Overview

overview

8

Static

static

1

ubuntu2404...uk.ps1

windows11-21h2-x64

8

Resubmissions

06/03/2025, 19:57

250306-ypg6fawvfw 3

06/03/2025, 19:51

250306-yk52pswvaw 3

06/03/2025, 00:33

250306-awjqvatsgy 3

06/03/2025, 00:28

250306-asg3vatpy3 4

06/03/2025, 00:20

250306-amt58atnw5 4

13/02/2025, 18:46

250213-xerfpa1qhl 8

13/02/2025, 17:15

250213-vs3d1azqgq 8

03/02/2025, 06:19

250203-g3pc8svlfl 3

20/12/2024, 21:06

241220-zxvl6stpcv 3

15/12/2024, 03:29

241215-d2ekvssngx 4

Analysis

  • max time kernel
    888s
  • max time network
    899s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250210-en
  • resource tags

    arch:x64arch:x86image:win11-20250210-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    13/02/2025, 17:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ubuntu2404-amd64-20240523-uk.ps1

  • Size

    1B

  • MD5

    f1290186a5d0b1ceab27f4e77c0c5d68

  • SHA1

    aff024fe4ab0fece4091de044c58c9ae4233383a

  • SHA256

    50e721e49c013f00c62cf59f2163542a9d8df02464efeb615d31051b0fddc326

  • SHA512

    aa66509891ad28030349ba9581e8c92528faab6a34349061a44b6f8fcd8d6877a67b05508983f12f8610302d1783401a07ec41c7e9ebd656de34ec60d84d9511

Score
8/10
adwaredefense_evasiondiscoveryexecutionpersistenceprivilege_escalationspywarestealertrojan

Malware Config

Signatures

  • Boot or Logon Autostart Execution: Active Setup 2 TTPs 7 IoCs

    Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    persistence
  • Downloads MZ/PE file 4 IoCs
  • Event Triggered Execution: Component Object Model Hijacking 1 TTPs

    Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    persistenceprivilege_escalation
  • Executes dropped EXE 64 IoCs
  • Loads dropped DLL 64 IoCs
  • Reads user/profile data of web browsers 3 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Checks whether UAC is enabled 1 TTPs 5 IoCs
    defense_evasiontrojan
  • Drops desktop.ini file(s) 1 IoCs
  • Enumerates connected drives 3 TTPs 2 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Installs/modifies Browser Helper Object 2 TTPs 8 IoCs

    BHOs are DLL modules which act as plugins for Internet Explorer.

    stealeradware
  • Network Service Discovery 1 TTPs 1 IoCs

    Attempt to gather information on host's network.

    discovery
  • Network Share Discovery 1 TTPs

    Attempt to gather information on host network.

    discovery
  • Checks system information in the registry 2 TTPs 4 IoCs

    System information is often read in order to detect sandboxing environments.

  • Drops file in System32 directory 1 IoCs
  • Suspicious use of NtCreateThreadExHideFromDebugger 3 IoCs
  • Suspicious use of NtSetInformationThreadHideFromDebugger 63 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 64 IoCs
  • Subvert Trust Controls: Mark-of-the-Web Bypass 1 TTPs 1 IoCs

    When files are downloaded from the Internet, they are tagged with a hidden NTFS Alternate Data Stream (ADS) named Zone.Identifier with a specific value known as the MOTW.

    defense_evasion
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Command and Scripting Interpreter: PowerShell 1 TTPs 1 IoCs

    Using powershell.exe command.

    execution
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 5 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 2 IoCs

    Adversaries may check for Internet connectivity on compromised systems.

    discovery
  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 22 IoCs
  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Modifies data under HKEY_USERS 16 IoCs
  • Modifies registry class 64 IoCs
  • NTFS ADS 2 IoCs
  • Suspicious behavior: AddClipboardFormatListener 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 32 IoCs
  • Suspicious use of AdjustPrivilegeToken 9 IoCs
  • Suspicious use of FindShellTrayWindow 61 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of UnmapMainImage 3 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • System policy modification 1 TTPs 6 IoCs
    defense_evasion
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

    persistence

Processes

  • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    powershell.exe -ExecutionPolicy bypass -File C:\Users\Admin\AppData\Local\Temp\ubuntu2404-amd64-20240523-uk.ps1
    1⤵
    • Command and Scripting Interpreter: PowerShell
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:420
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
    1⤵
    • Enumerates system info in registry
    • NTFS ADS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4600
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffec2473cb8,0x7ffec2473cc8,0x7ffec2473cd8
      2⤵
        PID:1156
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1856 /prefetch:2
        2⤵
          PID:856
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 /prefetch:3
          2⤵
          • Downloads MZ/PE file
          • Suspicious behavior: EnumeratesProcesses
          PID:2060
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2576 /prefetch:8
          2⤵
            PID:968
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
            2⤵
              PID:4692
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1
              2⤵
                PID:2144
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1
                2⤵
                  PID:1544
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1
                  2⤵
                    PID:788
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3544 /prefetch:8
                    2⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:1836
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
                    2⤵
                      PID:4332
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:1
                      2⤵
                        PID:420
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1
                        2⤵
                          PID:416
                        • C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6024 /prefetch:8
                          2⤵
                            PID:1980
                          • C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6024 /prefetch:8
                            2⤵
                            • Suspicious behavior: EnumeratesProcesses
                            PID:2692
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5232 /prefetch:1
                            2⤵
                              PID:1932
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
                              2⤵
                                PID:4160
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2528 /prefetch:1
                                2⤵
                                  PID:2988
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
                                  2⤵
                                    PID:864
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1
                                    2⤵
                                      PID:392
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6288 /prefetch:1
                                      2⤵
                                        PID:692
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1272 /prefetch:1
                                        2⤵
                                          PID:1080
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6948 /prefetch:8
                                          2⤵
                                            PID:660
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6720 /prefetch:1
                                            2⤵
                                              PID:4264
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1
                                              2⤵
                                                PID:3752
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6820 /prefetch:1
                                                2⤵
                                                  PID:5068
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3588 /prefetch:1
                                                  2⤵
                                                    PID:1548
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=992 /prefetch:2
                                                    2⤵
                                                    • Suspicious behavior: EnumeratesProcesses
                                                    PID:4356
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3104 /prefetch:1
                                                    2⤵
                                                      PID:1440
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6584 /prefetch:8
                                                      2⤵
                                                        PID:1140
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1848,7647658013929372104,10578839693964697659,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4264 /prefetch:8
                                                        2⤵
                                                        • Subvert Trust Controls: Mark-of-the-Web Bypass
                                                        • NTFS ADS
                                                        • Suspicious behavior: EnumeratesProcesses
                                                        PID:3272
                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                      1⤵
                                                        PID:2348
                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                        1⤵
                                                          PID:4980
                                                        • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                          "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuNDMiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuNDMiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QjM1OUM2QkQtQzQ1NC00QTA0LUFFNUQtMEY4QkQ0NkMzQzg4fSIgdXNlcmlkPSJ7QkYxNzUwRkYtRjAyNi00MzhELThBMUEtMDQzQjMyNkZBOURDfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7MTkyMDg2NDQtMUI2NC00MjFFLUE2Q0MtMUU0MThENTJGN0ZCfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjIiIHBoeXNtZW1vcnk9IjQiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RSt4YkF6Nlk2c1UxMjg5YlM2cWw0VlJMYmtqZkJVR1RNSnNqckhyNDRpST0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTIzLjAuNjMxMi4xMjMiIG5leHR2ZXJzaW9uPSIiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjMiIGluc3RhbGxkYXRldGltZT0iMTczOTE4NDAzMyIgb29iZV9pbnN0YWxsX3RpbWU9IjEzMzgzNjU1NjU2MjA2MDAwMCI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjIxNzk4NjIiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUyNDM2MjkyNzEiLz48L2FwcD48L3JlcXVlc3Q-
                                                          1⤵
                                                          • System Location Discovery: System Language Discovery
                                                          • System Network Configuration Discovery: Internet Connection Discovery
                                                          PID:3912
                                                        • C:\Windows\system32\AUDIODG.EXE
                                                          C:\Windows\system32\AUDIODG.EXE 0x00000000000004D4 0x00000000000004D0
                                                          1⤵
                                                          • Suspicious use of AdjustPrivilegeToken
                                                          PID:4416
                                                        • C:\Windows\system32\svchost.exe
                                                          C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
                                                          1⤵
                                                            PID:2448
                                                          • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C7034993-3747-4A4A-8097-6907BC723A83}\MicrosoftEdge_X64_133.0.3065.59.exe
                                                            "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C7034993-3747-4A4A-8097-6907BC723A83}\MicrosoftEdge_X64_133.0.3065.59.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
                                                            1⤵
                                                              PID:3692
                                                              • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C7034993-3747-4A4A-8097-6907BC723A83}\EDGEMITMP_232DE.tmp\setup.exe
                                                                "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C7034993-3747-4A4A-8097-6907BC723A83}\EDGEMITMP_232DE.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C7034993-3747-4A4A-8097-6907BC723A83}\MicrosoftEdge_X64_133.0.3065.59.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
                                                                2⤵
                                                                • Boot or Logon Autostart Execution: Active Setup
                                                                • Executes dropped EXE
                                                                • Installs/modifies Browser Helper Object
                                                                • Drops file in Program Files directory
                                                                • Drops file in Windows directory
                                                                • Modifies Internet Explorer settings
                                                                • Modifies registry class
                                                                • Suspicious use of AdjustPrivilegeToken
                                                                • System policy modification
                                                                PID:1988
                                                                • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C7034993-3747-4A4A-8097-6907BC723A83}\EDGEMITMP_232DE.tmp\setup.exe
                                                                  "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C7034993-3747-4A4A-8097-6907BC723A83}\EDGEMITMP_232DE.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C7034993-3747-4A4A-8097-6907BC723A83}\EDGEMITMP_232DE.tmp\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.59 --initial-client-data=0x23c,0x240,0x244,0x218,0x248,0x7ff662026a68,0x7ff662026a74,0x7ff662026a80
                                                                  3⤵
                                                                  • Executes dropped EXE
                                                                  PID:4500
                                                                • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C7034993-3747-4A4A-8097-6907BC723A83}\EDGEMITMP_232DE.tmp\setup.exe
                                                                  "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C7034993-3747-4A4A-8097-6907BC723A83}\EDGEMITMP_232DE.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1
                                                                  3⤵
                                                                  • Executes dropped EXE
                                                                  • Drops file in System32 directory
                                                                  • Modifies data under HKEY_USERS
                                                                  PID:1432
                                                                  • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C7034993-3747-4A4A-8097-6907BC723A83}\EDGEMITMP_232DE.tmp\setup.exe
                                                                    "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C7034993-3747-4A4A-8097-6907BC723A83}\EDGEMITMP_232DE.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C7034993-3747-4A4A-8097-6907BC723A83}\EDGEMITMP_232DE.tmp\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.59 --initial-client-data=0x23c,0x240,0x244,0x218,0x248,0x7ff662026a68,0x7ff662026a74,0x7ff662026a80
                                                                    4⤵
                                                                    • Executes dropped EXE
                                                                    • Drops file in Windows directory
                                                                    PID:1436
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe" --msedge --channel=stable --remove-deprecated-packages --verbose-logging --system-level
                                                                  3⤵
                                                                  • Executes dropped EXE
                                                                  • Drops file in Windows directory
                                                                  PID:1092
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.59 --initial-client-data=0x23c,0x240,0x244,0x218,0x248,0x7ff6bf1a6a68,0x7ff6bf1a6a74,0x7ff6bf1a6a80
                                                                    4⤵
                                                                    • Executes dropped EXE
                                                                    PID:1580
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe" --msedge --channel=stable --update-game-assist-package --verbose-logging --system-level
                                                                  3⤵
                                                                  • Executes dropped EXE
                                                                  • Drops file in Windows directory
                                                                  PID:1440
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.59 --initial-client-data=0x23c,0x240,0x244,0x218,0x248,0x7ff6bf1a6a68,0x7ff6bf1a6a74,0x7ff6bf1a6a80
                                                                    4⤵
                                                                    • Executes dropped EXE
                                                                    • Drops file in Windows directory
                                                                    PID:1648
                                                            • C:\Windows\System32\rundll32.exe
                                                              C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                              1⤵
                                                                PID:3652
                                                              • C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
                                                                "C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"
                                                                1⤵
                                                                • Executes dropped EXE
                                                                • Checks whether UAC is enabled
                                                                • Drops file in Program Files directory
                                                                • System Location Discovery: System Language Discovery
                                                                • Enumerates system info in registry
                                                                • Modifies Internet Explorer settings
                                                                • Modifies registry class
                                                                PID:4856
                                                                • C:\Program Files (x86)\Roblox\Versions\version-2d6639b3364b47cd\RobloxPlayerBeta.exe
                                                                  "C:\Program Files (x86)\Roblox\Versions\version-2d6639b3364b47cd\RobloxPlayerBeta.exe" -app -clientLaunchTimeEpochMs 0 -isInstallerLaunch 4856
                                                                  2⤵
                                                                  • Executes dropped EXE
                                                                  • Loads dropped DLL
                                                                  • Suspicious use of NtCreateThreadExHideFromDebugger
                                                                  • Suspicious use of NtSetInformationThreadHideFromDebugger
                                                                  • Suspicious behavior: EnumeratesProcesses
                                                                  • Suspicious use of UnmapMainImage
                                                                  PID:1844
                                                              • C:\Program Files (x86)\Roblox\Versions\version-2d6639b3364b47cd\RobloxPlayerBeta.exe
                                                                "C:\Program Files (x86)\Roblox\Versions\version-2d6639b3364b47cd\RobloxPlayerBeta.exe"
                                                                1⤵
                                                                • Executes dropped EXE
                                                                • Loads dropped DLL
                                                                • Suspicious use of NtCreateThreadExHideFromDebugger
                                                                • Suspicious use of NtSetInformationThreadHideFromDebugger
                                                                • Suspicious behavior: EnumeratesProcesses
                                                                • Suspicious use of UnmapMainImage
                                                                PID:3280
                                                              • C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe
                                                                "C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe"
                                                                1⤵
                                                                • Executes dropped EXE
                                                                • System Location Discovery: System Language Discovery
                                                                • Enumerates system info in registry
                                                                PID:1452
                                                                • C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_20329\RobloxStudioInstaller.exe
                                                                  C:\Users\Admin\AppData\Local\Temp\Roblox\RobloxStudioInstaller_20329\RobloxStudioInstaller.exe
                                                                  2⤵
                                                                  • Executes dropped EXE
                                                                  • Checks whether UAC is enabled
                                                                  • Drops file in Program Files directory
                                                                  • System Location Discovery: System Language Discovery
                                                                  • Enumerates system info in registry
                                                                  • Modifies Internet Explorer settings
                                                                  • Modifies registry class
                                                                  • Suspicious behavior: EnumeratesProcesses
                                                                  PID:4552
                                                                  • C:\Program Files (x86)\Roblox\Versions\version-6b610f1860d74e5d\RobloxStudioBeta.exe
                                                                    "C:\Program Files (x86)\Roblox\Versions\version-6b610f1860d74e5d\RobloxStudioBeta.exe" -startEvent www.roblox.com/robloxQTStudioStartedEvent -firstLaunch
                                                                    3⤵
                                                                    • Executes dropped EXE
                                                                    • Loads dropped DLL
                                                                    • Checks whether UAC is enabled
                                                                    • Enumerates connected drives
                                                                    • Enumerates system info in registry
                                                                    • Suspicious behavior: AddClipboardFormatListener
                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                    • Suspicious behavior: GetForegroundWindowSpam
                                                                    • Suspicious use of SetWindowsHookEx
                                                                    PID:2732
                                                                    • C:\Program Files (x86)\Roblox\Versions\version-6b610f1860d74e5d\RobloxCrashHandler.exe
                                                                      "C:\Program Files (x86)\Roblox\Versions\version-6b610f1860d74e5d\RobloxCrashHandler.exe" --no-rate-limit --crashCounter Win-ROBLOXStudio-Crash --baseUrl https://www.roblox.com --attachment=attachment_0.660.0.6600648_20250213T172321Z_Studio_77D0E_last.log=C:\Users\Admin\AppData\Local\Roblox\logs\0.660.0.6600648_20250213T172321Z_Studio_77D0E_last.log --attachment=attachment_log_0.660.0.6600648_20250213T172321Z_Studio_77D0E_csg3.log=C:\Users\Admin\AppData\Local\Roblox\logs\log_0.660.0.6600648_20250213T172321Z_Studio_77D0E_csg3.log --attachment=attachment_log_0.660.0.6600648_20250213T172321Z_Studio_77D0E_dcd.log=C:\Users\Admin\AppData\Local\Roblox\logs\log_0.660.0.6600648_20250213T172321Z_Studio_77D0E_dcd.log --database=C:\Users\Admin\AppData\Local\Roblox\logs\crashes --metrics-dir=C:\Users\Admin\AppData\Local\Roblox\logs\crashes --url=https://uploads.backtrace.rbx.com/post --annotation=AppVersion=0.660.0.6600648 --annotation=Format=minidump --annotation=HardwareModel= --annotation=HasBootstrapper=true --annotation=InstallFolder=ProgramFilesX86 --annotation=OSPlatform=Windows --annotation=RobloxChannel=production --annotation=RobloxGitHash=fe56108a358d8715d1ade670935502cf6eea502c --annotation=RobloxProduct=RobloxStudio --annotation=StudioVersion=0.660.0.6600648 --annotation=UniqueId=8837224425854954614 --annotation=UseCrashpad=True --annotation=app_arch=x86_64 --annotation=application.version=0.660.0.6600648 --annotation=host_arch=x86_64 --initial-client-data=0x424,0x428,0x42c,0x3fc,0x430,0x7ff74e4e8f10,0x7ff74e4e8f28,0x7ff74e4e8f40
                                                                      4⤵
                                                                      • Executes dropped EXE
                                                                      • Loads dropped DLL
                                                                      PID:4688
                                                                    • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
                                                                      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 660, 0, 6600648" --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --mojo-named-platform-channel-pipe=2732.3692.3950949046308341045
                                                                      4⤵
                                                                      • Drops file in Windows directory
                                                                      • Enumerates system info in registry
                                                                      • Modifies data under HKEY_USERS
                                                                      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                      PID:3864
                                                                      • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
                                                                        "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=132.0.6834.160 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=132.0.2957.140 --initial-client-data=0x180,0x184,0x188,0x15c,0x138,0x7ffeae8bb078,0x7ffeae8bb084,0x7ffeae8bb090
                                                                        5⤵
                                                                          PID:2344
                                                                        • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
                                                                          "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --type=gpu-process --string-annotations --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 660, 0, 6600648" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=1680,i,16060206741451409894,13464656648064299433,262144 --variations-seed-version --mojo-platform-channel-handle=1676 /prefetch:2
                                                                          5⤵
                                                                            PID:1968
                                                                          • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
                                                                            "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 660, 0, 6600648" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --always-read-main-dll --field-trial-handle=1868,i,16060206741451409894,13464656648064299433,262144 --variations-seed-version --mojo-platform-channel-handle=2024 /prefetch:11
                                                                            5⤵
                                                                              PID:2424
                                                                            • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
                                                                              "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 660, 0, 6600648" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --always-read-main-dll --field-trial-handle=1992,i,16060206741451409894,13464656648064299433,262144 --variations-seed-version --mojo-platform-channel-handle=2260 /prefetch:13
                                                                              5⤵
                                                                                PID:1712
                                                                              • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
                                                                                "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --type=renderer --string-annotations --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 660, 0, 6600648" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --always-read-main-dll --field-trial-handle=3680,i,16060206741451409894,13464656648064299433,262144 --variations-seed-version --mojo-platform-channel-handle=3692 /prefetch:1
                                                                                5⤵
                                                                                  PID:3584
                                                                                • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
                                                                                  "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --type=renderer --string-annotations --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 660, 0, 6600648" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --always-read-main-dll --field-trial-handle=4044,i,16060206741451409894,13464656648064299433,262144 --variations-seed-version --mojo-platform-channel-handle=4064 /prefetch:1
                                                                                  5⤵
                                                                                    PID:5084
                                                                                  • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
                                                                                    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --type=renderer --string-annotations --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 660, 0, 6600648" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --always-read-main-dll --field-trial-handle=4572,i,16060206741451409894,13464656648064299433,262144 --variations-seed-version --mojo-platform-channel-handle=4732 /prefetch:1
                                                                                    5⤵
                                                                                      PID:1168
                                                                                    • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
                                                                                      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 660, 0, 6600648" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --always-read-main-dll --field-trial-handle=2064,i,16060206741451409894,13464656648064299433,262144 --variations-seed-version --mojo-platform-channel-handle=4920 /prefetch:14
                                                                                      5⤵
                                                                                      • Executes dropped EXE
                                                                                      PID:5348
                                                                                    • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
                                                                                      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 660, 0, 6600648" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --always-read-main-dll --field-trial-handle=4924,i,16060206741451409894,13464656648064299433,262144 --variations-seed-version --mojo-platform-channel-handle=4976 /prefetch:14
                                                                                      5⤵
                                                                                        PID:5288
                                                                                      • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
                                                                                        "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 660, 0, 6600648" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --always-read-main-dll --field-trial-handle=800,i,16060206741451409894,13464656648064299433,262144 --variations-seed-version --mojo-platform-channel-handle=4932 /prefetch:14
                                                                                        5⤵
                                                                                          PID:692
                                                                                        • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
                                                                                          "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 660, 0, 6600648" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --always-read-main-dll --field-trial-handle=4672,i,16060206741451409894,13464656648064299433,262144 --variations-seed-version --mojo-platform-channel-handle=5036 /prefetch:14
                                                                                          5⤵
                                                                                            PID:7108
                                                                                          • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
                                                                                            "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --string-annotations --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 660, 0, 6600648" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=4916,i,16060206741451409894,13464656648064299433,262144 --variations-seed-version --mojo-platform-channel-handle=4952 /prefetch:10
                                                                                            5⤵
                                                                                            • Suspicious behavior: EnumeratesProcesses
                                                                                            PID:6668
                                                                                          • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
                                                                                            "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 660, 0, 6600648" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --always-read-main-dll --field-trial-handle=4956,i,16060206741451409894,13464656648064299433,262144 --variations-seed-version --mojo-platform-channel-handle=5040 /prefetch:14
                                                                                            5⤵
                                                                                              PID:1544
                                                                                            • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe
                                                                                              "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe" --type=renderer --string-annotations --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 660, 0, 6600648" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --always-read-main-dll --field-trial-handle=4244,i,16060206741451409894,13464656648064299433,262144 --variations-seed-version --mojo-platform-channel-handle=4944 /prefetch:1
                                                                                              5⤵
                                                                                                PID:1688
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.roblox.com/account/signupredir?ReturnUrl=https%3A%2F%2Fapis.roblox.com%2Foauth%2Fv1%2Fauthorize%3Fclient_id%3D7968549422692352298%26response_type%3Dcode%26redirect_uri%3Droblox-studio-auth%253a%252f%26scope%3Dopenid%2Bcredentials%2Bprofile%2Bage%2Broles%2Bpremium%26state%3DeyJyYW5kb21fc3RyaW5nIjoiVW9NR0g3QVI5aUtHM2ZrZlJNYzl3aDczdEhiTWpWTlhuTDhQZFNaSmd5VSIsInBpZCI6IjI3MzIifQ%253d%253d%26nonce%3Did-roblox%26code_challenge%3DFIvxg6BiJM8qgm8_2VQFF4VFGE_KoZeDQz8kpJipWQI%26code_challenge_method%3DS256%26rlt%3DTiDaqEbuLAUGVnOUUc1PeI2PqnyfpQ9uSS64s67uPEIqL4DBhYs-4YG9m8-ZIHmgFi_r4yX84QmXvJMdt81mL8T128CEC4gKB_nr01iJjye-cyC-8q85sDL5FY8_YDE46rU0IkkuLnH2nDQHcZfMIQ
                                                                                              4⤵
                                                                                                PID:5084
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffec2473cb8,0x7ffec2473cc8,0x7ffec2473cd8
                                                                                                  5⤵
                                                                                                    PID:2692
                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1988,2260415757492059485,8334881029828883267,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1992 /prefetch:2
                                                                                                    5⤵
                                                                                                      PID:552
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1988,2260415757492059485,8334881029828883267,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 /prefetch:3
                                                                                                      5⤵
                                                                                                      • Suspicious behavior: EnumeratesProcesses
                                                                                                      PID:3068
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end https://www.roblox.com/account/signupredir?ReturnUrl=https%3A%2F%2Fapis.roblox.com%2Foauth%2Fv1%2Fauthorize%3Fclient_id%3D7968549422692352298%26response_type%3Dcode%26redirect_uri%3Droblox-studio-auth%253a%252f%26scope%3Dopenid%2Bcredentials%2Bprofile%2Bage%2Broles%2Bpremium%26state%3DeyJyYW5kb21fc3RyaW5nIjoiVW9NR0g3QVI5aUtHM2ZrZlJNYzl3aDczdEhiTWpWTlhuTDhQZFNaSmd5VSIsInBpZCI6IjI3MzIifQ%253d%253d%26nonce%3Did-roblox%26code_challenge%3DFIvxg6BiJM8qgm8_2VQFF4VFGE_KoZeDQz8kpJipWQI%26code_challenge_method%3DS256%26rlt%3DTiDaqEbuLAUGVnOUUc1PeI2PqnyfpQ9uSS64s67uPEIqL4DBhYs-4YG9m8-ZIHmgFi_r4yX84QmXvJMdt81mL8T128CEC4gKB_nr01iJjye-cyC-8q85sDL5FY8_YDE46rU0IkkuLnH2nDQHcZfMIQ
                                                                                                      5⤵
                                                                                                      • Executes dropped EXE
                                                                                                      • Loads dropped DLL
                                                                                                      PID:5332
                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --edge-skip-compat-layer-relaunch https://www.roblox.com/account/signupredir?ReturnUrl=https%3A%2F%2Fapis.roblox.com%2Foauth%2Fv1%2Fauthorize%3Fclient_id%3D7968549422692352298%26response_type%3Dcode%26redirect_uri%3Droblox-studio-auth%253a%252f%26scope%3Dopenid%2Bcredentials%2Bprofile%2Bage%2Broles%2Bpremium%26state%3DeyJyYW5kb21fc3RyaW5nIjoiVW9NR0g3QVI5aUtHM2ZrZlJNYzl3aDczdEhiTWpWTlhuTDhQZFNaSmd5VSIsInBpZCI6IjI3MzIifQ%253d%253d%26nonce%3Did-roblox%26code_challenge%3DFIvxg6BiJM8qgm8_2VQFF4VFGE_KoZeDQz8kpJipWQI%26code_challenge_method%3DS256%26rlt%3DTiDaqEbuLAUGVnOUUc1PeI2PqnyfpQ9uSS64s67uPEIqL4DBhYs-4YG9m8-ZIHmgFi_r4yX84QmXvJMdt81mL8T128CEC4gKB_nr01iJjye-cyC-8q85sDL5FY8_YDE46rU0IkkuLnH2nDQHcZfMIQ
                                                                                                        6⤵
                                                                                                        • Executes dropped EXE
                                                                                                        • Loads dropped DLL
                                                                                                        • Checks whether UAC is enabled
                                                                                                        • Checks system information in the registry
                                                                                                        • Drops file in Windows directory
                                                                                                        • Enumerates system info in registry
                                                                                                        • Modifies data under HKEY_USERS
                                                                                                        • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                                        • Suspicious use of FindShellTrayWindow
                                                                                                        • Suspicious use of SendNotifyMessage
                                                                                                        • System policy modification
                                                                                                        PID:5504
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.59 --initial-client-data=0x23c,0x240,0x244,0x238,0x24c,0x7ffea914f208,0x7ffea914f214,0x7ffea914f220
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          • Loads dropped DLL
                                                                                                          PID:5632
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=1852,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=1884 /prefetch:2
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          • Loads dropped DLL
                                                                                                          PID:5992
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=2108,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=2116 /prefetch:11
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          • Loads dropped DLL
                                                                                                          PID:6008
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2516,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=1912 /prefetch:13
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          • Loads dropped DLL
                                                                                                          PID:2920
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3576,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=3600 /prefetch:1
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          • Loads dropped DLL
                                                                                                          PID:5580
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3588,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=3680 /prefetch:1
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          • Loads dropped DLL
                                                                                                          PID:5408
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=2544,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=4284 /prefetch:1
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          PID:1556
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --extension-process --renderer-sub-type=extension --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --always-read-main-dll --field-trial-handle=4256,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=4336 /prefetch:9
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          • Loads dropped DLL
                                                                                                          PID:5096
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --always-read-main-dll --field-trial-handle=4356,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=4548 /prefetch:1
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          • Loads dropped DLL
                                                                                                          PID:5784
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --extension-process --renderer-sub-type=extension --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --always-read-main-dll --field-trial-handle=4368,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=4524 /prefetch:9
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          • Loads dropped DLL
                                                                                                          PID:5936
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --always-read-main-dll --field-trial-handle=4476,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=4792 /prefetch:1
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          • Loads dropped DLL
                                                                                                          PID:5240
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4072,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=4052 /prefetch:14
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          • Loads dropped DLL
                                                                                                          PID:5108
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5640,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=5652 /prefetch:14
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          • Loads dropped DLL
                                                                                                          PID:5984
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5764,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=5692 /prefetch:14
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          PID:6176
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5684,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=5720 /prefetch:14
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          PID:6188
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\identity_helper.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6172,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=3784 /prefetch:14
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          PID:6392
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\identity_helper.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6172,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=3784 /prefetch:14
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          PID:6404
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3736,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=3724 /prefetch:14
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          PID:6592
                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\cookie_exporter.exe
                                                                                                            cookie_exporter.exe --cookie-json=1120
                                                                                                            8⤵
                                                                                                            • Executes dropped EXE
                                                                                                            PID:6668
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6616,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=5492 /prefetch:14
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          PID:6992
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6776,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=6620 /prefetch:14
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          PID:7040
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6780,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=6788 /prefetch:14
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          PID:7076
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7028,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=7036 /prefetch:14
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          PID:6576
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --always-read-main-dll --field-trial-handle=6836,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=6352 /prefetch:1
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          PID:6680
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4624,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=7064 /prefetch:14
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          PID:6636
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7104,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=7148 /prefetch:14
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          PID:5940
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7088,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=7080 /prefetch:14
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          PID:6740
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7132,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=5068 /prefetch:14
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          PID:6784
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=564,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=4960 /prefetch:14
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          PID:6920
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4524,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=4104 /prefetch:14
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          PID:6912
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4608,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=3548 /prefetch:14
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          PID:6932
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5688,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=5904 /prefetch:14
                                                                                                          7⤵
                                                                                                          • Executes dropped EXE
                                                                                                          PID:6532
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4856,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=4800 /prefetch:14
                                                                                                          7⤵
                                                                                                            PID:5924
                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4852,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=5528 /prefetch:14
                                                                                                            7⤵
                                                                                                              PID:6064
                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5696,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=4996 /prefetch:14
                                                                                                              7⤵
                                                                                                                PID:1700
                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5844,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=4336 /prefetch:14
                                                                                                                7⤵
                                                                                                                  PID:6072
                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5792,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=3184 /prefetch:12
                                                                                                                  7⤵
                                                                                                                    PID:2180
                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6732,i,13569272356270799868,2812688242183455743,262144 --variations-seed-version --mojo-platform-channel-handle=6696 /prefetch:14
                                                                                                                    7⤵
                                                                                                                      PID:7112
                                                                                                                    • C:\Program Files (x86)\Roblox\Versions\version-6b610f1860d74e5d\RobloxStudioBeta.exe
                                                                                                                      "C:\Program Files (x86)\Roblox\Versions\version-6b610f1860d74e5d\RobloxStudioBeta.exe" roblox-studio-auth:/?code=bPp27Xrl0kytJOXNU7wij08u18J3ASWEbcFcwYt9x5oeWLm-Q8KtqChT50WxnylYHmyYX2c_SO4R9tf6UFInLEyX8Ys5rcrSlyFM6nojh7kjXXTu1pYs7Wj7q26rZCBQCk4uI4OTfBPObcu0whvi0yGhHlms84a_qAJzx2nVTbaJbX5_TIJE-xgjy8QaYZXpxVGHpwvWonlCRbAatuEu1s1g6UPMK6IsLXQGtJa09NOBcoj8AL30IzdSOj3eCbQUWEksXjrS27eSLVBKggXPP58DoXBHdX9N0olo13H-PjHe757Ygw4yjwn6R3tFaN8e3mnHVwTTREEAwJxgtL7X5vneXtTW9NEVaeL84bGku5c&state=eyJyYW5kb21fc3RyaW5nIjoiVW9NR0g3QVI5aUtHM2ZrZlJNYzl3aDczdEhiTWpWTlhuTDhQZFNaSmd5VSIsInBpZCI6IjI3MzIifQ%3d%3d
                                                                                                                      7⤵
                                                                                                                      • Enumerates system info in registry
                                                                                                                      • Suspicious behavior: AddClipboardFormatListener
                                                                                                                      PID:6276
                                                                                                                      • C:\Program Files (x86)\Roblox\Versions\version-6b610f1860d74e5d\RobloxCrashHandler.exe
                                                                                                                        "C:\Program Files (x86)\Roblox\Versions\version-6b610f1860d74e5d\RobloxCrashHandler.exe" --no-rate-limit --crashCounter Win-ROBLOXStudio-Crash --baseUrl https://www.roblox.com --attachment=attachment_0.660.0.6600648_20250213T172537Z_Studio_B35A0_last.log=C:\Users\Admin\AppData\Local\Roblox\logs\0.660.0.6600648_20250213T172537Z_Studio_B35A0_last.log --attachment=attachment_log_0.660.0.6600648_20250213T172537Z_Studio_B35A0_csg3.log=C:\Users\Admin\AppData\Local\Roblox\logs\log_0.660.0.6600648_20250213T172537Z_Studio_B35A0_csg3.log --attachment=attachment_log_0.660.0.6600648_20250213T172537Z_Studio_B35A0_dcd.log=C:\Users\Admin\AppData\Local\Roblox\logs\log_0.660.0.6600648_20250213T172537Z_Studio_B35A0_dcd.log --database=C:\Users\Admin\AppData\Local\Roblox\logs\crashes --metrics-dir=C:\Users\Admin\AppData\Local\Roblox\logs\crashes --url=https://uploads.backtrace.rbx.com/post --annotation=AppVersion=0.660.0.6600648 --annotation=Format=minidump --annotation=HardwareModel= --annotation=HasBootstrapper=true --annotation=InstallFolder=ProgramFilesX86 --annotation=OSPlatform=Windows --annotation=RobloxChannel=production --annotation=RobloxGitHash=fe56108a358d8715d1ade670935502cf6eea502c --annotation=RobloxProduct=RobloxStudio --annotation=StudioVersion=0.660.0.6600648 --annotation=UniqueId=417218537476084860 --annotation=UseCrashpad=True --annotation=app_arch=x86_64 --annotation=application.version=0.660.0.6600648 --annotation=host_arch=x86_64 --initial-client-data=0x408,0x40c,0x410,0x3e0,0x438,0x7ff74e4e8f10,0x7ff74e4e8f28,0x7ff74e4e8f40
                                                                                                                        8⤵
                                                                                                                          PID:7044
                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
                                                                                                                        7⤵
                                                                                                                        • Checks whether UAC is enabled
                                                                                                                        • Checks system information in the registry
                                                                                                                        • Drops file in Windows directory
                                                                                                                        • Enumerates system info in registry
                                                                                                                        • Modifies data under HKEY_USERS
                                                                                                                        • System policy modification
                                                                                                                        PID:1820
                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.59 --initial-client-data=0x240,0x244,0x248,0x23c,0x250,0x7ffea914f208,0x7ffea914f214,0x7ffea914f220
                                                                                                                          8⤵
                                                                                                                            PID:5068
                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1848,i,7339954893884654147,843894795059544801,262144 --variations-seed-version --mojo-platform-channel-handle=2144 /prefetch:11
                                                                                                                            8⤵
                                                                                                                              PID:6260
                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2116,i,7339954893884654147,843894795059544801,262144 --variations-seed-version --mojo-platform-channel-handle=2112 /prefetch:2
                                                                                                                              8⤵
                                                                                                                                PID:4680
                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2448,i,7339954893884654147,843894795059544801,262144 --variations-seed-version --mojo-platform-channel-handle=2620 /prefetch:13
                                                                                                                                8⤵
                                                                                                                                  PID:644
                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\identity_helper.exe
                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4360,i,7339954893884654147,843894795059544801,262144 --variations-seed-version --mojo-platform-channel-handle=4384 /prefetch:14
                                                                                                                                  8⤵
                                                                                                                                    PID:2084
                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\identity_helper.exe
                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4360,i,7339954893884654147,843894795059544801,262144 --variations-seed-version --mojo-platform-channel-handle=4384 /prefetch:14
                                                                                                                                    8⤵
                                                                                                                                      PID:5300
                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4540,i,7339954893884654147,843894795059544801,262144 --variations-seed-version --mojo-platform-channel-handle=4668 /prefetch:14
                                                                                                                                      8⤵
                                                                                                                                        PID:5552
                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4648,i,7339954893884654147,843894795059544801,262144 --variations-seed-version --mojo-platform-channel-handle=4808 /prefetch:14
                                                                                                                                        8⤵
                                                                                                                                          PID:6008
                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4764,i,7339954893884654147,843894795059544801,262144 --variations-seed-version --mojo-platform-channel-handle=4740 /prefetch:14
                                                                                                                                          8⤵
                                                                                                                                            PID:2808
                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4748,i,7339954893884654147,843894795059544801,262144 --variations-seed-version --mojo-platform-channel-handle=4820 /prefetch:14
                                                                                                                                            8⤵
                                                                                                                                              PID:3744
                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4952,i,7339954893884654147,843894795059544801,262144 --variations-seed-version --mojo-platform-channel-handle=4928 /prefetch:14
                                                                                                                                              8⤵
                                                                                                                                                PID:5772
                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5084,i,7339954893884654147,843894795059544801,262144 --variations-seed-version --mojo-platform-channel-handle=4936 /prefetch:14
                                                                                                                                                8⤵
                                                                                                                                                  PID:5848
                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5100,i,7339954893884654147,843894795059544801,262144 --variations-seed-version --mojo-platform-channel-handle=5036 /prefetch:14
                                                                                                                                                  8⤵
                                                                                                                                                    PID:2184
                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4592,i,7339954893884654147,843894795059544801,262144 --variations-seed-version --mojo-platform-channel-handle=5116 /prefetch:14
                                                                                                                                                    8⤵
                                                                                                                                                      PID:1984
                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=4948,i,7339954893884654147,843894795059544801,262144 --variations-seed-version --mojo-platform-channel-handle=4976 /prefetch:10
                                                                                                                                                      8⤵
                                                                                                                                                        PID:4628
                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4976,i,7339954893884654147,843894795059544801,262144 --variations-seed-version --mojo-platform-channel-handle=5096 /prefetch:14
                                                                                                                                                        8⤵
                                                                                                                                                          PID:4740
                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=2960,i,7339954893884654147,843894795059544801,262144 --variations-seed-version --mojo-platform-channel-handle=3676 /prefetch:14
                                                                                                                                                          8⤵
                                                                                                                                                            PID:176
                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4544,i,7339954893884654147,843894795059544801,262144 --variations-seed-version --mojo-platform-channel-handle=3708 /prefetch:14
                                                                                                                                                            8⤵
                                                                                                                                                              PID:6572
                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3700,i,7339954893884654147,843894795059544801,262144 --variations-seed-version --mojo-platform-channel-handle=5032 /prefetch:14
                                                                                                                                                              8⤵
                                                                                                                                                                PID:6092
                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4068,i,7339954893884654147,843894795059544801,262144 --variations-seed-version --mojo-platform-channel-handle=2224 /prefetch:14
                                                                                                                                                                8⤵
                                                                                                                                                                  PID:792
                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5052,i,7339954893884654147,843894795059544801,262144 --variations-seed-version --mojo-platform-channel-handle=5012 /prefetch:14
                                                                                                                                                                  8⤵
                                                                                                                                                                    PID:4904
                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.roblox.com/account/signupredir?ReturnUrl=https%3A%2F%2Fapis.roblox.com%2Foauth%2Fv1%2Fauthorize%3Fclient_id%3D7968549422692352298%26response_type%3Dcode%26redirect_uri%3Droblox-studio-auth%253a%252f%26scope%3Dopenid%2Bcredentials%2Bprofile%2Bage%2Broles%2Bpremium%26state%3DeyJyYW5kb21fc3RyaW5nIjoiVW9NR0g3QVI5aUtHM2ZrZlJNYzl3aDczdEhiTWpWTlhuTDhQZFNaSmd5VSIsInBpZCI6IjI3MzIifQ%253d%253d%26nonce%3Did-roblox%26code_challenge%3DFIvxg6BiJM8qgm8_2VQFF4VFGE_KoZeDQz8kpJipWQI%26code_challenge_method%3DS256%26rlt%3DTiDaqEbuLAUGVnOUUc1PeI2PqnyfpQ9uSS64s67uPEIqL4DBhYs-4YG9m8-ZIHmgFi_r4yX84QmXvJMdt81mL8T128CEC4gKB_nr01iJjye-cyC-8q85sDL5FY8_YDE46rU0IkkuLnH2nDQHcZfMIQ
                                                                                                                                                            4⤵
                                                                                                                                                            • Executes dropped EXE
                                                                                                                                                            • Loads dropped DLL
                                                                                                                                                            PID:5128
                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --edge-skip-compat-layer-relaunch --single-argument https://www.roblox.com/account/signupredir?ReturnUrl=https%3A%2F%2Fapis.roblox.com%2Foauth%2Fv1%2Fauthorize%3Fclient_id%3D7968549422692352298%26response_type%3Dcode%26redirect_uri%3Droblox-studio-auth%253a%252f%26scope%3Dopenid%2Bcredentials%2Bprofile%2Bage%2Broles%2Bpremium%26state%3DeyJyYW5kb21fc3RyaW5nIjoiVW9NR0g3QVI5aUtHM2ZrZlJNYzl3aDczdEhiTWpWTlhuTDhQZFNaSmd5VSIsInBpZCI6IjI3MzIifQ%253d%253d%26nonce%3Did-roblox%26code_challenge%3DFIvxg6BiJM8qgm8_2VQFF4VFGE_KoZeDQz8kpJipWQI%26code_challenge_method%3DS256%26rlt%3DTiDaqEbuLAUGVnOUUc1PeI2PqnyfpQ9uSS64s67uPEIqL4DBhYs-4YG9m8-ZIHmgFi_r4yX84QmXvJMdt81mL8T128CEC4gKB_nr01iJjye-cyC-8q85sDL5FY8_YDE46rU0IkkuLnH2nDQHcZfMIQ
                                                                                                                                                              5⤵
                                                                                                                                                              • Executes dropped EXE
                                                                                                                                                              • Loads dropped DLL
                                                                                                                                                              PID:5424
                                                                                                                                                    • C:\Windows\System32\GameBarPresenceWriter.exe
                                                                                                                                                      "C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
                                                                                                                                                      1⤵
                                                                                                                                                      • Network Service Discovery
                                                                                                                                                      PID:4972
                                                                                                                                                    • C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_2.50.24002.0_x64__8wekyb3d8bbwe\GameBar.exe
                                                                                                                                                      "C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_2.50.24002.0_x64__8wekyb3d8bbwe\GameBar.exe" -ServerName:App.AppXbdkk0yrkwpcgeaem8zk81k8py1eaahny.mca
                                                                                                                                                      1⤵
                                                                                                                                                      • Modifies registry class
                                                                                                                                                      • Suspicious use of SetWindowsHookEx
                                                                                                                                                      PID:1344
                                                                                                                                                    • C:\Windows\system32\AUDIODG.EXE
                                                                                                                                                      C:\Windows\system32\AUDIODG.EXE 0x00000000000004D4 0x00000000000004D0
                                                                                                                                                      1⤵
                                                                                                                                                      • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                      PID:3376
                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\elevation_service.exe
                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\elevation_service.exe"
                                                                                                                                                      1⤵
                                                                                                                                                      • Executes dropped EXE
                                                                                                                                                      PID:5108
                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe
                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe" --rename-msedge-exe --system-level --verbose-logging --msedge --channel=stable
                                                                                                                                                        2⤵
                                                                                                                                                        • Executes dropped EXE
                                                                                                                                                        • Drops file in Windows directory
                                                                                                                                                        • Modifies registry class
                                                                                                                                                        PID:2060
                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe
                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.59 --initial-client-data=0x240,0x244,0x248,0x21c,0x24c,0x7ff6bf1a6a68,0x7ff6bf1a6a74,0x7ff6bf1a6a80
                                                                                                                                                          3⤵
                                                                                                                                                          • Executes dropped EXE
                                                                                                                                                          PID:5168
                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe
                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe" --msedge --channel=stable --delete-old-versions --system-level --verbose-logging
                                                                                                                                                          3⤵
                                                                                                                                                          • Executes dropped EXE
                                                                                                                                                          • Drops file in Windows directory
                                                                                                                                                          • Modifies data under HKEY_USERS
                                                                                                                                                          • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                          PID:5252
                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe
                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.59 --initial-client-data=0x23c,0x240,0x244,0x204,0x248,0x7ff6bf1a6a68,0x7ff6bf1a6a74,0x7ff6bf1a6a80
                                                                                                                                                            4⤵
                                                                                                                                                            • Executes dropped EXE
                                                                                                                                                            • Drops file in Windows directory
                                                                                                                                                            PID:5304
                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe
                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe" --msedge --channel=stable --register-package-identity --verbose-logging --system-level
                                                                                                                                                          3⤵
                                                                                                                                                          • Executes dropped EXE
                                                                                                                                                          • Drops file in Windows directory
                                                                                                                                                          • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                          PID:5264
                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe
                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\Installer\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.59 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff6bf1a6a68,0x7ff6bf1a6a74,0x7ff6bf1a6a80
                                                                                                                                                            4⤵
                                                                                                                                                            • Executes dropped EXE
                                                                                                                                                            • Drops file in Windows directory
                                                                                                                                                            PID:5312
                                                                                                                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                      1⤵
                                                                                                                                                        PID:5124
                                                                                                                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                        1⤵
                                                                                                                                                          PID:5188
                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\elevation_service.exe
                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\elevation_service.exe"
                                                                                                                                                          1⤵
                                                                                                                                                          • Executes dropped EXE
                                                                                                                                                          PID:6040
                                                                                                                                                        • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{68522DAC-43CE-4AAE-B0AF-0B2EB0CF5493}\MicrosoftEdge_X64_133.0.3065.59_132.0.2957.140.exe
                                                                                                                                                          "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{68522DAC-43CE-4AAE-B0AF-0B2EB0CF5493}\MicrosoftEdge_X64_133.0.3065.59_132.0.2957.140.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
                                                                                                                                                          1⤵
                                                                                                                                                            PID:7060
                                                                                                                                                            • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{68522DAC-43CE-4AAE-B0AF-0B2EB0CF5493}\EDGEMITMP_61F2F.tmp\setup.exe
                                                                                                                                                              "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{68522DAC-43CE-4AAE-B0AF-0B2EB0CF5493}\EDGEMITMP_61F2F.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{68522DAC-43CE-4AAE-B0AF-0B2EB0CF5493}\MicrosoftEdge_X64_133.0.3065.59_132.0.2957.140.exe" --previous-version="132.0.2957.140" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
                                                                                                                                                              2⤵
                                                                                                                                                              • Executes dropped EXE
                                                                                                                                                              • Drops file in Program Files directory
                                                                                                                                                              • Drops file in Windows directory
                                                                                                                                                              • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                              PID:6600
                                                                                                                                                              • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{68522DAC-43CE-4AAE-B0AF-0B2EB0CF5493}\EDGEMITMP_61F2F.tmp\setup.exe
                                                                                                                                                                "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{68522DAC-43CE-4AAE-B0AF-0B2EB0CF5493}\EDGEMITMP_61F2F.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{68522DAC-43CE-4AAE-B0AF-0B2EB0CF5493}\EDGEMITMP_61F2F.tmp\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.59 --initial-client-data=0x23c,0x240,0x244,0x218,0x248,0x7ff76def6a68,0x7ff76def6a74,0x7ff76def6a80
                                                                                                                                                                3⤵
                                                                                                                                                                • Executes dropped EXE
                                                                                                                                                                PID:6856
                                                                                                                                                              • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.59\Installer\setup.exe
                                                                                                                                                                "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.59\Installer\setup.exe" --msedgewebview --delete-old-versions --system-level --verbose-logging
                                                                                                                                                                3⤵
                                                                                                                                                                • Executes dropped EXE
                                                                                                                                                                PID:6764
                                                                                                                                                                • C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.59\Installer\setup.exe
                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.59\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.59\Installer\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.59 --initial-client-data=0x23c,0x240,0x244,0x218,0x248,0x7ff6bf1a6a68,0x7ff6bf1a6a74,0x7ff6bf1a6a80
                                                                                                                                                                  4⤵
                                                                                                                                                                  • Executes dropped EXE
                                                                                                                                                                  • Drops file in Windows directory
                                                                                                                                                                  PID:6460
                                                                                                                                                          • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                                                                                                            "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuNDMiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuNDMiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QjM1OUM2QkQtQzQ1NC00QTA0LUFFNUQtMEY4QkQ0NkMzQzg4fSIgdXNlcmlkPSJ7QkYxNzUwRkYtRjAyNi00MzhELThBMUEtMDQzQjMyNkZBOURDfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9InszRTgwQjAzQy01MDA0LTQzQTYtOEM5Qi1BMEJDMkMzMzY2NTZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iMiIgcGh5c21lbW9yeT0iNCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTk1LjQzIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMyIgY29ob3J0PSJycmZAMC4yMyI-PHVwZGF0ZWNoZWNrLz48cGluZyByPSIzIiByZD0iNjYxNSIgcGluZ19mcmVzaG5lc3M9Ins5QjdDMDBEQS0zODE2LTQ4NDgtQjVDRC03QkJDNTYzOUQyMzd9Ii8-PC9hcHA-PGFwcCBhcHBpZD0iezU2RUIxOEY4LUIwMDgtNENCRC1CNkQyLThDOTdGRTdFOTA2Mn0iIHZlcnNpb249IjkwLjAuODE4LjY2IiBuZXh0dmVyc2lvbj0iMTMzLjAuMzA2NS41OSIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSIzIiBpc19waW5uZWRfc3lzdGVtPSJ0cnVlIiBsYXN0X2xhdW5jaF9jb3VudD0iMSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzODM5NDA1OTk1MzEzNTkwIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjEyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1MzMzMTA2NzE0IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUzMzMxOTY3MTIiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjYyODIwMzQzNTEiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImRvIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy9mZWQ1NTgwNS0yZTg1LTQxZDgtYjRlMy00ZWY2YjVlYmY2M2E_UDE9MTc0MDA3MTg1NyZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1XMXdoWGpqTllPREtKeSUyYmQ3QzcxbVolMmZlSVpwOXVTZmJlQ1BDRm0lMmJjTlhxRCUyZmhXN0sxMDNyVVZ2VHVRR09Yd283VWFoS1VqMkx1UkZ4ZzVyclMlMmJyUHclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIwIiB0b3RhbD0iMCIgZG93bmxvYWRfdGltZV9tcz0iMjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjI4MjAzNDM1MSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvZmVkNTU4MDUtMmU4NS00MWQ4LWI0ZTMtNGVmNmI1ZWJmNjNhP1AxPTE3NDAwNzE4NTcmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9VzF3aFhqak5ZT0RLSnklMmJkN0M3MW1aJTJmZUlacDl1U2ZiZUNQQ0ZtJTJiY05YcUQlMmZoVzdLMTAzclVWdlR1UUdPWHdvN1VhaEtVajJMdVJGeGc1cnJTJTJiclB3JTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTc4NjA0MDg4IiB0b3RhbD0iMTc4NjA0MDg4IiBkb3dubG9hZF90aW1lX21zPSI4ODEwMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2MjgyMDM0MzUxIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjYyOTYzMTUzOTMiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9IjY5ODk3Mjc3NzciIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSI3MjkxIiBkb3dubG9hZF90aW1lX21zPSI5NDg2MyIgZG93bmxvYWRlZD0iMTc4NjA0MDg4IiB0b3RhbD0iMTc4NjA0MDg4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI2OTM0MSIvPjxwaW5nIGFjdGl2ZT0iMSIgYT0iMyIgcj0iMyIgYWQ9IjY2MTUiIHJkPSI2NjE1IiBwaW5nX2ZyZXNobmVzcz0ie0E1RUJBMzhDLTI3M0YtNEE2NS04QTQ2LTIwQzUyMjM1ODBBMX0iLz48L2FwcD48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iMTMyLjAuMjk1Ny4xNDAiIG5leHR2ZXJzaW9uPSIxMzMuMC4zMDY1LjU5IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMyIgdXBkYXRlX2NvdW50PSIxIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjEyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1MzMzMTM2NjExIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjY5ODk3Njc3NTMiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjkyNzkwMjEwMDEiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImRvIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy9hNDcyZWNlYy1hZTY5LTQ0OWUtYjdhMi00ZTg2ZGZlZTU4YTk_UDE9MTc0MDA3MTg1NyZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1IRERNS2kyWTNTSEV4UlIzdHNRVEdsd2VpT2o3UUk2a0psNmhJbTRmY3JGWm8xeUFiNWNwY1JCOE1KWTVqSVNPTTNYd2FiY0NkSTdpNkdnOUx6eDZRUSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIyIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ1Mzg2Mzg1IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5Mjc5MDcxMzc4IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy9hNDcyZWNlYy1hZTY5LTQ0OWUtYjdhMi00ZTg2ZGZlZTU4YTk_UDE9MTc0MDA3MTg1NyZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1IRERNS2kyWTNTSEV4UlIzdHNRVEdsd2VpT2o3UUk2a0psNmhJbTRmY3JGWm8xeUFiNWNwY1JCOE1KWTVqSVNPTTNYd2FiY0NkSTdpNkdnOUx6eDZRUSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSI1ODQ5ODEyOCIgZG93bmxvYWRfdGltZV9tcz0iMTg4MjA0Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjkyNzkwOTExMTEiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9Indpbmh0dHAiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzL2E0NzJlY2VjLWFlNjktNDQ5ZS1iN2EyLTRlODZkZmVlNThhOT9QMT0xNzQwMDcxODU3JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PUhERE1LaTJZM1NIRXhSUjN0c1FUR2x3ZWlPajdRSTZrSmw2aEltNGZjckZabzF5QWI1Y3BjUkI4TUpZNWpJU09NM1h3YWJjQ2RJN2k2R2c5THp4NlFRJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iOTEuODAuNDkuODUiIGNkbl9jaWQ9IjkiIGNkbl9jY2M9Iml0IiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iNTg0OTgxMjgiIHRvdGFsPSI1ODQ5ODEyOCIgZG93bmxvYWRfdGltZV9tcz0iMzk5NzYiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTI3OTE3MTEzNCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5Mjg3NTkxMzI0IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5ODEyOTYxMDMzIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iNzI5NSIgZG93bmxvYWRfdGltZV9tcz0iMjI4OTM1IiBkb3dubG9hZGVkPSI1ODQ5ODEyOCIgdG90YWw9IjU4NDk4MTI4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI1MjUzMSIvPjxwaW5nIHI9IjMiIHJkPSI2NjE1IiBwaW5nX2ZyZXNobmVzcz0iezFDNDVGNDY3LTFERkYtNDQwMy04OUU5LTEzQjQ5MDcyRDVFRH0iLz48L2FwcD48L3JlcXVlc3Q-
                                                                                                                                                            1⤵
                                                                                                                                                            • System Location Discovery: System Language Discovery
                                                                                                                                                            • System Network Configuration Discovery: Internet Connection Discovery
                                                                                                                                                            PID:1636
                                                                                                                                                          • C:\Windows\system32\svchost.exe
                                                                                                                                                            C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
                                                                                                                                                            1⤵
                                                                                                                                                            • Drops desktop.ini file(s)
                                                                                                                                                            • Checks processor information in registry
                                                                                                                                                            PID:5108
                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\elevation_service.exe
                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\elevation_service.exe"
                                                                                                                                                            1⤵
                                                                                                                                                              PID:5468
                                                                                                                                                            • C:\Program Files (x86)\Roblox\Versions\version-2d6639b3364b47cd\RobloxPlayerBeta.exe
                                                                                                                                                              "C:\Program Files (x86)\Roblox\Versions\version-2d6639b3364b47cd\RobloxPlayerBeta.exe"
                                                                                                                                                              1⤵
                                                                                                                                                              • Suspicious use of NtCreateThreadExHideFromDebugger
                                                                                                                                                              • Suspicious use of NtSetInformationThreadHideFromDebugger
                                                                                                                                                              • Suspicious use of UnmapMainImage
                                                                                                                                                              PID:6312

                                                                                                                                                            Network

                                                                                                                                                            MITRE ATT&CK Enterprise v15

                                                                                                                                                            Reconnaissance

                                                                                                                                                            Resource Development

                                                                                                                                                            Initial Access

                                                                                                                                                            Execution

                                                                                                                                                            Command and Scripting Interpreter

                                                                                                                                                            1
                                                                                                                                                            T1059

                                                                                                                                                            PowerShell

                                                                                                                                                            1
                                                                                                                                                            T1059.001

                                                                                                                                                            Persistence

                                                                                                                                                            Boot or Logon Autostart Execution

                                                                                                                                                            1
                                                                                                                                                            T1547

                                                                                                                                                            Active Setup

                                                                                                                                                            1
                                                                                                                                                            T1547.014

                                                                                                                                                            Browser Extensions

                                                                                                                                                            1
                                                                                                                                                            T1176

                                                                                                                                                            Event Triggered Execution

                                                                                                                                                            1
                                                                                                                                                            T1546

                                                                                                                                                            Component Object Model Hijacking

                                                                                                                                                            1
                                                                                                                                                            T1546.015

                                                                                                                                                            Privilege Escalation

                                                                                                                                                            Boot or Logon Autostart Execution

                                                                                                                                                            1
                                                                                                                                                            T1547

                                                                                                                                                            Active Setup

                                                                                                                                                            1
                                                                                                                                                            T1547.014

                                                                                                                                                            Event Triggered Execution

                                                                                                                                                            1
                                                                                                                                                            T1546

                                                                                                                                                            Component Object Model Hijacking

                                                                                                                                                            1
                                                                                                                                                            T1546.015

                                                                                                                                                            Defense Evasion

                                                                                                                                                            Modify Registry

                                                                                                                                                            4
                                                                                                                                                            T1112

                                                                                                                                                            Subvert Trust Controls

                                                                                                                                                            1
                                                                                                                                                            T1553

                                                                                                                                                            SIP and Trust Provider Hijacking

                                                                                                                                                            1
                                                                                                                                                            T1553.003

                                                                                                                                                            Credential Access

                                                                                                                                                            Credentials from Password Stores

                                                                                                                                                            1
                                                                                                                                                            T1555

                                                                                                                                                            Credentials from Web Browsers

                                                                                                                                                            1
                                                                                                                                                            T1555.003

                                                                                                                                                            Unsecured Credentials

                                                                                                                                                            1
                                                                                                                                                            T1552

                                                                                                                                                            Credentials In Files

                                                                                                                                                            1
                                                                                                                                                            T1552.001

                                                                                                                                                            Discovery

                                                                                                                                                            Browser Information Discovery

                                                                                                                                                            1
                                                                                                                                                            T1217

                                                                                                                                                            Network Service Discovery

                                                                                                                                                            1
                                                                                                                                                            T1046

                                                                                                                                                            Network Share Discovery

                                                                                                                                                            1
                                                                                                                                                            T1135

                                                                                                                                                            Peripheral Device Discovery

                                                                                                                                                            1
                                                                                                                                                            T1120

                                                                                                                                                            Query Registry

                                                                                                                                                            6
                                                                                                                                                            T1012

                                                                                                                                                            System Information Discovery

                                                                                                                                                            6
                                                                                                                                                            T1082

                                                                                                                                                            System Location Discovery

                                                                                                                                                            1
                                                                                                                                                            T1614

                                                                                                                                                            System Language Discovery

                                                                                                                                                            1
                                                                                                                                                            T1614.001

                                                                                                                                                            System Network Configuration Discovery

                                                                                                                                                            1
                                                                                                                                                            T1016

                                                                                                                                                            Internet Connection Discovery

                                                                                                                                                            1
                                                                                                                                                            T1016.001

                                                                                                                                                            Lateral Movement

                                                                                                                                                            Collection

                                                                                                                                                            Data from Local System

                                                                                                                                                            1
                                                                                                                                                            T1005

                                                                                                                                                            Command and Control

                                                                                                                                                            Exfiltration

                                                                                                                                                            Impact

                                                                                                                                                            Replay Monitor

                                                                                                                                                            Loading Replay Monitor...

                                                                                                                                                            Downloads

                                                                                                                                                            • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{68522DAC-43CE-4AAE-B0AF-0B2EB0CF5493}\EDGEMITMP_61F2F.tmp\SETUP.EX_
                                                                                                                                                              Filesize

                                                                                                                                                              2.7MB

                                                                                                                                                              MD5

                                                                                                                                                              1a59a8af3c58b30ff0fe71db2196b24b

                                                                                                                                                              SHA1

                                                                                                                                                              6b0e5ba36f4fc5328ec494272054a50cafa13e68

                                                                                                                                                              SHA256

                                                                                                                                                              ba25974b29a25cb7bc1f58a0990a8ce758354aa6ec5b8b8af210f2c1466ba49d

                                                                                                                                                              SHA512

                                                                                                                                                              f173fe15db8d7aeef4f6fa62a41246550ccee207e6388095a5f87036362d4c95da646e1a7c68764054556e024da80b749646425076e9bfac42fb77be8f2c0355

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C7034993-3747-4A4A-8097-6907BC723A83}\EDGEMITMP_232DE.tmp\setup.exe
                                                                                                                                                              Filesize

                                                                                                                                                              6.8MB

                                                                                                                                                              MD5

                                                                                                                                                              1b3e9c59f9c7a134ec630ada1eb76a39

                                                                                                                                                              SHA1

                                                                                                                                                              a7e831d392e99f3d37847dcc561dd2e017065439

                                                                                                                                                              SHA256

                                                                                                                                                              ce78ccfb0c9cdb06ea61116bc57e50690650b6b5cf37c1aebfb30c19458ee4ae

                                                                                                                                                              SHA512

                                                                                                                                                              c0e50410dc92d80ff7bc854907774fc551564e078a8d38ca6421f15cea50282c25efac4f357b52b066c4371f9b8d4900fa8122dd80ab06ecbd851c6e049f7a3e

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\bdb1389a-7364-4c10-8208-acc8dc385dda.tmp
                                                                                                                                                              Filesize

                                                                                                                                                              344B

                                                                                                                                                              MD5

                                                                                                                                                              1b7cdddfb06152ae01f12d9f253237d6

                                                                                                                                                              SHA1

                                                                                                                                                              1ef358781a086a0727f4fa95cd53510eb328bc52

                                                                                                                                                              SHA256

                                                                                                                                                              fd668d6edcf6b6cc176edd9bf7b0d7f1881fe2f0d94ebae656127c27a359550e

                                                                                                                                                              SHA512

                                                                                                                                                              4705c93b233be92dd2d04649d404b538bc76607bbe655d5e35a739653ac1af776ecdd12ec1cbf81476070ec5bae633f891817155014730a06939efb21bd132ea

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe
                                                                                                                                                              Filesize

                                                                                                                                                              7.4MB

                                                                                                                                                              MD5

                                                                                                                                                              799ac31ff5f4839d05bd8e1e3dac4db4

                                                                                                                                                              SHA1

                                                                                                                                                              46b64660ade0475987ea84b51a6c672cf8606225

                                                                                                                                                              SHA256

                                                                                                                                                              da62b0238115f65630ce85d767c78c2dade5e1d4a13ad9153ab8da418edcd8de

                                                                                                                                                              SHA512

                                                                                                                                                              d1b7d8056b3923bbc9ca94d76e5a0ef642bab4bfb80d3aa1bc6f79c2373ab30916cff264c9a896d7b0bd9b057fdf34353be8f63a7256700a921c7415711ca244

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Program Files (x86)\Roblox\Versions\version-2d6639b3364b47cd\RobloxPlayerBeta.dll
                                                                                                                                                              Filesize

                                                                                                                                                              15.6MB

                                                                                                                                                              MD5

                                                                                                                                                              392244e7ec9fbd4a2dd2c9173688e123

                                                                                                                                                              SHA1

                                                                                                                                                              a9885b9c173aead6735a0302fbdc8d00789f2524

                                                                                                                                                              SHA256

                                                                                                                                                              4eb722b6d7310b87ceb5dfad40b21ab27e82735c1164107f082e698a69c7e1fa

                                                                                                                                                              SHA512

                                                                                                                                                              750dbb890fd8aabba19a18f2072269665a6d52e0b353a8b0dcbec3975acdc8fea1244f44d37212181c2d45ef6650eefb1329b847a645b3404dc7889b1070e73a

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Program Files (x86)\Roblox\Versions\version-6b610f1860d74e5d\Qt5Gui.dll
                                                                                                                                                              Filesize

                                                                                                                                                              6.5MB

                                                                                                                                                              MD5

                                                                                                                                                              3bce6b45e07a747167349865b4bf4ac3

                                                                                                                                                              SHA1

                                                                                                                                                              d24d4b87ed035f897009cf0b5b711e6485533d89

                                                                                                                                                              SHA256

                                                                                                                                                              946a04ae8bcb2c33fcb8c98ce7280dd4599974e85ffb86d9101e595c678ad6d2

                                                                                                                                                              SHA512

                                                                                                                                                              d7584ddd3c6cfc9bda1ddddd02b883aa974309770a478f138202f7540ae92b38cdc658149e4e8b4e76eb0280ab066e096558bd942367c20c018f0f716c09d1e4

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Program Files (x86)\Roblox\Versions\version-6b610f1860d74e5d\Qt5Widgets.dll
                                                                                                                                                              Filesize

                                                                                                                                                              5.3MB

                                                                                                                                                              MD5

                                                                                                                                                              5309de309fb00a4be24bb465f0053455

                                                                                                                                                              SHA1

                                                                                                                                                              a14ef29356dac72d882f663a426f16ab29bc3529

                                                                                                                                                              SHA256

                                                                                                                                                              24b14e67f6ae8a8b0191d68a3576300bd0ecc240ec9417e94f0f04dcc15a12f2

                                                                                                                                                              SHA512

                                                                                                                                                              0cebf0e1560f2ef8b140bfd4fba2b3d7a562923f1b45c84eff41dd02b5ce04a9402c937cb4708d4623ab02a8991bbe6a31acc3cbd17fe2079130313f33daa1e7

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Program Files (x86)\Roblox\Versions\version-6b610f1860d74e5d\Qt5Xml.dll
                                                                                                                                                              Filesize

                                                                                                                                                              215KB

                                                                                                                                                              MD5

                                                                                                                                                              a24011ba1cba9e517da2d89d530329cd

                                                                                                                                                              SHA1

                                                                                                                                                              867f44a65128db05ec1c2842a52b2752ba22346e

                                                                                                                                                              SHA256

                                                                                                                                                              7315e183382b81e65be9e3efb2ae151f6c95fad914a0dbfbf0400dfab868af48

                                                                                                                                                              SHA512

                                                                                                                                                              76d7115d7b5f57a609cae61e768b28cc873f30a4aea46a2b385e9c8be1e5bba7c73ce84731708fe12f28d691b06ec6dbb8579f5eb9eca92ecf83d94e97b98620

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Program Files (x86)\Roblox\Versions\version-6b610f1860d74e5d\QtitanBase.dll
                                                                                                                                                              Filesize

                                                                                                                                                              1.1MB

                                                                                                                                                              MD5

                                                                                                                                                              e5b927738fb7c47c0230073c77ae0b72

                                                                                                                                                              SHA1

                                                                                                                                                              9199c468fca452d468c994917ea005e913700d4d

                                                                                                                                                              SHA256

                                                                                                                                                              942564e52d4344512e0628e7197a94f45653f2c1c902753611a8807ec59cf2f5

                                                                                                                                                              SHA512

                                                                                                                                                              2f792bce948150563eed745999a2a9108ae74fc644bb247de30977e6977b7247709c5d87601676366f45dbdb601a2f86535363dd4b8d686428a658b5f97f25f1

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Program Files (x86)\Roblox\Versions\version-6b610f1860d74e5d\QtitanDocking.dll
                                                                                                                                                              Filesize

                                                                                                                                                              614KB

                                                                                                                                                              MD5

                                                                                                                                                              190133e5d8a3dc6a62e1565af4ab6ee3

                                                                                                                                                              SHA1

                                                                                                                                                              415df4287f342c71bea46c30b853cf30c119c6e9

                                                                                                                                                              SHA256

                                                                                                                                                              07b500bcb553ddcc56739d920e1ba9579cb00aa0254d100e939cb63450c56ce3

                                                                                                                                                              SHA512

                                                                                                                                                              905b6adb63714906126eb154cd05907fc3a313af42a6806c3bebd6f577100b1e407b8f920392243eaf032d8b6a729c7c179d6bc132d5666b2108a070c6eb842f

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Program Files (x86)\Roblox\Versions\version-6b610f1860d74e5d\QtitanRibbon.dll
                                                                                                                                                              Filesize

                                                                                                                                                              3.1MB

                                                                                                                                                              MD5

                                                                                                                                                              d81f4b7c0228cdee264d4512a396528a

                                                                                                                                                              SHA1

                                                                                                                                                              48efc25483112b08e07b23e6d832b0b4dd0617dd

                                                                                                                                                              SHA256

                                                                                                                                                              3814582666fd2e083b299938fda172be0d7a38e76fcd35b29e5e53793a773d87

                                                                                                                                                              SHA512

                                                                                                                                                              95266c9e0c510df17739fccd975136e54c95b8447a40814fb5a3ec637094fb9f36de72eb0c2fa1d40ac127913379fb39c8c902c36baf641c48c5388db229a9e0

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox\Roblox Studio.lnk
                                                                                                                                                              Filesize

                                                                                                                                                              1KB

                                                                                                                                                              MD5

                                                                                                                                                              44cd7621faa48ba874449d8573da3b9b

                                                                                                                                                              SHA1

                                                                                                                                                              177986590e5d3ac7da52cafba4da8880ba6b8adf

                                                                                                                                                              SHA256

                                                                                                                                                              26e8957b4f36cba15e3e759cc457f204b503b4f62c3251b8aaf0d132986ed409

                                                                                                                                                              SHA512

                                                                                                                                                              016da1c7505117c0bd04d8203df51199a067daf521a1dce29b825c2413455abdef9ddf9743986b9d8f63b85018c0caedface40948afc9ec0eb02439f094039b3

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\AutoLaunchProtocolsComponent\1.0.0.8\protocols.json
                                                                                                                                                              Filesize

                                                                                                                                                              3KB

                                                                                                                                                              MD5

                                                                                                                                                              6bbb18bb210b0af189f5d76a65f7ad80

                                                                                                                                                              SHA1

                                                                                                                                                              87b804075e78af64293611a637504273fadfe718

                                                                                                                                                              SHA256

                                                                                                                                                              01594d510a1bbc016897ec89402553eca423dfdc8b82bafbc5653bf0c976f57c

                                                                                                                                                              SHA512

                                                                                                                                                              4788edcfa3911c3bb2be8fc447166c330e8ac389f74e8c44e13238ead2fa45c8538aee325bd0d1cc40d91ad47dea1aa94a92148a62983144fdecff2130ee120d

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.1.12\autofill_bypass_cache_forms.json
                                                                                                                                                              Filesize

                                                                                                                                                              127B

                                                                                                                                                              MD5

                                                                                                                                                              22e4cc4c0eb6444f7cae2aa35a707227

                                                                                                                                                              SHA1

                                                                                                                                                              86fd42f17be0b1fa10b170cfe18d49930ed35044

                                                                                                                                                              SHA256

                                                                                                                                                              e409a4f42c50d8fc80facaad15b807779658fc97b01c871d0820577dd8f334b7

                                                                                                                                                              SHA512

                                                                                                                                                              a3e41584d8d2dab323a4846321658f759573ba694e877a8e4abb7ec08d30213db509a64bdf1b561491faf9aed5cb31be2481d505f4ef56838e5df6e1e6c820d9

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.1.12\edge_autofill_global_block_list.json
                                                                                                                                                              Filesize

                                                                                                                                                              4KB

                                                                                                                                                              MD5

                                                                                                                                                              ba6dff9e296c4dab26f3f61893502cbb

                                                                                                                                                              SHA1

                                                                                                                                                              02b6bb7ef39485c2aac70038c1555d09632e8414

                                                                                                                                                              SHA256

                                                                                                                                                              4576e2d9e040c1dba48610bb4b41c117aa1858c3de0ad26cdcd3700323b168f4

                                                                                                                                                              SHA512

                                                                                                                                                              8e72310fe5bf20c3716bb6dcfd119e2904ca0eb0d12e67669e656aedf023f078d897b5db577023068d2f0222168f2c99d64acefb1ec1e8e9116fa78e9e2e9c7b

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.1.12\v1FieldTypes.json
                                                                                                                                                              Filesize

                                                                                                                                                              509KB

                                                                                                                                                              MD5

                                                                                                                                                              630f694f05bdfb788a9731d59b7a5bfe

                                                                                                                                                              SHA1

                                                                                                                                                              689c0e95aaefcbaca002f4e60c51c3610d100b67

                                                                                                                                                              SHA256

                                                                                                                                                              ad6fdee06aa37e3af6034af935f74b58c1933752478026ceeccf47dc506c8779

                                                                                                                                                              SHA512

                                                                                                                                                              6ee64baab1af4551851dcef549b49ec1442aa0b67d2149ac9338dc1fe0082ee24f4611fcc76d6b8abeb828ad957a9fa847cbc9c98cdf42dd410d046686b3769b

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                              Filesize

                                                                                                                                                              152B

                                                                                                                                                              MD5

                                                                                                                                                              8ef3f393ca3aa015861d1b964e96a913

                                                                                                                                                              SHA1

                                                                                                                                                              45f3babe2fb14e3bf5d7661c7b36a78ef2c3492d

                                                                                                                                                              SHA256

                                                                                                                                                              4e0736ff91a28fc09b5cde881c2e4de5695d3ea6e635f95f4ec127a794aa5598

                                                                                                                                                              SHA512

                                                                                                                                                              18c81b7222b036d23538c8a7faf421d5d93f0ff1c66a4048626cbdb2552051cd30e7c30b2270e417edf63ce336c7dd28c380bfabc0199ae16434ef9a07b321d1

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                              Filesize

                                                                                                                                                              152B

                                                                                                                                                              MD5

                                                                                                                                                              f30efe066a9e2453fee2d0c556bb24ec

                                                                                                                                                              SHA1

                                                                                                                                                              994eef2c5134d7e8a9bbdf652a277a4c3f8fade0

                                                                                                                                                              SHA256

                                                                                                                                                              15c051409ed1a19cb24e4b386c03d2d80c97ca97dcc9c55a0d07c0c99d918da1

                                                                                                                                                              SHA512

                                                                                                                                                              030bad42e478c90ec84fca214a31874654a4290950405040d7004093756904a366ace1540ada23486d75ba44458407d822ee96846057466b93456351b8b8dcd1

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                              Filesize

                                                                                                                                                              280B

                                                                                                                                                              MD5

                                                                                                                                                              3df3aaca74212a5a8e0ee0c7b2915382

                                                                                                                                                              SHA1

                                                                                                                                                              ac05a79891174d4edde4ddb874877f557b49d987

                                                                                                                                                              SHA256

                                                                                                                                                              0d264928754cb96020424e3452b28ebd1f730f29ca772c6f4af77ed4cfb65cfc

                                                                                                                                                              SHA512

                                                                                                                                                              53573f825c435333b9dded1650d030083d4301e9db0bbf66fbc30a91740a4933ee5b15a165bffbc6f2a7836fed7f3ededfd4b16830b26be53e192495abb1e8fb

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                              Filesize

                                                                                                                                                              152B

                                                                                                                                                              MD5

                                                                                                                                                              0fbf07cb76182d0957afd0b99fb3f3d9

                                                                                                                                                              SHA1

                                                                                                                                                              dba680cef81e382a1bf50c3f83d68cbcb6af0c43

                                                                                                                                                              SHA256

                                                                                                                                                              1cbe3641bbd52d4f86f1aec0f646226bdbb46a0bfc64d0dbba905d4956344f8b

                                                                                                                                                              SHA512

                                                                                                                                                              afd79c8056aaefcc66a38569ab87edfc763a65ad657623d5b7d2c986d86f1df3fbf7dff7de0879d99534407e4494939ba3a2433cc333f8b8445cee3845146b35

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                              Filesize

                                                                                                                                                              280B

                                                                                                                                                              MD5

                                                                                                                                                              7422201846e50f59611e1c697942fbb2

                                                                                                                                                              SHA1

                                                                                                                                                              a41a89f8f4c52d3278f95abebbf73521bb0da1e0

                                                                                                                                                              SHA256

                                                                                                                                                              aedf4d0572bb721a55b5de54e0b89437d9f4b52459299a8df2a3913214bc1ffa

                                                                                                                                                              SHA512

                                                                                                                                                              86006a153565e93061ec6ffa395ac28bb7b488fe7b0715415f187b93c95bfb7780fdf523c6e2fd8ffb6d05cf49068f8e8bb460c144a49da28528e429a6c31a14

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\3e5ec891-f8b6-4b30-aaef-9c01938e5bd7.tmp
                                                                                                                                                              Filesize

                                                                                                                                                              9KB

                                                                                                                                                              MD5

                                                                                                                                                              53ffc95c3a9e1ab6e7d77d87098b1e9c

                                                                                                                                                              SHA1

                                                                                                                                                              6df18a06a0309081f7c5e9be5eef8fec08143950

                                                                                                                                                              SHA256

                                                                                                                                                              ec1527cf34615dbec08b1063c91b0d05e81b126c1612aa630e178e937289c6e2

                                                                                                                                                              SHA512

                                                                                                                                                              3900dfa278c473f12b95103563f837aeb8f9586b0f3e3d42f98b0b86f0fcc4e9dabb0a74fbdefcac54f9ec64f54d26aeedd1a449b090545b232a2487dabac552

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old
                                                                                                                                                              Filesize

                                                                                                                                                              357B

                                                                                                                                                              MD5

                                                                                                                                                              3a49bbeecaf62fed8e4f872708a6a4f3

                                                                                                                                                              SHA1

                                                                                                                                                              b97a7eb099c451f1378b4162db1fc786dc449469

                                                                                                                                                              SHA256

                                                                                                                                                              78d874fff6cca94cebe731aa6b3691e024b10f708dd1657bde1bc96d5050daeb

                                                                                                                                                              SHA512

                                                                                                                                                              8c17efa8d9562d41289740b13b90889dd3fdecae5c10b201de38c680f7981e1f8e1628ce81e9be0399f8fa67d808632d37c32781535571bd99a86d2d77a0e3c4

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\MANIFEST-000001
                                                                                                                                                              Filesize

                                                                                                                                                              158B

                                                                                                                                                              MD5

                                                                                                                                                              0fe3fa95dab81eece7cb91d82c68fbef

                                                                                                                                                              SHA1

                                                                                                                                                              f2af7dd92981026754369a950da6bc822ded6cd3

                                                                                                                                                              SHA256

                                                                                                                                                              836c62c40bb97e2d39f720cb270efba827cf4f4e67734438abbc7b8b563338f9

                                                                                                                                                              SHA512

                                                                                                                                                              66887e6163798bc7e9aab65ddf435eeda280981107010af9ef75ee4a4a7154e78068c04e7cced8ce9a4c5cf9acefd3ff3ace629dd01fb2fc02b524f5d9290661

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000021
                                                                                                                                                              Filesize

                                                                                                                                                              39KB

                                                                                                                                                              MD5

                                                                                                                                                              e1f6e032096b2924e561c3928b9dc73d

                                                                                                                                                              SHA1

                                                                                                                                                              f33a3bb1b04f04ed1b93b13d21b6b3ce529690ad

                                                                                                                                                              SHA256

                                                                                                                                                              fa802b853572d8a40ee939940d0cd9562ea8f5954c0522b0777e01fcb546c3c8

                                                                                                                                                              SHA512

                                                                                                                                                              b13f6e1f984d28c5f4cfc4ae2298b321c314892cab1e5ccd6f1f61ec98d8c1a39669078c88ba541c91648963abc6e16e0a1cdb4e9449b4be16927e9bad8d0f37

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000023
                                                                                                                                                              Filesize

                                                                                                                                                              42KB

                                                                                                                                                              MD5

                                                                                                                                                              cc7ad65e0558327d8fbe8ade40ab94e8

                                                                                                                                                              SHA1

                                                                                                                                                              6c153e9bf971f196db25cb2cb3b62f77f0a1299a

                                                                                                                                                              SHA256

                                                                                                                                                              956e1fd407995ff1ecca3bf42ca0d01086edc7eb6a965e1d9d4a48f197a8bd30

                                                                                                                                                              SHA512

                                                                                                                                                              0af63a7bb1151ef7564472b90ddd766857e3fd78973195817aa751d97093558688733876114ea7341063c7f1bc01f90aba1016980ce2c009a0cc399f40614377

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001
                                                                                                                                                              Filesize

                                                                                                                                                              18KB

                                                                                                                                                              MD5

                                                                                                                                                              8eff0b8045fd1959e117f85654ae7770

                                                                                                                                                              SHA1

                                                                                                                                                              227fee13ceb7c410b5c0bb8000258b6643cb6255

                                                                                                                                                              SHA256

                                                                                                                                                              89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

                                                                                                                                                              SHA512

                                                                                                                                                              2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
                                                                                                                                                              Filesize

                                                                                                                                                              67KB

                                                                                                                                                              MD5

                                                                                                                                                              69df804d05f8b29a88278b7d582dd279

                                                                                                                                                              SHA1

                                                                                                                                                              d9560905612cf656d5dd0e741172fb4cd9c60688

                                                                                                                                                              SHA256

                                                                                                                                                              b885987a52236f56ce7a5ca18b18533e64f62ab64eb14050ede93c93b5bd5608

                                                                                                                                                              SHA512

                                                                                                                                                              0ef49eeeeb463da832f7d5b11f6418baa65963de62c00e71d847183e0035be03e63c097103d30329582fe806d246e3c0e3ecab8b2498799abbb21d8b7febdc0e

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              MD5

                                                                                                                                                              d6b36c7d4b06f140f860ddc91a4c659c

                                                                                                                                                              SHA1

                                                                                                                                                              ccf16571637b8d3e4c9423688c5bd06167bfb9e9

                                                                                                                                                              SHA256

                                                                                                                                                              34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92

                                                                                                                                                              SHA512

                                                                                                                                                              2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
                                                                                                                                                              Filesize

                                                                                                                                                              19KB

                                                                                                                                                              MD5

                                                                                                                                                              2e86a72f4e82614cd4842950d2e0a716

                                                                                                                                                              SHA1

                                                                                                                                                              d7b4ee0c9af735d098bff474632fc2c0113e0b9c

                                                                                                                                                              SHA256

                                                                                                                                                              c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

                                                                                                                                                              SHA512

                                                                                                                                                              7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
                                                                                                                                                              Filesize

                                                                                                                                                              65KB

                                                                                                                                                              MD5

                                                                                                                                                              56d57bc655526551f217536f19195495

                                                                                                                                                              SHA1

                                                                                                                                                              28b430886d1220855a805d78dc5d6414aeee6995

                                                                                                                                                              SHA256

                                                                                                                                                              f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

                                                                                                                                                              SHA512

                                                                                                                                                              7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030
                                                                                                                                                              Filesize

                                                                                                                                                              55KB

                                                                                                                                                              MD5

                                                                                                                                                              fdf2600d905a0faa060d691e0212e1a7

                                                                                                                                                              SHA1

                                                                                                                                                              62550f0993a219e265ff9a0795a4d9f49b28748f

                                                                                                                                                              SHA256

                                                                                                                                                              52a37b3a78eb5b59df3bdb129b9115c6fed9bec6ca62b55ae56d8c2701de5972

                                                                                                                                                              SHA512

                                                                                                                                                              7118d2ea3aafe3d77709842da20acbe3faaf4c6c92a50ab05ecd4986916bbb92fe297a1b00357572683b02c61762cdf31dc425f03221dd169803252db5f04f7f

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033
                                                                                                                                                              Filesize

                                                                                                                                                              57KB

                                                                                                                                                              MD5

                                                                                                                                                              26a1891f272dc17f5ac69a8cfde2991d

                                                                                                                                                              SHA1

                                                                                                                                                              097239d7cb11b964bd6a745f24e5f82267fcaf0f

                                                                                                                                                              SHA256

                                                                                                                                                              e4dd3bb15ae6492d5ddff59e08075a6023463b82cfe6c284470fec0d86fe52ae

                                                                                                                                                              SHA512

                                                                                                                                                              2b78bc3b2e57aeaacdbce5315b117c8900f9cfb99e331704c80f871882b1f0ad88ef7d6808fea6a8e93e1e65a239beaff9c3d61a07191b96bc21c0fac759d783

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000048
                                                                                                                                                              Filesize

                                                                                                                                                              55KB

                                                                                                                                                              MD5

                                                                                                                                                              cfd886e1ca849a7f8e2600763f236d78

                                                                                                                                                              SHA1

                                                                                                                                                              c1fc2b10d20c529c01b465a1edc0ed2fe04f0bd5

                                                                                                                                                              SHA256

                                                                                                                                                              c0b1c3c6995c24eabd1a6fcc4f00523e022b546cf1fa4fce6c30d04763244d1b

                                                                                                                                                              SHA512

                                                                                                                                                              254e37e3650b2c87b524c96f517586b690094abf7c8e0539b050ecdc4c56c2593bedab7b1a830b827ddc19f1c3e05ff4096ebdf4cc969b5bc5fd33cb34e94fd8

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004a
                                                                                                                                                              Filesize

                                                                                                                                                              947KB

                                                                                                                                                              MD5

                                                                                                                                                              ec3d3484a3eae142f6977caf46ee6f7c

                                                                                                                                                              SHA1

                                                                                                                                                              e41d19720562e05ff80458b4efa8a4f2744466f4

                                                                                                                                                              SHA256

                                                                                                                                                              c036eec3cba1b3b545c138389c44826393161c0a580472ed8b6c8d90254a6f93

                                                                                                                                                              SHA512

                                                                                                                                                              395f339b90a1512e78b1a2557817e189e684d5f590f88bc7bd4cd19a480e174dc13622e365d631031481e4d4e81dbe30334ba5721c338b4e21b5de5815d188cb

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000056
                                                                                                                                                              Filesize

                                                                                                                                                              1024KB

                                                                                                                                                              MD5

                                                                                                                                                              7a2480cb568b833b93e99e6ff8c9d8e6

                                                                                                                                                              SHA1

                                                                                                                                                              fb4acde6ed704020d1e162e8af7806ee8797b93b

                                                                                                                                                              SHA256

                                                                                                                                                              40bc477bf3b0c643690f7a0f6cba5d41f3f94a03c66d0975f3fc074942dee879

                                                                                                                                                              SHA512

                                                                                                                                                              69943814f96e78f4ca89e7d3c31633c83b96a017dcb160a7fee1a77419039cbf5985880e7705c05feaaeebc5b1244763a80daa31d7a2118c4ea04f3ad0a47a50

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                              Filesize

                                                                                                                                                              8KB

                                                                                                                                                              MD5

                                                                                                                                                              95fe22c666d10ca15d5f7628e43328a5

                                                                                                                                                              SHA1

                                                                                                                                                              f4a6cd71ff821f4d05f0b0863e71f9d7449aaf04

                                                                                                                                                              SHA256

                                                                                                                                                              38551caed916a1d32c354968b4011f699657b488c232fc26c42726c19e4a100c

                                                                                                                                                              SHA512

                                                                                                                                                              5bdf9b21e531c0f4c644942bafbbf2a5ed82f46b87dfda9f17307dbb5e8776892b54fff9db57947f0a8bfe3ff55cda4007f3ff2754381981baa4f215fd815ad3

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                              Filesize

                                                                                                                                                              8KB

                                                                                                                                                              MD5

                                                                                                                                                              132fba941194a5fac262e8ad4d4bfada

                                                                                                                                                              SHA1

                                                                                                                                                              cbec8c4b5d8545acf3ad62cb02c9a9464fd1cc8b

                                                                                                                                                              SHA256

                                                                                                                                                              333cb31d3d25616a0abbaea7e2e8fd3dad3aa53f9791f99d8e480aae6d1e0339

                                                                                                                                                              SHA512

                                                                                                                                                              bdef7a387e4552692c004ac053c6cb6a576af4d3440b4cd6aff13015c42a513d3c612db34b442940ebf412eeb8067ef308e024f7064aad3160faec9aff4beb27

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                              Filesize

                                                                                                                                                              7KB

                                                                                                                                                              MD5

                                                                                                                                                              bd22f8b9e0821a146067f336bcc917b2

                                                                                                                                                              SHA1

                                                                                                                                                              e51a94faebec7ec916582d28910fd33ac517c2ed

                                                                                                                                                              SHA256

                                                                                                                                                              c268be52b994cda414349d0d1dd5eb0faffc3da779b8ccaf9e3f3aca7990f50e

                                                                                                                                                              SHA512

                                                                                                                                                              6297122d145d1f4d3915e156f359caffd80423e9b8b8dd17fa0c6fcee4ad3de732e34758511be21481fcbffcb61cfa60687fa23bf700474a29062579b67d1799

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                              Filesize

                                                                                                                                                              6KB

                                                                                                                                                              MD5

                                                                                                                                                              c01098caf41bf66fbfddb36b808cc9db

                                                                                                                                                              SHA1

                                                                                                                                                              f1df752cb5cb5fb0112a9ef84ac0758ca750ab46

                                                                                                                                                              SHA256

                                                                                                                                                              3d48d6d8f69d072219fbd7614280bc06334c64b687b8179411f6f211ab1aeab6

                                                                                                                                                              SHA512

                                                                                                                                                              d6bf8d4403fa8a727198986f9c3774727c52cc54e3b6d0324fca44117dd834826323f9eab1973abd7fa7a1df22bc37d48faa0abcd54aaab5b4df4d8a0b3a34dd

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                              Filesize

                                                                                                                                                              5KB

                                                                                                                                                              MD5

                                                                                                                                                              9d632f537ad2c911a885dcfe9dc7afba

                                                                                                                                                              SHA1

                                                                                                                                                              a4119db700dec79987ed138e5649e210afe6e22e

                                                                                                                                                              SHA256

                                                                                                                                                              8eeffd21c688c12d9083c99ccd0aff8354c681ce3f96e38744f9e096f437f8ef

                                                                                                                                                              SHA512

                                                                                                                                                              2fe6c50be7bed2471772d246d58f5e65993c22bcb64a62e006c11015640f1fe1b5800af1348debcc788516b0400ea749f986c499851364fcff6913a501b32afa

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\3e7d8ff0-7a29-487f-825a-ad78cb74830b.tmp
                                                                                                                                                              Filesize

                                                                                                                                                              2B

                                                                                                                                                              MD5

                                                                                                                                                              99914b932bd37a50b983c5e7c90ae93b

                                                                                                                                                              SHA1

                                                                                                                                                              bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                                                                                                                              SHA256

                                                                                                                                                              44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                                                                                                                              SHA512

                                                                                                                                                              27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico
                                                                                                                                                              Filesize

                                                                                                                                                              69KB

                                                                                                                                                              MD5

                                                                                                                                                              164a788f50529fc93a6077e50675c617

                                                                                                                                                              SHA1

                                                                                                                                                              c53f6cd0531fd98d6abbd2a9e5fbb4319b221f48

                                                                                                                                                              SHA256

                                                                                                                                                              b305e470fb9f8b69a8cd53b5a8ffb88538c9f6a9c7c2c194a226e8f6c9b53c17

                                                                                                                                                              SHA512

                                                                                                                                                              ec7d173b55283f3e59a468a0037921dc4e1bf3fab1c693330b9d8e5826273c917b374c4b802f3234bbb5e5e210d55e52351426867e0eb8c9f6fba1a053cb05d4

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\content.js
                                                                                                                                                              Filesize

                                                                                                                                                              9KB

                                                                                                                                                              MD5

                                                                                                                                                              3d20584f7f6c8eac79e17cca4207fb79

                                                                                                                                                              SHA1

                                                                                                                                                              3c16dcc27ae52431c8cdd92fbaab0341524d3092

                                                                                                                                                              SHA256

                                                                                                                                                              0d40a5153cb66b5bde64906ca3ae750494098f68ad0b4d091256939eea243643

                                                                                                                                                              SHA512

                                                                                                                                                              315d1b4cc2e70c72d7eb7d51e0f304f6e64ac13ae301fd2e46d585243a6c936b2ad35a0964745d291ae9b317c316a29760b9b9782c88cc6a68599db531f87d59

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                              Filesize

                                                                                                                                                              1KB

                                                                                                                                                              MD5

                                                                                                                                                              362ac5f15f4614991c0b1628870122c6

                                                                                                                                                              SHA1

                                                                                                                                                              1c3cfbd9eea61ef99546273a247423b328b6b9c4

                                                                                                                                                              SHA256

                                                                                                                                                              d6291208391ec5f9dcbf7cc09549eb1c4bc058d293066bf241d6245958f4d424

                                                                                                                                                              SHA512

                                                                                                                                                              8f1ff5c578625ccfa4a4f0422bf91fed9472899b5cef3731c17b0cbd7bc79384fafa8cd6135efecc1d6c103570cc92004c04f8227d1d9c181c0916b78eb6f172

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                              Filesize

                                                                                                                                                              3KB

                                                                                                                                                              MD5

                                                                                                                                                              b4bb5b52a5fc96f0c255050debbf4138

                                                                                                                                                              SHA1

                                                                                                                                                              3f0d0710f5c8a60bfc57966a240632fa4317490e

                                                                                                                                                              SHA256

                                                                                                                                                              b32faa5a244f0472564e5d3a08115706791257467d47640c9eda626c0bca1427

                                                                                                                                                              SHA512

                                                                                                                                                              5bac33a36451089f32327b5679ade1159951f6c6daf24fe96686441aad727c1a2f8c7b62cc4a773fc18f4f6be4dbc3a4dd62ed79867d97febc8b4bbdb63a73cb

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                              Filesize

                                                                                                                                                              3KB

                                                                                                                                                              MD5

                                                                                                                                                              0a7f700ed0e314fbda35d68ff79e5ef9

                                                                                                                                                              SHA1

                                                                                                                                                              997cbd04935b9ebe9afa28a8069d1748dc1401f7

                                                                                                                                                              SHA256

                                                                                                                                                              d04deaa2ec2c11256bc8830553e9b06f6f9e4e51a7de8c06f39c911d47860acc

                                                                                                                                                              SHA512

                                                                                                                                                              f03f304d5a52b4af81220edbb07b40cd46634ead7dd20936122525a7295583c33616a667d2b0537f3b168f528928ea6e69e629e4cffdee3620d37aa4eccb0524

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                              Filesize

                                                                                                                                                              111B

                                                                                                                                                              MD5

                                                                                                                                                              807419ca9a4734feaf8d8563a003b048

                                                                                                                                                              SHA1

                                                                                                                                                              a723c7d60a65886ffa068711f1e900ccc85922a6

                                                                                                                                                              SHA256

                                                                                                                                                              aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

                                                                                                                                                              SHA512

                                                                                                                                                              f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
                                                                                                                                                              Filesize

                                                                                                                                                              3KB

                                                                                                                                                              MD5

                                                                                                                                                              85fc0738d5e055ca2394bb25e9ec4ddd

                                                                                                                                                              SHA1

                                                                                                                                                              f5f42a2aa97eb7dc24bc7d1da4d861cb54ac993f

                                                                                                                                                              SHA256

                                                                                                                                                              357608652c8c048f0c7f72cd79bf66d4758c81f770ef952bd0db93f6dc99f3e9

                                                                                                                                                              SHA512

                                                                                                                                                              6f837ed83cb635d2eee5e786ba919df50aa5d3ce1597f1422748104a113942f483d444e1443ee900e500144b1fce6dde3485efd318e2f94841db9c5d626f0d9d

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
                                                                                                                                                              Filesize

                                                                                                                                                              3KB

                                                                                                                                                              MD5

                                                                                                                                                              af43131551eb947cd47e81c2d1387ae0

                                                                                                                                                              SHA1

                                                                                                                                                              1bca8fa7a0097d550a9c771d612fec9dd79c2a49

                                                                                                                                                              SHA256

                                                                                                                                                              8b94f606e52eec59bb8c5af7e324494a78ec5c4ac58c35a42bc0c95c0bc73546

                                                                                                                                                              SHA512

                                                                                                                                                              aee2e2b19daf6c3af3d0e96999820f55beb06d0a9be115f5c5e94b67b6c17d1ab0fc225174430827546a6c8b0e8b02d2a0ecad39c3d2d2ebd69d4bb70ec64492

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
                                                                                                                                                              Filesize

                                                                                                                                                              3KB

                                                                                                                                                              MD5

                                                                                                                                                              049fba54cb7d2baac8f453b3964eb110

                                                                                                                                                              SHA1

                                                                                                                                                              a4f7b8c28885359efb0817d9f60cb701e0ad35f9

                                                                                                                                                              SHA256

                                                                                                                                                              bff2b8187ec1c980d2f6e4ef717433de9d347440dde85d04df310d01cb0ccb3a

                                                                                                                                                              SHA512

                                                                                                                                                              e0e1fbbc32c9134f027ae5484c4f1ec7c6249fac5fc2cf2c473d3e0543826553ec942b23a52b4871a5e900600d837cbe068b825fa5e82fd15585e131240c2ac6

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
                                                                                                                                                              Filesize

                                                                                                                                                              3KB

                                                                                                                                                              MD5

                                                                                                                                                              77d042ae370246f126ddf2d010d33b0a

                                                                                                                                                              SHA1

                                                                                                                                                              b82278591981d2c7f09ba0544592c3c8a08121db

                                                                                                                                                              SHA256

                                                                                                                                                              330537612c41752042dddc392361914379e29312d715a1e19630a4598c63f26b

                                                                                                                                                              SHA512

                                                                                                                                                              ac72156f1ff185a54841f23257e08714bedc2833552b62015308229a04c1a7c1e21d74b0b37e1249c6b1fbc5008dfa721496cfa8c661995fe185afa6c6671595

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
                                                                                                                                                              Filesize

                                                                                                                                                              4KB

                                                                                                                                                              MD5

                                                                                                                                                              cf60005d75afb600b43ebfa4c42f6c11

                                                                                                                                                              SHA1

                                                                                                                                                              e51eeb7c079227054a574975bed00c31a557c26d

                                                                                                                                                              SHA256

                                                                                                                                                              b1445bf8e952b6d631bb8b507d7b67d68d7fd4bdbbc820cb24ed3aa43f8f43e9

                                                                                                                                                              SHA512

                                                                                                                                                              b38113c5bb907545f295a938756d9853fbbbc0070211c109fa928057cee24dd2c3d8818b0d6def34fe62e8a9c6949a8ea8d710eedcdf01982d81463f6437b445

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
                                                                                                                                                              Filesize

                                                                                                                                                              4KB

                                                                                                                                                              MD5

                                                                                                                                                              e267317cf3e27bc0649184f8fd1ff029

                                                                                                                                                              SHA1

                                                                                                                                                              0e35d873e82836bbd4e404bff49ebaf444ad65e9

                                                                                                                                                              SHA256

                                                                                                                                                              21e1c06e1fa4eb546bf6d9badd994f261857e8895acf3b06dd61e2f2e29a1372

                                                                                                                                                              SHA512

                                                                                                                                                              d0d635f88c26b0c9637d5873eb8c526f7387dbfef80d99b06087ee649cd8137dddc823f745edf38c8cc71cbf93d9040f14141d991d1797059175579091f9b087

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\aae4c1ac-4dd8-471c-9f23-d2f4a9ab8bc2.tmp
                                                                                                                                                              Filesize

                                                                                                                                                              40B

                                                                                                                                                              MD5

                                                                                                                                                              20d4b8fa017a12a108c87f540836e250

                                                                                                                                                              SHA1

                                                                                                                                                              1ac617fac131262b6d3ce1f52f5907e31d5f6f00

                                                                                                                                                              SHA256

                                                                                                                                                              6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

                                                                                                                                                              SHA512

                                                                                                                                                              507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                              Filesize

                                                                                                                                                              18KB

                                                                                                                                                              MD5

                                                                                                                                                              d4fe71a1ccfb2fad246d7e499636560d

                                                                                                                                                              SHA1

                                                                                                                                                              58e4c7e39d1ab65aa3dbfa7ab46065c998d768c5

                                                                                                                                                              SHA256

                                                                                                                                                              20550c4b0d13a0d48638fefb4e5f933f89b8363a5e9bf5750412dc6f974d7f27

                                                                                                                                                              SHA512

                                                                                                                                                              a85e63e5ec96127bd5972716eb119a03d7f3f0523052a718a48b5c35014d5dcb97ea4359d51bf4d9bda5b66cc00454d38afb699ad4f7b4a661448aeec38dd8f8

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                              Filesize

                                                                                                                                                              18KB

                                                                                                                                                              MD5

                                                                                                                                                              d46e8c67921bc417bfd044cbd075942a

                                                                                                                                                              SHA1

                                                                                                                                                              67ac04a6d1fd315144f6e89ba8756420a3b7356e

                                                                                                                                                              SHA256

                                                                                                                                                              59c927287d93db2a92d0a71a7833baf8d5132d9937fc1f5eb67ab0993850c4aa

                                                                                                                                                              SHA512

                                                                                                                                                              48774aad53cff49d06d544dca627d59718b159d9ca21c9c6cd244a41023f534562f235f797b6a09fb41c6e0560c3a68aae16192f1b131178d5813a5453484269

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                              Filesize

                                                                                                                                                              20KB

                                                                                                                                                              MD5

                                                                                                                                                              460b55f95c0e5f3c4d256dd0338dd654

                                                                                                                                                              SHA1

                                                                                                                                                              882a9812e30becdd0fe2d29ae137d39bb5623964

                                                                                                                                                              SHA256

                                                                                                                                                              fb1a45f7a5ad46f3e1fc060a5809d19c086fcb028b13e37ae64f75feee2c4af5

                                                                                                                                                              SHA512

                                                                                                                                                              9c4f3e9f069c16272f53c450d9744f6e26dfd42a739bc84b537b78f4628868abfe4f3d2d4e9e1587c7de48680e6192490275819f3bb3b17cb6f205be4d7f65c8

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                              Filesize

                                                                                                                                                              20KB

                                                                                                                                                              MD5

                                                                                                                                                              8147419173ba2e66eaf8069bfa65326a

                                                                                                                                                              SHA1

                                                                                                                                                              6cd6bdc78ac49dec83fd8fa7c9ad4535e0e5f2c0

                                                                                                                                                              SHA256

                                                                                                                                                              e7aa08c7de5d1ed0ae6732b06ffb531a882828ce240a277e1f719ea756c7bfd1

                                                                                                                                                              SHA512

                                                                                                                                                              3dde2515e845cc768db37877be96341586947f198a42dd53314e80e8c1b1b5524281fadc4e054317b2e20cba8ecb0ca068061f16dc7d112857cbb06fc65b0a65

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                              Filesize

                                                                                                                                                              19KB

                                                                                                                                                              MD5

                                                                                                                                                              53d4dd3ad1b7fa2ce828de829486fd53

                                                                                                                                                              SHA1

                                                                                                                                                              2bc51e3cb3ed1beb61a516fecf6f746112a2bfd4

                                                                                                                                                              SHA256

                                                                                                                                                              81cd4d4afe22bbf1f6801868c45637c79b92cc7bc3a611e4b268bac0ecf72cb5

                                                                                                                                                              SHA512

                                                                                                                                                              460835cd648da8c9b93f5e0004b1021188ae863309901b21e5968145dd4b2ffb8dfa69979caf939cb09b9dbe736e8a3f15424adce9c6ae6f1ef4c35a70b82c0e

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                              Filesize

                                                                                                                                                              5KB

                                                                                                                                                              MD5

                                                                                                                                                              ab4faed9eefa92b398e47456b0b3b722

                                                                                                                                                              SHA1

                                                                                                                                                              176f1f2542a916bdd667eb4d264736f36bc6a8a7

                                                                                                                                                              SHA256

                                                                                                                                                              725a33063e267005b081413850e2854db6c2a2fe491389375d2bef66a36d7ea4

                                                                                                                                                              SHA512

                                                                                                                                                              542980294f20e8cc1340b214e5601e1e0db3a0db57afccf13cd7802b37faca5189bb1343cb05937fc8f9cddb9bc3ed1beb1dab7d02bdd8e13798b2fc2884622b

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                              Filesize

                                                                                                                                                              8KB

                                                                                                                                                              MD5

                                                                                                                                                              b1febd142df9c64e92c4b5aa0a3b296c

                                                                                                                                                              SHA1

                                                                                                                                                              e3bc8c1fb4821fba7e1d7ec9e2632fcbebed44c6

                                                                                                                                                              SHA256

                                                                                                                                                              faaa5b4dd15de440c2b6411dbbdaa9bbf590cdbf151fc1416b22d10bd90e6cbf

                                                                                                                                                              SHA512

                                                                                                                                                              1d5d64a55181d7f1c935c1ff459bf1ea29cf7614967bd499c03e2250ca6b1afb4d3a323236ab55f478dd93bde76cd8692a94a27036e5760e4b5fce716aa9aeab

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                              Filesize

                                                                                                                                                              6KB

                                                                                                                                                              MD5

                                                                                                                                                              c2d6307726ef0ef3ca4815937f1e7a99

                                                                                                                                                              SHA1

                                                                                                                                                              bdd6e3a168ed67aa980f9bcdcddf5d4811d78862

                                                                                                                                                              SHA256

                                                                                                                                                              cc701aebf4395553715275cdf5d52af5a017090480926b27d9a672765d8d5d3b

                                                                                                                                                              SHA512

                                                                                                                                                              d8f3bddbb77631c34b498ebe9f8b547fcf7a23e795d357177b6057e0fc3d3437d30dcf49415d4489c468b851d4af0be80f9161d105c277bd2b2f596a01b7625b

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                              Filesize

                                                                                                                                                              7KB

                                                                                                                                                              MD5

                                                                                                                                                              a3b30029681c51de71f3b05d545b736d

                                                                                                                                                              SHA1

                                                                                                                                                              6dddf57b0a3afce62525ca52e04f8ce08820535d

                                                                                                                                                              SHA256

                                                                                                                                                              e7aef6eb8238a4bb46e1c269730e67f8210b9edf824fa47bbf77b18eaf7d7b4c

                                                                                                                                                              SHA512

                                                                                                                                                              03f6c01aaa4bb23a0e0ab9f354fb73629a3202ba15ede8f7d9919f291ab9da9219f5bbe684a96bdd67767907580594fa76a42501ca4f9694080b6c200980e53b

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                              Filesize

                                                                                                                                                              8KB

                                                                                                                                                              MD5

                                                                                                                                                              387e8fa00031d79d4c8f7ce5187811db

                                                                                                                                                              SHA1

                                                                                                                                                              886e88d3d97c0b8ca0b4796bd3531bbfc460e91a

                                                                                                                                                              SHA256

                                                                                                                                                              6eb4031fecb558b81619cce778e0b50970d468116dc4356d6c412a2a5c323a0b

                                                                                                                                                              SHA512

                                                                                                                                                              834ad998469d856235d71c4ab750b458cb272c7ff01d009a9f90f86ab1db20946138ae0e71fb80db76cff2af6a6ec547e544ffa01e822f0d45eecf419acbabee

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                              Filesize

                                                                                                                                                              8KB

                                                                                                                                                              MD5

                                                                                                                                                              03117b7d934aeb9919530220246eae80

                                                                                                                                                              SHA1

                                                                                                                                                              f4ccd7c223c4ad06b008a2c405b537a6b82b51d9

                                                                                                                                                              SHA256

                                                                                                                                                              aefc6363ac452e9f6e7df2fa17649bcc6d3e4785e74c44e65324a6c75e54456a

                                                                                                                                                              SHA512

                                                                                                                                                              57a674cfc3dedafcfe1c2bce3f57eb5936100e0787d651ddd9506ed0fe107c0233513cba176528cceb55c6737b6d3a9e49bb9ae989e750f20eba5001f2f9876b

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                              Filesize

                                                                                                                                                              6KB

                                                                                                                                                              MD5

                                                                                                                                                              f334f284f0d1d55d80f58b60eaef149b

                                                                                                                                                              SHA1

                                                                                                                                                              67a6f26c91c1176088931341f2c1907c624cd71a

                                                                                                                                                              SHA256

                                                                                                                                                              8293e5b7d01ff24960c50e2babf34feb3558af4055aba7f5560159af8712d950

                                                                                                                                                              SHA512

                                                                                                                                                              bee7de37ec4444843a0f212e893c3ddcad2e38f933c16a09b084d44156d143ad12d97658420886e36202ae050a75332864fcf89f6222568d38c78e17dd8fc399

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
                                                                                                                                                              Filesize

                                                                                                                                                              37KB

                                                                                                                                                              MD5

                                                                                                                                                              9b1936bbdbbb5be8acbe1e13cbe20c3c

                                                                                                                                                              SHA1

                                                                                                                                                              1f79c25e821856484df63aab0d76457799814bd2

                                                                                                                                                              SHA256

                                                                                                                                                              36abf63ecaa7cb58f79ddaac73d5a691193c7ec73460c659af30a41c663f0246

                                                                                                                                                              SHA512

                                                                                                                                                              b80b9b81fb52594615d1c4fddf2064ef7f9411d8acb3627faf03add933cf6b5d2e2fde436ffb93bfdf1673968be0b876698ec8e756cd4e4f937ff039b9be0cb2

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\0b74c434-51b0-4b77-a413-da66fdc38f40\index-dir\the-real-index
                                                                                                                                                              Filesize

                                                                                                                                                              72B

                                                                                                                                                              MD5

                                                                                                                                                              dcfd6f1ec7506cee3913dcb64559f263

                                                                                                                                                              SHA1

                                                                                                                                                              6fa5031a570f737c57fb74edf98412ec6904846d

                                                                                                                                                              SHA256

                                                                                                                                                              3b09f82ff06124de53d8433a0f9ad81921ad3b4470c315d9e64f08e623f8dc52

                                                                                                                                                              SHA512

                                                                                                                                                              87f43915624f36650926a79935cb293d9ac3921029b90f9d40660138d888565043b1121f56c1461f70d959c21d1c59ad905290f4f635fde08953bde250e738cc

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\0b74c434-51b0-4b77-a413-da66fdc38f40\index-dir\the-real-index~RFe591b3f.TMP
                                                                                                                                                              Filesize

                                                                                                                                                              48B

                                                                                                                                                              MD5

                                                                                                                                                              eaca8c1dd5f03b67dc60078d1efa5092

                                                                                                                                                              SHA1

                                                                                                                                                              a7cf7fe7b0e0963b60612df8db2fb9097ef8709c

                                                                                                                                                              SHA256

                                                                                                                                                              77da2d4befae851289c76227bf9aaa0749b48a25b36e7d3403c268d8d827ade8

                                                                                                                                                              SHA512

                                                                                                                                                              1cb9171034fc7af3eb7dedfe620e741c13a5d6a98343006ab874bc97dbe568eae2ceb112c669a229246b690f5fa5f446b4631b5b275b2216d69da7a8e2717742

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\d723981c-3152-4853-8905-9a5611a17dcf\index-dir\the-real-index
                                                                                                                                                              Filesize

                                                                                                                                                              456B

                                                                                                                                                              MD5

                                                                                                                                                              14dc99af8db8620d6edbc30e28b3bb9c

                                                                                                                                                              SHA1

                                                                                                                                                              beb9ea151951f932244912f1df520f93329d3fa7

                                                                                                                                                              SHA256

                                                                                                                                                              51199284d5645b84b218a0e4e6c95dbc720f881c894f20e53f1a1d825f8c54bc

                                                                                                                                                              SHA512

                                                                                                                                                              f0ad65059c9595b53b0b9cf582527fcd74fb9133f32bbfce6a31843e8f620e2b1c5ced7da7fcf8adec44223cf09c4b96daeb466cf0a94b208e73fcf4bcf0067a

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\d723981c-3152-4853-8905-9a5611a17dcf\index-dir\the-real-index~RFe59238c.TMP
                                                                                                                                                              Filesize

                                                                                                                                                              48B

                                                                                                                                                              MD5

                                                                                                                                                              bf3962c730dc0fa5ea7ca6fe1d156a1f

                                                                                                                                                              SHA1

                                                                                                                                                              c0b4ae7e593b59e2c93d96e8c6811d9ef46a87db

                                                                                                                                                              SHA256

                                                                                                                                                              9346ecc4b259143f87e1918bef39e447143d59ecf942f3545a3d7c702d929c43

                                                                                                                                                              SHA512

                                                                                                                                                              55cc6cbb1a6fe44487291a41573e8ba248485207aa763f3f081a9c29eb391a6ad9068151706fd16637d17764fa4fb1f43e11b85831a4aa5bdbbd335e9c87e114

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\index.txt
                                                                                                                                                              Filesize

                                                                                                                                                              168B

                                                                                                                                                              MD5

                                                                                                                                                              88204c642f971d29648278226e25d3ba

                                                                                                                                                              SHA1

                                                                                                                                                              971d808450231a59f399c8b3bd53306a7b1c5b22

                                                                                                                                                              SHA256

                                                                                                                                                              c7c24bf797354b1e0319c02c6b60c06aa6e8c9b74750ec21a94403aac81df111

                                                                                                                                                              SHA512

                                                                                                                                                              3cae3182731d5b967a06277c6d68a3c4ea75ef66f58c4a3032e15bb8ca2559a3c8ca6ae47601577a0a3d4cae845b50b764bc2cfac301cf7784cf18aa7e8e031f

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\index.txt
                                                                                                                                                              Filesize

                                                                                                                                                              164B

                                                                                                                                                              MD5

                                                                                                                                                              6a58a21e13b2603821b52efdb89b5bf4

                                                                                                                                                              SHA1

                                                                                                                                                              d2babcedd08bcd8a979a5f886b3976515da7eb4d

                                                                                                                                                              SHA256

                                                                                                                                                              bcb281f80e6414c2fe91f175cd43b0ad3f4b986eaa0f63afc5387808afb0aa37

                                                                                                                                                              SHA512

                                                                                                                                                              e7328232d72067e0f7108798602a3f5031da5191855f33cb68b646f97b3e926feac063713e4c30944c5889c263cb4529c3808873e5f321f0b2d83a6e6cf09357

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\4cc699dd486af2551d01b1a74abd5337c6e052e5\index.txt~RFe58ccff.TMP
                                                                                                                                                              Filesize

                                                                                                                                                              102B

                                                                                                                                                              MD5

                                                                                                                                                              17afa18f6c89a27094a616b7fa8d159d

                                                                                                                                                              SHA1

                                                                                                                                                              5dce4e381c0bbbda9fbf418254814b31dda34d66

                                                                                                                                                              SHA256

                                                                                                                                                              836d719321133e6cda5aacb8abfc4adf0a79443a7c25be1f9c11212418175aca

                                                                                                                                                              SHA512

                                                                                                                                                              45efead66b17855be1a1211f113de24429f881b75460960eb4b58731d70747e5e3653e2a4375e3acfc832441ed581f57adb8db461f1dfdd3aa2d7a1a6d87d75d

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
                                                                                                                                                              Filesize

                                                                                                                                                              41B

                                                                                                                                                              MD5

                                                                                                                                                              5af87dfd673ba2115e2fcf5cfdb727ab

                                                                                                                                                              SHA1

                                                                                                                                                              d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                                                                                                              SHA256

                                                                                                                                                              f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                                                                                                              SHA512

                                                                                                                                                              de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
                                                                                                                                                              Filesize

                                                                                                                                                              264B

                                                                                                                                                              MD5

                                                                                                                                                              ba4538981fdcd72908b87cef2ae7a6e3

                                                                                                                                                              SHA1

                                                                                                                                                              3866421448ef27db8fb3c185c94ed48ecff3429e

                                                                                                                                                              SHA256

                                                                                                                                                              c99e4cd57cbcad552f8f144770faa66389d14c897d411c856e0f03b409aa9ae0

                                                                                                                                                              SHA512

                                                                                                                                                              21ec6d1f5efe942dd56d0f6d3518c38d142bc925d647412bcca74e6e519e4d93f3a4440924d43bfa9f601fc5c5b3929755ccece7af6effac0e8f1640a996e5bf

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe591999.TMP
                                                                                                                                                              Filesize

                                                                                                                                                              48B

                                                                                                                                                              MD5

                                                                                                                                                              1aaf3365d3fa7ff6ffdc997c52765e41

                                                                                                                                                              SHA1

                                                                                                                                                              0ded9dd020f19caeeb7802787b8af0567670d316

                                                                                                                                                              SHA256

                                                                                                                                                              3474d5feb80b8ec292689920dabc3408b9f0fba6b4e3e25ec550900c34d76a79

                                                                                                                                                              SHA512

                                                                                                                                                              de1180dec3a6bfc65b42b458649405e43ff53dd9963a61fe83f5b94565c9dae260cf048ca2510af87fd927b877a1f78deb503b16e4295d69f296fb99a773ff41

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log
                                                                                                                                                              Filesize

                                                                                                                                                              4KB

                                                                                                                                                              MD5

                                                                                                                                                              6e5b5cae8a4ee864a12ca7abcf7fe8ef

                                                                                                                                                              SHA1

                                                                                                                                                              6ab18cbf2682301587b7f052a314dafbc6b2585f

                                                                                                                                                              SHA256

                                                                                                                                                              4e9cd8b34dd0c81889d015a91ad9bbaac255b493705a0ec919805edabd91e910

                                                                                                                                                              SHA512

                                                                                                                                                              0c82f4851250f7e38127836692f10affc275797378336211739cece60e4629b3a4da439639a27b07976c7580a24ca20ecbdd3d24c983cd653e81dee732bacc68

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                              Filesize

                                                                                                                                                              1KB

                                                                                                                                                              MD5

                                                                                                                                                              84bd75e41bdba932d51afc4d7dd41d82

                                                                                                                                                              SHA1

                                                                                                                                                              8173843a284f374d8e9a7785be0b22763cdad671

                                                                                                                                                              SHA256

                                                                                                                                                              488791f2769f7ece739ac44619950310237545d79ce4b4b45dadb6bb253ed770

                                                                                                                                                              SHA512

                                                                                                                                                              52731219bb91da48573e6bc133fc0ee650a93ac83637d9ca9efb61a6674fa30f58f3ea36bfbc86b18cac24a17cd42c7cc61e07211eb4db656dec293a24b3d3d3

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                              Filesize

                                                                                                                                                              1KB

                                                                                                                                                              MD5

                                                                                                                                                              e8c78207c47bd9c79b62688d025aa0d2

                                                                                                                                                              SHA1

                                                                                                                                                              dd05dc1fcc2df7d535388e16d43e3576571ce69b

                                                                                                                                                              SHA256

                                                                                                                                                              686e8a0cfc340f818d4ee18f78a4be00ff279b9cb5a50503cdf55df60be43331

                                                                                                                                                              SHA512

                                                                                                                                                              1f5b5a48b7a50600e3dcd2085ce9162b0c76667b418f8216000ea5a0264ce31fa8add7572e1ab02e5f84d3b0273dae4a78e7e530e46f7d7a987bf336f63390c7

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                              Filesize

                                                                                                                                                              3KB

                                                                                                                                                              MD5

                                                                                                                                                              f7685f7a6ca9ad86b7f489a2944dc282

                                                                                                                                                              SHA1

                                                                                                                                                              a9f776844db871c88f11e79baf807b7f3d833bee

                                                                                                                                                              SHA256

                                                                                                                                                              ece710096f86111aa3f50d400d0ed90f3ae8ceb719ea52e95234b1188383c246

                                                                                                                                                              SHA512

                                                                                                                                                              85643bf73a04d6ab4ab41a389add7374d481f19a2dce874448967aaa54a5713546c0469b30ec5dcbe110fe3306398e3c4d9d78a8b9dba893106810d3b0dd6402

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                              Filesize

                                                                                                                                                              3KB

                                                                                                                                                              MD5

                                                                                                                                                              013c1662778bcb76e84ca575a36d6b0a

                                                                                                                                                              SHA1

                                                                                                                                                              efd97cb666c131b622f904d203b6464cec43d103

                                                                                                                                                              SHA256

                                                                                                                                                              3a2f89a8e035b74d0c9f0273eaa73c711a277e8aed4014e724f0c0742fd9feb7

                                                                                                                                                              SHA512

                                                                                                                                                              d713d0d621d757defeb8599f6f3a3123bdbb6600dc7c79c8a196ce3eb38c19309dbca868990977360c3142f715bbabde914e9a947788073f2099467449d98f60

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                              Filesize

                                                                                                                                                              2KB

                                                                                                                                                              MD5

                                                                                                                                                              f8f03109bac3aa0a4d8288ed4377dea2

                                                                                                                                                              SHA1

                                                                                                                                                              941a64a931b6362c87309a4583210442b0dcd398

                                                                                                                                                              SHA256

                                                                                                                                                              c88057ed833c23a21a846116c83600e4ab13f5bde7e3cc27b5bea8a02ab79220

                                                                                                                                                              SHA512

                                                                                                                                                              b94bdc3e06ecc0d1a240fdea86321f0e81e18b1617cc15e28de2bc9335eba947df75523ec18cd899895bc223c83332e9b06587bdc0901b7ebca6db737891f5a8

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                              Filesize

                                                                                                                                                              2KB

                                                                                                                                                              MD5

                                                                                                                                                              966f1093b111e5dcabfe086a43ccb812

                                                                                                                                                              SHA1

                                                                                                                                                              ba0ebc39d2562e4a6dbd1db9c0cc2891b011c3dd

                                                                                                                                                              SHA256

                                                                                                                                                              c37426a83ceaddefafcbd834405ee92fd5cc5f6feb0d954e9f918362a59b8240

                                                                                                                                                              SHA512

                                                                                                                                                              92c1ce08999fa981a2e6ecfe36e0794cff6e00fc09fc3e2caf4a58ccd86e61ed01b361812abf9df057f40402c00ef77cb9515816b2d707cbbb0bc95c9d821c59

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                              Filesize

                                                                                                                                                              1KB

                                                                                                                                                              MD5

                                                                                                                                                              0701072352fc6ecb95d425d2b8f02236

                                                                                                                                                              SHA1

                                                                                                                                                              498bcb093b937a2dadbd5e36d3f81d6978f0db8b

                                                                                                                                                              SHA256

                                                                                                                                                              e05fccd3ad4db90b5a9a734763b7fd13ef923c445853788fe51c6c0c60648be4

                                                                                                                                                              SHA512

                                                                                                                                                              88bbf341a8268d11871e639a9b4fa8a37037500cd736a8cb93fb4f809ce48d4d1e3b7363a95ff4f12141ea3162c012c9fd0067aa70f4818121b1690832a421d3

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                              Filesize

                                                                                                                                                              869B

                                                                                                                                                              MD5

                                                                                                                                                              60dd882a1111650788b4abbbd4b81eae

                                                                                                                                                              SHA1

                                                                                                                                                              bde7b2cfa4e8cbe149ffb020f3f93475ff9823c1

                                                                                                                                                              SHA256

                                                                                                                                                              9bfbbc719a0d6f0ab0791766bdadc3ee348affcc55f100862409beb75ffcde58

                                                                                                                                                              SHA512

                                                                                                                                                              bbf4e3c611876e7ba38d76f50f9271f99d82ea48c15bb426f1a548c527d921a4771ee67d8361db1d690c8344782772b74d92ba0f077438c8e9e682721e81d76a

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58bb9a.TMP
                                                                                                                                                              Filesize

                                                                                                                                                              202B

                                                                                                                                                              MD5

                                                                                                                                                              dbbee8a4ad5421fe7a30290f698e1b7f

                                                                                                                                                              SHA1

                                                                                                                                                              dcaccf8c155a893e191dcec38a92e72dea223f6c

                                                                                                                                                              SHA256

                                                                                                                                                              fe90fde0e8f35a19036c0d215dc93e39d8fab376c015771ccce27f621ed9d33c

                                                                                                                                                              SHA512

                                                                                                                                                              831eacb1cff41b0a269cbec464baf83593864790ca7ea5abcf74517e786aa2a1356fd0c73830a279ddb32ddfccde20bc1ccd1d92eae054de1296f1f8de78fd3f

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                              Filesize

                                                                                                                                                              16B

                                                                                                                                                              MD5

                                                                                                                                                              206702161f94c5cd39fadd03f4014d98

                                                                                                                                                              SHA1

                                                                                                                                                              bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                                                                                                                                              SHA256

                                                                                                                                                              1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                                                                                                                                              SHA512

                                                                                                                                                              0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                              Filesize

                                                                                                                                                              16B

                                                                                                                                                              MD5

                                                                                                                                                              46295cac801e5d4857d09837238a6394

                                                                                                                                                              SHA1

                                                                                                                                                              44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                                                                                              SHA256

                                                                                                                                                              0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                                                                                              SHA512

                                                                                                                                                              8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
                                                                                                                                                              Filesize

                                                                                                                                                              20KB

                                                                                                                                                              MD5

                                                                                                                                                              428012faf051699edad22117b1014a05

                                                                                                                                                              SHA1

                                                                                                                                                              395656550d4b3345e9f0b7b53cbb52d9c0d41f83

                                                                                                                                                              SHA256

                                                                                                                                                              1a1ef3dc792286faf7f70123c268bd5c8b5ff2905650634e80b8abb31f4f6510

                                                                                                                                                              SHA512

                                                                                                                                                              339c2ddf124dc49ffca08b3b7dc3628a3043470010aeb0fe7c957fbce1e3c16854fd9ea2912b569c71daa0f0c539bbe2b51eb12cac4b54ebebe84a02617e3497

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
                                                                                                                                                              Filesize

                                                                                                                                                              462B

                                                                                                                                                              MD5

                                                                                                                                                              aa269707e1a492819f0ebd17c0b4bdc2

                                                                                                                                                              SHA1

                                                                                                                                                              cfe138b2e68b01cddfe1bc8006cd282fa00ce437

                                                                                                                                                              SHA256

                                                                                                                                                              554a11edbaff6a177adb511da933c8a0b5281d7e9e884ac3176f3c5b1f98dc79

                                                                                                                                                              SHA512

                                                                                                                                                              fc1d1ababd8e5437692c2efc5ee822c3385af6c4c09fde3089294d1bf16b0fcd4fb05167ac85f92cf32c73a0f3406ef8e940fd269f6148fdbb6e82c893f9b63c

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
                                                                                                                                                              Filesize

                                                                                                                                                              880B

                                                                                                                                                              MD5

                                                                                                                                                              84feadd56e04ce1c3b7fd56b42754813

                                                                                                                                                              SHA1

                                                                                                                                                              c1ed8b058e3a4265f12c4c03c93c5be97b565ebe

                                                                                                                                                              SHA256

                                                                                                                                                              03eeb7931059fe2f6bf0771cc473fbd6d89572500d4947907db31565e880e8d1

                                                                                                                                                              SHA512

                                                                                                                                                              b3414bbcee00e0f1df738c806eaa4c6740be4b9629d416a648349379081f78d9604d16aa048d6ed7733098387c74db49c954405b557b4b2179e182bd49c76ded

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog~RFe5f2cf5.TMP
                                                                                                                                                              Filesize

                                                                                                                                                              469B

                                                                                                                                                              MD5

                                                                                                                                                              4156c8a0bf37fa55795158422259e1ae

                                                                                                                                                              SHA1

                                                                                                                                                              e152cb27e441e9013b3340ad52d5be4d4ff78768

                                                                                                                                                              SHA256

                                                                                                                                                              8a4d7cd8d2029cac88555ede0ba9fa9c4e798f203cca716e25a33eefba85979d

                                                                                                                                                              SHA512

                                                                                                                                                              abff3526dacc70d7596c2514115138b365b836f7db9f0dc884dba8277ea2f5e68cc7215f31d14be6a97080fc50eeb97cae8536feac2befee9075e7f5be7d675f

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig
                                                                                                                                                              Filesize

                                                                                                                                                              19KB

                                                                                                                                                              MD5

                                                                                                                                                              290c46250b8c14d38ed38031d0c4bf71

                                                                                                                                                              SHA1

                                                                                                                                                              a2c1c18a4d3c882e9716ee14151a86b509079403

                                                                                                                                                              SHA256

                                                                                                                                                              099faaa6e6c16895e5890deefc070844c1a54949378cee201305f40f2a8a9120

                                                                                                                                                              SHA512

                                                                                                                                                              3c64c2a5a9f9d33e38e206f43142ec27897f109b9af6629639b5618a62da4dd9305d57f0005db505384dd6b40c9779777e2f0342cf0d175f0d75624680971186

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig~RFe5f31f6.TMP
                                                                                                                                                              Filesize

                                                                                                                                                              2KB

                                                                                                                                                              MD5

                                                                                                                                                              1f795181b631c7397193ad104e77a253

                                                                                                                                                              SHA1

                                                                                                                                                              cb7784bd10beee2b3f9eb3b6503553d5b8b150b5

                                                                                                                                                              SHA256

                                                                                                                                                              17a9cca9d11450b75af87f81e3ca0e91e20dfe4a5c5e998a3dc7e5e83622e99c

                                                                                                                                                              SHA512

                                                                                                                                                              99d7c4ddab1f6edc5d6bfb0aff9064ee12bb805132a032097b6652290e1ba72984c917384b62564e279f3e89db25c8a5dbf1ec784ef5f6425c8f2b7be6e41dbd

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Data Protection Lists\2.0.0.0\office_endpoints_list.json
                                                                                                                                                              Filesize

                                                                                                                                                              3KB

                                                                                                                                                              MD5

                                                                                                                                                              94406cdd51b55c0f006cfea05745effb

                                                                                                                                                              SHA1

                                                                                                                                                              a15dc50ca0fd54d6f54fbc6e0788f6dcfc876cc9

                                                                                                                                                              SHA256

                                                                                                                                                              8480f3d58faa017896ba8239f3395e3551325d7a6466497a9a69bf182647b25e

                                                                                                                                                              SHA512

                                                                                                                                                              d4e621f57454fea7049cffc9cc3adfb0d8016360912e6a580f6fe16677e7dd7aa2ee0671cb3c5092a9435708a817f497c3b2cc7aba237d32dbdaae82f10591c3

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                              Filesize

                                                                                                                                                              9KB

                                                                                                                                                              MD5

                                                                                                                                                              a03756b3ecd1ed1c82fc61d7699e8c4c

                                                                                                                                                              SHA1

                                                                                                                                                              647e22bd28ceee995347e0b472758f30b931bb92

                                                                                                                                                              SHA256

                                                                                                                                                              943dafddf18edfbc2cd757d25fc6fb257c2d4d3249da58f2233c4598b94d3c11

                                                                                                                                                              SHA512

                                                                                                                                                              c062260ca0bb94f8a4307e2962e3eb2cbc097b5e47146f125a5d0b907054c979b3768f15b5b7ebdf43df282f42ca4931de9fb5404c355b8c9f70f232ceba6a59

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                              Filesize

                                                                                                                                                              11KB

                                                                                                                                                              MD5

                                                                                                                                                              8889115a5c60ec4cf0d1e09b94e56cc9

                                                                                                                                                              SHA1

                                                                                                                                                              3b9d325011e126e31252f1edfed9e64144ee03cb

                                                                                                                                                              SHA256

                                                                                                                                                              7d633e95c3228d3fb8b0b6999b2914a8e948035bcf39b47d3a1e57083eca3b95

                                                                                                                                                              SHA512

                                                                                                                                                              cc8e76ae3aa4414e485e2820bfe203c177505316c6e12a03df39fe5c7ea9af76c83beed7747d950b6b204317b1f09057846532458b6aa05ccff3bf4f7498e114

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                              Filesize

                                                                                                                                                              12KB

                                                                                                                                                              MD5

                                                                                                                                                              dc47c3496d65f2cafc50d42f8e14f302

                                                                                                                                                              SHA1

                                                                                                                                                              6dafaa9638bd7ff8577a21d66f1f1f9f34a2e9f4

                                                                                                                                                              SHA256

                                                                                                                                                              5b0c0c76ab041c51a00e314824503ba8e6a321b0e619316b492a554aeaae9e43

                                                                                                                                                              SHA512

                                                                                                                                                              376420d5ccfc250a8abb69f8deb14c8b039aaafee5c81a7a66a7d90f0c949f3669dd910e277a7b413cd2e9b4275c1bc94cc6285d5bd526cfad37e34df379c207

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                              Filesize

                                                                                                                                                              24KB

                                                                                                                                                              MD5

                                                                                                                                                              ebe9bbd49eb542d6f159d0a003cbf065

                                                                                                                                                              SHA1

                                                                                                                                                              fa1eb1e39ee18e3debc143a728ccd35bfc45af90

                                                                                                                                                              SHA256

                                                                                                                                                              a61f4967bcc3721413e59045da1dad8f130fce5ac9b8e2e46ec163e6bf0d826b

                                                                                                                                                              SHA512

                                                                                                                                                              226c62b43719349e37c1a3d89ddbc8b48785633c14d2e2f0786b9f8f8086c8c7feab54bca130a663dd9b3148a7317766eb9896b33e4c607a87462853e4b1322c

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                              Filesize

                                                                                                                                                              13KB

                                                                                                                                                              MD5

                                                                                                                                                              d7d24894baace4effe71ee1be71efa12

                                                                                                                                                              SHA1

                                                                                                                                                              f8d9c37d102c7cda9df31d5a63b14ebbc0294bbe

                                                                                                                                                              SHA256

                                                                                                                                                              ded69473b041ffde3bcf42b3a2bf703ab4bdcf405b5a37bb800fbdc63a51ca9e

                                                                                                                                                              SHA512

                                                                                                                                                              d600e530873d309c1b978ce44ded0230b3657a9b5395cc7bf67faa29e02a8a7d20a38036e3103d499506cf8a8549cb5d841bd603df44e324193f25416b3380bf

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                              Filesize

                                                                                                                                                              12KB

                                                                                                                                                              MD5

                                                                                                                                                              a4a3fd3da556961217d9bfed7d10f95a

                                                                                                                                                              SHA1

                                                                                                                                                              bea122177c0073399f42c3220303dffa426b13bc

                                                                                                                                                              SHA256

                                                                                                                                                              9d37f13cc25604577000b853b756fcb9f5f672d339068c24eedf2a6e8534d061

                                                                                                                                                              SHA512

                                                                                                                                                              7d41bcc5eb8834a8bcc88c9f227005fac26c1ab409eb9fe38f107b3e0a88a401c892e38325f123eb06d51672f7a90ee65304a338930e4bb21c7d6637cbc94dff

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                              Filesize

                                                                                                                                                              40KB

                                                                                                                                                              MD5

                                                                                                                                                              6c0e16f29c85eec6dd56139e84abff1a

                                                                                                                                                              SHA1

                                                                                                                                                              f2ce976c4c6cad692f657257f64d52c4b4199110

                                                                                                                                                              SHA256

                                                                                                                                                              dfc738af4df861b319430cc981d49d870ad7c30bb3802ffc9a9521f647abcf1f

                                                                                                                                                              SHA512

                                                                                                                                                              1156db4affb01e99b73d467d411f4ba6a41fbcf239b5e4ab51dfc3a6385f2c78e7915b632221b864b0155161568e475386f84387e84760962d9ac04baf4e6b8d

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                              Filesize

                                                                                                                                                              33KB

                                                                                                                                                              MD5

                                                                                                                                                              c78a0e448be9904e5a7284ac574a9416

                                                                                                                                                              SHA1

                                                                                                                                                              9a4d7dc8e002217b5d5321d19e9751a4e81b6ea0

                                                                                                                                                              SHA256

                                                                                                                                                              b260291e1ae37d449593ac75fed6cd2fde7f48cf086289a93738e819bd20b35d

                                                                                                                                                              SHA512

                                                                                                                                                              e1878a21790ad4fa0c82321c0f34f0e1cd88936ac7d5a2a2b6f3f5ef8ba0871ab82edac13c1bcd72867d27ae5ea107faaba09921f4000a75bda36290923c9b2a

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                              Filesize

                                                                                                                                                              36KB

                                                                                                                                                              MD5

                                                                                                                                                              a0872d6fb74613404cb8da658d65518b

                                                                                                                                                              SHA1

                                                                                                                                                              8483bc0fc1dae5624a6928e07cec7fd1b1ec23e4

                                                                                                                                                              SHA256

                                                                                                                                                              b504132102351919e23add67c4671941fc8c8936bf82a930fc9ac7ad53b44f27

                                                                                                                                                              SHA512

                                                                                                                                                              45b2fb646e2c76ee03f4d39ffa95d6c76e9c28f4dc9eedd772fd3226de736b95ab7a84f46ffdb7e5fa3de01f9c1b195ef55e3f0e455d827c0e137ca2d7278085

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                              Filesize

                                                                                                                                                              37KB

                                                                                                                                                              MD5

                                                                                                                                                              c87ba0e45734ec09b1b49990f9712da7

                                                                                                                                                              SHA1

                                                                                                                                                              745f305614d979d957935bfaba72a9c6eaac0b89

                                                                                                                                                              SHA256

                                                                                                                                                              924f569697c7d416cdc5a97f9a76c14065546c76ee2e4a2e4c0d718d649ba67c

                                                                                                                                                              SHA512

                                                                                                                                                              2dc345f5df33b2c2278921a6850151794cd53fbbd4299a88e333271117206b7524c183e53ecd3bd54e7e15697aaac24563b422243ddc74a59ff2ad1b65ab2a7a

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                              Filesize

                                                                                                                                                              11KB

                                                                                                                                                              MD5

                                                                                                                                                              d9f95e328e106e1a698c77f75c9dbbcb

                                                                                                                                                              SHA1

                                                                                                                                                              3e42bc0174aa0d024921e8738d5e978448c3b3ad

                                                                                                                                                              SHA256

                                                                                                                                                              bc20cdac9ef2e25fa5c0a959e7d2692c5d584dede841c87b6352a6e6edc7d137

                                                                                                                                                              SHA512

                                                                                                                                                              a1a772733f394af0e928d84f738f29b5c59815d63a1fcd935ac223a4e645337905073c6ea4ec4594da621acfa8a384b2ee4f89a28077d7c34f3839c44da83628

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                              Filesize

                                                                                                                                                              11KB

                                                                                                                                                              MD5

                                                                                                                                                              64a475e5869d28701e094ef937fa2532

                                                                                                                                                              SHA1

                                                                                                                                                              2e2d8ad7e26b33a5981c4cf4c729f3f08947315e

                                                                                                                                                              SHA256

                                                                                                                                                              311bdcd7b5588c95eea373a1067ac7ca907baec4b357280b9f965fbed68fa470

                                                                                                                                                              SHA512

                                                                                                                                                              58cc728c0fc5068217004330681556dfedba66c180c4742ced763c271b665711898ab397d1848c4a2b3e34de86c3b8ca3fe8aa4ed270002421b08dc8ce53fe23

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SafetyTips\3057\safety_tips.pb
                                                                                                                                                              Filesize

                                                                                                                                                              163KB

                                                                                                                                                              MD5

                                                                                                                                                              bd6846ffa7f4cf897b5323e4a5dcd551

                                                                                                                                                              SHA1

                                                                                                                                                              a6596cdc8de199492791faa39ce6096cf39295cd

                                                                                                                                                              SHA256

                                                                                                                                                              854b7eb22303ec3c920966732bc29f58140a82e1101dffe2702252af0f185666

                                                                                                                                                              SHA512

                                                                                                                                                              aa19b278f7211ffaf16b14b59d509ce6b80708e2bb5af87d98848747de4cba13b6626135dd3ec7aabd51b4c2cfb46ed96800a520d2dae8af8105054b6cd40e0b

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SafetyTips\3057\typosquatting_list.pb
                                                                                                                                                              Filesize

                                                                                                                                                              3KB

                                                                                                                                                              MD5

                                                                                                                                                              17c10dbe88d84b9309e6d151923ce116

                                                                                                                                                              SHA1

                                                                                                                                                              9ad2553c061ddcc07e6f66ce4f9e30290c056bdf

                                                                                                                                                              SHA256

                                                                                                                                                              3ad368c74c9bb5da4d4750866f16d361b0675a6b6dc4e06e2edd72488663450e

                                                                                                                                                              SHA512

                                                                                                                                                              ad8ed3797941c9cad21ae2af03b77ce06a23931d9c059fe880935e2b07c08f85fc628e39873fb352c07714b4e44328799b264f4adb3513975add4e6b67e4a63c

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\TrustTokenKeyCommitments\2024.12.14.1\keys.json
                                                                                                                                                              Filesize

                                                                                                                                                              6KB

                                                                                                                                                              MD5

                                                                                                                                                              b4434830c4bd318dba6bd8cc29c9f023

                                                                                                                                                              SHA1

                                                                                                                                                              a0f238822610c70cdf22fe08c8c4bc185cbec61e

                                                                                                                                                              SHA256

                                                                                                                                                              272e290d97184d1ac0f4e4799893cb503fba8ed6c8c503767e70458cbda32070

                                                                                                                                                              SHA512

                                                                                                                                                              f2549945965757488ecd07e46249e426525c8fe771f9939f009819183ab909d1e79cbb3aeca4f937e799556b83e891bbb0858b60f31ec7e8d2d8fbb4cb00b335

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\WorkspacesNavigationComponent\1.0.0.5\nav_config.json
                                                                                                                                                              Filesize

                                                                                                                                                              2KB

                                                                                                                                                              MD5

                                                                                                                                                              499d9e568b96e759959dc69635470211

                                                                                                                                                              SHA1

                                                                                                                                                              2462a315342e0c09fd6c5fbd7f1e7ff6914c17e6

                                                                                                                                                              SHA256

                                                                                                                                                              98252dc9f9e81167e893f2c32f08ee60e9a6c43fadb454400ed3bff3a68fbf0d

                                                                                                                                                              SHA512

                                                                                                                                                              3a5922697b5356fd29ccf8dcc2e5e0e8c1fd955046a5bacf11b8ac5b7c147625d31ade6ff17be86e79c2c613104b2d2aebb11557399084d422e304f287d8b905

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\9122e29992efe645e39e2cf300928c22
                                                                                                                                                              Filesize

                                                                                                                                                              7.6MB

                                                                                                                                                              MD5

                                                                                                                                                              9122e29992efe645e39e2cf300928c22

                                                                                                                                                              SHA1

                                                                                                                                                              7a5e94733c048387793a01183fc63843110fbc4a

                                                                                                                                                              SHA256

                                                                                                                                                              7623a76728d02fe0fc22f94c7e63d454558898d2be017e5ca1a8682c9044d562

                                                                                                                                                              SHA512

                                                                                                                                                              f7a0b752281adbd23c1b95fa5a37e1c35193c9dfefc96eca15c0ba9dd4a9a908b0b1010d36b26361a09a6be040bad577065895f3929fd35d6f8ad13f60255377

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-studio\5dae2c9a13d8600a11e233a0f83a7b30
                                                                                                                                                              Filesize

                                                                                                                                                              7.5MB

                                                                                                                                                              MD5

                                                                                                                                                              5dae2c9a13d8600a11e233a0f83a7b30

                                                                                                                                                              SHA1

                                                                                                                                                              dcbdb35b8353eccad14b0cb53a44ded6c5c1de29

                                                                                                                                                              SHA256

                                                                                                                                                              303f7a08d062895c33990852baa8a8b14042e35abded9d1e25785514c0e8ead8

                                                                                                                                                              SHA512

                                                                                                                                                              a2e8fa773e8e6c915826ba9f2b772257c48794b3b5813cf06c317aee3a5198fd421357c5916e81bcfb19574d6c25203d869e3902744198309221188db7a57d4f

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad\settings.dat
                                                                                                                                                              Filesize

                                                                                                                                                              280B

                                                                                                                                                              MD5

                                                                                                                                                              1d9befef7d4b95926c63fab51e54eb90

                                                                                                                                                              SHA1

                                                                                                                                                              a760f17b2872389b0df2e49742374a3e3b86e29c

                                                                                                                                                              SHA256

                                                                                                                                                              792f1c6f776592a626a5a81be3c5a6789624800721d676371135511a7ee4c3cf

                                                                                                                                                              SHA512

                                                                                                                                                              a25c614fa5bb795969557d17b1d6ff7e4436db042754a275ac649c869e4d00376f24d8188771de36c354aac6ebd4053b5aaeb925a39a72e52760fa9633211a4a

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad\settings.dat
                                                                                                                                                              Filesize

                                                                                                                                                              280B

                                                                                                                                                              MD5

                                                                                                                                                              2450ebf27eecb8eb5d176e21a9c80b21

                                                                                                                                                              SHA1

                                                                                                                                                              415af41cfdcd6a636320523a71ee33ec75df0547

                                                                                                                                                              SHA256

                                                                                                                                                              9cd9c38ef9753f8a5529235ce83f7f256ead09e0e584a1180b1f50b882b8990b

                                                                                                                                                              SHA512

                                                                                                                                                              abc45209fcbe8537590eae2c5e5227bec33cc77636346142088f5c29f9ac98c36b4019059dd3c00d854d3819a3fafc0b2fdb2560326761a795a0770a9ebcf86e

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\037f0525-ecd6-4de4-892f-75a2e3ea6d02.tmp
                                                                                                                                                              Filesize

                                                                                                                                                              6KB

                                                                                                                                                              MD5

                                                                                                                                                              992b33f82a053eeb145cb8df8160e71c

                                                                                                                                                              SHA1

                                                                                                                                                              afc10e70afccdaa5cca04f8a252f1bbb56004f6a

                                                                                                                                                              SHA256

                                                                                                                                                              51eb6dd5d1963745fa163aa46bce6477eb8698f3d2e5aca980a43bab2cc486f7

                                                                                                                                                              SHA512

                                                                                                                                                              b1a33f2a8e51da0e2b67b0924fab79e1318ca806f92bfc46555b9a3dfdf855845ba1df0381ec7f06bb341d5c66ff85242ccea09dc4046ce097e397c96448987d

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000001
                                                                                                                                                              Filesize

                                                                                                                                                              43KB

                                                                                                                                                              MD5

                                                                                                                                                              70f6a1e1f287ec962c89fb8e4ed38bce

                                                                                                                                                              SHA1

                                                                                                                                                              65fc137952b567815f00e45e5c1bf7e1de661b72

                                                                                                                                                              SHA256

                                                                                                                                                              1b455a005fd6d5dc5d8239834e08a68437761ad748ae521df0504c7b2f134907

                                                                                                                                                              SHA512

                                                                                                                                                              bc21c6d2a568b410d1ebf9d3c7313c06dc7106d0dad4cb2dce050c6de6775fd0cd5183a71b8e3c6cd4dc7d1cf2fdef34e790bebef50b5419ac5ca6eb9abb4820

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000002
                                                                                                                                                              Filesize

                                                                                                                                                              23KB

                                                                                                                                                              MD5

                                                                                                                                                              e4b0d20f483b4c24ecffd4678479e3ae

                                                                                                                                                              SHA1

                                                                                                                                                              f0f3175f2c92922d123eac1e3a4c5bc8f6091b49

                                                                                                                                                              SHA256

                                                                                                                                                              ab25f94f51f31d69f3a7ff1959eafe9ddf3fad8e983fa216c91795bae573e13a

                                                                                                                                                              SHA512

                                                                                                                                                              54dda1d96956961788768dd0d5cb0ef9f660898b3b4fd1f6c02d5b092fe3629cb38f478e5e2fa5b074963616e63a235593a2de9e3fb420b502b40ded7430a715

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_000003
                                                                                                                                                              Filesize

                                                                                                                                                              44KB

                                                                                                                                                              MD5

                                                                                                                                                              28d6deba0823880f8331bd4695469645

                                                                                                                                                              SHA1

                                                                                                                                                              a9fb38e13eddaed233b777f4db8efb4762c215a2

                                                                                                                                                              SHA256

                                                                                                                                                              2897ce935bf259f030e1c67dc25840da8793d4b58bc5fc8d5450525490d62590

                                                                                                                                                              SHA512

                                                                                                                                                              05261445ce6c11d1cf49716c0a2c6c2abbc930af4b7c817d36afa7819446f7e40f740a31b8e9734a5f68a0b140f2424db8779f27bae349a429002bdb30c79e7e

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index
                                                                                                                                                              Filesize

                                                                                                                                                              24B

                                                                                                                                                              MD5

                                                                                                                                                              54cb446f628b2ea4a5bce5769910512e

                                                                                                                                                              SHA1

                                                                                                                                                              c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

                                                                                                                                                              SHA256

                                                                                                                                                              fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

                                                                                                                                                              SHA512

                                                                                                                                                              8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                              Filesize

                                                                                                                                                              1KB

                                                                                                                                                              MD5

                                                                                                                                                              904e9f01cbda688fa4baa313a10165c2

                                                                                                                                                              SHA1

                                                                                                                                                              6f5be76cff73426ea0fc499d282683ff0d723e9b

                                                                                                                                                              SHA256

                                                                                                                                                              0cb59ca9896bb41f1f7cccb803437ad72dfb643a2c8cbf48d747e714e4cbc512

                                                                                                                                                              SHA512

                                                                                                                                                              c118b93b778b1a6b0f6810f0c124f3bf29210cb39dd57f221ae1e43c8ae9b06d83532095c21e874723e25427964874a224bdc12dbbf21ea67318b302c0239361

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index~RFe5e8182.TMP
                                                                                                                                                              Filesize

                                                                                                                                                              48B

                                                                                                                                                              MD5

                                                                                                                                                              16c3e20412581c2e6b3a889f210390a3

                                                                                                                                                              SHA1

                                                                                                                                                              7c0d5e90f57071f53cbab9942ed2c487c5a75844

                                                                                                                                                              SHA256

                                                                                                                                                              6d4a8ae1e264072c7cbb24fab980eb0e5f685e1c0d7723314ed2ddd6d1b6c1ae

                                                                                                                                                              SHA512

                                                                                                                                                              a11affc57558c8b7c62797e42a9e22b53512b915f4badd23d42a90080fd5ccea7d976eb0a77100465d8c75dfe09f48a0464a0070f84deabd742c268219e3a467

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\DawnWebGPUCache\data_0
                                                                                                                                                              Filesize

                                                                                                                                                              8KB

                                                                                                                                                              MD5

                                                                                                                                                              cf89d16bb9107c631daabf0c0ee58efb

                                                                                                                                                              SHA1

                                                                                                                                                              3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

                                                                                                                                                              SHA256

                                                                                                                                                              d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

                                                                                                                                                              SHA512

                                                                                                                                                              8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\DawnWebGPUCache\data_2
                                                                                                                                                              Filesize

                                                                                                                                                              8KB

                                                                                                                                                              MD5

                                                                                                                                                              0962291d6d367570bee5454721c17e11

                                                                                                                                                              SHA1

                                                                                                                                                              59d10a893ef321a706a9255176761366115bedcb

                                                                                                                                                              SHA256

                                                                                                                                                              ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

                                                                                                                                                              SHA512

                                                                                                                                                              f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\DawnWebGPUCache\data_3
                                                                                                                                                              Filesize

                                                                                                                                                              8KB

                                                                                                                                                              MD5

                                                                                                                                                              41876349cb12d6db992f1309f22df3f0

                                                                                                                                                              SHA1

                                                                                                                                                              5cf26b3420fc0302cd0a71e8d029739b8765be27

                                                                                                                                                              SHA256

                                                                                                                                                              e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

                                                                                                                                                              SHA512

                                                                                                                                                              e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\ExtensionActivityComp
                                                                                                                                                              Filesize

                                                                                                                                                              4KB

                                                                                                                                                              MD5

                                                                                                                                                              d25d5e1dc1d93430e64ee17e48ce442e

                                                                                                                                                              SHA1

                                                                                                                                                              d5c7ca9a57e6cc68927a249fe8e601d52680ac7a

                                                                                                                                                              SHA256

                                                                                                                                                              8c471cab38a1696289186d01b06ff6af2a888852dc18d6fb8d2a0e54898104ed

                                                                                                                                                              SHA512

                                                                                                                                                              f4cff7510b4ad81090e0b1842652f8eb7995f7aefd0ce651151bc24ca3a4305d34ecae41cf193d9b846e8f6359ccf545e5d05e63e6e766fa9761ccebce620f6c

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State
                                                                                                                                                              Filesize

                                                                                                                                                              1KB

                                                                                                                                                              MD5

                                                                                                                                                              31e373c7e49d18ca7cc60affc8e34812

                                                                                                                                                              SHA1

                                                                                                                                                              3746794cab32409d3deb72249a5df30ddd1c801b

                                                                                                                                                              SHA256

                                                                                                                                                              5383e7a1408145cc55eed30847f78a98523af2707342e5e564078c51311a06fa

                                                                                                                                                              SHA512

                                                                                                                                                              2defc363d0d4df3512b94dae7c17ddc2ed9ba4cc5c85396cf25ce340f42489ac4b348f8aedf4c2368d490b46e6d5808112b8a1fa51f437da2173ea3dd47ac724

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State
                                                                                                                                                              Filesize

                                                                                                                                                              1KB

                                                                                                                                                              MD5

                                                                                                                                                              aac1fe7ac65486de43a9e91f08d92bdb

                                                                                                                                                              SHA1

                                                                                                                                                              68108a5313ec6870ea98d4b56e8ab05cbf3501cb

                                                                                                                                                              SHA256

                                                                                                                                                              17098d7c2716a7a037c0e00959791ffc629984fac982d8cd46ea7fefd110a931

                                                                                                                                                              SHA512

                                                                                                                                                              d8421813c6e77aea8fbf902934382a38f90a5f1354df4d651d75ef25c4b163a8b57172311ae09785b3ec346d12a8baabb73fe616665f32df84859afb56fb5520

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State~RFe5f2331.TMP
                                                                                                                                                              Filesize

                                                                                                                                                              59B

                                                                                                                                                              MD5

                                                                                                                                                              78bfcecb05ed1904edce3b60cb5c7e62

                                                                                                                                                              SHA1

                                                                                                                                                              bf77a7461de9d41d12aa88fba056ba758793d9ce

                                                                                                                                                              SHA256

                                                                                                                                                              c257f929cff0e4380bf08d9f36f310753f7b1ccb5cb2ab811b52760dd8cb9572

                                                                                                                                                              SHA512

                                                                                                                                                              2420dff6eb853f5e1856cdab99561a896ea0743fcff3e04b37cb87eddf063770608a30c6ffb0319e5d353b0132c5f8135b7082488e425666b2c22b753a6a4d73

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\SCT Auditing Pending Reports
                                                                                                                                                              Filesize

                                                                                                                                                              2B

                                                                                                                                                              MD5

                                                                                                                                                              d751713988987e9331980363e24189ce

                                                                                                                                                              SHA1

                                                                                                                                                              97d170e1550eee4afc0af065b78cda302a97674c

                                                                                                                                                              SHA256

                                                                                                                                                              4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                                                                                                              SHA512

                                                                                                                                                              b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity
                                                                                                                                                              Filesize

                                                                                                                                                              1KB

                                                                                                                                                              MD5

                                                                                                                                                              d516d6b5331ee97a885935da53d62501

                                                                                                                                                              SHA1

                                                                                                                                                              0bb98fed624707ca016cbb8368b248101bed5d15

                                                                                                                                                              SHA256

                                                                                                                                                              2a61c54edc7d55718b00fbb00048cb98296d8ba08b83a20613b5ed495772c451

                                                                                                                                                              SHA512

                                                                                                                                                              9488271d62667810282bbdbff40e90f8b228e30c6ba76952484fc2f6a98be66ca5619d7d310143e5cfef2c0bb3d95c4b97af411375eefbe62aaf2c14e2073a9f

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity
                                                                                                                                                              Filesize

                                                                                                                                                              1KB

                                                                                                                                                              MD5

                                                                                                                                                              df0665cb83fa6d5ed34296c25ff88d02

                                                                                                                                                              SHA1

                                                                                                                                                              fc0328db09919492d9b2c003ecec94116dd4f1b8

                                                                                                                                                              SHA256

                                                                                                                                                              8b6b953c7c384a0a00b46cc3fd00c2f720942dbbb4dfd8f07e0ec328b98cecb5

                                                                                                                                                              SHA512

                                                                                                                                                              9885d91f14b1260464302d0ffb1abc08f449c9bd673515291877ab2e00702d118f54b64fe81f87e6525ac7ca5107287346612d68ab28b0bbd6166a67b9277833

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity
                                                                                                                                                              Filesize

                                                                                                                                                              1KB

                                                                                                                                                              MD5

                                                                                                                                                              702e9d05f6e51477753b066843814cbe

                                                                                                                                                              SHA1

                                                                                                                                                              834a25226c80c70acf1723cc4cf69a11c52dac42

                                                                                                                                                              SHA256

                                                                                                                                                              18e1c83e75315e0d2736f52d68caff0bdc764e5a7e61bde77116044ee56da549

                                                                                                                                                              SHA512

                                                                                                                                                              859d9ed88bb599dfdc36f5232b17f45fbf61446ea5ffe096b707785857ed30fbb490262097a41a32de80663378d7e89cb22d4c943b60b65a0225948b9c600415

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity
                                                                                                                                                              Filesize

                                                                                                                                                              1KB

                                                                                                                                                              MD5

                                                                                                                                                              5bd27d6320949f3fc7afc1dc60638fb8

                                                                                                                                                              SHA1

                                                                                                                                                              ded71141e0713f3958baa4a06285e8cf6dbc9100

                                                                                                                                                              SHA256

                                                                                                                                                              01fc0190d82f73206e31313538e1d082b9879b486a08af9b4f0c2889bf5d7329

                                                                                                                                                              SHA512

                                                                                                                                                              072cd9a1a1384d4940c4000bf1dfb2e90bf319170f6ca920955dd717e522b2b184c8142157f7bd01c310d9119241523a98acd0e28812147691ec166a18ec7fb3

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity~RFe5e685d.TMP
                                                                                                                                                              Filesize

                                                                                                                                                              1KB

                                                                                                                                                              MD5

                                                                                                                                                              84d4c6f2bfc4bbb43ad7271dcf2cff20

                                                                                                                                                              SHA1

                                                                                                                                                              61506197142d0dd0b07d8767531b4967e6377856

                                                                                                                                                              SHA256

                                                                                                                                                              41a8361c20fe7b8746c729976b2e76b05a56ced2ff31417c6599cd9d5bf36b7f

                                                                                                                                                              SHA512

                                                                                                                                                              e98fe792ba8da4d5a643c34a5a2895aac4e055c71557147bcd585e7c1a26e86b4b8ffa8e61dc281e73d5e2968fa33645b4127e2b2cbe5a27e71d0af861c861ba

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences
                                                                                                                                                              Filesize

                                                                                                                                                              6KB

                                                                                                                                                              MD5

                                                                                                                                                              a744c11a13cc571a815bf429abf48949

                                                                                                                                                              SHA1

                                                                                                                                                              2fe6a3e06a41349c8559d4b600909d4e4d9a62d7

                                                                                                                                                              SHA256

                                                                                                                                                              694072259e12861896195cb6e961cf67393173f4076a55f61338289580872842

                                                                                                                                                              SHA512

                                                                                                                                                              c5552282a5d7dab2fd353fad5754c52e08d45935d20a63334081b6ea26435a080caab341fd5b4cc654298ab20d0d3964a35024b933c8cf05e1542445dcac16d9

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences
                                                                                                                                                              Filesize

                                                                                                                                                              7KB

                                                                                                                                                              MD5

                                                                                                                                                              cdeac348da4850dd37911ec9c3541954

                                                                                                                                                              SHA1

                                                                                                                                                              3a8e0e15cf2ff010703f45b1b1c94cdc21fd80f3

                                                                                                                                                              SHA256

                                                                                                                                                              8369dc525fd903661d614e65b41641052088075057a19991d67074cad4dd15f3

                                                                                                                                                              SHA512

                                                                                                                                                              6279dfa2c562f07de775c42d2f34ec77f19c627ebdd0a1652279c53f5c6bba495d831e6d4a371e665753f37adae1e0fca105cd203e87631d49ec8eb85c49794a

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
                                                                                                                                                              Filesize

                                                                                                                                                              1KB

                                                                                                                                                              MD5

                                                                                                                                                              b943fba953e2951ee69c6f8129250d06

                                                                                                                                                              SHA1

                                                                                                                                                              083435d49d138a4eb8a6c9e0360fa73fe5dc4cab

                                                                                                                                                              SHA256

                                                                                                                                                              3775c6543c85beb458353756a6894d888f09d3f7d72232c1a0bd0e134d7c9a6c

                                                                                                                                                              SHA512

                                                                                                                                                              0c05c6bac1d1533e3a417dbf10e630084b7e464bbb9dc9e5e94487fe6d90caf34f39f556e78e8b4b41a9f821577826e883205df89f5a5d9109da257cf957e527

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
                                                                                                                                                              Filesize

                                                                                                                                                              2KB

                                                                                                                                                              MD5

                                                                                                                                                              c688466a0ffc8b508c267c1e25d2c309

                                                                                                                                                              SHA1

                                                                                                                                                              6fb119b71775062f8bb8d4a766713884e6c8c944

                                                                                                                                                              SHA256

                                                                                                                                                              60da1e676b35ee4eb07c70435180baca2f2f90529f01050b9807e4a84dbc3c78

                                                                                                                                                              SHA512

                                                                                                                                                              d21c50eacd435246a639f97bbd6d0ba4108417698cc4c05ad2b12d386bae858f6aae28e86c9171314f7a5c70d9c5d0b87f6f93bd1de0f30dd2b1dfaa7904de06

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
                                                                                                                                                              Filesize

                                                                                                                                                              3KB

                                                                                                                                                              MD5

                                                                                                                                                              963602aa5d598faacfa33f43f5b994b0

                                                                                                                                                              SHA1

                                                                                                                                                              e45ceff5e929f8cbceba77c545b71dbd9bbfa577

                                                                                                                                                              SHA256

                                                                                                                                                              63e4bb7fe4e335eb029e823b2e14af3a3bdb66f6332d61e941f6a4089015a550

                                                                                                                                                              SHA512

                                                                                                                                                              2b424c290e6d986fd04d43525259fe3297eb4e9fe66ddf9f8edb960182e159e9b3c372aa3a8e9e3ad89f9adc89f13db4e8c5d334b727237de112748a3dd9b25f

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
                                                                                                                                                              Filesize

                                                                                                                                                              16KB

                                                                                                                                                              MD5

                                                                                                                                                              ffdde42e070236ad4082febf0620cd7d

                                                                                                                                                              SHA1

                                                                                                                                                              a0544877b29c0fce731bcac037be5fef15024c48

                                                                                                                                                              SHA256

                                                                                                                                                              b6752b8d4374e22f3dc21d1338d9ac304cd0d22dd67473cc94db12d2e21f7836

                                                                                                                                                              SHA512

                                                                                                                                                              1205f940864739803b448f3a9b81de164a20c6475edae5ba8718a5e9fd72baaef5d584a4267aee19f55657c02b66dbced30508a6c62460f265562d2a392bbbbe

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
                                                                                                                                                              Filesize

                                                                                                                                                              18KB

                                                                                                                                                              MD5

                                                                                                                                                              dfc9acc1df65780195598d0acb291a57

                                                                                                                                                              SHA1

                                                                                                                                                              7b2aa87f5f150780d97598aed42c696db5d250aa

                                                                                                                                                              SHA256

                                                                                                                                                              c971adc9231ed0e2b929014e439e0d6b10ccea527d6a70c2cb9a9b62918592d1

                                                                                                                                                              SHA512

                                                                                                                                                              ee60df3fc412cf63543a6dd1881d5cf5cc368eb24fae6656fb23997abc9ca8c76018dc2001d0708ab87be8e400a6cb90a5aaa6779ad8ff8db9ecf1a9a9edf4eb

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
                                                                                                                                                              Filesize

                                                                                                                                                              16KB

                                                                                                                                                              MD5

                                                                                                                                                              26d9a086a544f2468bb8d8fd90d059cb

                                                                                                                                                              SHA1

                                                                                                                                                              bdde3422d4f37c20172b7d540c1632c55fe740d2

                                                                                                                                                              SHA256

                                                                                                                                                              fcdc4b3aaf9055fa6d2c36a4bfc431fbaca8421301c762293bfc9b831a0175ba

                                                                                                                                                              SHA512

                                                                                                                                                              bde0897e10383fdb4597d126e72ea9432eca48157f9b404d8edae733b1dafeb5d76b4202e7d1bea3770feeae670a2c1d06aa6072adb5353f26137399cceb29fc

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State~RFe5e081c.TMP
                                                                                                                                                              Filesize

                                                                                                                                                              1KB

                                                                                                                                                              MD5

                                                                                                                                                              6ea8c0bd5cf660dffb6953e079852df6

                                                                                                                                                              SHA1

                                                                                                                                                              8e0b0305d207cf72974a1976496dbaf6cb1a30bf

                                                                                                                                                              SHA256

                                                                                                                                                              5be920915ae751b200d2d3fcf9d648246c413735532385fc8dd161cd0d369492

                                                                                                                                                              SHA512

                                                                                                                                                              ee3afc8fd85c3186fd0bf1d1fc996fed2de1cdf827ea235c17786ddb90868ed334f0cd215e392c33207c6ba8e98cbb28feed29871d62419247bd8c9456f7983e

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\ShaderCache\data_1
                                                                                                                                                              Filesize

                                                                                                                                                              264KB

                                                                                                                                                              MD5

                                                                                                                                                              d0d388f3865d0523e451d6ba0be34cc4

                                                                                                                                                              SHA1

                                                                                                                                                              8571c6a52aacc2747c048e3419e5657b74612995

                                                                                                                                                              SHA256

                                                                                                                                                              902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b

                                                                                                                                                              SHA512

                                                                                                                                                              376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Roblox\logs\cacert.pem
                                                                                                                                                              Filesize

                                                                                                                                                              229KB

                                                                                                                                                              MD5

                                                                                                                                                              6ced45ae0fcb6620235271f2c6f41411

                                                                                                                                                              SHA1

                                                                                                                                                              1dda331561500204fe0d86a323c350b7a9470b52

                                                                                                                                                              SHA256

                                                                                                                                                              ad64cf840a0fce7924ac5f8a4f6900bfe73709a5a61031404a213ab563c286d8

                                                                                                                                                              SHA512

                                                                                                                                                              faf2565f9844b929aa1ed42e18368f9708bf41e062a40ba4dc8b5c4766e9859e011f2e1221343304547e0776a1eb976b2cb0e3e73529fd33da4da3908b501538

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\644c84f6-2a07-465a-abb0-4af329d40502.tmp
                                                                                                                                                              Filesize

                                                                                                                                                              10KB

                                                                                                                                                              MD5

                                                                                                                                                              78e47dda17341bed7be45dccfd89ac87

                                                                                                                                                              SHA1

                                                                                                                                                              1afde30e46997452d11e4a2adbbf35cce7a1404f

                                                                                                                                                              SHA256

                                                                                                                                                              67d161098be68cd24febc0c7b48f515f199dda72f20ae3bbb97fcf2542bb0550

                                                                                                                                                              SHA512

                                                                                                                                                              9574a66d3756540479dc955c4057144283e09cae11ce11ebce801053bb48e536e67dc823b91895a9e3ee8d3cb27c065d5e9030c39a26cbf3f201348385b418a5

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\68f54208-9e28-4866-b32e-d98b631c27d0.tmp
                                                                                                                                                              Filesize

                                                                                                                                                              150KB

                                                                                                                                                              MD5

                                                                                                                                                              240cd355e89ec1f3566bb2ef1f361dad

                                                                                                                                                              SHA1

                                                                                                                                                              2ade60eb20f0fb16657a4fb024d207a931dc927f

                                                                                                                                                              SHA256

                                                                                                                                                              1f0388d23a4d8492e2f9839392b22a6957deae8750b60ff860ee939811594295

                                                                                                                                                              SHA512

                                                                                                                                                              961fe2017949d185761d8491ab4f7f2ec3b0562cfb6fef202c34d685a87f2ea032f53d653e4c1d492dff1fb43d738e7727985738c1a956a1a18aae77a3d7f3b6

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\Roblox\http\8913724486d5e3c463c493b25346ca31
                                                                                                                                                              Filesize

                                                                                                                                                              64B

                                                                                                                                                              MD5

                                                                                                                                                              a644c5020af977ccf5ed7f2621c6b247

                                                                                                                                                              SHA1

                                                                                                                                                              b9bc3ea3e428c540a8bbe8d0eead07037e4c5786

                                                                                                                                                              SHA256

                                                                                                                                                              1f13f67c697ba5ac8c2506569c5efc16fc6f61f68f5b7dbf0e856cddb56d9f8c

                                                                                                                                                              SHA512

                                                                                                                                                              174f1347f35b215764511cd5104eb523d1227080e8e213906521ba22c60701e4c76b67dedddc4fea330a0c33d92633b5119ab801df83a5618a2bdba6464e990c

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_yajeiulb.eyb.ps1
                                                                                                                                                              Filesize

                                                                                                                                                              60B

                                                                                                                                                              MD5

                                                                                                                                                              d17fe0a3f47be24a6453e9ef58c94641

                                                                                                                                                              SHA1

                                                                                                                                                              6ab83620379fc69f80c0242105ddffd7d98d5d9d

                                                                                                                                                              SHA256

                                                                                                                                                              96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

                                                                                                                                                              SHA512

                                                                                                                                                              5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\ffe200db-efe1-45a2-b1eb-5e7c9d3a1548.tmp
                                                                                                                                                              Filesize

                                                                                                                                                              1B

                                                                                                                                                              MD5

                                                                                                                                                              5058f1af8388633f609cadb75a75dc9d

                                                                                                                                                              SHA1

                                                                                                                                                              3a52ce780950d4d969792a2559cd519d7ee8c727

                                                                                                                                                              SHA256

                                                                                                                                                              cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

                                                                                                                                                              SHA512

                                                                                                                                                              0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
                                                                                                                                                              Filesize

                                                                                                                                                              2B

                                                                                                                                                              MD5

                                                                                                                                                              f3b25701fe362ec84616a93a45ce9998

                                                                                                                                                              SHA1

                                                                                                                                                              d62636d8caec13f04e28442a0a6fa1afeb024bbb

                                                                                                                                                              SHA256

                                                                                                                                                              b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

                                                                                                                                                              SHA512

                                                                                                                                                              98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\Desktop\Roblox Studio.lnk
                                                                                                                                                              Filesize

                                                                                                                                                              1KB

                                                                                                                                                              MD5

                                                                                                                                                              f4c2e008a9c717ab036a7f026555793a

                                                                                                                                                              SHA1

                                                                                                                                                              608ecdef1c670f616c25e3c76abf5636205503d4

                                                                                                                                                              SHA256

                                                                                                                                                              85c3a5ca5ee43d28c0eb39c9e4859fd0a6ce68d55c5558893bb6ee8fe0991617

                                                                                                                                                              SHA512

                                                                                                                                                              614d5d4548315fee26da0182290ba3c3680f4d34cd3254d8fefa9c5133cb26ad9b13bbcfa5cf19d65681fa0c9f0c8214c4a21b7d1af37140c1393738408a4b4a

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
                                                                                                                                                              Filesize

                                                                                                                                                              7.4MB

                                                                                                                                                              MD5

                                                                                                                                                              690ac283c4f1ff8efff98cdc1a3aebc6

                                                                                                                                                              SHA1

                                                                                                                                                              c5d23171473e42e34eeece53430d9867a820933b

                                                                                                                                                              SHA256

                                                                                                                                                              637fa370f01c0bd39b2569afc72575a6b0ec9db9671fa7bc95709812e68dffb7

                                                                                                                                                              SHA512

                                                                                                                                                              d2281b2740386be62b8566e9d32d7fb9c5f0e8eb88c403aea0f04d7690ba361677320d9d8ce142a4ffab9ef05eb84b602b2351996d90d20896ff24c0ae0c9ebe

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe:Zone.Identifier
                                                                                                                                                              Filesize

                                                                                                                                                              26B

                                                                                                                                                              MD5

                                                                                                                                                              fbccf14d504b7b2dbcb5a5bda75bd93b

                                                                                                                                                              SHA1

                                                                                                                                                              d59fc84cdd5217c6cf74785703655f78da6b582b

                                                                                                                                                              SHA256

                                                                                                                                                              eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

                                                                                                                                                              SHA512

                                                                                                                                                              aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Users\Admin\Videos\Captures\desktop.ini
                                                                                                                                                              Filesize

                                                                                                                                                              190B

                                                                                                                                                              MD5

                                                                                                                                                              b0d27eaec71f1cd73b015f5ceeb15f9d

                                                                                                                                                              SHA1

                                                                                                                                                              62264f8b5c2f5034a1e4143df6e8c787165fbc2f

                                                                                                                                                              SHA256

                                                                                                                                                              86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2

                                                                                                                                                              SHA512

                                                                                                                                                              7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1820_1295579617\LICENSE
                                                                                                                                                              Filesize

                                                                                                                                                              1KB

                                                                                                                                                              MD5

                                                                                                                                                              ee002cb9e51bb8dfa89640a406a1090a

                                                                                                                                                              SHA1

                                                                                                                                                              49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2

                                                                                                                                                              SHA256

                                                                                                                                                              3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b

                                                                                                                                                              SHA512

                                                                                                                                                              d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1820_1295579617\manifest.json
                                                                                                                                                              Filesize

                                                                                                                                                              85B

                                                                                                                                                              MD5

                                                                                                                                                              c3419069a1c30140b77045aba38f12cf

                                                                                                                                                              SHA1

                                                                                                                                                              11920f0c1e55cadc7d2893d1eebb268b3459762a

                                                                                                                                                              SHA256

                                                                                                                                                              db9a702209807ba039871e542e8356219f342a8d9c9ca34bcd9a86727f4a3a0f

                                                                                                                                                              SHA512

                                                                                                                                                              c5e95a4e9f5919cb14f4127539c4353a55c5f68062bf6f95e1843b6690cebed3c93170badb2412b7fb9f109a620385b0ae74783227d6813f26ff8c29074758a1

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1820_1301252289\manifest.json
                                                                                                                                                              Filesize

                                                                                                                                                              72B

                                                                                                                                                              MD5

                                                                                                                                                              a30b19bb414d78fff00fc7855d6ed5fd

                                                                                                                                                              SHA1

                                                                                                                                                              2a6408f2829e964c578751bf29ec4f702412c11e

                                                                                                                                                              SHA256

                                                                                                                                                              9811cd3e1fbf80feb6a52ad2141fc1096165a100c2d5846dd48f9ed612c6fc9f

                                                                                                                                                              SHA512

                                                                                                                                                              66b6db60e9e6f3059d1a47db14f05d35587aa2019bc06e6cf352dfbb237d9dfe6dce7cb21c9127320a7fdca5b9d3eb21e799abe6a926ae51b5f62cf646c30490

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1820_1437023010\manifest.json
                                                                                                                                                              Filesize

                                                                                                                                                              238B

                                                                                                                                                              MD5

                                                                                                                                                              15b69964f6f79654cbf54953aad0513f

                                                                                                                                                              SHA1

                                                                                                                                                              013fb9737790b034195cdeddaa620049484c53a7

                                                                                                                                                              SHA256

                                                                                                                                                              1bdda4a8fc3e2b965fbb52c9b23a9a34871bc345abfb332a87ea878f4472efbd

                                                                                                                                                              SHA512

                                                                                                                                                              7eeee58e06bba59b1ef874436035202416079617b7953593abf6d9af42a55088ab37f45fdee394166344f0186c0cb7092f55ed201c213737bb5d5318e9f47908

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1820_1993759396\manifest.fingerprint
                                                                                                                                                              Filesize

                                                                                                                                                              66B

                                                                                                                                                              MD5

                                                                                                                                                              dee9d3bdd016c697d11e370a995e7332

                                                                                                                                                              SHA1

                                                                                                                                                              ef13d667efd507e160de165f4f1fe918fc728ca2

                                                                                                                                                              SHA256

                                                                                                                                                              a84789942c4436967dba5d0ce45a3f6767bcfebf67b951fbef75cca32e9acd96

                                                                                                                                                              SHA512

                                                                                                                                                              1c798ed77fcaccc5ec237cb6618e6425fb7dbbe5f22b2a969b915987fda4be8ecadc265871832f0b7f9b5656433c27f8495eceb16598294fab80e709b2cb3d68

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1820_372679749\manifest.json
                                                                                                                                                              Filesize

                                                                                                                                                              176B

                                                                                                                                                              MD5

                                                                                                                                                              c9c55ad5c826a085d4d1ac2f4954a5ca

                                                                                                                                                              SHA1

                                                                                                                                                              83f4e031a8a73b0b1558cff6aa1a0d52bbfc83f9

                                                                                                                                                              SHA256

                                                                                                                                                              d8529e1f2d58f4f5b84380e54a3e4c8429a4dec075e9f5f11bb57a6a17087481

                                                                                                                                                              SHA512

                                                                                                                                                              9cde11dca3297042000fc34b419d26a0558d85c1097f4116262b2727fa5342404df19e463494a6a863270bcc63668e718b9306b3b2ace497e83e88ffdb67bafc

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1820_376391602\manifest.json
                                                                                                                                                              Filesize

                                                                                                                                                              135B

                                                                                                                                                              MD5

                                                                                                                                                              4055ba4ebd5546fb6306d6a3151a236a

                                                                                                                                                              SHA1

                                                                                                                                                              609a989f14f8ee9ed9bffbd6ddba3214fd0d0109

                                                                                                                                                              SHA256

                                                                                                                                                              cb929ae2d466e597ecc4f588ba22faf68f7cfc204b3986819c85ac608d6f82b5

                                                                                                                                                              SHA512

                                                                                                                                                              58d39f7ae0dafd067c6dba34c686506c1718112ad5af8a255eb9a7d6ec0edca318b557565f5914c5140eb9d1b6e2ffbb08c9d596f43e7a79fdb4ef95457bf29a

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1820_66401122\manifest.json
                                                                                                                                                              Filesize

                                                                                                                                                              80B

                                                                                                                                                              MD5

                                                                                                                                                              9e72659142381870c3c7dfe447d0e58e

                                                                                                                                                              SHA1

                                                                                                                                                              ba27ed169d5af065dabde081179476beb7e11de2

                                                                                                                                                              SHA256

                                                                                                                                                              72bab493c5583527591dd6599b3c902bade214399309b0d610907e33275b8dc2

                                                                                                                                                              SHA512

                                                                                                                                                              b887eb30c09fa3c87945b83d8dbddceee286011a1582c10b5b3cc7a4731b7fa7cb3689cb61bfead385c95902cab397d0aa26bc26086d17ce414a4f40f0e16a01

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1820_850516974\manifest.json
                                                                                                                                                              Filesize

                                                                                                                                                              119B

                                                                                                                                                              MD5

                                                                                                                                                              4b2ac247925de0bd23995367ffdf942f

                                                                                                                                                              SHA1

                                                                                                                                                              a0425d25e0270af926cd1f17026a6aeb0275cdfa

                                                                                                                                                              SHA256

                                                                                                                                                              64250e5e0d4ed44b8b293974707f574bc4c4e498c2825a141de6019cccb9dd34

                                                                                                                                                              SHA512

                                                                                                                                                              b325493f9e87489d2bb198587f31519eae1dda7afe36548df9cfd5f70f10d4cb3617fb0fc5c5f3b446f13494014b34dc064e8a862539646ddce2913000a3c681

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3864_1363747537\hyph-as.hyb
                                                                                                                                                              Filesize

                                                                                                                                                              703B

                                                                                                                                                              MD5

                                                                                                                                                              8961fdd3db036dd43002659a4e4a7365

                                                                                                                                                              SHA1

                                                                                                                                                              7b2fa321d50d5417e6c8d48145e86d15b7ff8321

                                                                                                                                                              SHA256

                                                                                                                                                              c2784e33158a807135850f7125a7eaabe472b3cfc7afb82c74f02da69ea250fe

                                                                                                                                                              SHA512

                                                                                                                                                              531ecec11d296a1ab3faeb2c7ac619da9d80c1054a2ccee8a5a0cd996346fea2a2fee159ac5a8d79b46a764a2aa8e542d6a79d86b3d7dda461e41b19c9bebe92

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3864_1363747537\hyph-hi.hyb
                                                                                                                                                              Filesize

                                                                                                                                                              687B

                                                                                                                                                              MD5

                                                                                                                                                              0807cf29fc4c5d7d87c1689eb2e0baaa

                                                                                                                                                              SHA1

                                                                                                                                                              d0914fb069469d47a36d339ca70164253fccf022

                                                                                                                                                              SHA256

                                                                                                                                                              f4df224d459fd111698dd5a13613c5bbf0ed11f04278d60230d028010eac0c42

                                                                                                                                                              SHA512

                                                                                                                                                              5324fd47c94f5804bfa1aa6df952949915896a3fc77dccaed0eeffeafe995ce087faef035aecea6b4c864a16ad32de00055f55260af974f2c41afff14dce00f3

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3864_1363747537\hyph-nb.hyb
                                                                                                                                                              Filesize

                                                                                                                                                              141KB

                                                                                                                                                              MD5

                                                                                                                                                              677edd1a17d50f0bd11783f58725d0e7

                                                                                                                                                              SHA1

                                                                                                                                                              98fedc5862c78f3b03daed1ff9efbe5e31c205ee

                                                                                                                                                              SHA256

                                                                                                                                                              c2771fbb1bfff7db5e267dc7a4505a9675c6b98cfe7a8f7ae5686d7a5a2b3dd0

                                                                                                                                                              SHA512

                                                                                                                                                              c368f6687fa8a2ef110fcb2b65df13f6a67feac7106014bd9ea9315f16e4d7f5cbc8b4a67ba2169c6909d49642d88ae2a0a9cd3f1eb889af326f29b379cfd3ff

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3864_1363747537\manifest.json
                                                                                                                                                              Filesize

                                                                                                                                                              82B

                                                                                                                                                              MD5

                                                                                                                                                              2617c38bed67a4190fc499142b6f2867

                                                                                                                                                              SHA1

                                                                                                                                                              a37f0251cd6be0a6983d9a04193b773f86d31da1

                                                                                                                                                              SHA256

                                                                                                                                                              d571ef33b0e707571f10bb37b99a607d6f43afe33f53d15b4395b16ef3fda665

                                                                                                                                                              SHA512

                                                                                                                                                              b08053050692765f172142bad7afbcd038235275c923f3cd089d556251482b1081e53c4ad7367a1fb11ca927f2ad183dc63d31ccfbf85b0160cf76a31343a6d0

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3864_224752887\manifest.fingerprint
                                                                                                                                                              Filesize

                                                                                                                                                              66B

                                                                                                                                                              MD5

                                                                                                                                                              3fb5233616491df0ec229ba9f42efdb8

                                                                                                                                                              SHA1

                                                                                                                                                              18a8116e2df9805accd7901d2321c3fa92da1af4

                                                                                                                                                              SHA256

                                                                                                                                                              946f3a9e019b0d80f5671de782f295132341f663f74aebad7628f22e528d6d52

                                                                                                                                                              SHA512

                                                                                                                                                              e9b17ac626bf6508db9a686825411e90d316a0f1dacbf63dbec5baaaf6b96af4dbc9a7332975b6d5c16c43757d79fddca6b888ea97bc07a8dffb1b3a06366b4d

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3864_267681381\manifest.json
                                                                                                                                                              Filesize

                                                                                                                                                              76B

                                                                                                                                                              MD5

                                                                                                                                                              ba25fcf816a017558d3434583e9746b8

                                                                                                                                                              SHA1

                                                                                                                                                              be05c87f7adf6b21273a4e94b3592618b6a4a624

                                                                                                                                                              SHA256

                                                                                                                                                              0d664bc422a696452111b9a48e7da9043c03786c8d5401282cff9d77bcc34b11

                                                                                                                                                              SHA512

                                                                                                                                                              3763bd77675221e323faa5502023dc677c08911a673db038e4108a2d4d71b1a6c0727a65128898bb5dfab275e399f4b7ed19ca2194a8a286e8f9171b3536546f

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3864_310928385\crl-set
                                                                                                                                                              Filesize

                                                                                                                                                              21KB

                                                                                                                                                              MD5

                                                                                                                                                              846feb52bd6829102a780ec0da74ab04

                                                                                                                                                              SHA1

                                                                                                                                                              dd98409b49f0cd1f9d0028962d7276860579fb54

                                                                                                                                                              SHA256

                                                                                                                                                              124b7eeba31f0e3d9b842a62f3441204beb13fade81da38b854aecba0e03a5b4

                                                                                                                                                              SHA512

                                                                                                                                                              c8759e675506ccc6aa9807798252c7e7c48a0ab31674609738617dc105cee38bce69d4d41d6b95e16731466880b386d35483cbeea6275773f7041ba6e305fae9

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3864_310928385\manifest.json
                                                                                                                                                              Filesize

                                                                                                                                                              114B

                                                                                                                                                              MD5

                                                                                                                                                              e6cd92ad3b3ab9cb3d325f3c4b7559aa

                                                                                                                                                              SHA1

                                                                                                                                                              0704d57b52cf55674524a5278ed4f7ba1e19ca0c

                                                                                                                                                              SHA256

                                                                                                                                                              63dfb8d99ce83b3ca282eb697dc76b17b4a48e4065fc7efafb77724739074a9d

                                                                                                                                                              SHA512

                                                                                                                                                              172d5dc107757bb591b9a8ed7f2b48f22b5184d6537572d375801113e294febfbe39077c408e3a04c44e6072427cbe443c6614d205a5a4aa290101722e18f5e8

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3864_335046042\manifest.fingerprint
                                                                                                                                                              Filesize

                                                                                                                                                              66B

                                                                                                                                                              MD5

                                                                                                                                                              0c9218609241dbaa26eba66d5aaf08ab

                                                                                                                                                              SHA1

                                                                                                                                                              31f1437c07241e5f075268212c11a566ceb514ec

                                                                                                                                                              SHA256

                                                                                                                                                              52493422ac4c18918dc91ef5c4d0e50c130ea3aa99915fa542b890a79ea94f2b

                                                                                                                                                              SHA512

                                                                                                                                                              5d25a1fb8d9e902647673975f13d7ca11e1f00f3c19449973d6b466d333198768e777b8cae5becef5c66c9a0c0ef320a65116b5070c66e3b9844461bb0ffa47f

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5504_1514625239\manifest.json
                                                                                                                                                              Filesize

                                                                                                                                                              43B

                                                                                                                                                              MD5

                                                                                                                                                              af3a9104ca46f35bb5f6123d89c25966

                                                                                                                                                              SHA1

                                                                                                                                                              1ffb1b0aa9f44bdbc57bdf4b98d26d3be0207ee8

                                                                                                                                                              SHA256

                                                                                                                                                              81bd82ac27612a58be30a72dd8956b13f883e32ffb54a58076bd6a42b8afaeea

                                                                                                                                                              SHA512

                                                                                                                                                              6a7a543fa2d1ead3574b4897d2fc714bb218c60a04a70a7e92ecfd2ea59d67028f91b6a2094313f606560087336c619093f1d38d66a3c63a1d1d235ca03d36d1

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5504_51120224\manifest.json
                                                                                                                                                              Filesize

                                                                                                                                                              160B

                                                                                                                                                              MD5

                                                                                                                                                              a24a1941bbb8d90784f5ef76712002f5

                                                                                                                                                              SHA1

                                                                                                                                                              5c2b6323c7ed8913b5d0d65a4d21062c96df24eb

                                                                                                                                                              SHA256

                                                                                                                                                              2a7fe18a087d8e8be847d9569420b6e8907917ff6ca0fa42be15d4e3653c8747

                                                                                                                                                              SHA512

                                                                                                                                                              fd7dfec3d46b2af0bddb5aaeae79467507e0c29bab814007a39ea61231e76123659f18a453ed3feb25f16652a0c63c33545e2a0d419fafea89f563fca6a07ce2

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5504_517450799\manifest.json
                                                                                                                                                              Filesize

                                                                                                                                                              160B

                                                                                                                                                              MD5

                                                                                                                                                              c3911ceb35539db42e5654bdd60ac956

                                                                                                                                                              SHA1

                                                                                                                                                              71be0751e5fc583b119730dbceb2c723f2389f6c

                                                                                                                                                              SHA256

                                                                                                                                                              31952875f8bb2e71f49231c95349945ffc0c1dd975f06309a0d138f002cfd23d

                                                                                                                                                              SHA512

                                                                                                                                                              d8b2c7c5b7105a6f0c4bc9c79c05b1202bc8deb90e60a037fec59429c04fc688a745ee1a0d06a8311466b4d14e2921dfb4476104432178c01df1e99deb48b331

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5504_745066160\manifest.json
                                                                                                                                                              Filesize

                                                                                                                                                              134B

                                                                                                                                                              MD5

                                                                                                                                                              58d3ca1189df439d0538a75912496bcf

                                                                                                                                                              SHA1

                                                                                                                                                              99af5b6a006a6929cc08744d1b54e3623fec2f36

                                                                                                                                                              SHA256

                                                                                                                                                              a946db31a6a985bdb64ea9f403294b479571ca3c22215742bdc26ea1cf123437

                                                                                                                                                              SHA512

                                                                                                                                                              afd7f140e89472d4827156ec1c48da488b0d06daaa737351c7bec6bc12edfc4443460c4ac169287350934ca66fb2f883347ed8084c62caf9f883a736243194a2

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\msedge_installer.log
                                                                                                                                                              Filesize

                                                                                                                                                              72KB

                                                                                                                                                              MD5

                                                                                                                                                              0fcb3019ff483d4f99917a5e5d2f3bd3

                                                                                                                                                              SHA1

                                                                                                                                                              813bf772e03dc5cfff4c92722305255eaed45443

                                                                                                                                                              SHA256

                                                                                                                                                              ac7bf786f246ab28e28c6f3197e79a5b2632ecbb9c3ba6754c15146b1c794758

                                                                                                                                                              SHA512

                                                                                                                                                              95ecc6cabcd5e746ecd88aafe1a01ed79b6a918a9c4da35ce322e8de4ce23b3ab28f81b3af71fd3cbf9da0a58f59f92c27f16ebbf44505399c3da68bd1aad8d4

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\msedge_installer.log
                                                                                                                                                              Filesize

                                                                                                                                                              104KB

                                                                                                                                                              MD5

                                                                                                                                                              73e696ae7e61912dbbbc69c2ca62b4ba

                                                                                                                                                              SHA1

                                                                                                                                                              ec7f867871cffa6ccd89a6d2fbe901f77c7f0727

                                                                                                                                                              SHA256

                                                                                                                                                              a4200e1f2cdda523bde45a9cbc02a9346ac13648a2dc06dc0b5a3fde5fa41f3f

                                                                                                                                                              SHA512

                                                                                                                                                              fda084f4d8cb3e3aa534bcb20a0615f25b2d469b1eab4e856b516169290ea52e88d937343ed18b991a789636ada116ea0747946524852893b7923d1d10adb5c4

                                                                                                                                                              Download Submit

                                                                                                                                                            • C:\Windows\SystemTemp\msedge_installer.log
                                                                                                                                                              Filesize

                                                                                                                                                              103KB

                                                                                                                                                              MD5

                                                                                                                                                              f0bb2c8a96215edaa110c0356562e407

                                                                                                                                                              SHA1

                                                                                                                                                              7d9c07bc32d30069be865e5b365088782b02ecd8

                                                                                                                                                              SHA256

                                                                                                                                                              9958e386332a7875a8fba7f69d2719754d582f4d540643063cfe5014003cb9ce

                                                                                                                                                              SHA512

                                                                                                                                                              e0d47b338497b42ce927573f39b3fc809f659860400b636f172d35351e0415587e7c4968f2183670c99dade343d1e92b1eb28bb3735a4a21f864c5a230c570d5

                                                                                                                                                              Download Submit

                                                                                                                                                            • memory/420-16-0x00007FFEB02C0000-0x00007FFEB0D82000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              10.8MB

                                                                                                                                                              Download

                                                                                                                                                            • memory/420-13-0x00007FFEB02C0000-0x00007FFEB0D82000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              10.8MB

                                                                                                                                                              Download

                                                                                                                                                            • memory/420-12-0x00007FFEB02C0000-0x00007FFEB0D82000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              10.8MB

                                                                                                                                                              Download

                                                                                                                                                            • memory/420-11-0x00007FFEB02C0000-0x00007FFEB0D82000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              10.8MB

                                                                                                                                                              Download

                                                                                                                                                            • memory/420-10-0x00007FFEB02C0000-0x00007FFEB0D82000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              10.8MB

                                                                                                                                                              Download

                                                                                                                                                            • memory/420-6-0x00000246566D0000-0x00000246566F2000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              136KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/420-0-0x00007FFEB02C3000-0x00007FFEB02C5000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              8KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1747-0x00007FFECEE60000-0x00007FFECEE80000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              128KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1755-0x00007FFECE6F0000-0x00007FFECE717000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              156KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1731-0x00007FFED06E0000-0x00007FFED06ED000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              52KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1732-0x00007FFED06E0000-0x00007FFED06ED000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              52KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1733-0x00007FFED06E0000-0x00007FFED06ED000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              52KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1734-0x00007FFED06E0000-0x00007FFED06ED000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              52KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1735-0x00007FFED01A0000-0x00007FFED01B0000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1736-0x00007FFED01A0000-0x00007FFED01B0000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1737-0x00007FFED01A0000-0x00007FFED01B0000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1738-0x00007FFED01C0000-0x00007FFED01C9000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              36KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1739-0x00007FFED01C0000-0x00007FFED01C9000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              36KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1729-0x00007FFED06A0000-0x00007FFED06B0000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1740-0x00007FFED01C0000-0x00007FFED01C9000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              36KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1741-0x00007FFED01C0000-0x00007FFED01C9000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              36KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1742-0x00007FFED01C0000-0x00007FFED01C9000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              36KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1728-0x00007FFED06A0000-0x00007FFED06B0000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1743-0x00007FFECED20000-0x00007FFECED30000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1727-0x00007FFED0630000-0x00007FFED0640000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1726-0x00007FFED0630000-0x00007FFED0640000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1744-0x00007FFECED20000-0x00007FFECED30000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1745-0x00007FFECEE30000-0x00007FFECEE40000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1746-0x00007FFECEE30000-0x00007FFECEE40000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1708-0x00007FFED03F0000-0x00007FFED0400000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1724-0x00007FFECEC40000-0x00007FFECEC50000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1748-0x00007FFECEE60000-0x00007FFECEE80000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              128KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1749-0x00007FFECEE60000-0x00007FFECEE80000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              128KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1750-0x00007FFECEE60000-0x00007FFECEE80000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              128KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1751-0x00007FFECEE60000-0x00007FFECEE80000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              128KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1752-0x00007FFECE6B0000-0x00007FFECE6C0000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1753-0x00007FFECE6B0000-0x00007FFECE6C0000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1754-0x00007FFECE6F0000-0x00007FFECE717000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              156KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1730-0x00007FFED06E0000-0x00007FFED06ED000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              52KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1756-0x00007FFECE6F0000-0x00007FFECE717000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              156KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1757-0x00007FFECE6F0000-0x00007FFECE717000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              156KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1758-0x00007FFECE6F0000-0x00007FFECE717000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              156KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1759-0x00007FFECE6F0000-0x00007FFECE717000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              156KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1725-0x00007FFECEC40000-0x00007FFECEC50000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1712-0x00007FFED0410000-0x00007FFED0430000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              128KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1713-0x00007FFED0410000-0x00007FFED0430000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              128KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1714-0x00007FFED0410000-0x00007FFED0430000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              128KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1715-0x00007FFED0500000-0x00007FFED050C000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              48KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1711-0x00007FFED0410000-0x00007FFED0430000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              128KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1696-0x00007FFED11C0000-0x00007FFED11D0000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1697-0x00007FFED11C0000-0x00007FFED11D0000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1698-0x00007FFED12E0000-0x00007FFED12F0000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1699-0x00007FFED12E0000-0x00007FFED12F0000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1700-0x00007FFED1330000-0x00007FFED1360000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              192KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1701-0x00007FFED1330000-0x00007FFED1360000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              192KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1703-0x00007FFED1330000-0x00007FFED1360000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              192KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1704-0x00007FFED1330000-0x00007FFED1360000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              192KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1706-0x00007FFED0360000-0x00007FFED0370000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1707-0x00007FFED0360000-0x00007FFED0370000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1705-0x00007FFED13C0000-0x00007FFED13C9000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              36KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1702-0x00007FFED1330000-0x00007FFED1360000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              192KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1723-0x00007FFECEC40000-0x00007FFECEC50000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1722-0x00007FFECEC20000-0x00007FFECEC30000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1721-0x00007FFECEC20000-0x00007FFECEC30000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1720-0x00007FFECEC20000-0x00007FFECEC30000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1719-0x00007FFECEA70000-0x00007FFECEA80000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1718-0x00007FFECEA70000-0x00007FFECEA80000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1717-0x00007FFECE900000-0x00007FFECE910000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1716-0x00007FFECE900000-0x00007FFECE910000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1710-0x00007FFED0410000-0x00007FFED0430000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              128KB

                                                                                                                                                              Download

                                                                                                                                                            • memory/1844-1709-0x00007FFED03F0000-0x00007FFED0400000-memory.dmp

                                                                                                                                                              Filesize

                                                                                                                                                              64KB

                                                                                                                                                              Download