Malware Analysis Report

2025-03-14 21:48

Sample ID 250203-wbcmpazman
Target RepasoC2025-02-01.pdf
SHA256 11fb525e829e0ee953a4b6330a6c8fb78094dc04ed74135a90950b2d251c5bd8
Tags
discovery google phishing
score
5/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
5/10

SHA256

11fb525e829e0ee953a4b6330a6c8fb78094dc04ed74135a90950b2d251c5bd8

Threat Level: Likely benign

The file RepasoC2025-02-01.pdf was found to be: Likely benign.

Malicious Activity Summary

discovery google phishing

Detected potential entity reuse from brand GOOGLE.

System Location Discovery: System Language Discovery

Browser Information Discovery

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Modifies Internet Explorer settings

Suspicious use of SetWindowsHookEx

Checks processor information in registry

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2025-02-03 17:44

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2025-02-03 17:44

Reported

2025-02-03 17:47

Platform

win7-20241010-en

Max time kernel

95s

Max time network

19s

Command Line

"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\RepasoC2025-02-01.pdf"

Signatures

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe N/A

Processes

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe

"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\RepasoC2025-02-01.pdf"

Network

N/A

Files

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

MD5 2f957eb1b341354a9f150cf3498f1b42
SHA1 5b09a0255aa97f591ba9ce9df3bfd5925a272f77
SHA256 0ec026f2e601f457b2ae3102b1dc0db1694bdd17c9e5ad30c71ef72044405e50
SHA512 cef2b71c8b7eae6328245dc6e1c26516042c7956e6c6a3eb14caa752bd4d410dc3f614e715aba7a6cfd004f67e40f66e81652aaddae4233109aceebf0e212f99

Analysis: behavioral2

Detonation Overview

Submitted

2025-02-03 17:44

Reported

2025-02-03 18:02

Platform

win10v2004-20250129-en

Max time kernel

912s

Max time network

418s

Command Line

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\RepasoC2025-02-01.pdf"

Signatures

Detected potential entity reuse from brand GOOGLE.

phishing google
Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Browser Information Discovery

discovery

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-805940606-1861219160-370298170-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4920 wrote to memory of 2392 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 4920 wrote to memory of 2392 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 4920 wrote to memory of 2392 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 3580 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 1436 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 1436 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 1436 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 1436 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 1436 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 1436 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 1436 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 1436 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 1436 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 1436 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 1436 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 1436 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 1436 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 1436 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 1436 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 1436 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 1436 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 1436 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 1436 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
PID 2392 wrote to memory of 1436 N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

Processes

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\RepasoC2025-02-01.pdf"

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=52548A4689645D02B387E6055970C89F --mojo-platform-channel-handle=1740 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=A49A999D0750FF1B765A0054A6E50699 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=A49A999D0750FF1B765A0054A6E50699 --renderer-client-id=2 --mojo-platform-channel-handle=1752 --allow-no-sandbox-job /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=6FDBAF2552BCA6926682BB109C0892AE --mojo-platform-channel-handle=1960 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=D14818FAF7359960D5A08DA9C0D03BCA --mojo-platform-channel-handle=2328 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=E37585A93BF03F2EE5BCB8AC466C21DA --mojo-platform-channel-handle=1924 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=6A331364586DA4431E715C42A3F92ECB --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=6A331364586DA4431E715C42A3F92ECB --renderer-client-id=7 --mojo-platform-channel-handle=2316 --allow-no-sandbox-job /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Desktop\ConvertFromOptimize.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x12c,0x130,0x134,0x108,0x138,0x7ff9daa446f8,0x7ff9daa44708,0x7ff9daa44718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2028 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2668 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3924 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3604 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5252 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5252 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3528 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4772 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4820 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2584 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5524 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6096 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5668 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6572 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5564 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x448 0x2f4

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5840 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6688 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5748 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3712 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4392 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,1189582064256841764,12114811645911905962,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6728 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 57.169.31.20.in-addr.arpa udp
US 8.8.8.8:53 2.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 150.171.28.10:443 g.bing.com tcp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
GB 88.221.134.3:443 www.bing.com tcp
US 8.8.8.8:53 3.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 www.microsoft.com udp
GB 95.100.245.144:80 www.microsoft.com tcp
US 8.8.8.8:53 144.245.100.95.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
GB 95.101.143.185:443 www.bing.com tcp
US 8.8.8.8:53 185.143.101.95.in-addr.arpa udp
US 8.8.8.8:53 56.163.245.4.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
GB 95.101.143.185:443 www.bing.com tcp
GB 95.101.143.185:443 www.bing.com tcp
GB 95.101.143.185:443 www.bing.com tcp
GB 95.101.143.185:443 www.bing.com tcp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
GB 88.221.135.26:443 r.bing.com tcp
GB 88.221.135.26:443 r.bing.com tcp
GB 88.221.135.26:443 r.bing.com tcp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 10.27.171.150.in-addr.arpa udp
US 8.8.8.8:53 26.135.221.88.in-addr.arpa udp
GB 88.221.135.0:443 th.bing.com tcp
GB 88.221.135.0:443 th.bing.com tcp
US 8.8.8.8:53 0.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 login.microsoftonline.com udp
NL 40.126.32.134:443 login.microsoftonline.com tcp
NL 40.126.32.134:443 login.microsoftonline.com tcp
US 8.8.8.8:53 134.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 www.luscious.net udp
GB 84.17.50.8:443 www.luscious.net tcp
GB 84.17.50.8:443 www.luscious.net tcp
US 8.8.8.8:53 8.50.17.84.in-addr.arpa udp
US 8.8.8.8:53 cdna.luscious.net udp
US 8.8.8.8:53 members.luscious.net udp
US 8.8.8.8:53 w315.luscious.net udp
US 8.8.8.8:53 assets.luscious.net udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 storage.googleapis.com udp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
DE 142.250.186.123:443 storage.googleapis.com tcp
US 8.8.8.8:53 cdn.tsyndicate.com udp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
NL 45.133.44.70:443 cdn.tsyndicate.com tcp
NL 45.133.44.70:443 cdn.tsyndicate.com tcp
NL 45.133.44.70:443 cdn.tsyndicate.com tcp
NL 45.133.44.70:443 cdn.tsyndicate.com tcp
US 8.8.8.8:53 2.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 74.206.58.216.in-addr.arpa udp
US 8.8.8.8:53 123.186.250.142.in-addr.arpa udp
US 8.8.8.8:53 229.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 70.44.133.45.in-addr.arpa udp
US 8.8.8.8:53 226.21.18.104.in-addr.arpa udp
US 108.61.65.146:443 members.luscious.net tcp
GB 89.187.167.38:443 assets.luscious.net tcp
GB 89.187.167.42:443 assets.luscious.net tcp
GB 89.187.167.42:443 assets.luscious.net tcp
GB 89.187.167.42:443 assets.luscious.net tcp
GB 89.187.167.42:443 assets.luscious.net tcp
GB 89.187.167.38:443 assets.luscious.net tcp
GB 89.187.167.42:443 assets.luscious.net tcp
US 8.8.8.8:53 72.206.58.216.in-addr.arpa udp
GB 89.187.167.42:443 assets.luscious.net tcp
US 8.8.8.8:53 ah-img.luscious.net udp
NL 45.133.44.1:443 ah-img.luscious.net tcp
NL 45.133.44.1:443 ah-img.luscious.net tcp
NL 45.133.44.1:443 ah-img.luscious.net tcp
NL 45.133.44.1:443 ah-img.luscious.net tcp
NL 45.133.44.1:443 ah-img.luscious.net tcp
US 108.61.65.146:443 members.luscious.net tcp
US 108.61.65.146:443 members.luscious.net tcp
US 8.8.8.8:53 trulysuitedcharges.com udp
US 8.8.8.8:53 42.167.187.89.in-addr.arpa udp
US 8.8.8.8:53 195.185.250.142.in-addr.arpa udp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 38.167.187.89.in-addr.arpa udp
US 8.8.8.8:53 146.65.61.108.in-addr.arpa udp
US 8.8.8.8:53 1.44.133.45.in-addr.arpa udp
US 172.240.253.132:443 trulysuitedcharges.com tcp
US 8.8.8.8:53 live.trmzum.com udp
US 8.8.8.8:53 a.exosrv.com udp
NL 217.22.19.197:443 live.trmzum.com tcp
GB 84.17.50.9:443 a.exosrv.com tcp
US 8.8.8.8:53 132.253.240.172.in-addr.arpa udp
US 8.8.8.8:53 9.50.17.84.in-addr.arpa udp
US 8.8.8.8:53 197.19.22.217.in-addr.arpa udp
GB 89.187.167.38:443 a.exosrv.com tcp
US 8.8.8.8:53 apicdn.luscious.net udp
GB 89.187.167.41:443 apicdn.luscious.net tcp
US 8.8.8.8:53 c24ca9e0d8.d170971757.com udp
NL 45.133.44.52:443 c24ca9e0d8.d170971757.com tcp
US 8.8.8.8:53 41.167.187.89.in-addr.arpa udp
US 8.8.8.8:53 52.44.133.45.in-addr.arpa udp
NL 217.22.19.197:443 live.trmzum.com tcp
NL 217.22.19.197:443 live.trmzum.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 52.44.133.45.in-addr.arpa udp
US 8.8.8.8:53 a.realsrv.com udp
GB 84.17.50.8:443 a.realsrv.com tcp
US 8.8.8.8:53 bullionglidingscuttle.com udp
US 8.8.8.8:53 poweredby.jads.co udp
NL 94.242.247.20:443 bullionglidingscuttle.com tcp
NL 94.242.247.20:443 bullionglidingscuttle.com tcp
NL 185.94.236.246:443 poweredby.jads.co tcp
NL 185.94.236.246:443 poweredby.jads.co tcp
US 151.101.1.229:443 cdn.jsdelivr.net udp
US 8.8.8.8:53 cdn.amplifo.com udp
GB 89.187.167.39:443 cdn.amplifo.com tcp
US 8.8.8.8:53 246.236.94.185.in-addr.arpa udp
US 8.8.8.8:53 20.247.242.94.in-addr.arpa udp
US 8.8.8.8:53 39.167.187.89.in-addr.arpa udp
NL 185.94.236.246:443 poweredby.jads.co tcp
US 8.8.8.8:53 syndication.realsrv.com udp
NL 95.211.229.245:443 syndication.realsrv.com tcp
NL 95.211.229.245:443 syndication.realsrv.com tcp
US 8.8.8.8:53 edge12-fra.live.mmcdn.com udp
DE 131.153.88.142:443 edge12-fra.live.mmcdn.com tcp
NL 95.211.229.245:443 syndication.realsrv.com tcp
DE 131.153.88.142:443 edge12-fra.live.mmcdn.com tcp
US 8.8.8.8:53 245.229.211.95.in-addr.arpa udp
US 8.8.8.8:53 storage.multstorage.com udp
US 8.8.8.8:53 fp.metricswpsh.com udp
US 8.8.8.8:53 85aac18807.d95bda138b.com udp
US 172.67.174.51:443 storage.multstorage.com tcp
DE 157.90.84.242:443 fp.metricswpsh.com tcp
NL 45.133.44.53:443 85aac18807.d95bda138b.com tcp
DE 157.90.84.242:443 fp.metricswpsh.com tcp
NL 45.133.44.53:443 85aac18807.d95bda138b.com tcp
NL 185.94.236.246:443 poweredby.jads.co tcp
US 8.8.8.8:53 r.trackwilltrk.com udp
NL 45.131.147.145:443 r.trackwilltrk.com tcp
NL 185.94.236.246:443 poweredby.jads.co tcp
US 8.8.8.8:53 go.rmishe.com udp
US 104.18.40.50:443 go.rmishe.com tcp
US 8.8.8.8:53 51.174.67.172.in-addr.arpa udp
US 8.8.8.8:53 142.88.153.131.in-addr.arpa udp
US 8.8.8.8:53 145.147.131.45.in-addr.arpa udp
US 8.8.8.8:53 creative.rmishe.com udp
US 104.21.80.1:443 creative.rmishe.com tcp
DE 157.90.84.242:443 fp.metricswpsh.com tcp
US 8.8.8.8:53 assets.strpst.com udp
US 104.17.10.106:443 assets.strpst.com tcp
US 8.8.8.8:53 50.40.18.104.in-addr.arpa udp
US 8.8.8.8:53 242.84.90.157.in-addr.arpa udp
US 8.8.8.8:53 1.80.21.104.in-addr.arpa udp
US 8.8.8.8:53 53.44.133.45.in-addr.arpa udp
US 8.8.8.8:53 106.10.17.104.in-addr.arpa udp
US 8.8.8.8:53 29.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 js.capndr.com udp
NL 45.133.44.53:443 js.capndr.com tcp
NL 45.133.44.53:443 js.capndr.com tcp
NL 94.242.247.20:443 bullionglidingscuttle.com tcp
US 8.8.8.8:53 somono.site udp
US 8.8.8.8:53 coosync.com udp
US 8.8.8.8:53 cdn.bncloudfl.com udp
NL 212.117.190.217:443 coosync.com tcp
NL 85.17.65.238:443 somono.site tcp
US 104.21.35.62:443 cdn.bncloudfl.com tcp
US 8.8.8.8:53 217.190.117.212.in-addr.arpa udp
US 8.8.8.8:53 238.65.17.85.in-addr.arpa udp
US 8.8.8.8:53 62.35.21.104.in-addr.arpa udp
NL 45.133.44.52:443 js.capndr.com tcp
US 8.8.8.8:53 js.cabnnr.com udp
US 8.8.8.8:53 js.canstrm.com udp
NL 45.133.44.52:443 js.canstrm.com tcp
NL 45.133.44.52:443 js.canstrm.com tcp
NL 45.133.44.52:443 js.canstrm.com tcp
US 8.8.8.8:53 nereserv.com udp
DE 116.202.204.105:443 nereserv.com tcp
US 8.8.8.8:53 awpya.com udp
US 8.8.8.8:53 105.204.202.116.in-addr.arpa udp
NL 94.242.247.20:443 bullionglidingscuttle.com tcp
US 8.8.8.8:53 3pkf5m0gd.com udp
US 8.8.8.8:53 accounts.google.com udp
US 142.251.173.84:443 accounts.google.com tcp
NL 212.117.190.201:443 3pkf5m0gd.com tcp
NL 94.242.247.20:443 bullionglidingscuttle.com tcp
NL 212.117.190.201:443 3pkf5m0gd.com tcp
US 142.251.173.84:443 accounts.google.com tcp
NL 94.242.247.20:443 bullionglidingscuttle.com tcp
NL 94.242.247.20:443 bullionglidingscuttle.com tcp
US 8.8.8.8:53 vast.yomeno.xyz udp
US 8.8.8.8:53 84.173.251.142.in-addr.arpa udp
US 142.251.173.84:443 accounts.google.com udp
US 8.8.8.8:53 enrtx.com udp
DE 94.130.197.239:443 enrtx.com tcp
US 8.8.8.8:53 201.190.117.212.in-addr.arpa udp
US 8.8.8.8:53 239.197.130.94.in-addr.arpa udp
NL 62.122.173.28:443 vast.yomeno.xyz tcp
NL 62.122.173.28:443 vast.yomeno.xyz tcp
US 8.8.8.8:53 28.173.122.62.in-addr.arpa udp
US 8.8.8.8:53 www.luscious.net udp
US 8.8.8.8:53 pornlaundry.com udp
NL 109.206.176.116:443 pornlaundry.com tcp
DE 168.119.25.102:443 awpya.com tcp
DE 168.119.25.102:443 awpya.com tcp
US 8.8.8.8:53 twinrdsyte.com udp
US 104.18.33.45:443 twinrdsyte.com tcp
US 8.8.8.8:53 116.176.206.109.in-addr.arpa udp
US 8.8.8.8:53 static.bookmsg.com udp
US 8.8.8.8:53 gumais.click udp
DE 168.119.25.102:443 awpya.com tcp
NL 31.220.27.99:443 gumais.click tcp
NL 45.133.44.24:443 static.bookmsg.com tcp
NL 45.133.44.24:443 static.bookmsg.com tcp
US 8.8.8.8:53 i.wmgtr.com udp
NL 45.133.44.33:443 i.wmgtr.com tcp
US 8.8.8.8:53 tsyndicate.com udp
DE 136.243.46.156:443 tsyndicate.com tcp
US 8.8.8.8:53 clc.videokaynaklari.com udp
US 104.21.93.192:443 clc.videokaynaklari.com tcp
US 8.8.8.8:53 s.magsrv.com udp
US 8.8.8.8:53 45.33.18.104.in-addr.arpa udp
US 8.8.8.8:53 102.25.119.168.in-addr.arpa udp
US 8.8.8.8:53 24.44.133.45.in-addr.arpa udp
US 8.8.8.8:53 156.46.243.136.in-addr.arpa udp
US 8.8.8.8:53 192.93.21.104.in-addr.arpa udp
US 8.8.8.8:53 33.44.133.45.in-addr.arpa udp
NL 95.211.229.248:443 s.magsrv.com tcp
US 8.8.8.8:53 kts.bartcons.com udp
NL 109.206.176.75:443 kts.bartcons.com tcp
US 8.8.8.8:53 248.229.211.95.in-addr.arpa udp
US 8.8.8.8:53 75.176.206.109.in-addr.arpa udp
US 8.8.8.8:53 testfamilysafety.bing.com udp
US 204.79.197.201:443 testfamilysafety.bing.com tcp
US 8.8.8.8:53 ts3.mm.bing.net udp
US 8.8.8.8:53 201.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 r.bing.com udp
US 104.18.40.50:443 go.rmishe.com tcp
DE 142.250.186.123:443 storage.googleapis.com udp
US 8.8.8.8:53 90.65.42.20.in-addr.arpa udp
US 8.8.8.8:53 img.strpst.com udp
US 104.17.11.106:443 img.strpst.com tcp
US 104.17.11.106:443 img.strpst.com tcp
US 8.8.8.8:53 106.11.17.104.in-addr.arpa udp
US 8.8.8.8:53 edge-hls.doppiocdn.net udp
US 8.8.8.8:53 xhamsterlive.com udp
GB 18.164.68.24:443 edge-hls.doppiocdn.net tcp
US 104.17.112.106:443 xhamsterlive.com tcp
US 8.8.8.8:53 crt.rootg2.amazontrust.com udp
GB 3.166.49.106:80 crt.rootg2.amazontrust.com tcp
US 8.8.8.8:53 b-hls-27.doppiocdn.net udp
US 8.8.8.8:53 24.68.164.18.in-addr.arpa udp
US 8.8.8.8:53 106.112.17.104.in-addr.arpa udp
US 8.8.8.8:53 106.49.166.3.in-addr.arpa udp
US 8.8.8.8:53 107.39.156.108.in-addr.arpa udp
GB 18.165.227.86:443 b-hls-27.doppiocdn.net tcp
US 8.8.8.8:53 86.227.165.18.in-addr.arpa udp
GB 88.221.135.25:443 r.bing.com tcp
GB 88.221.135.42:443 r.bing.com tcp
US 8.8.8.8:53 th.bing.com udp
GB 88.221.135.26:443 th.bing.com tcp
GB 88.221.135.26:443 th.bing.com tcp
GB 88.221.135.26:443 th.bing.com tcp
GB 88.221.135.26:443 th.bing.com tcp
GB 88.221.135.26:443 th.bing.com tcp
GB 88.221.135.26:443 th.bing.com tcp
US 8.8.8.8:53 25.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 42.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 lotus.paheal.net udp
US 217.79.242.26:443 lotus.paheal.net tcp
US 217.79.242.26:443 lotus.paheal.net tcp
US 8.8.8.8:53 us.rule34.xxx udp
US 172.67.4.152:443 us.rule34.xxx tcp
US 172.67.4.152:443 us.rule34.xxx tcp
US 172.67.4.152:443 us.rule34.xxx tcp
US 172.67.4.152:443 us.rule34.xxx tcp
US 172.67.4.152:443 us.rule34.xxx tcp
US 8.8.8.8:53 152.4.67.172.in-addr.arpa udp
US 8.8.8.8:53 96.252.19.2.in-addr.arpa udp
US 8.8.8.8:53 aefd.nelreports.net udp
GB 2.18.190.212:443 aefd.nelreports.net tcp
GB 2.18.190.212:443 aefd.nelreports.net tcp
GB 2.18.190.212:443 aefd.nelreports.net tcp
GB 2.18.190.212:443 aefd.nelreports.net tcp
US 8.8.8.8:53 212.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 syndication.exosrv.com udp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
US 8.8.8.8:53 s3t3d2y8.afcdn.net udp
US 8.8.8.8:53 u3y8v8u4.aucdn.net udp
GB 89.187.167.41:443 u3y8v8u4.aucdn.net tcp
GB 84.17.50.9:443 u3y8v8u4.aucdn.net tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 tse1.explicit.bing.net udp
US 8.8.8.8:53 tse2.mm.bing.net udp
NL 95.211.229.248:443 syndication.exosrv.com tcp
US 8.8.8.8:53 rule34.xxx udp
US 8.8.8.8:53 wimg.rule34.xxx udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
GB 89.187.167.38:443 s3t3d2y8.afcdn.net tcp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
US 8.8.8.8:53 73.80.16.104.in-addr.arpa udp
GB 2.18.190.212:443 aefd.nelreports.net udp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
US 8.8.8.8:53 beliefnormandygarbage.com udp
US 172.240.108.68:443 beliefnormandygarbage.com tcp
US 8.8.8.8:53 68.108.240.172.in-addr.arpa udp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
US 8.8.8.8:53 a.magsrv.com udp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
US 8.8.8.8:53 aefd.nelreports.net udp
GB 2.18.190.203:443 aefd.nelreports.net udp
US 8.8.8.8:53 203.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 vast.yomeno.xyz udp
NL 95.211.229.248:443 syndication.exosrv.com tcp
US 8.8.8.8:53 mauc.yomeno.xyz udp
NL 91.216.220.30:443 vast.yomeno.xyz tcp
DE 23.88.86.80:443 mauc.yomeno.xyz tcp
DE 23.88.86.80:443 mauc.yomeno.xyz tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
US 8.8.8.8:53 30.220.216.91.in-addr.arpa udp
US 8.8.8.8:53 80.86.88.23.in-addr.arpa udp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
NL 95.211.229.248:443 syndication.exosrv.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 102f253d13f1fcbd58ff7ea07502d0f9
SHA1 17fa9662f4778117d415f7821ad2f9eb549832c1
SHA256 6d75e75b1174af3c7b730d9d4a397e5c1b53c6935f7c4ea675da4e42a9f6559d
SHA512 5401a9bd5aab0b6add34e79e644916c3869198b3310c47aa8a845ab2d4d566d973c2a56e888c675c96bd04d2e1cbc756189f9122d6ce4b88cdbcbe1186ca7eb9

\??\pipe\LOCAL\crashpad_2060_LOUDUZYYNBIKLSOS

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 d071abd21ba95452bd70e7274b2139b6
SHA1 75ea5ccc5ad04b9634e377b286fc99c448f07891
SHA256 973e07a348e7b2dba242b74f59a5d3d690842f19be76dd15a5e693992f08f142
SHA512 af42a390439b837dfffa305f21fb573b6f2028bbf767d7dcf239900fbcbb8d4e7015d37a8c52bb513bad60f6f5039d4e699acf8b5135b24e8d0e26a1d96d9b5f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6dab5807aee3090c3ad138e9d833d3f7
SHA1 54a51b5070936ad021bf1bcdcd227aba8462c31e
SHA256 d4ba34ef0e1b6e7498ef5b53698991487b997ecf26eeede7bc66eebb2eb30734
SHA512 0eb5ab2a7db124f6943d98a26499bbf50850ed47b3e924ee209d98c3220012e13f6f3f752eb8a294a8ed86e36dd2e79ad0cf0ea94d8be481ba477a48037bdd3d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 eb783b00d1392eda40f1a9470c7e1bbc
SHA1 b02fc89cc11173d369c8f5cecd573eae945140eb
SHA256 5062716baa5f0714b3d5e8f548bd1db16ca9bfe90789b79992794ee8a9fcdc0f
SHA512 337fb63236f8c887ca563557f78635218ea05481ef72ff2ed02b06cdb743371f5d53d746d4f6b62e23413f825873d525a6b655620b39cdf3bbde863b31bef3f4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 54b29f9cdad5258f311160c2636876a8
SHA1 641df77f1d13e789fe972d6d6b67a7f81f089212
SHA256 a7c0e356dc7a4d5f96d2cad81f9b8ce67332f3ca3eefe04cf7af7073efd97099
SHA512 79004ceffb0b0e904fda0f36e44483ff0d353859e0f21cae6626140ca4ec4c5896eb1eae7eae6e96b6617eb1a0d436f67852060d74cc7f3a59194a0879f1fbf4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 807419ca9a4734feaf8d8563a003b048
SHA1 a723c7d60a65886ffa068711f1e900ccc85922a6
SHA256 aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631
SHA512 f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e2fd7bc42641322e3e5c51ea59f1d2bd
SHA1 bdf5768c385a406b3e2e88a27a91bc60de95d1b5
SHA256 84da9261fea5a756c40fccc6fc2682778e500bf752b449b2811c5437ad441b92
SHA512 e90b4b054b53e190caf7ab6a280d1b24d4fcd85dece1c19a38d20ecac56e52e57a0da5a10a05c8fac7425c12c6dc85f97b50f5449d915e5bc5d28f6ca0d479b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 49ed02ab2af66af71bd6bb6b6aa75815
SHA1 009156d704bd5f773b8c9af6be7a3ec85803e3b8
SHA256 522bf853e7a5b8471e0bc59ef4bc0f6c573b09541707c7f80ffa332356dec3c9
SHA512 31da55b94fbefb9112de3499df1eb1b552947677e93411c1a938917c680b81dfda5f1b39522e64880a44e68571d9cc87b0335432f1d2ab34c7f5ad0e9fed96ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58f306.TMP

MD5 b9cae9100881097145539c67cc53d818
SHA1 8a36e50798790420b33855248e9d79ecdc4222ee
SHA256 b76afffe1d7f7ff97ef3108f640b8f75879e445f1341c64924884ec4f01fc253
SHA512 70f56916c3a5d1184a1a82f0be1e162e33320f39c727f28d53f511dcb68ee7427688875f2292d7a546c15776948e6df78ecbda89418d293a700c0ba28b7e60fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8de2fa22685d483afe77e7d6c96c27e6
SHA1 2063cc1f4910d551340e1fa5b99be323e2f5ce89
SHA256 75092658746fbfc263f04eb7eeebc2e7fc216d61d803da67200b0ddaae43d424
SHA512 ba1c99720ef15189f9300a28ff556b7cafac69736e237f521d7c9cfd3aede4694636ea68d727f103a0be6e56a5f784603863b3b9e884e8a2536948010bb39839

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1a00747c43ff6529d6c52a7a75bd51af
SHA1 8f3171c4ce7f799392359020faa2e9c2b2a4ff28
SHA256 06e1401231a6414a9c2f4094a6b69a2bece08781b9dae9ffd6ad79c3c5bb8a47
SHA512 ab1530060369d220f038661e4e535f1e4200cd7bf330a3d05217edf9ee03b4917f2b586fdc9512815b240a476c80143787511427569498b5ffe2d09c9b5bbeff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6fd641579c0bf2927c1a526a9ed58038
SHA1 316ae6f52d4410b7dc98117077183788cfb81732
SHA256 352fbe29018cc2c5f5b29630ccabdb2d1bbe068d34ac55b165a1843c65c9c274
SHA512 139d14b148fd4d3a96ef672e536f193870bfcb58fafc42226c3d5165f2bca0c4883a0a3ea2988bca3f9c18d5cfd9ac658bd5812c3b404ca720c6da262530c260

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6c912b3420c0eb3f5702706e6fb5fdf1
SHA1 5c499a489d53d04cb26c01ff576ff8dc89221e48
SHA256 0678d4f8633aa46694e75d600239f0f73b2ddb8b9a32c19a59abc01d70e077f4
SHA512 2fc20a3def15052ddad7ef0f3b7a7c9dc30a2bd95f9eabecf4f661fecc9fdbb0ca953f618cc45b5886ccfbacf472d8557886e4562027a2993ea17ec9fe27321f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 b28e3cb19beb49a0083d14106417152d
SHA1 8455fc8a891278baa957d436758e1ca0e873c79e
SHA256 1af4768836b589a789675fef4f8d0a2e8d4d2d6a8e10eaf202695bd42c0c30b7
SHA512 875b43365460c898d9ac95cbb8adbbac8311463d95d0ba46d916aa20f4515a2dd6192a4b0ca07ce65926aeecdd14a4632a7f6f874fafeed76b43634b8ec1c8db

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\3308b30d-be9e-4f54-a28e-5c8070778722.tmp

MD5 6bb065b3f5dbcd769412fb1703d92277
SHA1 b70a9aa5a74c2f33770612c810377ddd061f1078
SHA256 f7bcd0c894d8be7b4060345c35a17f0727820ca47d0e58c80167aec95678199e
SHA512 1eda5a81d88f44f257b97f8c9833b412a1b57436a53e86d730e736cb7d854a6f8927be9113a342512c226bb9306af826d27aa3eea307eb44a5001d19329ed956

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 69df804d05f8b29a88278b7d582dd279
SHA1 d9560905612cf656d5dd0e741172fb4cd9c60688
SHA256 b885987a52236f56ce7a5ca18b18533e64f62ab64eb14050ede93c93b5bd5608
SHA512 0ef49eeeeb463da832f7d5b11f6418baa65963de62c00e71d847183e0035be03e63c097103d30329582fe806d246e3c0e3ecab8b2498799abbb21d8b7febdc0e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

MD5 d6b36c7d4b06f140f860ddc91a4c659c
SHA1 ccf16571637b8d3e4c9423688c5bd06167bfb9e9
SHA256 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92
SHA512 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 5ced9c2af61d44c34cac5e76e95bc513
SHA1 8b3f75574ea21ac4b901cd6cb1c58ee81accb864
SHA256 fffa13539520dbf84978c60609dcc4c6e62c7d67b21316582e9f3f39dff773b7
SHA512 858809ea302146e43ff0618ece34f51546d3ea4c0de21c637a38ba2d244c4a7b361d4f53ba19fc30efe57f80e1de5d255169e71d37d19e638e5043c63d632162

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 85c35348a37b46f1e7bb460595ba7966
SHA1 c8d86c260142c27c8a1fbf924f883119b140cee2
SHA256 cacfd38c078c65927724c61215c081fc0274071d2729b46755cd836add57dc9d
SHA512 ff1330c531f56a337764493b6562b80cf18fcb32298f5636383d749e5101be695b08d91fa3f4d6fc61dd34283f48ee81b43a5d816c3eaddded9f15264154c27d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 37750ccf625a6fac8e4e0bd105e459e3
SHA1 8cfd28bbc3a846c8c7beeb0dc84dccb345eeaf74
SHA256 ea34f3210c550ab17649a33d67d12173a56d2386f72df2a29e54b6586e55e1ef
SHA512 425d36f936a1b75ae4180cbec3e2142eab96e27189d9d86053bb1b535534399a48b74a53bbedba37fbe098dcd479da979c8bd36c59018c0846f7d282594f020a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 df1d27ed34798e62c1b48fb4d5aa4904
SHA1 2e1052b9d649a404cbf8152c47b85c6bc5edc0c9
SHA256 c344508bd16c376f827cf568ef936ad2517174d72bf7154f8b781a621250cc86
SHA512 411311be9bfdf7a890adc15fe89e6f363bc083a186bb9bcb02be13afb60df7ebb545d484c597b5eecdbfb2f86cd246c21678209aa61be3631f983c60e5d5ca94

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5a5c79.TMP

MD5 71d5e4c91cb0c17fa81fddd3541be953
SHA1 0c31830b7af04ceb638ee6c038a2507236f2aede
SHA256 3a16b023a35e85d07df60e633c0fed36109de03d45cad634adffe892b582a4e3
SHA512 a7910aa9297c4dd442a5f46a57a0b3c9af5b9a5d5c7b0abdab6e74f46afe7d9f29d1b2746bb858cfce1d4dcccaf9801b37834a1857a116aeb5d45cfc3298817c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 61df092d8d06ce30ef07416ed14acb09
SHA1 a8eb98e2eba77ede82c9fb14e94723540876f635
SHA256 e7c38b01ed9d6d2f643b545070d71d39e0d1fd23f34eb25223c5c056d19de993
SHA512 3df70587d4d77dbe927a77da99f17f0ebdf062eb6180ebeebb458ed8c6fa20087e3b78000bbbc3de7a777f55ac08334fe0b1b2a6488dbead36a56c1f162672cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 23846c5c602f481a340979cb6f674d72
SHA1 c0ed4d5cfa4df321f28d5d7b71e33ef3094a6940
SHA256 81c348c8291959db1e3bcce9478af9bedefd521d9ca2e14bbfefebef29c1a38b
SHA512 09779f4cc592b82b159299a698f900bb0ed2e54b175a084b7b04b9794bf4e0db42fff5e38e9f302d8414b0a71565c2a4306d04241c88321e4b15dc15b6572f09

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0d3d09dc24475a0770a753f11e931d33
SHA1 fa7b91483568316fc302a67cc2e1c31bd3a84429
SHA256 c85a6ce2c3f0df9e371603ccf04d3eb21a58a9e131c757ea7d08998d4959bf87
SHA512 eb25c1407e7971a3bf8a57b1f70e69121a2fa27ff1b6f0e0e32ce1acc541181ed31eec462fa0649f719bdfb102bed0243172f26021bf8bc3547bf1300a45803d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c9d9dd3e63970d0e163ad9a162282554
SHA1 9af812426d4e2e91979828726a048d44eef681f7
SHA256 a29c451ad6810b25715ed02c43ddee654a38a32e195646b360826f4f6bb43095
SHA512 62f56551c1bcd83c995c5ebe351c39a2702fbd27b38bced3c9552b244645153c3507b2c9bb03f2cd38b05debbf221bc4191202e700b5e1af2a33f15d4a23d418

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3fb0bd95703e5555292c1ef880f443260477f2c8\9db11dd4-eec0-4d40-b6d3-2b34924a29ee\index-dir\the-real-index~RFe5aae52.TMP

MD5 2d9934eef5e48c1f7061319e28dffac3
SHA1 177f19984ea89a19d6cff758c290a47878c8f428
SHA256 e6d52e2cafb80a456f6a57877793dc83c7a523adcbfeaaada928a11572da6bc0
SHA512 7472f46c023ab0de6d87e0abf2b2cc5b894cdb0aae4531368b975e26b800c027d0811e0d085aa54b70750ca540364decd0f2efcb99b809c2840c355359898dd1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3fb0bd95703e5555292c1ef880f443260477f2c8\9db11dd4-eec0-4d40-b6d3-2b34924a29ee\index-dir\the-real-index

MD5 68ba51721c500d545b4489cabd4cfaa9
SHA1 ec392e1f5e770eb9977123c8ba489b49c3f0a446
SHA256 b652c92f1356dec5e472ad934872b5654f121c9386da72ebe3d0b150836cde16
SHA512 eb6d7adab2c9e1663a039222a8fde94b3114534a9e2668712d79d1bd417c27ba991f67d78a0291e0d55554a1fda207e7e0071dfa91d0757c6437d28810de84ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3fb0bd95703e5555292c1ef880f443260477f2c8\index.txt

MD5 aad33f41c629a4cb3b33d0d6cbc39da9
SHA1 26740a9171c390fc436d50a528e491adee3677a8
SHA256 c5f9d1b10075059a44eda12bc9d8d4b98d88dea4ea1da5fbf7c167f9fbb880d9
SHA512 1521a301d83ea14424bccbbb4ae783ccf0da57c09cb75883be4fcfbceca9fa7a0a4190a9e7023f9cab192a543830e1365118946807e598d0f178e2c64bad29b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3fb0bd95703e5555292c1ef880f443260477f2c8\index.txt~RFe5aae91.TMP

MD5 1c78e8f7dbb73f433a81b43a268b4cbb
SHA1 67a6b0b10b87824f7b17a1fb62a5e789fa04e325
SHA256 8ef5e8f3982943a7fba8b919e620a76672f490e8afca85405b6dacf5d91eee2d
SHA512 208eaa4cb2995d130b5a1dc0c603a9f46f492f3ddb35c87dcbbadff04f50393dbee41bf0772e3c4a6730ec00d3256b3043bff53b138865b65fd60aed19eaf342

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 fba415fd6e8a71980db412f169ac7f8c
SHA1 b31b37fee17f3def6daa50f29c01e5c8072a447c
SHA256 fc8807e672c401be021876ea347d186367190cafab9882b2f3a2e2d3283ad2e6
SHA512 0534df3ea5cabea5a5d0f9112e05428fd8ace1db751b2fefd75f6772b9e90ed2396c50f3ca912286263c0c4fece85708858892acc2e3cf5216fdcefbb82b462f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c93bf2fe64a605e43ab376db372ebacc
SHA1 63ce7e54201af72184dd40d4d181aec124aad4dc
SHA256 98cb87fa371b03f580f018da30ad0b6f4b1a7442864cb798f266676f7feb7760
SHA512 adb09a1ccc415b5499acc39468e3bf981e557da4d6ff72d7a4e2a912a59da708083da105ecd9f4a6b11cbf7ed7c910104e02aacf600af94d1ac4e27c7f8f279d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4f3a7cd072406f1736a250dfba865e15
SHA1 4a6c9cdc3a9cac3c3f91629b66d4e26173d20b30
SHA256 0db62189daf4c502871cee4fba5c7614b04c0a2045b1ba93a1025346ec1c53a6
SHA512 0ae1cc07eeca64ea0cc417fb2cfd9b1d3acecca31dc6a36d05850f92037b17641d3ac01d79a20c0cd33c39fc91b726fb0b915f0d85f10de906de4c0d906211a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 703a2defb0440bf4cbd229d7de9ad3a4
SHA1 a894aee6b790e83f45f59a922667fc5cc79d69f7
SHA256 59230657d5c7d7fe82a42b67133506e5ee452824cb0708bf5795e5f863aa1d18
SHA512 772662e169785a1e30f39a802dbf4f0c9bdcbc9e66bb1b82d4805fdfa778be3d3ccc607c6f1995cd62650e0e0eb90d98b381ad2477222b42e7b8cf18ac4c4891

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3907f34eae855c7b69cfe00d37837ffe
SHA1 5bb450376d69804d37186c4e12f6d178ef4f20a1
SHA256 f1058d96ec4d473b0b22112c7be6fe496aa4fe619a5ca41a6c888f9c72f3c3b1
SHA512 5103735ab1a600179dbb46b942eb640c42fa07a874bd37183b79471ded7153ccb8f02724b8d46ebb1350ba30253ce18674cfc3898e19d951199d79b75d75a63b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\af98236c-1301-4e37-a1a2-f191e96387e5.tmp

MD5 c55f1b75f1fc7f6d3cfcea0b06c67dcd
SHA1 3e14c008789c438cee9f9c08fbe1046066d37dcf
SHA256 1e81b8ee47184bf15c7ae3a4fe4b7e25717c7d7979f7ce58a708af8aabb023b9
SHA512 f678dcb5408f0dec95dec192ab0e9cdc1c3020f0be546f21251b6d3909192c3e2bc8c83680f42f1feaeff8ff52236191bc981ec90d878b18abb2ab21b134df63

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000109

MD5 8c40bfcda2a0569e7e40a92c3991e44f
SHA1 801c3f30ad482408358396a5b7a7b533f78b8c2f
SHA256 fc091c23c229ff4761dcbcabc2e7ae6d10d1dc097c21a352fc8963c320b7df13
SHA512 1a56bc394e0d220c604eff0dec4fce226f84f8649fc7955298da23af477cf0aaad0c75e6bfc149ac9fb447af0a359c932e349cd360677533efc97bf7d86e4cb6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ff2b0010aa04252453f1203f8eb6dd67
SHA1 9632cccb7b50a399ec2c519006dd95534cdb52f1
SHA256 6ad885bcbe70e14a560a6871c464ceb2d476af5ea8ae2e5526508fcf327d9f32
SHA512 9bd79bdddd46e8a8c2413c58a12361acdd238522a02a73c0c15efdd26b15152ee5b91317cadee5e0209c808261796a34f87d3bb376c87dec34c745235ae71e56

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b018b91bc0d04060c97f3a4d5be5041a
SHA1 111c1b211acfcc00c537c5c9b93c0ddf0ea9987b
SHA256 8bdd5adb9d11ecfc1a13db0d12af9e21734fc0abb9ab84296d1615ce6190da6e
SHA512 d487d87d5294972eec42496c47a46afb1afe1e959c1cd331ed83ac0162ba8abc7a6803cf77db21c965522317cf8c793b11007deed57d1d840f52b44f6ad1818f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6bb7e689178a24b56a93e25d006195a8
SHA1 5eaee425b9e70a7a59dff3c5f682b04a76527933
SHA256 acac5a7b5773de2701ca2b2506af4944da9be1350d318319e8551e9ac3719ab7
SHA512 9ac3b7fcfdb07ed0c418604b7d89985bebae1fe67e889a992b62cb59f8730084165740f4579e0cc96658a74c6feab8e6b34e31a8bed4f0419d089c3932e5fb5e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9dbde3ea3ed23e5809dec93abce46368
SHA1 e6e2f40983526af3d56fd03ad8399f582502488a
SHA256 847a40bffdf5ff6ef928c999fc6af2cb05b68025bf92053050230d9af9adb372
SHA512 3eb605b9e4639d18de2f47a1f6dcbc25a409102a3f8f2489c591293b5efd008c6e75521c8f299ea52a8be97373ba524afb7392720c032b7ea94a6c649148de8c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 615d110beea3670711201b692ca1523d
SHA1 b91edb51ac1f0dead6aa815ea52d98c38c53116e
SHA256 c761ed37df974caadcc01438a87443d47d97bd6afab50f061f2a1121fdc28aad
SHA512 1f34e5d9dbeea71a8070010ba5cfecd8483b20fa722a25093691554ce0cb8c2535f7fe583771d18fb0d428e30bc096ef2adb663f34646d4af905ccc8ee02c164

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9519c663ebd20827c7dd614d712ea61a
SHA1 b45cae8fce0c9aef8a32d322be02ea43e6348867
SHA256 747f91cb2834c9b7cfc3333dcd14ccf05bef17cef6700d440030b67a655f113b
SHA512 4ffc0036b44710c70549c565a7235732e8b9a5266e3fb90f8ba25043b18845836843386b7a12b80e06d7ecbce99c9da22927a2149302ffc9c7385869cbb3fd6b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d9010d52ed1d18fc_0

MD5 ae18330c4df00005f7bec1c8f68ffd9f
SHA1 b029cc477f40f84bbdca946ebe3b4ca953f420f4
SHA256 1277451c28e64211b24edb083a180456ddd44318c0fd57dd2cbcd090e31a6600
SHA512 49e80103711f1457bc8bd537dda634b86e3f72eaa968646f9c3c5d1c4c80c8b9984d392033173b8f38df7f5114db4b9eedad73dba399edcca3d4b8ea7d1fa29d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8894ca068436fc49_0

MD5 d548d8f8b943b500fc12cd389c6c61be
SHA1 87cce7835d708dce74f81187fbcb220b3dd61c30
SHA256 cab891572ae5fcc6742659d06749702372705f861d70ef759b50cfe7f8387371
SHA512 bd93d02c1077a53d21dc61fbea853214161c58bb6d7afd48945f2e87adb9620b013689833a4c2b04a2de07a1fea94c93aa92cac54a471e520ad94ebe62d1fb24

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 71892c5ae419f62a7b80e91afcdb746f
SHA1 85923a0a7f02024fc11780c63c18f3ec652868b2
SHA256 706ceff62b5d2e4817c5bb5025c99313fad2e2229aba93c07065dcb4b2b01fc3
SHA512 a1e95adefaf61d59e4ab1ca4c1e0f264c0d5ff93eabbbe036fd8ad87eec18a515cdc7c5c0c14e0be040521b3ca86de87aa56cdecdd5d8310c42fcba082b324f4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 57c50cbd5cdce4521660a119d3d09cec
SHA1 0fb60c4616f5b7e86d23882b8062fe450d3c2eab
SHA256 c588b00e218fa9d210cb256f2f608e714b291a286744c61bdd542c209dc52492
SHA512 0b4aedd3cb98f1dd318b3826b370f135cc0e0694913a99fd49212ae0ef03d78bc7cf5a51eec0a8b10d114dbc66db349f7f5e0b6f754ef482aaf09c803f97b96d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f4800181eec44fe7a69a7e2860bbf91a
SHA1 3631ef5297d68846ce8c4bd8276bb587cb60d5b3
SHA256 e0c24c992100fc8376fb66bd59c0b1bed3e5eb2104c5dc920c61a9b76f8d430c
SHA512 f39d3854f602b71b57c5ee0e8ed1ac3e50df3580ae389065f596552214abeffb402067e194340ff88e1638de599008f5e0f970487d1ad545d82dd1e3d0b99393

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0

MD5 596afdd6baa1226a11780c200b9cb4d6
SHA1 60596c36c1a566f3be38932f5ba98273001cf0b2
SHA256 00671ac09cbed3cecd86444c72be961fd2e8e22bfacbeebe2ea452a02641188d
SHA512 571fbdef397f8ee3ccc867a9e758eaace3b1fcbfea99ad013da946f63558a25b1ea234d536fdeb14b9a8e2667ff2aa6264c67ac4a63cced2fae0172ddfcc7a78

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0

MD5 52214a725aff9ea20b3c2a507300b2d3
SHA1 0c006e709060fb66a3938d77b24d1b961b4245d5
SHA256 e657d6169f4a76d2cea2292a631092f3169c0c772ff722728245db8afc627bfd
SHA512 14f887a3544247725262166f93779342eb6c5550ae2833447b32ba9d7b0ee9e2d48357f41e1c339184bb8a3850518730547462aff81f3c7cec217eb19a35d26a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\013888a1cda32b90_0

MD5 af556697251cd2ab9bc54bdbe98cfc2e
SHA1 c02a0e988a0a2e94f481178b52775cf2fc5b4e5b
SHA256 143325ade2d677ad958768c4205881321a5b9c0384f7d809d86e59d03d157e54
SHA512 89f875f9f458441848b4c9721e2a06b577b527a4d801bd5bcdda047774e56c186748e83db97caf6db98e54d27af8d4dfa9cd23e96470c0b0c59a57bb432c96f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\b6c28cea6ed9dfc1_0

MD5 b264887fd799580e172ab3b8510ad86a
SHA1 900583748d22e72477603d639759edf494915ddb
SHA256 8033664ac0d82a18f62fc2fa7e9760958fb4c493205c025aa325126a56299f39
SHA512 a50b4ddff5b4962dccbdde7e9dc34acf77c39f679915d956c91caa08fb4ba7ed66aa1bd92ec4ab8b5558e78024c8beb8532ad8b4959f4893c62ead54e5d590a0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\67a473248953641b_0

MD5 e96fc754673840e1c20e18fa86374e34
SHA1 f44500769cc7ae1cddba744a03d85ef4af56a94f
SHA256 e1c63646013397451ccbab40f3a04a27d3ee1a56e55c9a54c19725037906c44e
SHA512 462945cb46eee63f0eec052cb6eeb755f2191ad1c14f99700cbe21f55f1c2208a1c0fbee439528709c5f26e0c2591ef6585be591b9fb1bb179183209ad2dbda0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_0

MD5 be81d2c21c5ceaa8fd86a9f685a40036
SHA1 4e9fc56baa2d5015ccd7f0f5ecc0eafc154d59cf
SHA256 42773120c8519bb8e9b842b9b6c980b9dc4912291142221cb869ef2946a39894
SHA512 450971597c516efbb9b7e6c7cab3c5626c82e76e933a5e56fcecdc6eae0d597c3f92d703c553a7e0634015528bbb1661d447a124396f5874dc32c8c37f0d41c0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

MD5 a795e9ee55a15c66985ac79cb101b9cd
SHA1 2ffa915fb3c236912152d55653ec48f2317524d6
SHA256 d093ac2e98208171b667cf8d7b142068580794be1ef73660b157ad68cf03aeeb
SHA512 446a68110fd207bb579a167949acc716478b96f58cb029bded5148d19cf06a86fe513662b679bd7604587dda13df63d276b7c126d943090873f72639553d3830

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

MD5 97924b123fb39b1806c1d660b35e20be
SHA1 6810b71598ab50e804d3912f8c3ae639c67d196f
SHA256 e5efd347378472c48af3906cd32353fddb5bc21230eb099d740d98da4c356d3d
SHA512 0d9da864acb0676469832eb812e95a3dc545a260437206b4646686d3449e98c5df0174cc7a1ce05ae138123692e0f2f39c63c597bb2706bbc76757d0b311d7b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 274ad683bda174ff1e57a411c8bb9359
SHA1 40a3ce6b4c237b309bb63b7530a22f3e8980882b
SHA256 e4b585b9608220e0619f01499d1a52e03dc57152e54722b8f061fe03803f8272
SHA512 1223dcfb34b65300cb8be91e6dfa262c57e12d584784c29762c6df15952041ed28a4782d27072aba4d72e05b7a0e1a07fb30b7f2e29bd89a1b7c957d1dff9142

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8d381340c87cc5e93a1792103370d264
SHA1 0f0129bbf1dcb4177aa975d6aad2f89f3b13261b
SHA256 0fefb640c55dd4b4be1949565ab60bb8e4cdf60365bf855fa56cb6d6ad37ef86
SHA512 3f6a6dce9b34cddff4b965d5e83bf56bf1ec6dc55e306abce19b7ccdb8897079c6e1252e8302415b5c3b29bb0b39e0b8a25e51676b6a331c3b367cc9d57d3dd9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 48150e283a2f0cf3e7619485f0fb840e
SHA1 966617bf38131dd0d38025e941fed266c1d4afaf
SHA256 588aebf943b3cd01ebc16f84d31d1a80efeac49ff9d737c5dcf542bf4fb720cd
SHA512 92a7ab428f59c1ae42c081705ea867764e111910e34d2500b81386174ef9e14579f0c6de16600faff45cd54b9d75bd0e0181788f723cd0f773e8448186fe7f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 a3c4ecac126fbdfb43ee5ea14bb97363
SHA1 0133cd1cba22f74270192d0e16b4c02fe9195f9e
SHA256 19ab923e701e8299c6d110fdf73214ff645d96c41125fc380882a49dbf4b885e
SHA512 fba54a2aaeab8cc7301f153417151ccd12194f0b9c62ca7ce2f446959f262777e35a0a7f53e1442e9325092c013fb4a97e8be3b73cd062f9ddbf37b78fbbc032

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1

MD5 220d02721a3e8346b87596b2c206eb8d
SHA1 c08508908b295bfa15e7e51cc2006003b3700fb3
SHA256 9c952feb53c7b5bd8a0eae49c21f793713ffebe5894a9756d572f6c20e4a4bdc
SHA512 61ddc00dcd82853ec959b18287255f2d6f466cfaea6210e677b354512fea397a49229b0b85a852bc99d4524a204ac436bcaaedf21f40769f5e418ae57caa3f3b