
SHA512 6bd5cf66aba56856074be5d76be9eef3e82b609fa2786a76ebef82efbded34b766400afa676ac2719b07da13b7d9023f0322609ba98f17f43c8cf22d562f8f3f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6db290dce274a012_0

MD5 1117259db0e1e4174554c266dd29f758
SHA1 7090a54a4f54c5cd6e02ae41a122d3edefd8f805
SHA256 e2b1b06aee24353cc407297f1d3cccc311879c02a40ccb4bc879109110998bc9
SHA512 f3106b9d7abfe6aa0c3f1285a3bac42f05876d87b04a5bc856d4e0124c6dc9d85378f63a1a1e3f757477221e11c28f13f7841420eb8a9040ec74631a59201671

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\78bc646c0524ce58_0

MD5 81c0b0a2136f355d3786dda2ec67173a
SHA1 37e9d90d24e7de8f05844145d21cb79ad7325b8a
SHA256 bcddd9d11bef1d0c38191f8745aac9a409dd167126b773b38da367169fd21e5a
SHA512 60b007e9a906e5b738b8e993aef0b24cfd5c30849c2fe27195f5a830ceff841aebb3d5044b8edd416c1143b46dbdba4d5630a33b4db5177e5dbc2155a6767f26

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6aa9a2943612cce1_0

MD5 286acb0a76360454db44fa63ec0b9a4a
SHA1 27a3ae82433466a9632479013dc3df41383580f7
SHA256 1dd71ad5d4b5c3813495fbcef320dfb2d8e7b32ddc9aa00b5f45b15fe4ba38a0
SHA512 428e389e2b5613f18bf6007146bfd1383165933da119d10ef7015a25159075b2c87d0a0ff293b1ac3bacb02695ecce9120dd9644bc59d42e8224eb9fbfd42899

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\242d87fe25e8b258_0

MD5 4c0eed7bbbd9aea7cdb0770f083b3331
SHA1 68ceaa41c64920d9b294cbf525f1dec1a70fb2c6
SHA256 fea7a678d0cf6afc6f4822a0238eee4c6abd3b6b4a8129017903185f815ee3c8
SHA512 399baf7bc845a07fba76d4fa0d6d5ecf81b8b175b3826867b1a585794a4090d27ad7e1f98e9dda0420bea20c9520a51fa39591cd16a6b32dd9e8b17f0f4087e1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9f608f61e011c420_0

MD5 eb9c2a27c6d794912f727f71f073a027
SHA1 57a7f3346f4d6eb305ddbf4e61c2b0aed8ed80e2
SHA256 d272457c37da049a8551ecce203f9fd5369f449e16ce98ed969e4dab0cbe0a0b
SHA512 df601fb51924517d81fb564f3d8c6c2466738a774189a1b48c575b8d063c0be5bb6e188f798ee0733c832ccf430b13be134bed3447a4b59351c4fc540b36aaa4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c211c9dc68f4bf01_0

MD5 c4d73eb6aa8e202eec7146c2f4f47ef0
SHA1 af261e8391f45f38244eefc9fecabc752c72a1eb
SHA256 61118de31b0efa1811a786ae041ca1f2b529418441149e1bcd5d6b18a6498759
SHA512 18d308649993e30f3c352a887dd8b0c53cb8a13541285bf95f590267deee02c4052099b67feb609233af271f8fc11a2bed722a5a947afc4927e7f3edcb8ffd1e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ab38c7b2c8042af4_0

MD5 8f8f7d01c3f76d537998821d5c51e300
SHA1 c0b0ee04f77a3e98a46b068843161a00ebf986d5
SHA256 584815b931f0e7a631a07f165c6b9ebe1bead99df36cc8ed0811ec83841e0d6a
SHA512 1961ea18852a0912c4430392f5cb260e9f047e028d9c2b15db21979f25b12434b0f6190b032465caea841b597712885117e096175df02e9505be4a543a0b01b5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\96bc766215a93e35_0

MD5 4b37960b53eb581ff67674b997215deb
SHA1 bf457b8413d74b9b129e5f3bdeb8324a775f528c
SHA256 2e2d4d96548cae3d0ffa3dceda8b5c9d6b20f41f839316df2e9d51f834e9333c
SHA512 276a49f07160df71fd8150478e611bf4e0e91036edde7aa82de4b74ca1492a64de902e562605d773508b64b8a5652440f73fe7219f48e8e7df102d2951ab377d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4ff4b179c1c05fed_0

MD5 b7f506fd9a7662c5fa7946d68936404b
SHA1 e4a6488231c35ef646baaf2695c14b5b1f4bdb50
SHA256 87a1396f67d7af45cee76b3a055d6911638a7566d7fbfec2cf2e1d4d58a5bc66
SHA512 2fe2c640fd3f09d713ff10c004974c6fcc21b1256b18ba1b49cacad24a320f236a3e19ac77ea14b3eab537adeede74c2a84cdb69780cc42cd889a3b23b6830be

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8e5987d08f7b6e11_0

MD5 89112a658fcceb41fb870e195e653336
SHA1 fb8ab0f81e26146346392fc69a31628bc7a70f83
SHA256 fd13c02708f22154446f3d0a9cc5dbf8f49858d4bfc630f2fc86df0d4ffd7f1e
SHA512 40f01fd25d7f26fa83886ccdc66b00ceed33ba305e1c127488eada1211cd85cf7b1411b834ddcaee723c2df83e31d956a4063302d961c85f1fa2e56cfeb5c06f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\86b9cbd77d05d034_0

MD5 8f32e72df7adbf69d709b30796e8be7c
SHA1 f59e5af7fb3292c6ad0fe404cf0810c04a1d745d
SHA256 92e65e9b5f5b1b09ec6c16106067f118508b98ab6359605a9d849a0bedd97864
SHA512 06a2f1f647218e6ca9d98567c3a4a2095fae764386644ff541aa3d0d09b5e4c9972bc0c8ec9a52b6032649564773879a0ebe794e85fbb6c7582aa6d1b69dfb96

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fbd11ea5cda006cc_0

MD5 a3de798fc6bcd88d7347e46925aca081
SHA1 4f3e967078f0fa18a8753c3314ab2bc87fbc84ec
SHA256 8ab8b4f9e7d96dd6d22c6cd47e3b4dc782c102047461310d2e0c05a45b1f83b3
SHA512 d749031e354dae9276c226491956a592bc673e6494d4d24cf4b10412e09019fbef8c22df4a3449bb83ee60dd9eafc76352fb86a440362721339a207a4a60177f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cd9a47d844308cbb_0

MD5 da4856d9fc9a20a99c80a7fb54623afb
SHA1 e7f7b88ac06e375561d7f5143bd2fb43325a8118
SHA256 2df2dd70ebf14bfcc8f9dbcad4cb793732cf94a5fa96b058b8897feeeed48869
SHA512 43d519043d6b1c06081ef053045a758b5802dd31141fe0493b80a80b16ae7009a4f47ffa9260514c4337d066ccd6e2411031aa7896139735294d196cae8a15f5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\624c9bd517fc9c91_0

MD5 1462497b1eca001fec0610c2236a57c7
SHA1 bac59a39c426082703a0733a4fd9dc4253eafb62
SHA256 33ae45074fc37eeb111cf06d86e6dba67ae9b48b932d17eb8090f4adb246e169
SHA512 2e3c887b5413e726bcd300247bd5ea2e7ef254f527a3d44f662058a0cd1c880e190d00f693de65626d970e9fb91e1d408f6e67bca3960db38d4fa0ced0c82b39

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e8c8218aef51a783_0

MD5 c49ee99b43274ee8b275970340abbc80
SHA1 4f8a0964fa7ee2eddf42623a7ce2a9625ef8cf62
SHA256 15df33ca50c8f71687b2d6b007247dbdbb0815db12083953911f739718245fba
SHA512 8ac225b114ddd8dbda8e0e207e16da58d5fd30bf6827dfd2de632451ee10f79fe630611ef5a7ef873f0e21348dc04bbe81e54ce82225e3ec2e87086cf91c0b4a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\163cfbbbd670a71e_0

MD5 3fc40e766de8c30a3e9945a9b2f57cd3
SHA1 e71cd3c2b5a9295f785564f65e73ab8ad93ed87a
SHA256 4eff75ef0dd9dbf3c718ebb679a66f7813f41310e5caf5da4dd74ab1de008286
SHA512 a7da032afde1cc55521a8ffcbcc35f070037d985dd566b60226590d19805f2da1bfa508b4026c80b7c3bcd60187388f44647d74d49a3c10be18ccb119e5043cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\37249cca66fdcc12_0

MD5 dfe415175f4a5a585da30fba65783ad1
SHA1 a0bcc5855d9f9bdbadaaa28db9c7a2fd876ff110
SHA256 669dc3b1f2dd57d0205c0e43a98191902c075199cb3538fbe4fadf604c077e52
SHA512 4fe9893b09569cb357a72b05cc08296b763d08f9b6ee792eb2a1b58a250bc218a8d79ea313955876b3ce4341e907f6c47f3b30bab888a50623fb57d74e5a122c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b4b3be2a7e68cab0_0

MD5 e5dafde2cfc364793b5fd9efe3bedd70
SHA1 26758d82cfe0797427150d5cca454473d8cace01
SHA256 76db7057b6fa465d572c27b19b496a3d0902230b738c3f7e9953826532365a07
SHA512 180580919abd739dc22193c735e10e918706897dd4b344f434c0a3d9dc3149eba4a2465ef710b0201d8aa47f67fb38757bc889f6a298e2a5c88b6d66394385d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4e9b18b0f66a7183_0

MD5 30d4af3bf5c361a313929eeb83066453
SHA1 faca46099a26ae8227d8334fa340cb8fcf256a0e
SHA256 9e46fe6db24ce79c97bd9ddcd109ef302c4166c517be2b1abb2602d0fad3fddd
SHA512 072159f9892bca4c688272e8f241a264a4e7d04eb0e611e54e92a74bdc3c56b5ec645ba7dd6533159343d44913dd75a49180b6aab37b641f0574d785a83d1dd2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e18532de58fe3a53_0

MD5 e61fe5f3c25a7ac0e02d3b918ba224c5
SHA1 4602bef745e402079f091ec0dbda6b13c50c0030
SHA256 392bec104496de41fa7340dc1edd8b1633019c204b2403ad0c0b3b6f87411806
SHA512 4b21ed8755d8aacd9b528ffec3642d06185c6ec658759cf5b1a82798796e91ca37fb7c492e59712533e69cb0e0023e0c2e6a23c9a094645647e19e22b7a70bcd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3099041dcd2621de_0

MD5 72f6cdc4c9125fe910411ca3da6614d5
SHA1 1127765b09ead8503010cb8472d1cea9fb0fc7d6
SHA256 064f9f912ef667255385f74f71ced5f8fea5fdcf436dda964024110f2250dc35
SHA512 2663ddf2fd0c73be8f3bdd25780a8845bc4d8c05332caddb726f3f225a0393e5de53773c13e417121bd7bf98d54220c026aacd755db31f401b04eabcfa955926

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ce003bafb7f85a78_0

MD5 0c6e5e571679d3fe647bf78358a1a2fa
SHA1 f4e6eab1a09c841283f598e9ec50f529b496396a
SHA256 64fefbe0c2649c67103ae95c76e32f0e27120c779ff530c56a2e2d1f0f31bca5
SHA512 a5bd1ca6b86e0df79b1d3ef75d06deeef9b870016f22fad8a841be2994e61c1a8cf5092adff02ad064963bfe0ca89c1346f0fa20fa1b4035e5182ef3374c14dd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 338c9de02e9d8e678d2aacd57096f4a5
SHA1 5c300a9fed04074fb5c75560071bf2036b13b8c0
SHA256 e1d0efc41716d6e685935f4f316ecd3a049a73dfe7ffb88c3bacc16e24a9f1fd
SHA512 f38a8876cb3a9c87a8afaf0f8aa1ad46504f5881f6a5848fd8fd1b07ee489cda840ca60114cd21d8d13f5ba3d4c974b139432b093e464fc2f565c61f6258db0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a570838d320af0c676d0f70c843bd455
SHA1 0cd8f4a7d060b2ef8b14fa342e5c4794ca0770f2
SHA256 735b2095ffa493fa66b585e3d7ba75a569070f9dedee17211c47da2c2bbe4b7b
SHA512 8123cecf01d8a4afd03639c4a2f1b4449be75ae17c3588c2139e3ed2f69e1fa4e16fe58c90d484d67373a3963e6ae29469e8e8d35a7163b8402cec361c452255

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1417d9541611cdaaa262ae63af73e889
SHA1 9ebe1b5c20a18a25fe7fa3a23cfef67223a30158
SHA256 56644ecbc478f1b6451d677dfa52ff11a58090f0cb8c954be00b296345a82f5e
SHA512 26b8cd8d46bbc4c0a5d34c9f0cba91471846ee1302b22c0c1600c850ab9bdb694695a63229dbf0b2800d195f2d96c0ffad0a92d3722a13a2f0ee0dfc32cb8bed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 761893146711061efb47346b2dd83745
SHA1 7703e51aade52e7ba8c7744687e889fd731e4f08
SHA256 bbf64ea181671b1db2b2927e64cb977bbfcc77def639498d6e6175365f173961
SHA512 37c6b02f64c9df0ecadc7641126ef48045067b8fffc2113cbbb8a62dffc295d6931b28ece0e7092f2ed9acc63be36fc3ab12fc88fa56e8cbdb67770225bec6ea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7cfa078dc8a88000413052d982261908
SHA1 e20e0e6a4ef42c07acc686d7f9569e767a8e35ad
SHA256 2844864e364acb4b88fb2a68e3d2670fe16745fa3df9d8b9e1da598cd4e5bf1a
SHA512 5793008afcb8c8034997b052789002506c43ddf69169b27549399d35de1a0ef04e4d091f9adc7e877292e697062bed28319798b63a5e2d5dc9a876a02c76c704

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

MD5 4198e2aa1cbbf8d8cc5d652ecb86a29f
SHA1 df318252ab3dc3d46e29ecbf66165914c5e2de1c
SHA256 dc84bab16bf0456cd7b01600bdcb10a54ac790eb41daeb5ad3a8b5a1b6f09053
SHA512 df8d8ba9d0b473b6126c3a9aa79e4b8667e8bd22e10bb17f9cebff9ee93e00e8da3de292fdc72b9bd1789236802c3963b866509acb7c9c18d4209c88f4b91fc5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b70be6dce54e8d4d84d8b760c15ebb9a
SHA1 41290854adbab5d8ec561f00dbf8224a7f16fae3
SHA256 f6f367752a6f0da012d8b0dfe5fdfa84d034f027da6fde788cb47d62f5e039a3
SHA512 d5a6418845d0bdb9b55829f0871641488da63cae96f2ad85e37b0b123ae37c5614a99dba6ce65984d56725cb4085b87f4f1c28189408a20beb20c2457982ab06

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

MD5 4dd1ba1231907b9b0a9b315e2285cbb6
SHA1 72eacccdfaa021d02f67fdf736f3bb47d2a49094
SHA256 6e5a3bc09551ad9aa20ac91835667565daabfef55bd276861f2de59787537918
SHA512 59292af36d5c78cb0a71a0451bf563e0fa3723c6391b6a99952f1337c8bb1f87e4542287013b1842ccd6e62df2206d9a21173d4bab7c995d2369b9aaa0a9759f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 de36e2c0ef95245f0ff6803c56740107
SHA1 3b93caf797d09efd1a7b77bdc2371b9c686dc551
SHA256 5a969a990f3c6936f2a0d45626905939baa6da5713d15c1d4433efe797a78c85
SHA512 8ead5964cdd5e943a9cf2b963c1fc4cf42d6140fcc8bcac88077b5ef83b19022999e58578b0ad94d245cf430f60196b3093c89e5bdb2a2e2010b1e378597fdd5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 426bf7496a69ac2256e07209e9dfc584
SHA1 7694f78e3614aaa8739acd6aa762c8516ba3ad6f
SHA256 e7659c791c0fe12038da0ccc27c63824f3dd72df343a4bf305ff8efe7ea26627
SHA512 dc3194833f980c992e072fe0dcc4a0d07ab269e0ba385fb74934afd1474c9c20a5f0f091a00b04dd2e537ecbe3e74a97235fa308cd7c7d2a1528303c2f190d7e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6e2d3edc599a91054640c5113bbc5b08
SHA1 ab4e00af291b3098f19c9d519e2ff77ccc1106b3
SHA256 1ae09b25ff32482c60efdfbe2fd669a12e4e811a1889bd12964568950215cff9
SHA512 665bc9845b46f4a9d5c2b72cf3d1a8005b7f38a446252ac05a44e47a8befb1b249db26aa58a4c49eb4eea4573e3ca6af08a5029c8dd218609467da306b30d72f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000102

MD5 9a01b69183a9604ab3a439e388b30501
SHA1 8ed1d59003d0dbe6360481017b44665153665fbe
SHA256 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
SHA512 0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bc19ee6ff48c22b13d285df506509bc9
SHA1 70f1275a5ebeedccdb038591a690f51bb6bf4c68
SHA256 0d5df0ca5df7594f98da86925c87e04dd97b2f4d66fc1ee6737925e253dd2a92
SHA512 f44bc76ef15060242ad68b1ebc4a458b3f3f31c75ba3497e1c2eef010287a9d487e8f12dd8d5562d91f282fb356db3c665f4095fa64efb850617c8df50a2aa1d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c159dd3597dd8d584eb2f84250bd2128
SHA1 f104dc47783b6dca5bf3fdb76aa6cb4b2ae7dc42
SHA256 992e4d95b09da65dd0e5b4ac203abb8c175b09d1d40e930d2affdeb332385ea4
SHA512 240ffeeba8101d386b0aa4d71bd3d2e75e4718961899211a59f2c166b3ec3adfc618bb868ea6a88b6627ab957bcd18d27b36ecf349453d9a4cb80f0ae7664069

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0ddfc13700583ec08a18d20295276c54
SHA1 2f11caedfe09ba1aaead8b4ccb823e260849fa5a
SHA256 3cf310aa95a7bdc50d33a54c23951a2d2b48f5f12537d94ab05eb56636048797
SHA512 1a622bf51c4118321aeebe3f279a165cebe30a5cbca986a12b45093c1dadc80714f13c9b6109f290b359efc7741f878f4ebdf57979fd719cfaf3916f2b289457

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b89894272f6375f0_0

MD5 b0f5893f2666b0990126a074e7389713
SHA1 f08cc3ae13ec0a5c0dc073646502ce64bb763071
SHA256 42bff73ec03829439aedc6e31957e1cba4a9af1d1fbeeecea94fb2c757683a7e
SHA512 798992e8f0bc5443fa2f6a7231559f9d6a9c072f8d46e9cf97b7f1118c28e412244582c68d04c203b38954539859663dccd886b2734f2bafd1a1db8aeb82d496

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\944da29870aa9dcd_0

MD5 e0e1429792a9586f2bf1f752f6dfc89f
SHA1 dbde0e2a9abad547aa2daa0f291e0436aabb2b58
SHA256 a65cf46f7a4442c1c4cd683bdf283c6e3f488ae03fe355cfe076453abc281309
SHA512 26e806debe4ce0abf5341df407640bd2532edaf34b160ffd1a53fa7165c606e33dc72d4577e168f2ec74145bcbd2d1b42b866b1a79754d2250593692c15f9192

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\77553c2a47f1a2d4_0

MD5 43df5f1927d192c471140df221f24533
SHA1 aae5c623ecd727ef0f1a14f01080b156a030e8da
SHA256 5e7022f87e5bf96b0e04232e7a871ad0b78fe1daefc85a00af60b15e80ddad33
SHA512 98b1460c936e75d289a3e0dadb342e9ae84abec189fd80082b19bc5cac672b4f280908cfd0f958647acc72b2437ebcfca3e15527a7857b03fd0b865719cb75d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0

MD5 d86fc924d7e6c4e4024288c90e329b68
SHA1 7c9a83772d1fc9d2b7f1f7476f55cc2443f8a413
SHA256 730fbd209eac5b98a4b406c449767549063ebf0e8936019d79dd0e03ddeb67f7
SHA512 2099f7f2cb923c2c11fe18d6f79533c194c40409cb878209ab53ce3f924eb911392c9fe2ad85df61c5b4c0fdb83624e4334e2ba5645464b1d92a893efd97e3f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4de9df79c57fb3d8_0

MD5 13535844c483b430621aa1696fe21b41
SHA1 17072b6a78c2973f89408bf6c39f76b1eb0c7c65
SHA256 0204576391cdf7ba0fc03c7d1354fba97e4ef5ab96fecf8d3484b1d0a041e98b
SHA512 774087745ca8948bcedc47ff72fa02550cd22d87b1153b594773260e8582fd071a111dc06df03129be4afb691921f21d24d874f984ce9f955024fa5888d910a1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6a5e8bb53a565b9f_0

MD5 e51b0aceffcb50a2032d65d70d34a78e
SHA1 9393cadb2a4abef3021449c20f732df5555f4c00
SHA256 275b5e19c4982b9922e0da37634f765150705a64dcead7141bae93bd30ae06a8
SHA512 8dfb12312349077ad617798cd00fa0764384a56a3698a250b9de10688dbd3b4596a0a600fbe7af12d7c5682c023d9bd4314c7cb0de795bfd1ec3d1635db595e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f4b95a1e43d59c66_0

MD5 903e9b472a85f733f3f45059b0f86015
SHA1 6da0d3399000bb27a0829ab08a51fbbbb78d8670
SHA256 69e80afaf272148ec7bda02bcef7c9e46f2b904428b4c0f279fe8eb7cd6f030d
SHA512 5de6ff04516a820d7a0269c382890d28761e502c081a470aed865db2b73b85eab17a8ebc581470553b692669ee862914feb9eb7e540e5f21f19fb914cbf24158

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.tiktok.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\index.txt

MD5 ea4ea400eb82dd8e1cc39ab16fb43542
SHA1 053f6351b8a63c50de3a24de15f962e332b4ec88
SHA256 162e1a59e4e4386be4a93affa9c78240137c6e40a981d6b9449463927289de32
SHA512 09263d7d8b4ec9695c19471f628e3be0217b6eb76d25a87e8f944746b5dcd5e86c70d6ad1e31a254900d8f7c843117f42b76ff53d1fed301b05ce235ec07db52

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\index.txt~RFe5fcdd8.TMP

MD5 8fd052513da2a5785280b2d1a64e9d3c
SHA1 fe450ef667f6a9a263c8ab2da5f7afd0fbd6fbc4
SHA256 d71ca2fbcbe952ae3d3c98815dc55b45ddef46b08b0f22864a4e81401294738a
SHA512 fba4c9ae47b94296007cb7a2ddecb0aa76bd548f10fd404064cb50afae827a745947424736ca38b929a26de0b012588e58da58b8766b7b47a7fafc1aa573519a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00013f

MD5 cfd886e1ca849a7f8e2600763f236d78
SHA1 c1fc2b10d20c529c01b465a1edc0ed2fe04f0bd5
SHA256 c0b1c3c6995c24eabd1a6fcc4f00523e022b546cf1fa4fce6c30d04763244d1b
SHA512 254e37e3650b2c87b524c96f517586b690094abf7c8e0539b050ecdc4c56c2593bedab7b1a830b827ddc19f1c3e05ff4096ebdf4cc969b5bc5fd33cb34e94fd8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000137

MD5 fdf2600d905a0faa060d691e0212e1a7
SHA1 62550f0993a219e265ff9a0795a4d9f49b28748f
SHA256 52a37b3a78eb5b59df3bdb129b9115c6fed9bec6ca62b55ae56d8c2701de5972
SHA512 7118d2ea3aafe3d77709842da20acbe3faaf4c6c92a50ab05ecd4986916bbb92fe297a1b00357572683b02c61762cdf31dc425f03221dd169803252db5f04f7f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 55601b1f1f7e24d9e1f8cda8d49fe89f
SHA1 8d87d5ccbe6c0619db22722905b15ad71d264f7e
SHA256 fcf2e40859da9f3d692ea62ccdd066ec180c7314b20ca10a9ef6185a982d0fae
SHA512 c19d9c53444893e0e88590083b874bb3b539fd1c98a4f1b092cb27290aace6ea7ec8fb005255dcc32d362595077b5f88de7b829b21cd42d40fbc736affe36b6a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c6517f3769a49007a8f8d9c4ae325440
SHA1 c5df1d1722bfcb118281eae033ed34ddce7bdb23
SHA256 a69ffbe6b1635fb240d853bd1a3738edc740ee3979b0884da8ec83995a804f5d
SHA512 25d87d052aa97024cd96f08022fe573727d3c891f41f018f8b362820e67c1e5d2d2c1024c7a70cda476380b36336cdf2e6204b4a7ead0d54905de1fe7d41e9e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000149

MD5 3d8b37f8f0e300ead837e27bcfc78e85
SHA1 7402d8605eb1f2086dcb65f749977c1c29062fdd
SHA256 e8c0b35e61391e3eb8d0c7e9120a3b2a2a2940ed5c391f5a3c05dbd32e4dcfea
SHA512 565a57637cd8b770cd6e9f7609548f149845226f49d45a2b831df97aa0151a462cd8f9b87b41570d622536b252ee625dd6e1d8b46017100e1188cede9c32d086

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2a3e7ca85c988bf2f48eedf9e7b54ac9
SHA1 e543ad2f6f7febfe0edee47a61728f42c2554aa4
SHA256 2a6f415a45f0b488f203333d55f3be129fa5d9a14affdad728c0e116f0968336
SHA512 cb3d2682f952d46595dab6ea68a15bd6ab18aa61d04fbcf4b5ffca3cfe16ec5f5b4c19fd5e58b0f027a877f61b6354931c7c07c3ee18e678499ffa89bf6e5ab7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 d4cbf73ca4f9194b6ff1fbb68b75b18d
SHA1 3ea7ea6dbd30ef0c67fb69f0dc3727f216f731f2
SHA256 8bf6b8289d4d6b6bbf1d44ce2d59565e652c986632ff730b3d152f2d825b1e05
SHA512 c227a418956fb48c9029e352c484e5dc6aeb899e1ac53d5b4b175c4a3073f28af726b9c8f611130fa5cc92c1c1fc11d62a33d90236763dd8e3241d91a925547b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\c00ca4b6-5984-4cea-8286-6bf6e34e365c\index-dir\the-real-index

MD5 51454a6441e5a12aedf2ecda53610fa7
SHA1 b7e9bc4d3986f21cdf7a266ec37d0898edd03d76
SHA256 da54a1f28e0efd947cbb3e4552879e845cd715de558891d2b9d0f64c11b3957d
SHA512 55fc87a9470b86198d5c0ee6f5a0357cca94c39f3bb7bc2751b7fd6cdda066b808c300dc72e62edaa16e0f609b85e991b6c8bbb328a7d8d196b3694b69c8f24a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\c00ca4b6-5984-4cea-8286-6bf6e34e365c\index-dir\the-real-index~RFe601c08.TMP

MD5 80f6d4ad6c35b5f2c731bd3286655dd1
SHA1 823b6b241b78a02b6ff1df955aba309d76eeaece
SHA256 5b92d814f29687f55b6f0d5be9793b93e4af6f67b826b0871dac21d5b40e5af5
SHA512 848d0350b45388a844cd30c56212017e3835520972e5ca111dc6e788b6e4049d3a234985ff70491cf79cade613053022daebffec347ea59f7e60e84602293360

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\4855ec9c-3b62-4b38-8e01-973e9007ceb1\index-dir\the-real-index

MD5 9565e7adccb3ade55daa9cd42bad7064
SHA1 326d835659cd6dc502bac02704a67a4fcf2c893d
SHA256 6edcbb2033af63c3f39c7d4b5f19afd5a381c87d86dbeeba03d43cab5992a845
SHA512 9092404bd7c27f7ae3a01d19ef99ea73cdeecbac77fdd7844caa6f09d5ef3fe80c9f7a64b8bca7084cedb2629ad4bc0a8c0145a54dc65247549a9b87f7d89978

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\4855ec9c-3b62-4b38-8e01-973e9007ceb1\index-dir\the-real-index~RFe601dcd.TMP

MD5 bb1a4e35705356ff38a7c8997a0946ce
SHA1 a18fdc7ecac0cf9e6cf51fbee0f6010e5a04f311
SHA256 1b73902b77058868c86623208d10feb3f45fbf1e20ade86f9e3e22573d6cb732
SHA512 34d3b9919bc7208ce519a90f234cd9bf57641a13d9762017845b2d62ec3d0a8eef613ef66226d17247b821d4c1a86fd7db4609c06e2411cbb2b3fe27b254fda9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\index.txt

MD5 7ac9f4e4892efd3bacca31ee4d61a0a4
SHA1 b36396f9461b2a493a07c0429f9af1533693b7e1
SHA256 6558709446d7cf0d395d55eb865eed6ca6b93c532f087efcb35ab2be0a734a17
SHA512 dc2ef871d13801f0317f0510a4b9919c5cf6f207b1ec07579eef93f9ccd4215b1bfd61dbc27b119875d39305285dbc6582db1519a9ba3f86824429194c6bbda8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0a393c88a7f539fc37dda9318f064523
SHA1 e11cefd1509bce5af564afec03363734a3048a3b
SHA256 cc6d30bf0245280c52949763ed6ec76b6be65248432f19de3ed4677ee04dcf54
SHA512 7f0d43d6821e9a7eee720da3840d85f549473d20d478e1471a235560a6c6dddf0f11694894421add3f7be5483bb712ab0d988fa873ce171a26ec10c6a9fac781

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 54aa073baac8f2bb70a9b7c9a6b0d758
SHA1 bd5ef6ecdd7d6513b2c86f3e1a11e612937b6d23
SHA256 f5dbfb1b879b723ee98e0f755a1aae902aca61b5a2096abf98cac87b2b44f14a
SHA512 84d52b07a11c4948a32f2b075a0b552a68692006dacbbfde96aa64448444525fefb82dd2d82646645899f7822151318127b87d69d94ec8145da1a8eb99054fba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7eeba0a3eef6b145e7b1f2ceb429884b
SHA1 002eb29e83cbdcb92bf38f59f5773a664ac42761
SHA256 ef074d8c5c83846d635f06cf61b5feb3215ac012a4b2565e5a1a798d9796ac31
SHA512 d1a2a6aa5d063efc52e005ad3a4ecd85e74d805fcbc0c5c37a3681d6018fa78cc577017c70fec5e5231b14175793e68da403a1efa0ddf145fb72b6f57a24612d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 00da9553f1a478036ae5c1ba80332f6d
SHA1 2905c6687a115896d184ebce71932991718e1a2e
SHA256 9bc0e602bc9991f841324a871baaff0e10895f11e97e5e597f993a367a26d720
SHA512 f9ee873345be4cea84f8324557ac1bbea95ef378578422f48480285884f9c7c983a54d032d2cabbcdd27481f9c9396a3d396b894edcd75d694970d14506038aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 7103cdf2c6da7dbc1df70dd22f43f474
SHA1 1c46a7b30df8d0f709ff1cdca83fbf3f1642ac06
SHA256 8d72072a6ef1432b14a7f6096df4b32242fbc3e695c8b5df89ad3bc5b32ce661
SHA512 021742c9e963636e4fc3f2a35eb8b1e28cd14e98c868b244f745db3d62fca79b13b6a276385724f67728c73742043de4537edb90cddbd5096a4f4200c4c44bbc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000af

MD5 3051c1e179d84292d3f84a1a0a112c80
SHA1 c11a63236373abfe574f2935a0e7024688b71ccb
SHA256 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3
SHA512 df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b0

MD5 68f0a51fa86985999964ee43de12cdd5
SHA1 bbfc7666be00c560b7394fa0b82b864237a99d8c
SHA256 f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f
SHA512 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000171

MD5 7978a9e6312aeef2fb75a5184b971312
SHA1 312d46ef07ed60cb3c48cd586a5189d4a7cb030d
SHA256 bbb5da7e7ba55a3059a77cdbad6147129d94d7ad45fd15f10ebea2bc4537f649
SHA512 e738bbf00a4218607c1d13aa06792bb3245fa7999a844cfdb251caeefe0c2df0be42b9bc2aa8497927161fcee6593d9e9f9d69cd02ca9b213350223c78ae5e85

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6400771f2d2b8738ddd44dfab8f45d02
SHA1 e31ecab5760daabdb150c6f8ad1af028f3765cf1
SHA256 6b7a9faae8e62e41d9ce605b0bdef55a2d88b2b3f367e4f933cbe77dfe6200fc
SHA512 d6063af81a80e92683617440329d42c9de347f2d6ae70103dfcbff713f23c922ca79d523831a1a2bf9837f11b7c2a890ae3444718149bf4b6e21da3ee169c9bd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8f76f0311461e8138f7e74bcdad044da
SHA1 a2a470b5cb5d0ae5960bce33e9ba57c6c769a84f
SHA256 db2d35fce53c449acec4f6421fc640e289c297049f822d5231e7d4f4a270c2c9
SHA512 458661119a5eee90d724f9c25d9d7c0de79992258422c9ab7153875539672ead903949bc036cedb1258ec5e41cc39362fbd4664ee133e013785d4990af1d9ec5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 ea2dc747d040f17f0d98f07d38361fd1
SHA1 abefce7527289cb2ebc08d974cb2762eabd7b9bd
SHA256 1d53a437a8b7bbcf31bfbc2f8fee0373ab26146a65286441b53529abef6a2861
SHA512 eb963da80643c23b428363843e74abd8769e766c3fb353946c1edc9d91a381f7624754db0447dd8b11817dd62e0c5966ce797e634d45765ae024e4d9a3450d74

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 8954a05b72cbc0034522a5a8e7db663d
SHA1 58dde8209965ca130d923942549aad41b9535edf
SHA256 6dfd595b367d6ee7fcbed1c0ccac9dcea8f219345260a5e7c0a750cd87a8aac7
SHA512 697becb5055d7f62a2e9f05914a70d2bedec69de07cf77bc03d7e815bd4f9c47ee4517c4a554fbc905049c1c2803147ff024a7b23538f713112e90be8f918bf2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 52aa8a92fb3a7c4b726882e278f2f46a
SHA1 2574d21c09afc055660840513c4287812afce4ff
SHA256 572f60f63000a076808f8b5cac0aaa80f96c9d052197f810bc3d813f8a516ce9
SHA512 75de9350b6bcdde69aebc273fdcdf6820c386bed11658589450e176db67a302d7dc16b140a27b8bd63f3b4f902893f9a8120aec4f3ecf8350345a9860d33aef6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 199ddae74b3fa8eb96c89b7807a85a53
SHA1 956e181824d594d6d6ad50bfee41e0369cb03be4
SHA256 dd329f645a5fc86ad84335f89b11beeb95de0f0be3e2736b5651d4d24b1cfacb
SHA512 e6859947c9dc9bc9f1c1d1b3514d7a1baeec85507ad8277472cd068d8c6f320562bc294d2b2e06492b7bc7ff97f2bf403b194e295f9a5fcb74be35c680a35b4f